Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2DD3B0AA7D6DB59528108085A18B9FF969B5B062D180A63241CA04F5B56E163C/0/34352e3139312e3131322e302f32322d3232203d3e20313336393037.roa
File:                     34352e3139312e3131322e302f32322d3232203d3e20313336393037.roa (raw, json)
Hash identifier:          rMnaff4ZLinFt0xlFGaI8hVeM1vuu0lTbNyMO18eKe0=
Subject key identifier:   21:23:26:55:BF:4C:B3:A8:AA:1F:32:D8:81:21:FF:34:C8:97:FA:1C
Certificate issuer:       /CN=36A232DEC8FF17295E0671B40126922251AAE733
Certificate serial:       160825309768CA9B582E490EB0F7425EB9FEE918
Authority key identifier: 36:A2:32:DE:C8:FF:17:29:5E:06:71:B4:01:26:92:22:51:AA:E7:33
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/36A232DEC8FF17295E0671B40126922251AAE733.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2DD3B0AA7D6DB59528108085A18B9FF969B5B062D180A63241CA04F5B56E163C/0/34352e3139312e3131322e302f32322d3232203d3e20313336393037.roa
Signing time:             Tue 05 Mar 2024 18:10:07 +0000
ROA not before:           Tue 05 Mar 2024 18:05:07 +0000
ROA not after:            Tue 04 Mar 2025 18:10:07 +0000
asID:                     136907
IP address blocks:        45.191.112.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2DD3B0AA7D6DB59528108085A18B9FF969B5B062D180A63241CA04F5B56E163C/0/36A232DEC8FF17295E0671B40126922251AAE733.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2DD3B0AA7D6DB59528108085A18B9FF969B5B062D180A63241CA04F5B56E163C/0/36A232DEC8FF17295E0671B40126922251AAE733.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/36A232DEC8FF17295E0671B40126922251AAE733.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 22 May 2024 10:19:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:08:25:30:97:68:ca:9b:58:2e:49:0e:b0:f7:42:5e:b9:fe:e9:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=36A232DEC8FF17295E0671B40126922251AAE733
        Validity
            Not Before: Mar  5 18:05:07 2024 GMT
            Not After : Mar  4 18:10:07 2025 GMT
        Subject: CN=21232655BF4CB3A8AA1F32D88121FF34C897FA1C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:c2:bd:8c:e8:c3:c9:56:f9:28:18:e4:bd:3a:
                    53:71:18:22:4f:e8:5e:89:d1:63:28:4d:b6:43:53:
                    7c:c4:8b:5a:b2:75:f7:e1:03:98:b7:3a:80:9b:80:
                    51:c7:78:ed:dd:26:73:7d:34:7c:19:b7:cc:1b:25:
                    d2:be:a1:f9:f0:d4:7b:45:82:77:e2:67:b1:80:27:
                    f4:92:e7:ae:41:08:e3:49:6a:c8:97:46:58:72:91:
                    ab:a1:12:62:8b:1f:c9:98:0a:c5:02:dd:70:a4:91:
                    43:8d:50:57:9f:88:e1:79:7f:d9:3b:a3:7d:74:40:
                    39:9b:59:f4:d0:ea:22:eb:a2:8d:cc:8c:4e:23:9a:
                    67:4b:41:7c:b6:d3:9c:e8:0a:4b:45:18:fd:84:f7:
                    3a:54:5c:01:64:2e:f7:4d:7e:9e:24:51:67:bf:b6:
                    43:ce:c9:fb:8a:fd:81:ae:0a:29:13:5d:ce:a6:d4:
                    d7:eb:28:cb:87:74:bc:b8:03:88:ab:26:cc:d9:f2:
                    13:ba:0d:39:20:aa:a3:26:ef:cd:60:ec:66:a3:f6:
                    c1:45:cb:0c:0c:21:7a:66:95:4c:c7:a3:a4:6e:31:
                    24:44:75:a7:74:70:7e:72:e9:04:cc:e4:fb:ab:fb:
                    b0:8d:c6:94:79:3f:9d:38:15:60:24:bc:e4:9e:ac:
                    0e:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:23:26:55:BF:4C:B3:A8:AA:1F:32:D8:81:21:FF:34:C8:97:FA:1C
            X509v3 Authority Key Identifier:
