Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2C35E9DF2C9E7ACDC5733C6AD9D4AFD4078EE5DEA55F9E620B54B4C501A21FCB/0/34352e3136342e3137322e302f32322d3234203d3e20323637373035.roa
File:                     34352e3136342e3137322e302f32322d3234203d3e20323637373035.roa (raw, json)
Hash identifier:          PQPus2ilTdcaog9gFxzRd2jSdO0iT/PpxBzTcJif/PI=
Subject key identifier:   42:05:DE:A8:F7:AC:D7:A1:2E:33:67:68:38:B8:77:AB:A2:3D:98:D3
Certificate issuer:       /CN=00FF295B939AD72589CE24B7E4ED41FC5C56A336
Certificate serial:       5B4148137736CF2A21F1E2A6E16F9A2F4F2D86F9
Authority key identifier: 00:FF:29:5B:93:9A:D7:25:89:CE:24:B7:E4:ED:41:FC:5C:56:A3:36
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/00FF295B939AD72589CE24B7E4ED41FC5C56A336.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2C35E9DF2C9E7ACDC5733C6AD9D4AFD4078EE5DEA55F9E620B54B4C501A21FCB/0/34352e3136342e3137322e302f32322d3234203d3e20323637373035.roa
Signing time:             Tue 05 Mar 2024 17:54:19 +0000
ROA not before:           Tue 05 Mar 2024 17:49:19 +0000
ROA not after:            Tue 04 Mar 2025 17:54:19 +0000
asID:                     267705
IP address blocks:        45.164.172.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2C35E9DF2C9E7ACDC5733C6AD9D4AFD4078EE5DEA55F9E620B54B4C501A21FCB/0/00FF295B939AD72589CE24B7E4ED41FC5C56A336.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2C35E9DF2C9E7ACDC5733C6AD9D4AFD4078EE5DEA55F9E620B54B4C501A21FCB/0/00FF295B939AD72589CE24B7E4ED41FC5C56A336.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/00FF295B939AD72589CE24B7E4ED41FC5C56A336.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Jul 2024 18:21:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:41:48:13:77:36:cf:2a:21:f1:e2:a6:e1:6f:9a:2f:4f:2d:86:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00FF295B939AD72589CE24B7E4ED41FC5C56A336
        Validity
            Not Before: Mar  5 17:49:19 2024 GMT
            Not After : Mar  4 17:54:19 2025 GMT
        Subject: CN=4205DEA8F7ACD7A12E33676838B877ABA23D98D3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:76:0a:5d:af:09:fc:2d:6b:6c:5d:04:30:a9:
                    6e:bc:d8:c4:0a:2f:bb:dd:d0:7d:d4:3c:12:07:a7:
                    08:31:de:d2:53:2f:70:2c:8d:cd:a9:83:01:34:e4:
                    a7:c2:49:be:59:cc:96:e9:2d:30:24:c8:9d:bd:14:
                    0c:dd:81:e9:01:97:43:1d:2a:c5:31:41:05:f9:b0:
                    a3:80:a9:ce:cd:bc:b5:39:a7:54:ca:46:ba:a1:17:
                    97:6a:7b:ec:3d:6a:e3:85:53:d5:6f:46:39:9b:8b:
                    18:7f:39:44:33:e3:01:31:23:26:38:65:4c:52:f1:
                    1b:52:cc:37:56:d5:04:e9:2e:66:7a:93:43:79:68:
                    4a:40:33:36:a9:15:90:46:03:87:71:c5:ba:b7:9d:
                    28:8c:77:3e:d5:f4:cd:70:a1:02:fa:d4:72:c6:0b:
                    f6:97:cc:7b:43:c1:68:8b:8a:29:b4:93:9a:f3:fc:
                    ed:7e:68:71:cd:48:00:d4:a9:fe:ee:aa:0d:f0:9c:
                    76:83:7b:98:b5:ba:ef:70:81:68:9b:98:1d:a6:a7:
                    67:98:1c:cc:4f:5b:bf:45:e7:25:eb:52:b8:a9:20:
                    02:50:84:83:42:d2:e2:10:e2:ab:c9:2d:7c:b7:dd:
                    db:4b:4e:89:c4:1d:e2:ed:e5:ce:ca:b3:6c:2c:50:
                    1d:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:05:DE:A8:F7:AC:D7:A1:2E:33:67:68:38:B8:77:AB:A2:3D:98:D3
            X509v3 Authority Key Identifier:
                keyid:00:FF:29:5B:93:9A:D7:25:89:CE:24:B7:E4:ED:41:FC:5C:56:A3:36

