Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2B77382DDADECADABC84153EA4D4F9C48D8F3561DD125E0CCE6E43D5950A8E34/0/34352e3233322e33322e302f32322d3234203d3e203532333431.roa
File:                     34352e3233322e33322e302f32322d3234203d3e203532333431.roa (raw, json)
Hash identifier:          3ewYkQLbBHDIhTZwg0q6fCF3Wx7XQ7txsVam2OInpj0=
Subject key identifier:   5A:E4:AD:C9:67:D8:ED:5D:00:14:D6:05:76:FA:17:14:5B:EA:69:F8
Certificate issuer:       /CN=31F3439B94DD2FA758654AE121FAFA811BA0BC06
Certificate serial:       73425BA1F985AF7CD46776A0F0C7E90D32BB2D8B
Authority key identifier: 31:F3:43:9B:94:DD:2F:A7:58:65:4A:E1:21:FA:FA:81:1B:A0:BC:06
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/31F3439B94DD2FA758654AE121FAFA811BA0BC06.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2B77382DDADECADABC84153EA4D4F9C48D8F3561DD125E0CCE6E43D5950A8E34/0/34352e3233322e33322e302f32322d3234203d3e203532333431.roa
Signing time:             Tue 05 Mar 2024 18:19:42 +0000
ROA not before:           Tue 05 Mar 2024 18:14:42 +0000
ROA not after:            Tue 04 Mar 2025 18:19:42 +0000
asID:                     52341
IP address blocks:        45.232.32.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2B77382DDADECADABC84153EA4D4F9C48D8F3561DD125E0CCE6E43D5950A8E34/0/31F3439B94DD2FA758654AE121FAFA811BA0BC06.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2B77382DDADECADABC84153EA4D4F9C48D8F3561DD125E0CCE6E43D5950A8E34/0/31F3439B94DD2FA758654AE121FAFA811BA0BC06.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/31F3439B94DD2FA758654AE121FAFA811BA0BC06.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 19:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:42:5b:a1:f9:85:af:7c:d4:67:76:a0:f0:c7:e9:0d:32:bb:2d:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31F3439B94DD2FA758654AE121FAFA811BA0BC06
        Validity
            Not Before: Mar  5 18:14:42 2024 GMT
            Not After : Mar  4 18:19:42 2025 GMT
        Subject: CN=5AE4ADC967D8ED5D0014D60576FA17145BEA69F8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:a8:14:a0:85:bf:cf:f3:db:14:a3:eb:29:0c:
                    59:8e:9c:4e:ad:fc:b9:25:ff:7d:97:57:80:d0:81:
                    06:3c:78:39:62:d7:7c:54:2d:bc:7f:77:f4:02:49:
                    de:32:39:69:51:de:c8:eb:45:1f:57:f4:56:0a:25:
                    e3:8c:8d:cb:b2:3b:e4:63:1c:e4:b3:22:3d:db:e5:
                    04:8f:f0:98:2c:0a:00:ae:94:23:3c:06:e7:fc:53:
                    d5:0b:11:f2:5d:e4:bd:94:80:c6:5b:94:e7:18:3b:
                    1e:56:9f:52:f3:af:0a:e2:77:9b:5f:cc:32:39:e6:
                    1d:13:d7:05:11:51:9d:9c:ab:c9:9e:6d:d4:f0:6a:
                    6b:c8:b8:cb:59:66:42:4f:53:14:a5:c8:af:64:c1:
                    d5:df:8c:86:6d:7c:c0:24:ad:1e:41:1b:ea:4a:4a:
                    26:95:cf:3f:49:bb:07:db:98:06:f6:83:15:fa:44:
                    a8:cb:9f:c6:06:b2:61:2f:b1:60:2b:00:c3:68:69:
                    dd:5c:8d:d6:3a:ad:d4:c3:fa:f4:33:ef:f4:86:eb:
                    81:ef:1c:90:01:6d:bf:f8:29:70:c5:a1:c6:2b:b6:
                    83:be:55:51:03:dc:8d:26:3b:0b:5e:06:ad:61:cd:
                    fe:60:4a:8d:2f:af:4e:60:c6:b8:67:aa:4f:24:d8:
                    97:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:E4:AD:C9:67:D8:ED:5D:00:14:D6:05:76:FA:17:14:5B:EA:69:F8
            X509v3 Authority Key Identifier:
                keyid:31:F3:43:9B:94:DD:2F:A7:58:65:4A:E1:21:FA:FA:81:1B:A0:BC:06