                keyid:36:A2:32:DE:C8:FF:17:29:5E:06:71:B4:01:26:92:22:51:AA:E7:33

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2DD3B0AA7D6DB59528108085A18B9FF969B5B062D180A63241CA04F5B56E163C/0/36A232DEC8FF17295E0671B40126922251AAE733.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/36A232DEC8FF17295E0671B40126922251AAE733.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2DD3B0AA7D6DB59528108085A18B9FF969B5B062D180A63241CA04F5B56E163C/0/34352e3139312e3131322e302f32322d3232203d3e20313336393037.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.191.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         20:e2:b1:99:ea:15:3a:55:c5:cb:fc:22:8c:ef:23:0e:d5:b9:
         6e:33:38:fc:1c:04:84:ec:5c:4a:6b:3b:5c:89:98:56:cd:95:
         9f:37:2d:0a:2d:58:9c:99:3a:1e:fb:f5:05:bd:52:fd:62:19:
         08:ea:39:c0:4a:1b:28:cb:30:10:1e:0d:12:52:d1:99:5b:36:
         ea:23:77:bf:ab:8d:43:d6:e0:5f:f3:6e:6a:e4:e2:df:e8:36:
         50:be:22:34:18:7b:62:ff:4a:b0:af:1b:38:e0:54:57:f2:bc:
         40:26:e5:77:66:f6:2e:ec:db:7b:73:ba:a1:89:44:7b:c8:1e:
         5c:0f:f6:2a:22:c3:c4:e9:57:f2:26:e2:c1:46:86:1a:a9:2a:
         41:f4:2c:a5:6c:85:b9:d4:ed:f0:48:67:a3:37:10:34:37:c4:
         b8:93:c1:27:04:8c:11:93:ba:42:f4:55:b4:b7:7c:93:af:f5:
         64:e4:49:b0:08:a6:b9:5c:e1:6c:3a:21:46:52:a9:00:14:8b:
         4c:f6:29:7a:41:63:a4:01:10:0f:6e:1b:10:c1:04:1b:47:cb:
         5e:46:10:52:6a:ae:6b:55:47:e5:32:aa:43:8a:f2:33:92:d5:
         d0:af:54:f2:d7:b7:48:19:0a:53:b2:7c:6c:b9:64:e8:b7:cc:
         04:cd:c8:a4
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUFgglMJdoyptYLkkOsPdCXrn+6RgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzZBMjMyREVDOEZGMTcyOTVFMDY3MUI0MDEyNjkyMjI1
MUFBRTczMzAeFw0yNDAzMDUxODA1MDdaFw0yNTAzMDQxODEwMDdaMDMxMTAvBgNV
BAMTKDIxMjMyNjU1QkY0Q0IzQThBQTFGMzJEODgxMjFGRjM0Qzg5N0ZBMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCowr2M6MPJVvkoGOS9OlNxGCJP
6F6J0WMoTbZDU3zEi1qydffhA5i3OoCbgFHHeO3dJnN9NHwZt8wbJdK+ofnw1HtF
gnfiZ7GAJ/SS565BCONJasiXRlhykauhEmKLH8mYCsUC3XCkkUONUFefiOF5f9k7
o310QDmbWfTQ6iLroo3MjE4jmmdLQXy205zoCktFGP2E9zpUXAFkLvdNfp4kUWe/
tkPOyfuK/YGuCikTXc6m1NfrKMuHdLy4A4irJszZ8hO6DTkgqqMm781g7Gaj9sFF
ywwMIXpmlUzHo6RuMSREdad0cH5y6QTM5Pur+7CNxpR5P504FWAkvOSerA5rAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUISMmVb9Ms6iqHzLYgSH/NMiX+hwwHwYDVR0j
BBgwFoAUNqIy3sj/FyleBnG0ASaSIlGq5zMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yREQzQjBBQTdENkRCNTk1MjgxMDgwODVBMThCOUZGOTY5
QjVCMDYyRDE4MEE2MzI0MUNBMDRGNUI1NkUxNjNDLzAvMzZBMjMyREVDOEZGMTcy
OTVFMDY3MUI0MDEyNjkyMjI1MUFBRTczMy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zNkEyMzJERUM4RkYxNzI5NUUw
NjcxQjQwMTI2OTIyMjUxQUFFNzMzLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMkREM0IwQUE3RDZEQjU5NTI4MTA4MDg1QTE4QjlGRjk2OUI1QjA2MkQx
ODBBNjMyNDFDQTA0RjVCNTZFMTYzQy8wLzM0MzUyZTMxMzkzMTJlMzEzMTMyMmUz
MDJmMzIzMjJkMzIzMjIwM2QzZTIwMzEzMzM2MzkzMDM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLb9w
MA0GCSqGSIb3DQEBCwUAA4IBAQAg4rGZ6hU6VcXL/CKM7yMO1bluMzj8HASE7FxK
aztciZhWzZWfNy0KLVicmToe+/UFvVL9YhkI6jnAShsoyzAQHg0SUtGZWzbqI3e/
q41D1uBf825q5OLf6DZQviI0GHti/0qwrxs44FRX8rxAJuV3ZvYu7Nt7c7qhiUR7
yB5cD/YqIsPE6VfyJuLBRoYaqSpB9CylbIW51O3wSGejNxA0N8S4k8EnBIwRk7pC
9FW0t3yTr/Vk5EmwCKa5XOFsOiFGUqkAFItM9il6QWOkARAPbhsQwQQbR8teRhBS
aq5rVUflMqpDivIzktXQr1Ty17dIGQpTsnxsuWTot8wEzcik
-----END CERTIFICATE-----
Generated at Sat May 18 07:18:47 2024 by rpki-client on console-fra.rpki-client.org