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2C35E9DF2C9E7ACDC5733C6AD9D4AFD4078EE5DEA55F9E620B54B4C501A21FCB/0/00FF295B939AD72589CE24B7E4ED41FC5C56A336.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/00FF295B939AD72589CE24B7E4ED41FC5C56A336.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2C35E9DF2C9E7ACDC5733C6AD9D4AFD4078EE5DEA55F9E620B54B4C501A21FCB/0/34352e3136342e3137322e302f32322d3234203d3e20323637373035.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.164.172.0/22

    Signature Algorithm: sha256WithRSAEncryption
         48:df:78:98:c9:26:c2:3c:81:0c:96:a4:5f:65:ce:65:43:85:
         97:e4:31:c0:20:6f:ab:71:fe:ca:69:90:64:40:8e:ee:fa:24:
         3f:93:17:cf:fb:a2:af:d7:1e:e8:45:9b:06:c8:c0:9c:36:b9:
         40:33:a5:9a:bf:9f:9e:4f:3c:e1:20:10:aa:ce:bf:8f:50:27:
         94:a8:69:ce:c3:e0:60:5c:0e:4f:1c:3f:eb:f5:95:b5:d9:e8:
         60:22:15:b1:4d:80:aa:1f:95:51:f6:e0:1b:51:49:31:34:2e:
         7a:73:b8:28:22:ba:be:3e:e2:4c:0f:8d:bb:ee:30:ac:fb:01:
         b0:d5:91:b5:84:fb:6c:23:93:e8:a8:d8:fc:10:1a:47:78:d8:
         25:0b:a4:0a:4d:d2:a5:ba:e9:83:48:0e:e9:50:d1:43:b8:42:
         35:12:ed:09:2f:37:0b:62:5d:e6:b2:6b:20:05:0b:a1:c3:8f:
         3b:25:e8:dd:2c:1e:bc:47:89:29:19:97:0d:b5:1f:e8:79:49:
         bc:0b:34:99:41:f3:8b:5b:9f:58:9c:e6:59:09:90:6b:78:03:
         a4:6f:a4:b9:e8:48:71:0a:94:29:25:43:2e:a7:d6:25:3c:e4:
         57:40:01:23:72:8d:68:f4:d6:bd:fa:e1:33:89:45:f7:87:01:
         28:9c:71:53
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUW0FIE3c2zyoh8eKm4W+aL08thvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDBGRjI5NUI5MzlBRDcyNTg5Q0UyNEI3RTRFRDQxRkM1
QzU2QTMzNjAeFw0yNDAzMDUxNzQ5MTlaFw0yNTAzMDQxNzU0MTlaMDMxMTAvBgNV
BAMTKDQyMDVERUE4RjdBQ0Q3QTEyRTMzNjc2ODM4Qjg3N0FCQTIzRDk4RDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1dgpdrwn8LWtsXQQwqW682MQK
L7vd0H3UPBIHpwgx3tJTL3Asjc2pgwE05KfCSb5ZzJbpLTAkyJ29FAzdgekBl0Md
KsUxQQX5sKOAqc7NvLU5p1TKRrqhF5dqe+w9auOFU9VvRjmbixh/OUQz4wExIyY4
ZUxS8RtSzDdW1QTpLmZ6k0N5aEpAMzapFZBGA4dxxbq3nSiMdz7V9M1woQL61HLG
C/aXzHtDwWiLiim0k5rz/O1+aHHNSADUqf7uqg3wnHaDe5i1uu9wgWibmB2mp2eY
HMxPW79F5yXrUripIAJQhINC0uIQ4qvJLXy33dtLTonEHeLt5c7Ks2wsUB1tAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUQgXeqPes16EuM2doOLh3q6I9mNMwHwYDVR0j
BBgwFoAUAP8pW5Oa1yWJziS35O1B/FxWozYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yQzM1RTlERjJDOUU3QUNEQzU3MzNDNkFEOUQ0QUZENDA3
OEVFNURFQTU1RjlFNjIwQjU0QjRDNTAxQTIxRkNCLzAvMDBGRjI5NUI5MzlBRDcy
NTg5Q0UyNEI3RTRFRDQxRkM1QzU2QTMzNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wMEZGMjk1QjkzOUFENzI1ODlD
RTI0QjdFNEVENDFGQzVDNTZBMzM2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMkMzNUU5REYyQzlFN0FDREM1NzMzQzZBRDlENEFGRDQwNzhFRTVERUE1
NUY5RTYyMEI1NEI0QzUwMUEyMUZDQi8wLzM0MzUyZTMxMzYzNDJlMzEzNzMyMmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM3MzczMDM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLaSs
MA0GCSqGSIb3DQEBCwUAA4IBAQBI33iYySbCPIEMlqRfZc5lQ4WX5DHAIG+rcf7K
aZBkQI7u+iQ/kxfP+6Kv1x7oRZsGyMCcNrlAM6Wav5+eTzzhIBCqzr+PUCeUqGnO
w+BgXA5PHD/r9ZW12ehgIhWxTYCqH5VR9uAbUUkxNC56c7goIrq+PuJMD4277jCs
+wGw1ZG1hPtsI5PoqNj8EBpHeNglC6QKTdKluumDSA7pUNFDuEI1Eu0JLzcLYl3m
smsgBQuhw487JejdLB68R4kpGZcNtR/oeUm8CzSZQfOLW59YnOZZCZBreAOkb6S5
6EhxCpQpJUMup9YlPORXQAEjco1o9Na9+uEziUX3hwEonHFT
-----END CERTIFICATE-----
Generated at Thu Jul 11 20:43:08 2024 by rpki-client on console-ams.rpki-client.org