Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/2E563186D7451AF6254B321784269858A7A11CC13779FAA835F6DFEB32D81F03/0/34352e36352e3234302e302f32322d3234203d3e20323634373830.roa
File:                     34352e36352e3234302e302f32322d3234203d3e20323634373830.roa (raw, json)
Hash identifier:          0m6OiP/L+mzfzq9mJudFWNLhkrXvkk0hGS6/WMnqnJc=
Subject key identifier:   20:27:08:92:D6:98:2B:20:AA:85:6E:B7:11:48:9E:E4:F6:98:AC:7E
Certificate issuer:       /CN=753B319406FC01DB8D7206FA8131F5993B7C6A61
Certificate serial:       33CC557941D63FFDAB35A4BE36549EDF3BDCEBBE
Authority key identifier: 75:3B:31:94:06:FC:01:DB:8D:72:06:FA:81:31:F5:99:3B:7C:6A:61
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/753B319406FC01DB8D7206FA8131F5993B7C6A61.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/2E563186D7451AF6254B321784269858A7A11CC13779FAA835F6DFEB32D81F03/0/34352e36352e3234302e302f32322d3234203d3e20323634373830.roa
Signing time:             Tue 05 Mar 2024 18:02:03 +0000
ROA not before:           Tue 05 Mar 2024 17:57:03 +0000
ROA not after:            Tue 04 Mar 2025 18:02:03 +0000
asID:                     264780
IP address blocks:        45.65.240.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/2E563186D7451AF6254B321784269858A7A11CC13779FAA835F6DFEB32D81F03/0/753B319406FC01DB8D7206FA8131F5993B7C6A61.crl
                          rsync://repository.lacnic.net/rpki/lacnic/2E563186D7451AF6254B321784269858A7A11CC13779FAA835F6DFEB32D81F03/0/753B319406FC01DB8D7206FA8131F5993B7C6A61.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/753B319406FC01DB8D7206FA8131F5993B7C6A61.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:cc:55:79:41:d6:3f:fd:ab:35:a4:be:36:54:9e:df:3b:dc:eb:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=753B319406FC01DB8D7206FA8131F5993B7C6A61
        Validity
            Not Before: Mar  5 17:57:03 2024 GMT
            Not After : Mar  4 18:02:03 2025 GMT
        Subject: CN=20270892D6982B20AA856EB711489EE4F698AC7E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:bc:a5:a0:1f:a0:58:4a:fd:b0:4d:b8:d4:f1:
                    5b:cb:32:3f:92:a6:da:b2:b6:e5:d5:09:c9:70:99:
                    d0:0d:59:e2:35:ba:bf:ae:a0:86:52:90:bd:3b:49:
                    3c:7e:c0:ec:2c:92:e9:ee:3c:80:19:6f:2b:d7:ca:
                    a0:fa:9e:9d:a6:df:12:dc:9d:8d:16:fc:f7:4e:aa:
                    4f:d7:d7:d0:5a:fb:dd:90:5f:bc:cf:b2:e3:e0:c0:
                    12:dc:b2:9d:76:e0:96:7a:59:b3:e8:29:0b:de:8e:
                    f9:3a:8b:e1:03:75:3f:8e:89:b6:12:33:72:76:87:
                    cf:15:fb:31:79:41:2a:35:b0:83:48:84:17:34:3f:
                    e5:42:98:cc:f4:f1:b3:7f:8d:f1:a6:e4:cb:ab:69:
                    12:a8:1e:66:ba:cf:a4:5f:85:9c:2c:54:a0:05:2b:
                    2d:20:64:fe:55:5a:ed:60:b3:fb:96:48:c7:6a:3d:
                    67:f7:c3:8a:d4:7c:eb:88:c1:57:46:21:17:ab:09:
                    af:8b:51:c5:07:c3:80:ca:df:93:82:0f:a7:64:d9:
                    8c:3b:a5:1b:b3:d0:e3:1c:8e:ff:ae:44:a7:45:03:
                    74:f2:27:d7:9d:55:85:0d:f4:dd:a4:43:f1:c4:59:
                    5d:e6:28:df:50:a0:41:92:66:7c:cc:aa:c0:82:61:
                    e4:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:27:08:92:D6:98:2B:20:AA:85:6E:B7:11:48:9E:E4:F6:98:AC:7E
            X509v3 Authority Key Identifier:
                keyid:75:3B:31:94:06:FC:01:DB:8D:72:06:FA:81:31:F5:99:3B:7C:6A:61

