Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130342e302f32332d3233203d3e20323633373530.roa
File:                     34352e3137302e3130342e302f32332d3233203d3e20323633373530.roa (raw, json)
Hash identifier:          GO3AnnF4uEPqC8pyIECFNa2KkurIQVIuWUkvEyDyTlA=
Subject key identifier:   A1:C8:37:A5:D6:D8:92:8E:63:44:FC:1F:83:31:34:F9:FF:94:15:41
Certificate issuer:       /CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
Certificate serial:       0389A396325E1CE6F67E32883D6D8985EB674205
Authority key identifier: 1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130342e302f32332d3233203d3e20323633373530.roa
Signing time:             Fri 30 May 2025 20:20:45 +0000
ROA not before:           Fri 30 May 2025 20:15:45 +0000
ROA not after:            Fri 29 May 2026 20:20:45 +0000
asID:                     263750
IP address blocks:        45.170.104.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl
                          rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 15 Jun 2025 09:13:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:89:a3:96:32:5e:1c:e6:f6:7e:32:88:3d:6d:89:85:eb:67:42:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
        Validity
            Not Before: May 30 20:15:45 2025 GMT
            Not After : May 29 20:20:45 2026 GMT
        Subject: CN=A1C837A5D6D8928E6344FC1F833134F9FF941541
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:9e:df:70:ef:b1:f8:a1:4c:31:4a:37:ac:3c:
                    a4:19:f6:0c:11:81:50:7c:59:58:ec:11:8a:5f:af:
                    22:db:f7:c9:8a:04:db:bc:4a:5d:c2:12:5f:0f:54:
                    ca:10:1d:4d:2f:63:2e:23:a5:e7:de:a4:81:a9:f1:
                    55:46:a0:38:6b:68:de:a7:ca:64:d9:11:7b:99:84:
                    42:8d:c5:ae:06:2c:c7:15:8b:bb:ed:bc:63:f3:6a:
                    1c:81:dc:f4:21:45:e9:9b:c4:a3:39:14:a4:74:60:
                    34:9d:a0:0a:00:6a:eb:8f:ed:9a:c9:96:87:77:43:
                    06:a2:97:27:1c:99:73:a0:58:95:95:15:dc:ba:4f:
                    ec:fe:92:a5:04:bd:c6:62:7d:91:2e:ab:b7:df:01:
                    c1:d9:66:b1:da:ca:4c:e3:c5:21:63:fe:10:85:ad:
                    ae:43:92:85:b2:79:3d:cc:c4:fa:96:da:bc:aa:6d:
                    5b:db:13:77:82:1a:1c:99:ba:49:4b:85:b8:42:1e:
                    15:31:29:a0:37:2e:96:ff:be:a3:32:6c:f1:18:48:
                    26:37:65:c8:3f:a1:f4:45:4d:86:7d:dd:fa:c2:99:
                    02:fc:27:bf:b1:77:50:f3:f1:57:db:d8:2d:93:0e:
                    ee:a5:01:c4:16:10:43:1d:f5:8e:6c:23:45:66:17:
                    d8:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:C8:37:A5:D6:D8:92:8E:63:44:FC:1F:83:31:34:F9:FF:94:15:41
            X509v3 Authority Key Identifier:
                keyid:1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130342e302f32332d3233203d3e20323633373530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.170.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         46:c7:6c:e9:71:fc:a4:a1:99:74:98:d3:3b:e4:c7:4a:d2:47:
         8f:a9:5d:b3:8c:fe:cf:ad:f3:c0:ce:82:be:38:21:6e:44:88:
         a7:5c:30:af:08:5e:a6:ed:c1:b6:09:50:97:4a:4e:6e:1a:ab:
         de:94:d4:73:08:68:a8:db:a6:b3:81:b4:88:50:e8:f5:7a:8c:
         56:74:26:f4:2e:4b:8d:62:68:1d:1e:11:d1:66:29:92:98:58:
         9a:71:22:f8:d4:e6:2e:ab:94:f2:e9:77:82:6c:b4:92:43:97:
         64:6d:94:df:d1:2f:9c:c0:8d:64:2b:b4:bd:a0:0b:13:0a:6c:
         17:6b:ff:81:2c:95:b6:22:39:11:60:1d:d2:0c:f8:b0:c9:a7:
         de:41:4d:f2:5b:41:79:4e:f4:76:ce:22:b7:ca:12:b0:b7:33:
         24:c0:7f:03:a3:61:57:7d:d8:9d:60:e8:6f:13:41:89:7b:ef:
         ee:c8:99:2a:65:b8:d9:ef:54:cb:84:f9:ce:8a:d3:c0:75:32:
         ce:b4:b6:47:1e:64:a2:4b:9b:a2:c1:47:d4:77:47:19:72:80:
         1b:0c:45:e9:b8:64:e3:86:6d:c4:73:31:ea:8c:a1:9e:e3:f8:
         50:11:56:6e:ce:f8:6d:ed:a8:61:b2:09:14:bf:4d:ab:49:e0:
         9e:ce:92:cc
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUA4mjljJeHOb2fjKIPW2JhetnQgUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUU4N0YzNDMzRkRERjIzRERDNUZDMkVDOTA4NzZGNDkw
QjYwM0Q3NDAeFw0yNTA1MzAyMDE1NDVaFw0yNjA1MjkyMDIwNDVaMDMxMTAvBgNV
BAMTKEExQzgzN0E1RDZEODkyOEU2MzQ0RkMxRjgzMzEzNEY5RkY5NDE1NDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYnt9w77H4oUwxSjesPKQZ9gwR
gVB8WVjsEYpfryLb98mKBNu8Sl3CEl8PVMoQHU0vYy4jpefepIGp8VVGoDhraN6n
ymTZEXuZhEKNxa4GLMcVi7vtvGPzahyB3PQhRembxKM5FKR0YDSdoAoAauuP7ZrJ
lod3QwailyccmXOgWJWVFdy6T+z+kqUEvcZifZEuq7ffAcHZZrHaykzjxSFj/hCF
ra5DkoWyeT3MxPqW2ryqbVvbE3eCGhyZuklLhbhCHhUxKaA3Lpb/vqMybPEYSCY3
Zcg/ofRFTYZ93frCmQL8J7+xd1Dz8Vfb2C2TDu6lAcQWEEMd9Y5sI0VmF9gFAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUocg3pdbYko5jRPwfgzE0+f+UFUEwHwYDVR0j
BBgwFoAUHofzQz/d8j3cX8LskIdvSQtgPXQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMzhEOUYxQzg3MUJCOEQxMEJFRjQ1NTgxRTk1MEJCODEz
MzFFQzREM0ZFMzg4RkUxRjQ3NDZBRUEzM0FDQjhGLzAvMUU4N0YzNDMzRkRERjIz
RERDNUZDMkVDOTA4NzZGNDkwQjYwM0Q3NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRTg3RjM0MzNGRERGMjNEREM1
RkMyRUM5MDg3NkY0OTBCNjAzRDc0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjM4RDlGMUM4NzFCQjhEMTBCRUY0NTU4MUU5NTBCQjgxMzMxRUM0RDNG
RTM4OEZFMUY0NzQ2QUVBMzNBQ0I4Ri8wLzM0MzUyZTMxMzczMDJlMzEzMDM0MmUz
MDJmMzIzMzJkMzIzMzIwM2QzZTIwMzIzNjMzMzczNTMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLapo
MA0GCSqGSIb3DQEBCwUAA4IBAQBGx2zpcfykoZl0mNM75MdK0kePqV2zjP7PrfPA
zoK+OCFuRIinXDCvCF6m7cG2CVCXSk5uGqvelNRzCGio26azgbSIUOj1eoxWdCb0
LkuNYmgdHhHRZimSmFiacSL41OYuq5Ty6XeCbLSSQ5dkbZTf0S+cwI1kK7S9oAsT
CmwXa/+BLJW2IjkRYB3SDPiwyafeQU3yW0F5TvR2ziK3yhKwtzMkwH8Do2FXfdid
YOhvE0GJe+/uyJkqZbjZ71TLhPnOitPAdTLOtLZHHmSiS5uiwUfUd0cZcoAbDEXp
uGTjhm3EczHqjKGe4/hQEVZuzvht7ahhsgkUv02rSeCezpLM
-----END CERTIFICATE-----
Generated at Wed Jun 11 01:44:20 2025 by rpki-client