Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130362e302f32332d3233203d3e20323633373530.roa
File:                     34352e3137302e3130362e302f32332d3233203d3e20323633373530.roa (raw, json)
Hash identifier:          Jnc9Sc5UbryVUXJgPXfqvDg/hGbcfiEN3auQeTbn6kc=
Subject key identifier:   8F:DF:64:C6:AD:37:93:70:6F:2E:26:B5:7F:68:BD:E3:7E:6B:13:1C
Certificate issuer:       /CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
Certificate serial:       18622FB15A9B3856080AD588B0F8C14BD90ADBFD
Authority key identifier: 1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130362e302f32332d3233203d3e20323633373530.roa
Signing time:             Fri 28 Jun 2024 19:50:00 +0000
ROA not before:           Fri 28 Jun 2024 19:45:00 +0000
ROA not after:            Fri 27 Jun 2025 19:50:00 +0000
asID:                     263750
IP address blocks:        45.170.106.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl
                          rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 14 Dec 2024 22:45:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:62:2f:b1:5a:9b:38:56:08:0a:d5:88:b0:f8:c1:4b:d9:0a:db:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1E87F3433FDDF23DDC5FC2EC90876F490B603D74
        Validity
            Not Before: Jun 28 19:45:00 2024 GMT
            Not After : Jun 27 19:50:00 2025 GMT
        Subject: CN=8FDF64C6AD3793706F2E26B57F68BDE37E6B131C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:f6:82:fb:ba:1f:d8:c2:01:a4:33:27:ba:a2:
                    ee:d8:62:3c:99:2b:1c:59:bf:60:6e:39:bb:88:4d:
                    9a:9f:e3:db:0a:f6:5f:95:75:b0:af:14:4d:ea:b7:
                    f2:17:00:3f:ed:d5:18:6c:03:18:bf:27:df:1c:fe:
                    38:be:52:c9:68:1a:f6:fc:87:74:30:fe:41:14:82:
                    6d:3a:83:2a:38:40:aa:cf:59:b8:4a:a0:51:ef:79:
                    cb:5e:76:b5:63:52:6c:7c:f3:b1:b1:20:5e:f7:ac:
                    5c:b1:ac:2d:f4:7f:f3:98:d8:0a:5d:54:3f:cc:f7:
                    ed:66:3e:b5:ba:94:a4:81:66:1a:91:20:74:40:8d:
                    3d:5f:1f:c6:48:85:01:09:31:32:69:35:f0:54:0a:
                    e1:5c:27:9e:e9:5e:e8:8d:32:32:90:9b:16:b9:26:
                    17:c4:65:d6:bc:93:c7:93:7e:72:e5:51:26:0e:cd:
                    cb:86:67:93:82:28:4d:76:e6:29:54:a7:60:f3:99:
                    4e:19:1c:2f:f9:ca:db:3d:09:d7:31:46:26:86:f8:
                    56:ad:c2:a7:09:db:69:e4:a4:30:60:27:22:b9:06:
                    de:93:3b:b3:5a:0b:c2:63:47:24:50:6f:bd:1c:c2:
                    ed:92:3b:4b:69:02:91:4a:a2:31:77:c8:9a:e4:3f:
                    a2:f7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:DF:64:C6:AD:37:93:70:6F:2E:26:B5:7F:68:BD:E3:7E:6B:13:1C
            X509v3 Authority Key Identifier:
                keyid:1E:87:F3:43:3F:DD:F2:3D:DC:5F:C2:EC:90:87:6F:49:0B:60:3D:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1E87F3433FDDF23DDC5FC2EC90876F490B603D74.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/238D9F1C871BB8D10BEF45581E950BB81331EC4D3FE388FE1F4746AEA33ACB8F/0/34352e3137302e3130362e302f32332d3233203d3e20323633373530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.170.106.0/23

