Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130342e302f32322d3232203d3e20323633373530.roa
File:                     34352e3137302e3130342e302f32322d3232203d3e20323633373530.roa (raw, json)
Hash identifier:          TV5tc8Zu5P2pbMso/9YMyUDxmFbXBYz2X1pSVN+brZE=
Subject key identifier:   52:7D:26:85:FC:5D:0E:1A:A2:0A:89:41:54:34:BB:E2:59:CB:A5:18
Certificate issuer:       /CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
Certificate serial:       7974BECBE9975D11E300D229807DC44E746DEDCE
Authority key identifier: 1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130342e302f32322d3232203d3e20323633373530.roa
Signing time:             Fri 28 Jun 2024 19:50:01 +0000
ROA not before:           Fri 28 Jun 2024 19:45:01 +0000
ROA not after:            Fri 27 Jun 2025 19:50:01 +0000
asID:                     263750
IP address blocks:        45.170.104.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl
                          rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 14 Dec 2024 22:45:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:74:be:cb:e9:97:5d:11:e3:00:d2:29:80:7d:c4:4e:74:6d:ed:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
        Validity
            Not Before: Jun 28 19:45:01 2024 GMT
            Not After : Jun 27 19:50:01 2025 GMT
        Subject: CN=527D2685FC5D0E1AA20A89415434BBE259CBA518
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:74:f7:d6:f3:68:01:d2:93:1a:40:b2:c8:b2:
                    c9:3b:1b:00:f8:ae:26:2a:26:b5:09:64:ea:0d:40:
                    4f:7c:5a:bd:e0:5f:68:d6:ab:ac:d5:ad:d5:61:37:
                    e8:a7:70:8c:ab:73:fa:45:49:8f:5b:4e:d2:0e:ae:
                    be:b6:b5:16:8a:cf:66:24:b3:24:07:f3:af:4d:6c:
                    05:68:fe:0b:06:b6:a0:21:e6:e5:01:1d:46:c8:c7:
                    68:f9:41:6e:e9:f8:22:f3:fd:95:71:1e:c5:40:a9:
                    74:32:1f:8f:53:9d:14:74:21:26:1c:f5:d9:14:cc:
                    41:ca:bb:b5:67:77:43:96:a4:75:0f:9b:90:79:4a:
                    94:21:26:d4:68:b7:98:64:a2:9e:b5:e9:ff:1f:ea:
                    db:f4:f8:8c:69:a6:fd:b1:58:4b:45:a0:71:8f:54:
                    e2:aa:6d:34:6c:48:ab:c5:4b:dc:2f:f3:dc:3d:0b:
                    de:d9:ff:a0:c8:df:b7:58:2d:26:cc:e1:7e:4a:5e:
                    0e:66:f8:fc:51:22:d2:7e:ca:7f:ac:17:34:d1:64:
                    59:c2:17:89:85:c1:c5:dc:96:ac:b2:c0:73:7f:02:
                    1b:5b:f3:38:88:82:30:b0:19:78:e4:cd:56:18:07:
                    18:e4:fd:d7:32:ba:40:1f:29:0c:47:38:99:e6:70:
                    ce:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:7D:26:85:FC:5D:0E:1A:A2:0A:89:41:54:34:BB:E2:59:CB:A5:18
            X509v3 Authority Key Identifier:
                keyid:1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130342e302f32322d3232203d3e20323633373530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.170.104.0/22

