Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130342e302f32332d3233203d3e20323633373530.roa
File:                     34352e3137302e3130342e302f32332d3233203d3e20323633373530.roa (raw, json)
Hash identifier:          KH7oXx4Q9F9rcWA8qnhiPHpkTq711/U21RRl+brrxzc=
Subject key identifier:   FF:E1:01:60:EE:AE:CD:C4:D1:0A:73:4B:71:00:7E:80:94:54:87:98
Certificate issuer:       /CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
Certificate serial:       1A8FFC6FDAC8DF197233EF353B3BB79C91977252
Authority key identifier: 1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130342e302f32332d3233203d3e20323633373530.roa
Signing time:             Fri 28 Jun 2024 19:50:01 +0000
ROA not before:           Fri 28 Jun 2024 19:45:01 +0000
ROA not after:            Fri 27 Jun 2025 19:50:01 +0000
asID:                     263750
IP address blocks:        45.170.104.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl
                          rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 14 Dec 2024 22:45:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:8f:fc:6f:da:c8:df:19:72:33:ef:35:3b:3b:b7:9c:91:97:72:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
        Validity
            Not Before: Jun 28 19:45:01 2024 GMT
            Not After : Jun 27 19:50:01 2025 GMT
        Subject: CN=FFE10160EEAECDC4D10A734B71007E8094548798
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:6a:f9:73:b0:39:15:19:a0:36:19:d0:8f:58:
                    53:e7:6f:58:5d:81:c0:a1:cd:96:76:30:0e:3c:f0:
                    b6:76:4e:32:2c:3e:95:87:1c:5a:93:c1:93:66:d4:
                    f8:2e:e8:34:95:84:3e:07:ca:a2:19:75:2e:f3:a0:
                    75:e2:96:25:c7:27:c6:ee:58:34:a8:c4:b4:4d:e4:
                    7e:6a:38:69:a7:df:85:0a:2f:e8:61:15:f2:f8:e7:
                    5e:de:5f:cc:98:ba:b3:2f:1d:b7:a1:ce:13:88:88:
                    e8:16:cb:ed:e9:ef:5b:71:70:12:f7:8e:ec:d2:cf:
                    8b:3e:d2:52:48:26:5a:29:6d:49:6f:16:2e:5e:3c:
                    55:d4:29:15:63:92:4b:07:d6:db:cf:2a:f5:f8:16:
                    e6:df:a9:c2:45:05:90:c2:e0:6b:1a:a0:d0:29:cd:
                    c1:23:a8:0f:7a:3d:30:28:7c:2e:7c:73:07:17:7c:
                    84:83:3f:f2:0c:a0:f3:80:df:69:9f:61:ec:da:95:
                    87:45:15:c7:de:20:6d:6a:96:cf:11:19:03:ca:51:
                    45:43:c4:2a:a4:4f:45:a0:2f:7f:6c:61:3a:2d:f8:
                    12:f6:1d:be:01:88:ea:b3:42:11:7a:15:ec:31:58:
                    67:50:a3:9f:d0:cb:ec:16:4b:ea:44:86:30:e2:50:
                    50:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:E1:01:60:EE:AE:CD:C4:D1:0A:73:4B:71:00:7E:80:94:54:87:98
            X509v3 Authority Key Identifier:
                keyid:1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130342e302f32332d3233203d3e20323633373530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.170.104.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7a:39:57:da:2a:36:b2:ab:2c:78:3a:c3:1a:f6:d6:90:f8:06:
         86:65:6f:7d:e7:6e:75:6b:a4:5f:85:c9:51:61:a4:d9:2d:94:
         14:32:ec:ef:f1:f8:b9:05:2e:3f:2a:68:a4:3a:88:55:8b:33:
         b3:11:4f:7c:a5:87:64:05:6f:d2:14:c7:0d:6d:6f:e7:b7:79:
         f6:55:72:e5:d9:e2:48:65:4a:bf:f4:d1:52:96:a1:d7:5d:c0:
         b0:9b:af:10:ff:3a:ad:cb:6c:2d:b7:2c:28:06:52:6f:1e:a0:
         91:59:dc:ed:a1:32:99:fd:b1:5f:86:53:5f:0a:c3:1a:cc:03:
         46:24:f9:a8:72:42:6d:cf:d7:ce:c3:05:d7:45:ed:09:69:e6:
         0a:4d:4a:e6:23:d1:d7:56:8d:9d:37:bb:16:9a:f4:64:eb:62:
         ea:99:cf:a8:f2:89:96:c3:fb:39:3f:e6:94:8a:fc:f5:a9:19:
         38:0b:d6:f2:94:cc:7b:bc:6d:97:b2:2c:d1:12:33:d2:e2:6b:
         f0:65:07:61:2e:0f:0b:13:6b:a8:15:14:5f:df:f9:10:8e:e1:
         dd:1a:c6:a3:d9:54:01:69:75:8e:8d:4e:50:99:21:e5:c5:5f:
         f8:8e:c3:35:12:25:84:03:83:a6:6f:31:9c:f8:6c:71:9d:8d:
         dd:98:55:60
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUGo/8b9rI3xlyM+81Ozu3nJGXclIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUU4N0YzNDMzRkRERjIzRERDNUZDMkVDOTA4NzZGNDkw
QjYwM0Q3NDAeFw0yNDA2MjgxOTQ1MDFaFw0yNTA2MjcxOTUwMDFaMDMxMTAvBgNV
BAMTKEZGRTEwMTYwRUVBRUNEQzREMTBBNzM0QjcxMDA3RTgwOTQ1NDg3OTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9avlzsDkVGaA2GdCPWFPnb1hd
gcChzZZ2MA488LZ2TjIsPpWHHFqTwZNm1Pgu6DSVhD4HyqIZdS7zoHXiliXHJ8bu
WDSoxLRN5H5qOGmn34UKL+hhFfL4517eX8yYurMvHbehzhOIiOgWy+3p71txcBL3
juzSz4s+0lJIJlopbUlvFi5ePFXUKRVjkksH1tvPKvX4FubfqcJFBZDC4GsaoNAp
zcEjqA96PTAofC58cwcXfISDP/IMoPOA32mfYezalYdFFcfeIG1qls8RGQPKUUVD
xCqkT0WgL39sYTot+BL2Hb4BiOqzQhF6FewxWGdQo5/Qy+wWS+pEhjDiUFAtAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU/+EBYO6uzcTRCnNLcQB+gJRUh5gwHwYDVR0j
BBgwFoAUHofzQz/d8j3cX8LskIdvSQtgPXQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMzhEOUYxQzg3MUJCOEQxMEJFRjQ1NTgxRTk1MEJCODEz
MzFFQzREM0ZFMzg4RkUxRjQ3NDZBRUEzM0FDQjhGLzAvMUU4N0YzNDMzRkRERjIz
RERDNUZDMkVDOTA4NzZGNDkwQjYwM0Q3NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRTg3RjM0MzNGRERGMjNEREM1
RkMyRUM5MDg3NkY0OTBCNjAzRDc0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjM4RDlGMUM4NzFCQjhEMTBCRUY0NTU4MUU5NTBCQjgxMzMxRUM0RDNG
RTM4OEZFMUY0NzQ2QUVBMzNBQ0I4Ri8wLzM0MzUyZTMxMzczMDJlMzEzMDM0MmUz
MDJmMzIzMzJkMzIzMzIwM2QzZTIwMzIzNjMzMzczNTMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLapo
MA0GCSqGSIb3DQEBCwUAA4IBAQB6OVfaKjayqyx4OsMa9taQ+AaGZW995251a6Rf
hclRYaTZLZQUMuzv8fi5BS4/KmikOohVizOzEU98pYdkBW/SFMcNbW/nt3n2VXLl
2eJIZUq/9NFSlqHXXcCwm68Q/zqty2wttywoBlJvHqCRWdztoTKZ/bFfhlNfCsMa
zANGJPmockJtz9fOwwXXRe0JaeYKTUrmI9HXVo2dN7sWmvRk62Lqmc+o8omWw/s5
P+aUivz1qRk4C9bylMx7vG2XsizREjPS4mvwZQdhLg8LE2uoFRRf3/kQjuHdGsaj
2VQBaXWOjU5QmSHlxV/4jsM1EiWEA4OmbzGc+GxxnY3dmFVg
-----END CERTIFICATE-----
Generated at Tue Dec 10 22:25:05 2024 by rpki-client on console-ams.rpki-client.org