    Signature Algorithm: sha256WithRSAEncryption
         6f:32:c7:22:22:88:50:8c:05:dc:cb:b7:62:ad:c5:9d:23:cc:
         d5:0c:d3:e0:37:a3:93:c5:c6:38:da:50:70:4f:c2:b3:62:8a:
         7c:89:3a:f3:0b:6f:db:3e:44:4a:d0:ba:49:6e:c4:8a:eb:35:
         52:1c:1c:ec:bb:ff:6d:5c:d6:40:96:21:0b:8b:98:dc:a9:4a:
         8c:7a:e0:d0:45:b5:9b:17:e6:fa:c5:8b:c3:d7:99:97:da:69:
         ce:0e:27:96:2f:ca:73:8f:7e:f6:9d:0e:bf:1e:5d:be:2f:f6:
         bf:7d:11:69:93:26:18:99:ca:98:d5:6c:25:87:71:31:d0:65:
         88:97:52:d0:f5:5d:1f:60:dc:1d:fd:84:a5:fd:39:15:65:e2:
         7a:b3:c6:0c:98:38:67:84:58:5f:ae:2f:39:33:2c:a1:d9:e4:
         37:06:a8:9a:a0:fd:e1:97:d7:82:77:3f:d7:d4:47:f4:12:d9:
         6a:06:69:52:ef:42:53:6b:55:5c:aa:5a:06:35:db:2e:a9:f7:
         70:23:c2:b1:4b:3b:2e:c9:56:e6:e8:1c:ab:fb:e2:e9:6a:89:
         ab:7d:46:ac:f4:7a:88:03:a6:9d:09:27:94:9e:a5:20:85:e6:
         3b:4f:84:72:8b:d5:47:8c:a7:8c:97:7d:a5:b7:f3:6a:2f:4a:
         ec:9b:c8:a8
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUGGIvsVqbOFYICtWIsPjBS9kK2/0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUU4N0YzNDMzRkRERjIzRERDNUZDMkVDOTA4NzZGNDkw
QjYwM0Q3NDAeFw0yNDA2MjgxOTQ1MDBaFw0yNTA2MjcxOTUwMDBaMDMxMTAvBgNV
BAMTKDhGREY2NEM2QUQzNzkzNzA2RjJFMjZCNTdGNjhCREUzN0U2QjEzMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCf9oL7uh/YwgGkMye6ou7YYjyZ
KxxZv2BuObuITZqf49sK9l+VdbCvFE3qt/IXAD/t1RhsAxi/J98c/ji+UsloGvb8
h3Qw/kEUgm06gyo4QKrPWbhKoFHvectedrVjUmx887GxIF73rFyxrC30f/OY2Apd
VD/M9+1mPrW6lKSBZhqRIHRAjT1fH8ZIhQEJMTJpNfBUCuFcJ57pXuiNMjKQmxa5
JhfEZda8k8eTfnLlUSYOzcuGZ5OCKE125ilUp2DzmU4ZHC/5yts9CdcxRiaG+Fat
wqcJ22nkpDBgJyK5Bt6TO7NaC8JjRyRQb70cwu2SO0tpApFKojF3yJrkP6L3AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUj99kxq03k3BvLia1f2i9435rExwwHwYDVR0j
BBgwFoAUHofzQz/d8j3cX8LskIdvSQtgPXQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yMzhEOUYxQzg3MUJCOEQxMEJFRjQ1NTgxRTk1MEJCODEz
MzFFQzREM0ZFMzg4RkUxRjQ3NDZBRUEzM0FDQjhGLzAvMUU4N0YzNDMzRkRERjIz
RERDNUZDMkVDOTA4NzZGNDkwQjYwM0Q3NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRTg3RjM0MzNGRERGMjNEREM1
RkMyRUM5MDg3NkY0OTBCNjAzRDc0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjM4RDlGMUM4NzFCQjhEMTBCRUY0NTU4MUU5NTBCQjgxMzMxRUM0RDNG
RTM4OEZFMUY0NzQ2QUVBMzNBQ0I4Ri8wLzM0MzUyZTMxMzczMDJlMzEzMDM2MmUz
MDJmMzIzMzJkMzIzMzIwM2QzZTIwMzIzNjMzMzczNTMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLapq
MA0GCSqGSIb3DQEBCwUAA4IBAQBvMsciIohQjAXcy7dircWdI8zVDNPgN6OTxcY4
2lBwT8KzYop8iTrzC2/bPkRK0LpJbsSK6zVSHBzsu/9tXNZAliELi5jcqUqMeuDQ
RbWbF+b6xYvD15mX2mnODieWL8pzj372nQ6/Hl2+L/a/fRFpkyYYmcqY1Wwlh3Ex
0GWIl1LQ9V0fYNwd/YSl/TkVZeJ6s8YMmDhnhFhfri85Myyh2eQ3BqiaoP3hl9eC
dz/X1Ef0EtlqBmlS70JTa1VcqloGNdsuqfdwI8KxSzsuyVbm6Byr++LpaomrfUas
9HqIA6adCSeUnqUgheY7T4Ryi9VHjKeMl32lt/NqL0rsm8io
-----END CERTIFICATE-----
Generated at Tue Dec 10 22:25:05 2024 by rpki-client on console-ams.rpki-client.org