Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130342e302f32342d3234203d3e20323633373530.roa
File:                     34352e3137302e3130342e302f32342d3234203d3e20323633373530.roa (raw, json)
Hash identifier:          +CyVS9KjNo4OttZ5NE8Kd7mNFph+HAdrX6M3ZWLpXtw=
Subject key identifier:   FC:74:FF:E6:7A:5A:01:00:5F:E8:22:0B:D9:A0:31:03:B6:2F:D0:EF
Certificate issuer:       /CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
Certificate serial:       0B9DF4ED3F2A899843EA608F35E2D76BD88CCF18
Authority key identifier: 1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130342e302f32342d3234203d3e20323633373530.roa
Signing time:             Fri 28 Jun 2024 19:50:01 +0000
ROA not before:           Fri 28 Jun 2024 19:45:01 +0000
ROA not after:            Fri 27 Jun 2025 19:50:01 +0000
asID:                     263750
IP address blocks:        45.170.104.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl
                          rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 14 Dec 2024 22:45:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:9d:f4:ed:3f:2a:89:98:43:ea:60:8f:35:e2:d7:6b:d8:8c:cf:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
        Validity
            Not Before: Jun 28 19:45:01 2024 GMT
            Not After : Jun 27 19:50:01 2025 GMT
        Subject: CN=FC74FFE67A5A01005FE8220BD9A03103B62FD0EF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:95:63:e4:ec:a2:61:c0:a3:c2:6a:6a:1e:7a:
                    fd:66:ce:bf:54:c1:7d:09:a7:21:75:c6:f8:e3:d0:
                    eb:0a:bd:4b:45:fe:35:60:67:65:82:2d:35:33:1e:
                    a6:2c:40:25:5a:9a:cb:31:cf:d4:85:e2:ee:5b:69:
                    36:77:17:60:cd:c0:55:a0:40:4c:cc:ee:fa:fc:25:
                    b2:fa:f7:24:fd:8c:ad:0c:5d:b4:4d:b9:12:c6:47:
                    2c:e2:72:1e:0d:93:43:69:fa:2f:ad:a0:d9:61:5b:
                    cc:44:a1:2e:43:9f:99:2b:a4:46:e2:0f:59:b3:46:
                    9e:c8:de:93:af:e1:48:41:fd:d3:1e:43:07:6d:97:
                    80:9f:05:5f:09:49:4b:49:15:21:72:5e:13:8c:7e:
                    8b:4f:d9:c5:1d:0f:2a:28:64:24:5e:7d:2a:8a:0f:
                    07:9f:90:37:ee:88:bd:7f:78:cc:13:b5:7c:b6:41:
                    a3:d1:d5:45:f8:fa:43:39:e6:3e:f4:f3:e6:82:c4:
                    76:d0:95:13:66:05:03:55:5e:e8:70:a3:94:04:47:
                    d6:48:6c:be:e3:0e:08:37:b1:17:ff:70:75:84:2f:
                    a5:0f:93:9c:b3:23:f8:c6:66:11:8a:21:53:a5:86:
                    20:48:f1:a0:4f:cd:ff:6e:48:82:d2:b9:83:a6:8a:
                    45:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:74:FF:E6:7A:5A:01:00:5F:E8:22:0B:D9:A0:31:03:B6:2F:D0:EF
            X509v3 Authority Key Identifier:
                keyid:1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130342e302f32342d3234203d3e20323633373530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.170.104.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:8e:af:4e:2b:31:8d:99:1e:f2:f4:e9:d9:13:1e:3f:ca:a0:
         cc:6e:42:75:df:6b:ef:04:c6:00:e1:6a:de:c7:24:7c:41:85:
         84:bb:e4:93:42:ac:c1:48:e4:6e:73:eb:8f:db:e0:39:fd:a0:
         7c:32:ba:f9:06:98:fc:4b:d5:28:3a:9c:f1:73:2e:01:2f:bb:
         d6:c9:52:c8:b3:da:8a:12:bc:76:a2:51:a1:f1:c3:d6:bb:14:
         63:b3:cc:ee:49:98:8a:3a:ec:36:fb:3d:51:84:92:7e:d6:47:
         4e:b3:f9:75:c0:c7:06:99:d6:6f:ba:87:74:cd:ec:82:1c:18:
         80:47:21:d2:01:47:aa:66:4f:52:88:37:3b:b2:4a:58:4e:7c:
         2e:ea:c4:dc:5c:96:b0:c8:1a:c5:9d:f0:ae:9f:d0:23:a2:e0:
         7e:b1:ca:cc:1d:71:55:9b:ff:13:12:08:1f:5a:97:1c:d0:7c:
         8e:22:ba:13:b6:7d:39:64:a2:85:b8:74:f3:4c:0e:72:4b:8d:
         52:0e:88:bb:bb:cf:5b:3b:cd:7a:08:22:97:5b:ff:fe:bd:4c:
         93:1f:5a:90:64:56:f4:00:6d:88:74:be:d2:73:88:8c:cf:de:
         c6:24:8a:d4:f7:1c:83:a8:ff:05:5b:ec:45:29:1d:a4:3f:86:
         4c:40:39:f3
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUC5307T8qiZhD6mCPNeLXa9iMzxgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUU4N0YzNDMzRkRERjIzRERDNUZDMkVDOTA4NzZGNDkw
QjYwM0Q3NDAeFw0yNDA2MjgxOTQ1MDFaFw0yNTA2MjcxOTUwMDFaMDMxMTAvBgNV
BAMTKEZDNzRGRkU2N0E1QTAxMDA1RkU4MjIwQkQ5QTAzMTAzQjYyRkQwRUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0lWPk7KJhwKPCamoeev1mzr9U
wX0JpyF1xvjj0OsKvUtF/jVgZ2WCLTUzHqYsQCVamssxz9SF4u5baTZ3F2DNwFWg
QEzM7vr8JbL69yT9jK0MXbRNuRLGRyzich4Nk0Np+i+toNlhW8xEoS5Dn5krpEbi
D1mzRp7I3pOv4UhB/dMeQwdtl4CfBV8JSUtJFSFyXhOMfotP2cUdDyooZCRefSqK
DwefkDfuiL1/eMwTtXy2QaPR1UX4+kM55j708+aCxHbQlRNmBQNVXuhwo5QER9ZI
bL7jDgg3sRf/cHWEL6UPk5yzI/jGZhGKIVOlhiBI8aBPzf9uSILSuYOmikUPAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU/HT/5npaAQBf6CIL2aAxA7Yv0O8wHwYDVR0j
BBgwFoAUHofzQz/d8j3cX8LskIdvSQtgPXQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMzhEOUYxQzg3MUJCOEQxMEJFRjQ1NTgxRTk1MEJCODEz
MzFFQzREM0ZFMzg4RkUxRjQ3NDZBRUEzM0FDQjhGLzAvMUU4N0YzNDMzRkRERjIz
RERDNUZDMkVDOTA4NzZGNDkwQjYwM0Q3NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRTg3RjM0MzNGRERGMjNEREM1
RkMyRUM5MDg3NkY0OTBCNjAzRDc0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjM4RDlGMUM4NzFCQjhEMTBCRUY0NTU4MUU5NTBCQjgxMzMxRUM0RDNG
RTM4OEZFMUY0NzQ2QUVBMzNBQ0I4Ri8wLzM0MzUyZTMxMzczMDJlMzEzMDM0MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjMzMzczNTMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALapo
MA0GCSqGSIb3DQEBCwUAA4IBAQA+jq9OKzGNmR7y9OnZEx4/yqDMbkJ132vvBMYA
4WrexyR8QYWEu+STQqzBSORuc+uP2+A5/aB8Mrr5Bpj8S9UoOpzxcy4BL7vWyVLI
s9qKErx2olGh8cPWuxRjs8zuSZiKOuw2+z1RhJJ+1kdOs/l1wMcGmdZvuod0zeyC
HBiARyHSAUeqZk9SiDc7skpYTnwu6sTcXJawyBrFnfCun9AjouB+scrMHXFVm/8T
EggfWpcc0HyOIroTtn05ZKKFuHTzTA5yS41SDoi7u89bO816CCKXW//+vUyTH1qQ
ZFb0AG2IdL7Sc4iMz97GJIrU9xyDqP8FW+xFKR2kP4ZMQDnz
-----END CERTIFICATE-----
Generated at Tue Dec 10 20:57:55 2024 by rpki-client on console-fra.rpki-client.org