    Signature Algorithm: sha256WithRSAEncryption
         62:20:6c:b8:50:02:c1:88:94:64:54:28:32:24:42:4c:77:3a:
         c3:bb:31:d2:06:32:68:81:41:05:33:6a:eb:b0:ed:f8:cb:8e:
         ba:28:74:84:da:51:c5:55:2d:80:08:a7:fc:cd:82:1a:16:50:
         22:64:e2:8c:7e:aa:55:4f:49:c4:ff:60:af:a1:25:c5:78:3d:
         55:50:34:b7:70:da:7c:2c:07:71:eb:74:c8:78:6c:d0:8d:dd:
         5c:a2:43:62:a4:3a:35:61:b5:83:17:7c:3c:a9:25:e8:74:53:
         1d:b5:8f:7b:b9:d8:e2:7c:8f:ee:fc:b9:82:84:0a:36:16:1a:
         cc:7d:39:ac:83:85:80:cd:0e:44:80:ee:cc:9d:9a:10:5f:61:
         25:8c:3e:14:3f:30:31:e5:61:82:ad:55:34:7f:b9:e3:36:c9:
         16:6d:70:3f:b0:ea:dd:81:49:10:83:16:36:80:64:e7:fa:a0:
         96:1c:7e:3c:96:26:15:2a:07:dd:f8:dd:c9:27:91:e1:bc:c0:
         95:24:81:96:90:5a:09:56:4f:28:3e:d9:f3:f3:99:ed:7c:7b:
         48:1a:b3:5e:6c:eb:2d:77:0f:bf:7c:c7:4d:b1:9d:ca:fc:8d:
         70:b8:00:28:be:9c:68:4a:9f:12:c0:92:0e:1c:96:f2:27:4d:
         e4:94:40:84
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUeXS+y+mXXRHjANIpgH3ETnRt7c4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUU4N0YzNDMzRkRERjIzRERDNUZDMkVDOTA4NzZGNDkw
QjYwM0Q3NDAeFw0yNDA2MjgxOTQ1MDFaFw0yNTA2MjcxOTUwMDFaMDMxMTAvBgNV
BAMTKDUyN0QyNjg1RkM1RDBFMUFBMjBBODk0MTU0MzRCQkUyNTlDQkE1MTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCdPfW82gB0pMaQLLIssk7GwD4
riYqJrUJZOoNQE98Wr3gX2jWq6zVrdVhN+incIyrc/pFSY9bTtIOrr62tRaKz2Yk
syQH869NbAVo/gsGtqAh5uUBHUbIx2j5QW7p+CLz/ZVxHsVAqXQyH49TnRR0ISYc
9dkUzEHKu7Vnd0OWpHUPm5B5SpQhJtRot5hkop616f8f6tv0+Ixppv2xWEtFoHGP
VOKqbTRsSKvFS9wv89w9C97Z/6DI37dYLSbM4X5KXg5m+PxRItJ+yn+sFzTRZFnC
F4mFwcXclqyywHN/Ahtb8ziIgjCwGXjkzVYYBxjk/dcyukAfKQxHOJnmcM4FAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUUn0mhfxdDhqiColBVDS74lnLpRgwHwYDVR0j
BBgwFoAUHofzQz/d8j3cX8LskIdvSQtgPXQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMzhEOUYxQzg3MUJCOEQxMEJFRjQ1NTgxRTk1MEJCODEz
MzFFQzREM0ZFMzg4RkUxRjQ3NDZBRUEzM0FDQjhGLzAvMUU4N0YzNDMzRkRERjIz
RERDNUZDMkVDOTA4NzZGNDkwQjYwM0Q3NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRTg3RjM0MzNGRERGMjNEREM1
RkMyRUM5MDg3NkY0OTBCNjAzRDc0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjM4RDlGMUM4NzFCQjhEMTBCRUY0NTU4MUU5NTBCQjgxMzMxRUM0RDNG
RTM4OEZFMUY0NzQ2QUVBMzNBQ0I4Ri8wLzM0MzUyZTMxMzczMDJlMzEzMDM0MmUz
MDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzNjMzMzczNTMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLapo
MA0GCSqGSIb3DQEBCwUAA4IBAQBiIGy4UALBiJRkVCgyJEJMdzrDuzHSBjJogUEF
M2rrsO34y466KHSE2lHFVS2ACKf8zYIaFlAiZOKMfqpVT0nE/2CvoSXFeD1VUDS3
cNp8LAdx63TIeGzQjd1cokNipDo1YbWDF3w8qSXodFMdtY97udjifI/u/LmChAo2
FhrMfTmsg4WAzQ5EgO7MnZoQX2EljD4UPzAx5WGCrVU0f7njNskWbXA/sOrdgUkQ
gxY2gGTn+qCWHH48liYVKgfd+N3JJ5HhvMCVJIGWkFoJVk8oPtnz85ntfHtIGrNe
bOstdw+/fMdNsZ3K/I1wuAAovpxoSp8SwJIOHJbyJ03klECE
-----END CERTIFICATE-----
Generated at Tue Dec 10 22:25:05 2024 by rpki-client on console-ams.rpki-client.org