Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/28F749D15A239E7711C5BBFCD179E0221928BA4F3EBBC75B0E08C12A7EF28E69/0/34352e3232342e39362e302f32322d3234203d3e20323634363638.roa
File:                     34352e3232342e39362e302f32322d3234203d3e20323634363638.roa (raw, json)
Hash identifier:          KEW53WUhqgLpig1TjqL5wDz3bC8iGZ4sYsMYXv8edgg=
Subject key identifier:   9C:8A:3D:AD:62:62:02:93:F4:EA:0C:A4:A3:F6:FD:ED:90:AB:6F:A0
Certificate issuer:       /CN=87170FE663930DA5DB9475CEAC8B0600B2C02832
Certificate serial:       592D65DF9A04A08E32A1C0332EE900047A72D123
Authority key identifier: 87:17:0F:E6:63:93:0D:A5:DB:94:75:CE:AC:8B:06:00:B2:C0:28:32
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/87170FE663930DA5DB9475CEAC8B0600B2C02832.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/28F749D15A239E7711C5BBFCD179E0221928BA4F3EBBC75B0E08C12A7EF28E69/0/34352e3232342e39362e302f32322d3234203d3e20323634363638.roa
Signing time:             Tue 05 Mar 2024 17:50:22 +0000
ROA not before:           Tue 05 Mar 2024 17:45:22 +0000
ROA not after:            Tue 04 Mar 2025 17:50:22 +0000
asID:                     264668
IP address blocks:        45.224.96.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/28F749D15A239E7711C5BBFCD179E0221928BA4F3EBBC75B0E08C12A7EF28E69/0/87170FE663930DA5DB9475CEAC8B0600B2C02832.crl
                          rsync://repository.lacnic.net/rpki/lacnic/28F749D15A239E7711C5BBFCD179E0221928BA4F3EBBC75B0E08C12A7EF28E69/0/87170FE663930DA5DB9475CEAC8B0600B2C02832.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/87170FE663930DA5DB9475CEAC8B0600B2C02832.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:2d:65:df:9a:04:a0:8e:32:a1:c0:33:2e:e9:00:04:7a:72:d1:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=87170FE663930DA5DB9475CEAC8B0600B2C02832
        Validity
            Not Before: Mar  5 17:45:22 2024 GMT
            Not After : Mar  4 17:50:22 2025 GMT
        Subject: CN=9C8A3DAD62620293F4EA0CA4A3F6FDED90AB6FA0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:79:40:49:4c:6e:a5:ce:a3:2e:68:b2:7b:ee:
                    34:4b:69:4a:78:10:b6:35:e1:0e:ae:64:ee:e9:18:
                    ea:e6:5c:87:30:ae:2f:3a:8c:dc:f2:d8:d2:0d:11:
                    4b:1e:cc:aa:35:b1:0d:d7:7e:ef:ae:11:e7:ee:19:
                    66:f5:2d:82:7f:02:72:5a:e0:3d:44:1d:d1:f9:84:
                    d7:8c:ac:e4:b9:d5:f1:7f:54:a8:fd:6a:ea:fc:4c:
                    ad:a4:95:cb:7e:a1:0d:76:32:86:34:5a:5c:4c:34:
                    0a:26:2d:fa:04:b0:a7:65:b7:ec:47:64:6e:3b:7a:
                    80:c1:ca:6f:33:72:ba:fc:bd:12:95:54:14:e6:f2:
                    18:b3:92:79:3f:04:6b:0c:d0:9a:9b:35:51:ec:91:
                    ef:5e:19:45:30:ac:01:b4:a2:71:43:55:3a:fb:ba:
                    65:b0:5d:53:dd:2a:75:ef:e4:37:b8:fe:cf:0d:9f:
                    0d:48:91:88:a7:fc:21:76:90:8f:00:cb:0e:84:65:
                    6c:67:97:ec:84:41:d9:a9:b5:46:5b:3f:7d:f3:64:
                    8a:05:44:ac:9a:5d:86:1b:e6:82:f3:cf:c6:47:fe:
                    0d:31:67:61:4c:44:0f:1b:4f:95:08:e9:bf:8b:7f:
                    45:37:7b:26:a4:9e:2f:3f:0c:cc:ef:51:f2:34:70:
                    b7:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:8A:3D:AD:62:62:02:93:F4:EA:0C:A4:A3:F6:FD:ED:90:AB:6F:A0
            X509v3 Authority Key Identifier:
                keyid:87:17:0F:E6:63:93:0D:A5:DB:94:75:CE:AC:8B:06:00:B2:C0:28:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/28F749D15A239E7711C5BBFCD179E0221928BA4F3EBBC75B0E08C12A7EF28E69/0/87170FE663930DA5DB9475CEAC8B0600B2C02832.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/87170FE663930DA5DB9475CEAC8B0600B2C02832.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/28F749D15A239E7711C5BBFCD179E0221928BA4F3EBBC75B0E08C12A7EF28E69/0/34352e3232342e39362e302f32322d3234203d3e20323634363638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.224.96.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8d:00:d9:9e:cc:e1:5b:ea:37:5b:0c:c5:c1:d3:ee:fb:75:53:
         bf:20:a6:8d:a7:11:ee:63:d5:b3:04:57:af:44:55:4c:11:1a:
         5e:7d:12:74:0c:c0:6d:bb:45:85:69:ce:98:fd:e3:31:06:e4:
         a5:9f:45:0f:e8:4d:fb:d6:59:81:82:a8:c4:05:e4:a4:01:9a:
         28:53:d6:cd:bd:04:ad:04:d6:82:44:1f:75:98:1c:b9:e2:40:
         21:9d:ea:29:ec:70:05:e8:83:ad:91:c5:90:9e:52:d9:a5:b0:
         07:2b:cc:30:82:fa:ba:ce:5c:77:46:a8:80:a4:9b:cd:d1:12:
         0b:4e:60:1e:77:df:b4:df:a8:50:5a:80:cf:eb:23:f3:55:25:
         05:4a:6a:6d:ee:56:35:c7:48:c9:2a:1b:56:13:64:3d:d6:ad:
         23:00:5e:a5:65:84:11:bc:d0:7e:ce:9b:15:ee:b6:29:38:66:
         cd:6c:f9:10:7f:82:a2:98:86:28:b9:95:97:16:92:e8:7f:e7:
         7f:3d:89:42:3b:fd:6e:99:c9:79:40:88:ad:2d:84:ac:9b:f7:
         2c:ba:61:aa:1a:ab:c8:fc:d1:53:a9:f6:6b:f1:2a:43:2c:06:
         0e:67:2b:fa:06:34:cb:34:09:77:d2:22:68:32:cf:42:94:92:
         06:c8:e4:4d
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUWS1l35oEoI4yocAzLukABHpy0SMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODcxNzBGRTY2MzkzMERBNURCOTQ3NUNFQUM4QjA2MDBC
MkMwMjgzMjAeFw0yNDAzMDUxNzQ1MjJaFw0yNTAzMDQxNzUwMjJaMDMxMTAvBgNV
BAMTKDlDOEEzREFENjI2MjAyOTNGNEVBMENBNEEzRjZGREVEOTBBQjZGQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyeUBJTG6lzqMuaLJ77jRLaUp4
ELY14Q6uZO7pGOrmXIcwri86jNzy2NINEUsezKo1sQ3Xfu+uEefuGWb1LYJ/AnJa
4D1EHdH5hNeMrOS51fF/VKj9aur8TK2klct+oQ12MoY0WlxMNAomLfoEsKdlt+xH
ZG47eoDBym8zcrr8vRKVVBTm8hizknk/BGsM0JqbNVHske9eGUUwrAG0onFDVTr7
umWwXVPdKnXv5De4/s8Nnw1IkYin/CF2kI8Ayw6EZWxnl+yEQdmptUZbP33zZIoF
RKyaXYYb5oLzz8ZH/g0xZ2FMRA8bT5UI6b+Lf0U3eyakni8/DMzvUfI0cLfJAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUnIo9rWJiApP06gyko/b97ZCrb6AwHwYDVR0j
BBgwFoAUhxcP5mOTDaXblHXOrIsGALLAKDIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yOEY3NDlEMTVBMjM5RTc3MTFDNUJCRkNEMTc5RTAyMjE5
MjhCQTRGM0VCQkM3NUIwRTA4QzEyQTdFRjI4RTY5LzAvODcxNzBGRTY2MzkzMERB
NURCOTQ3NUNFQUM4QjA2MDBCMkMwMjgzMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC84NzE3MEZFNjYzOTMwREE1REI5
NDc1Q0VBQzhCMDYwMEIyQzAyODMyLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMjhGNzQ5RDE1QTIzOUU3NzExQzVCQkZDRDE3OUUwMjIxOTI4QkE0RjNF
QkJDNzVCMEUwOEMxMkE3RUYyOEU2OS8wLzM0MzUyZTMyMzIzNDJlMzkzNjJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzYzNDM2MzYzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi3gYDAN
BgkqhkiG9w0BAQsFAAOCAQEAjQDZnszhW+o3WwzFwdPu+3VTvyCmjacR7mPVswRX
r0RVTBEaXn0SdAzAbbtFhWnOmP3jMQbkpZ9FD+hN+9ZZgYKoxAXkpAGaKFPWzb0E
rQTWgkQfdZgcueJAIZ3qKexwBeiDrZHFkJ5S2aWwByvMMIL6us5cd0aogKSbzdES
C05gHnfftN+oUFqAz+sj81UlBUpqbe5WNcdIySobVhNkPdatIwBepWWEEbzQfs6b
Fe62KThmzWz5EH+CopiGKLmVlxaS6H/nfz2JQjv9bpnJeUCIrS2ErJv3LLphqhqr
yPzRU6n2a/EqQywGDmcr+gY0yzQJd9IiaDLPQpSSBsjkTQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 09:07:22 2024 by rpki-client on console-ams.rpki-client.org