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2B77382DDADECADABC84153EA4D4F9C48D8F3561DD125E0CCE6E43D5950A8E34/0/31F3439B94DD2FA758654AE121FAFA811BA0BC06.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/31F3439B94DD2FA758654AE121FAFA811BA0BC06.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2B77382DDADECADABC84153EA4D4F9C48D8F3561DD125E0CCE6E43D5950A8E34/0/34352e3233322e33322e302f32322d3234203d3e203532333431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.232.32.0/22

    Signature Algorithm: sha256WithRSAEncryption
         92:dd:b5:11:df:41:91:68:f9:21:91:5e:52:13:8a:3c:09:3c:
         8a:b8:7b:48:6f:64:be:e1:63:b8:af:ae:43:c3:b8:6f:1b:09:
         5c:be:24:45:8c:89:7c:e2:d3:84:d7:8f:73:c1:3d:ce:1e:2d:
         09:3a:ed:3e:f9:ef:96:45:9e:4e:e7:37:f8:6e:06:6e:a4:a5:
         bc:65:32:48:29:f0:ec:02:7c:25:67:93:cc:88:c1:56:1a:07:
         1d:fa:ae:4d:91:58:f2:3a:7d:c7:7f:cd:9b:6b:69:ea:ab:e9:
         37:a6:85:db:d1:ab:1d:9e:92:da:1d:7e:85:bb:83:1a:66:f5:
         b3:b5:10:d1:84:91:84:7d:d8:75:b1:a4:32:34:3a:3c:1f:76:
         ab:f0:7b:47:28:ae:98:5c:b7:33:c8:63:b9:72:37:f2:eb:eb:
         8b:07:1e:3b:3b:45:1f:f7:21:98:45:67:73:63:28:c2:f3:2f:
         da:a6:04:d9:43:36:3b:29:53:51:76:88:1a:ae:52:ef:c3:e6:
         f2:76:8b:48:c3:7c:99:ac:ef:1b:7b:b1:5b:ac:0f:46:df:3e:
         49:89:50:94:39:21:b5:e9:ce:ef:2c:e9:a3:5e:fb:c8:a5:fb:
         11:b8:29:f8:7f:9a:46:2f:bf:29:68:f0:9d:d1:42:bc:fd:59:
         f0:15:1c:1f
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUc0JbofmFr3zUZ3ag8MfpDTK7LYswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzFGMzQzOUI5NEREMkZBNzU4NjU0QUUxMjFGQUZBODEx
QkEwQkMwNjAeFw0yNDAzMDUxODE0NDJaFw0yNTAzMDQxODE5NDJaMDMxMTAvBgNV
BAMTKDVBRTRBREM5NjdEOEVENUQwMDE0RDYwNTc2RkExNzE0NUJFQTY5RjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuqBSghb/P89sUo+spDFmOnE6t
/Lkl/32XV4DQgQY8eDli13xULbx/d/QCSd4yOWlR3sjrRR9X9FYKJeOMjcuyO+Rj
HOSzIj3b5QSP8JgsCgCulCM8Buf8U9ULEfJd5L2UgMZblOcYOx5Wn1Lzrwrid5tf
zDI55h0T1wURUZ2cq8mebdTwamvIuMtZZkJPUxSlyK9kwdXfjIZtfMAkrR5BG+pK
SiaVzz9JuwfbmAb2gxX6RKjLn8YGsmEvsWArAMNoad1cjdY6rdTD+vQz7/SG64Hv
HJABbb/4KXDFocYrtoO+VVED3I0mOwteBq1hzf5gSo0vr05gxrhnqk8k2JfzAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUWuStyWfY7V0AFNYFdvoXFFvqafgwHwYDVR0j
BBgwFoAUMfNDm5TdL6dYZUrhIfr6gRugvAYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yQjc3MzgyRERBREVDQURBQkM4NDE1M0VBNEQ0RjlDNDhE
OEYzNTYxREQxMjVFMENDRTZFNDNENTk1MEE4RTM0LzAvMzFGMzQzOUI5NEREMkZB
NzU4NjU0QUUxMjFGQUZBODExQkEwQkMwNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zMUYzNDM5Qjk0REQyRkE3NTg2
NTRBRTEyMUZBRkE4MTFCQTBCQzA2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMkI3NzM4MkREQURFQ0FEQUJDODQxNTNFQTRENEY5QzQ4RDhGMzU2MURE
MTI1RTBDQ0U2RTQzRDU5NTBBOEUzNC8wLzM0MzUyZTMyMzMzMjJlMzMzMjJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDM1MzIzMzM0MzEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIt6CAwDQYJ
KoZIhvcNAQELBQADggEBAJLdtRHfQZFo+SGRXlITijwJPIq4e0hvZL7hY7ivrkPD
uG8bCVy+JEWMiXzi04TXj3PBPc4eLQk67T7575ZFnk7nN/huBm6kpbxlMkgp8OwC
fCVnk8yIwVYaBx36rk2RWPI6fcd/zZtraeqr6TemhdvRqx2ektodfoW7gxpm9bO1
ENGEkYR92HWxpDI0Ojwfdqvwe0corphctzPIY7lyN/Lr64sHHjs7RR/3IZhFZ3Nj
KMLzL9qmBNlDNjspU1F2iBquUu/D5vJ2i0jDfJms7xt7sVusD0bfPkmJUJQ5IbXp
zu8s6aNe+8il+xG4Kfh/mkYvvylo8J3RQrz9WfAVHB8=
-----END CERTIFICATE-----
Generated at Tue Dec 10 03:20:36 2024 by rpki-client on console-fra.rpki-client.org