Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130352e302f32342d3234203d3e20323633373530.roa
File:                     34352e3137302e3130352e302f32342d3234203d3e20323633373530.roa (raw, json)
Hash identifier:          fS1T3vkl7BaOOnWuL1GCDN+ZIof+B3S3wptE9blTC4I=
Subject key identifier:   A3:18:32:72:E4:4B:CA:43:71:58:58:80:06:AB:CA:49:C6:8A:FB:42
Certificate issuer:       /CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
Certificate serial:       3E873525CE5B64A8EBA4DA4886891293A2C7044A
Authority key identifier: 1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130352e302f32342d3234203d3e20323633373530.roa
Signing time:             Fri 28 Jun 2024 19:50:02 +0000
ROA not before:           Fri 28 Jun 2024 19:45:02 +0000
ROA not after:            Fri 27 Jun 2025 19:50:02 +0000
asID:                     263750
IP address blocks:        45.170.105.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl
                          rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 14 Dec 2024 22:45:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:87:35:25:ce:5b:64:a8:eb:a4:da:48:86:89:12:93:a2:c7:04:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
        Validity
            Not Before: Jun 28 19:45:02 2024 GMT
            Not After : Jun 27 19:50:02 2025 GMT
        Subject: CN=A3183272E44BCA437158588006ABCA49C68AFB42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:94:1c:b9:5f:7a:16:23:bc:31:db:7a:30:0a:
                    cb:e1:3a:6a:69:7b:0f:d9:a8:2d:cd:c5:d3:54:56:
                    83:17:22:d1:72:0e:53:85:e7:3d:1e:e8:36:c0:53:
                    d7:98:43:d3:6b:18:4f:47:c4:85:55:6c:06:81:94:
                    e0:01:52:58:e9:5b:5f:7f:b2:71:53:ea:34:98:a4:
                    04:fa:5a:f1:36:c5:68:e4:fc:47:ca:db:87:2b:62:
                    f8:5d:ba:69:77:e9:d2:fb:02:ed:82:be:8a:42:6f:
                    1e:22:1f:a6:83:25:8f:e2:33:47:c4:80:c3:4e:a9:
                    9a:bd:8a:c2:7d:8c:13:1a:61:4a:39:db:66:3f:e0:
                    f9:f4:43:be:50:d7:18:47:c5:4f:d6:24:ee:f6:94:
                    b4:7c:e2:cd:09:ee:ec:2c:0d:30:ae:8b:25:64:f7:
                    8f:bd:1f:6a:43:f1:d0:3b:26:56:7b:7f:cb:36:6d:
                    01:3d:78:34:d5:d0:97:c8:33:27:0f:d6:1c:5a:d2:
                    b9:c2:7c:ab:49:c9:a2:e0:27:75:17:94:ae:21:84:
                    19:55:ce:1a:ff:b3:ab:ca:a9:20:53:1a:b9:8e:bd:
                    7e:e7:33:a6:38:58:06:23:d9:7f:57:20:41:ec:39:
                    04:83:e3:0b:3b:28:34:60:fa:a9:87:0a:f2:d7:1b:
                    ea:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:18:32:72:E4:4B:CA:43:71:58:58:80:06:AB:CA:49:C6:8A:FB:42
            X509v3 Authority Key Identifier:
                keyid:1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130352e302f32342d3234203d3e20323633373530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.170.105.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:b8:71:26:52:7a:e1:2b:8c:c4:8f:74:98:de:14:46:e8:eb:
         c6:12:d8:0f:b9:60:3f:31:0f:df:27:a7:58:83:a1:d0:13:a6:
         89:39:7c:29:05:6b:eb:6c:24:c1:86:7d:a1:1e:3a:fe:93:ec:
         f9:e9:bb:33:f3:82:8f:13:24:cb:72:07:93:0e:d1:56:d2:f8:
         0b:a3:d6:d0:31:70:f3:33:a6:37:7c:cf:b6:cc:f3:08:d0:86:
         61:a4:4e:00:cf:69:83:a5:34:73:26:db:8a:b4:03:50:f1:48:
         0a:b6:58:2d:ee:b3:28:f4:4f:d8:2d:2f:3f:1b:f2:ae:e5:96:
         4b:cf:d2:82:2e:4f:08:54:29:16:52:5f:84:59:d4:23:fa:1e:
         9c:f6:bc:49:19:78:26:6a:84:7e:ed:32:4c:c7:33:fc:07:92:
         eb:0e:ec:2e:e6:c3:df:00:2c:27:e4:3e:58:be:d0:74:d2:72:
         e3:0d:4f:06:dd:b0:8e:e6:aa:22:f9:07:20:2f:b4:49:59:36:
         3b:33:0a:a7:9b:1c:bf:13:2b:dd:79:c0:db:84:27:08:6d:1c:
         46:a2:d9:c8:22:b1:d6:f2:f8:04:1b:f7:dc:e9:93:20:47:4b:
         33:fa:6a:e1:d6:a2:70:57:c6:e5:e3:3a:44:df:ba:87:56:f3:
         6c:c6:c0:e0
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUPoc1Jc5bZKjrpNpIhokSk6LHBEowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUU4N0YzNDMzRkRERjIzRERDNUZDMkVDOTA4NzZGNDkw
QjYwM0Q3NDAeFw0yNDA2MjgxOTQ1MDJaFw0yNTA2MjcxOTUwMDJaMDMxMTAvBgNV
BAMTKEEzMTgzMjcyRTQ0QkNBNDM3MTU4NTg4MDA2QUJDQTQ5QzY4QUZCNDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIlBy5X3oWI7wx23owCsvhOmpp
ew/ZqC3NxdNUVoMXItFyDlOF5z0e6DbAU9eYQ9NrGE9HxIVVbAaBlOABUljpW19/
snFT6jSYpAT6WvE2xWjk/EfK24crYvhduml36dL7Au2CvopCbx4iH6aDJY/iM0fE
gMNOqZq9isJ9jBMaYUo522Y/4Pn0Q75Q1xhHxU/WJO72lLR84s0J7uwsDTCuiyVk
94+9H2pD8dA7JlZ7f8s2bQE9eDTV0JfIMycP1hxa0rnCfKtJyaLgJ3UXlK4hhBlV
zhr/s6vKqSBTGrmOvX7nM6Y4WAYj2X9XIEHsOQSD4ws7KDRg+qmHCvLXG+qHAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUoxgycuRLykNxWFiABqvKScaK+0IwHwYDVR0j
BBgwFoAUHofzQz/d8j3cX8LskIdvSQtgPXQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMzhEOUYxQzg3MUJCOEQxMEJFRjQ1NTgxRTk1MEJCODEz
MzFFQzREM0ZFMzg4RkUxRjQ3NDZBRUEzM0FDQjhGLzAvMUU4N0YzNDMzRkRERjIz
RERDNUZDMkVDOTA4NzZGNDkwQjYwM0Q3NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRTg3RjM0MzNGRERGMjNEREM1
RkMyRUM5MDg3NkY0OTBCNjAzRDc0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjM4RDlGMUM4NzFCQjhEMTBCRUY0NTU4MUU5NTBCQjgxMzMxRUM0RDNG
RTM4OEZFMUY0NzQ2QUVBMzNBQ0I4Ri8wLzM0MzUyZTMxMzczMDJlMzEzMDM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjMzMzczNTMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALapp
MA0GCSqGSIb3DQEBCwUAA4IBAQACuHEmUnrhK4zEj3SY3hRG6OvGEtgPuWA/MQ/f
J6dYg6HQE6aJOXwpBWvrbCTBhn2hHjr+k+z56bsz84KPEyTLcgeTDtFW0vgLo9bQ
MXDzM6Y3fM+2zPMI0IZhpE4Az2mDpTRzJtuKtANQ8UgKtlgt7rMo9E/YLS8/G/Ku
5ZZLz9KCLk8IVCkWUl+EWdQj+h6c9rxJGXgmaoR+7TJMxzP8B5LrDuwu5sPfACwn
5D5YvtB00nLjDU8G3bCO5qoi+QcgL7RJWTY7Mwqnmxy/EyvdecDbhCcIbRxGotnI
IrHW8vgEG/fc6ZMgR0sz+mrh1qJwV8bl4zpE37qHVvNsxsDg
-----END CERTIFICATE-----
Generated at Tue Dec 10 22:25:05 2024 by rpki-client on console-ams.rpki-client.org