Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130342e302f32322d3232203d3e20323633373530.roa
File:                     34352e3137302e3130342e302f32322d3232203d3e20323633373530.roa (raw, json)
Hash identifier:          wOv/f7//w9rGlKZA7WgLwCHxLbf/aytHZcFORZAzoHc=
Subject key identifier:   44:E1:29:58:FC:A3:30:31:3A:66:5E:AC:4E:C1:39:BE:CA:35:D7:91
Certificate issuer:       /CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
Certificate serial:       2ADE38322EAB606AD8CA321A7E4C4F5C5413B7BA
Authority key identifier: 1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130342e302f32322d3232203d3e20323633373530.roa
Signing time:             Fri 30 May 2025 20:20:44 +0000
ROA not before:           Fri 30 May 2025 20:15:44 +0000
ROA not after:            Fri 29 May 2026 20:20:44 +0000
asID:                     263750
IP address blocks:        45.170.104.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl
                          rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 15 Jun 2025 18:07:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:de:38:32:2e:ab:60:6a:d8:ca:32:1a:7e:4c:4f:5c:54:13:b7:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
        Validity
            Not Before: May 30 20:15:44 2025 GMT
            Not After : May 29 20:20:44 2026 GMT
        Subject: CN=44E12958FCA330313A665EAC4EC139BECA35D791
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:86:f7:28:5f:be:23:4f:6f:3a:af:8f:86:62:
                    b2:87:b1:9e:97:5c:91:40:17:aa:c6:1c:85:41:0d:
                    eb:f0:d2:8f:b4:7d:c3:27:48:59:48:5b:1f:04:9a:
                    94:4d:0e:b8:0a:aa:05:10:9a:4e:e2:02:e3:7c:de:
                    11:34:97:49:08:52:2c:8d:8b:50:85:bc:b5:31:9e:
                    49:9e:1b:03:09:80:eb:ce:72:f2:d9:c8:9d:e5:1f:
                    60:76:bc:85:d8:37:b8:a0:a0:84:8d:71:32:68:d1:
                    7d:dd:82:2f:d6:a9:a3:ca:02:2b:26:77:3e:9e:f6:
                    f7:3c:af:b3:86:f4:66:c0:5c:d6:d4:a4:38:00:79:
                    35:f4:75:c4:76:df:f2:11:3a:ce:0e:70:7c:6f:2b:
                    2f:31:7b:a6:76:07:37:da:37:47:ac:0b:ea:c9:4d:
                    bf:68:0e:2e:5c:4c:b2:ac:29:c0:74:c8:ba:cf:99:
                    8c:74:1f:45:d4:b0:9d:95:86:9d:78:61:a5:d1:ef:
                    60:68:5f:23:75:44:eb:0f:f2:a1:50:90:4b:ad:a0:
                    0a:31:90:89:c9:cc:49:70:51:fd:b8:04:f1:a2:f9:
                    eb:94:bf:58:96:53:17:30:c5:c9:7b:27:65:52:b0:
                    ef:8f:f6:f6:9f:e9:66:82:ca:d7:b9:6c:78:66:ff:
                    c6:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:E1:29:58:FC:A3:30:31:3A:66:5E:AC:4E:C1:39:BE:CA:35:D7:91
            X509v3 Authority Key Identifier:
                keyid:1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130342e302f32322d3232203d3e20323633373530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.170.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         18:c1:db:53:99:e6:56:51:a5:6c:45:5a:bb:4d:90:88:38:ee:
         13:71:b6:cd:bb:dd:ff:7a:99:50:aa:f0:17:7e:f2:cc:95:c4:
         6d:11:02:4f:3f:f6:6d:aa:bd:86:f2:70:30:aa:d9:09:17:b2:
         b8:ac:81:a1:1f:4a:b9:77:71:06:5b:2c:ef:75:e1:a0:e6:be:
         4b:a6:f6:44:7c:34:d6:23:4a:53:77:48:f1:e6:b5:1d:b5:68:
         45:bc:ec:48:01:56:52:8b:91:45:2d:38:c0:d4:fa:d9:e8:e6:
         88:46:6a:d4:dd:1a:cd:5d:d8:58:d3:aa:71:5c:92:c5:9c:53:
         90:58:ca:09:0a:89:ec:8a:f8:7d:91:8b:0d:ea:99:00:6a:3c:
         0a:55:bc:20:ee:14:4b:2f:fc:16:dd:bf:30:66:52:6a:a9:96:
         e5:e2:af:4d:6d:cf:73:d1:ca:37:de:e4:8c:61:01:f8:43:38:
         c7:e1:22:88:52:bb:2e:3d:fe:0a:69:25:b4:63:ef:cd:04:d3:
         b2:8a:e3:1f:4a:50:28:26:2c:67:fa:ba:46:32:7c:84:7e:7e:
         67:d8:85:84:60:e3:21:e0:a8:03:95:42:56:72:7f:d3:fe:ed:
         c4:b2:7e:8d:5a:f2:21:10:d4:86:8a:a0:08:f5:68:f2:9e:c5:
         aa:d3:57:6f
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUKt44Mi6rYGrYyjIafkxPXFQTt7owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUU4N0YzNDMzRkRERjIzRERDNUZDMkVDOTA4NzZGNDkw
QjYwM0Q3NDAeFw0yNTA1MzAyMDE1NDRaFw0yNjA1MjkyMDIwNDRaMDMxMTAvBgNV
BAMTKDQ0RTEyOTU4RkNBMzMwMzEzQTY2NUVBQzRFQzEzOUJFQ0EzNUQ3OTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHhvcoX74jT286r4+GYrKHsZ6X
XJFAF6rGHIVBDevw0o+0fcMnSFlIWx8EmpRNDrgKqgUQmk7iAuN83hE0l0kIUiyN
i1CFvLUxnkmeGwMJgOvOcvLZyJ3lH2B2vIXYN7igoISNcTJo0X3dgi/WqaPKAism
dz6e9vc8r7OG9GbAXNbUpDgAeTX0dcR23/IROs4OcHxvKy8xe6Z2BzfaN0esC+rJ
Tb9oDi5cTLKsKcB0yLrPmYx0H0XUsJ2Vhp14YaXR72BoXyN1ROsP8qFQkEutoAox
kInJzElwUf24BPGi+euUv1iWUxcwxcl7J2VSsO+P9vaf6WaCyte5bHhm/8a7AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUROEpWPyjMDE6Zl6sTsE5vso115EwHwYDVR0j
BBgwFoAUHofzQz/d8j3cX8LskIdvSQtgPXQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMzhEOUYxQzg3MUJCOEQxMEJFRjQ1NTgxRTk1MEJCODEz
MzFFQzREM0ZFMzg4RkUxRjQ3NDZBRUEzM0FDQjhGLzAvMUU4N0YzNDMzRkRERjIz
RERDNUZDMkVDOTA4NzZGNDkwQjYwM0Q3NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRTg3RjM0MzNGRERGMjNEREM1
RkMyRUM5MDg3NkY0OTBCNjAzRDc0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjM4RDlGMUM4NzFCQjhEMTBCRUY0NTU4MUU5NTBCQjgxMzMxRUM0RDNG
RTM4OEZFMUY0NzQ2QUVBMzNBQ0I4Ri8wLzM0MzUyZTMxMzczMDJlMzEzMDM0MmUz
MDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzNjMzMzczNTMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLapo
MA0GCSqGSIb3DQEBCwUAA4IBAQAYwdtTmeZWUaVsRVq7TZCIOO4TcbbNu93/eplQ
qvAXfvLMlcRtEQJPP/Ztqr2G8nAwqtkJF7K4rIGhH0q5d3EGWyzvdeGg5r5LpvZE
fDTWI0pTd0jx5rUdtWhFvOxIAVZSi5FFLTjA1PrZ6OaIRmrU3RrNXdhY06pxXJLF
nFOQWMoJConsivh9kYsN6pkAajwKVbwg7hRLL/wW3b8wZlJqqZbl4q9Nbc9z0co3
3uSMYQH4QzjH4SKIUrsuPf4KaSW0Y+/NBNOyiuMfSlAoJixn+rpGMnyEfn5n2IWE
YOMh4KgDlUJWcn/T/u3Esn6NWvIhENSGiqAI9WjynsWq01dv
-----END CERTIFICATE-----
Generated at Thu Jun 12 02:55:53 2025 by rpki-client