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/2E563186D7451AF6254B321784269858A7A11CC13779FAA835F6DFEB32D81F03/0/753B319406FC01DB8D7206FA8131F5993B7C6A61.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/753B319406FC01DB8D7206FA8131F5993B7C6A61.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/2E563186D7451AF6254B321784269858A7A11CC13779FAA835F6DFEB32D81F03/0/34352e36352e3234302e302f32322d3234203d3e20323634373830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.65.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b0:fb:c6:70:12:2c:b6:cd:c2:ed:ca:de:6b:78:a2:71:ca:33:
         2c:fb:ec:4b:fa:6f:15:0f:74:bd:28:31:94:01:12:21:c6:ae:
         02:53:9c:43:c3:83:f4:20:d1:70:8e:71:da:51:88:7f:ac:98:
         5e:dc:c5:74:6a:a4:f5:eb:d5:52:d1:0c:d5:29:78:c2:81:25:
         24:59:3d:4f:c0:39:86:a5:1a:01:c9:ba:ec:bf:9c:d8:11:ad:
         75:4e:3e:9a:70:fd:a0:cd:ac:c0:95:fd:c2:30:2e:7f:58:34:
         04:41:04:21:1f:33:ef:dd:25:3f:44:3d:5d:7e:13:c2:73:fc:
         20:7a:cd:35:12:0c:bd:b7:b9:26:6f:27:5d:b6:22:89:72:83:
         fa:e9:89:40:2a:16:9d:4f:42:5d:47:5a:bf:e2:e9:ab:d9:76:
         4f:61:05:b9:6b:93:95:ec:ee:64:b8:00:8a:0e:6d:6a:6b:cd:
         30:14:c5:65:45:ca:32:0d:c6:26:fa:90:c5:a7:a8:e9:b8:20:
         88:ab:0e:61:e5:03:5f:8a:06:6a:30:46:9d:0a:b9:81:e6:7c:
         41:da:6d:b1:71:b3:60:ae:c7:cf:04:43:bc:f9:f9:ec:bb:12:
         8c:24:e5:dc:e2:85:38:0a:1b:07:cc:59:fa:ed:ec:2d:b4:af:
         c7:83:c9:4e
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUM8xVeUHWP/2rNaS+NlSe3zvc674wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzUzQjMxOTQwNkZDMDFEQjhENzIwNkZBODEzMUY1OTkz
QjdDNkE2MTAeFw0yNDAzMDUxNzU3MDNaFw0yNTAzMDQxODAyMDNaMDMxMTAvBgNV
BAMTKDIwMjcwODkyRDY5ODJCMjBBQTg1NkVCNzExNDg5RUU0RjY5OEFDN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrvKWgH6BYSv2wTbjU8VvLMj+S
ptqytuXVCclwmdANWeI1ur+uoIZSkL07STx+wOwskunuPIAZbyvXyqD6np2m3xLc
nY0W/PdOqk/X19Ba+92QX7zPsuPgwBLcsp124JZ6WbPoKQvejvk6i+EDdT+OibYS
M3J2h88V+zF5QSo1sINIhBc0P+VCmMz08bN/jfGm5MuraRKoHma6z6RfhZwsVKAF
Ky0gZP5VWu1gs/uWSMdqPWf3w4rUfOuIwVdGIRerCa+LUcUHw4DK35OCD6dk2Yw7
pRuz0OMcjv+uRKdFA3TyJ9edVYUN9N2kQ/HEWV3mKN9QoEGSZnzMqsCCYeQRAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUICcIktaYKyCqhW63EUie5PaYrH4wHwYDVR0j
BBgwFoAUdTsxlAb8AduNcgb6gTH1mTt8amEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8yRTU2MzE4NkQ3NDUxQUY2MjU0QjMyMTc4NDI2OTg1OEE3
QTExQ0MxMzc3OUZBQTgzNUY2REZFQjMyRDgxRjAzLzAvNzUzQjMxOTQwNkZDMDFE
QjhENzIwNkZBODEzMUY1OTkzQjdDNkE2MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83NTNCMzE5NDA2RkMwMURCOEQ3
MjA2RkE4MTMxRjU5OTNCN0M2QTYxLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMkU1NjMxODZENzQ1MUFGNjI1NEIzMjE3ODQyNjk4NThBN0ExMUNDMTM3
NzlGQUE4MzVGNkRGRUIzMkQ4MUYwMy8wLzM0MzUyZTM2MzUyZTMyMzQzMDJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzYzNDM3MzgzMC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi1B8DAN
BgkqhkiG9w0BAQsFAAOCAQEAsPvGcBIsts3C7crea3iiccozLPvsS/pvFQ90vSgx
lAESIcauAlOcQ8OD9CDRcI5x2lGIf6yYXtzFdGqk9evVUtEM1Sl4woElJFk9T8A5
hqUaAcm67L+c2BGtdU4+mnD9oM2swJX9wjAuf1g0BEEEIR8z790lP0Q9XX4TwnP8
IHrNNRIMvbe5Jm8nXbYiiXKD+umJQCoWnU9CXUdav+Lpq9l2T2EFuWuTlezuZLgA
ig5tamvNMBTFZUXKMg3GJvqQxaeo6bggiKsOYeUDX4oGajBGnQq5geZ8QdptsXGz
YK7HzwRDvPn57LsSjCTl3OKFOAobB8xZ+u3sLbSvx4PJTg==
-----END CERTIFICATE-----
Generated at Mon Dec 9 04:18:27 2024 by rpki-client on console-fra.rpki-client.org