Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/30A2F43F3FB56944F31F8E74892769A0D2CFC2B00810BC0FE0D7E86178F99BF3/0/34352e3138312e3132382e302f32322d3234203d3e20323634373635.roa
File:                     34352e3138312e3132382e302f32322d3234203d3e20323634373635.roa (raw, json)
Hash identifier:          KxAkezdy+1LapwVaAPqoJs9vah47LnyZPaHyBuPF198=
Subject key identifier:   45:26:8D:E6:52:CF:D0:F8:02:1A:5D:BD:B5:DC:42:55:6D:FD:50:70
Certificate issuer:       /CN=D1FFBC86B25B487736235C5CA0D6DD004C0CAA6A
Certificate serial:       2B788DCAC27F85870C2C28417DAC15B7AE1250E9
Authority key identifier: D1:FF:BC:86:B2:5B:48:77:36:23:5C:5C:A0:D6:DD:00:4C:0C:AA:6A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1FFBC86B25B487736235C5CA0D6DD004C0CAA6A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/30A2F43F3FB56944F31F8E74892769A0D2CFC2B00810BC0FE0D7E86178F99BF3/0/34352e3138312e3132382e302f32322d3234203d3e20323634373635.roa
Signing time:             Tue 05 Mar 2024 17:45:30 +0000
ROA not before:           Tue 05 Mar 2024 17:40:30 +0000
ROA not after:            Tue 04 Mar 2025 17:45:30 +0000
asID:                     264765
IP address blocks:        45.181.128.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/30A2F43F3FB56944F31F8E74892769A0D2CFC2B00810BC0FE0D7E86178F99BF3/0/D1FFBC86B25B487736235C5CA0D6DD004C0CAA6A.crl
                          rsync://repository.lacnic.net/rpki/lacnic/30A2F43F3FB56944F31F8E74892769A0D2CFC2B00810BC0FE0D7E86178F99BF3/0/D1FFBC86B25B487736235C5CA0D6DD004C0CAA6A.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1FFBC86B25B487736235C5CA0D6DD004C0CAA6A.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 21 Jun 2024 08:25:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:78:8d:ca:c2:7f:85:87:0c:2c:28:41:7d:ac:15:b7:ae:12:50:e9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D1FFBC86B25B487736235C5CA0D6DD004C0CAA6A
        Validity
            Not Before: Mar  5 17:40:30 2024 GMT
            Not After : Mar  4 17:45:30 2025 GMT
        Subject: CN=45268DE652CFD0F8021A5DBDB5DC42556DFD5070
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:2a:e9:82:db:17:2e:a1:71:01:c7:c9:72:9a:
                    30:f4:06:07:c8:a7:75:09:76:11:bf:14:38:50:58:
                    db:07:92:8f:d9:bd:76:e4:a5:b7:d4:3f:f8:e4:d6:
                    43:ec:b1:df:91:71:c7:45:3c:92:da:7d:fd:3d:f8:
                    a3:4d:61:38:c9:06:38:01:2d:de:a3:d3:a4:68:9a:
                    74:a3:d6:d7:d0:29:5e:c2:53:65:d2:a8:2d:7f:9d:
                    0d:cd:38:df:26:61:f5:f5:77:4a:ac:a0:9a:7b:cd:
                    f7:7a:5b:33:06:43:49:1c:bb:6f:03:5e:4c:3b:7b:
                    02:e9:e9:c0:55:e5:bf:e7:c9:14:54:c3:e6:78:46:
                    df:d9:e1:c4:09:17:b9:ed:8d:87:75:dc:67:52:98:
                    2f:17:be:45:7e:38:dd:d4:ca:ab:08:20:12:f0:5d:
                    ae:4d:dd:69:21:44:ca:6f:6a:b6:26:3d:86:79:9c:
                    88:32:83:01:a4:f4:ff:9f:05:99:60:68:f1:32:98:
                    76:78:5a:bb:24:fe:ff:7c:c9:b5:28:ee:b8:e8:13:
                    ce:99:40:28:79:23:86:d3:b8:22:6c:74:a8:7e:30:
                    05:fb:4c:67:0a:29:9b:04:81:ef:44:e9:8f:75:b5:
                    d0:5d:e7:bf:33:f6:bd:7f:45:eb:74:2e:af:30:48:
                    b2:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:26:8D:E6:52:CF:D0:F8:02:1A:5D:BD:B5:DC:42:55:6D:FD:50:70
            X509v3 Authority Key Identifier:
                keyid:D1:FF:BC:86:B2:5B:48:77:36:23:5C:5C:A0:D6:DD:00:4C:0C:AA:6A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/30A2F43F3FB56944F31F8E74892769A0D2CFC2B00810BC0FE0D7E86178F99BF3/0/D1FFBC86B25B487736235C5CA0D6DD004C0CAA6A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1FFBC86B25B487736235C5CA0D6DD004C0CAA6A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/30A2F43F3FB56944F31F8E74892769A0D2CFC2B00810BC0FE0D7E86178F99BF3/0/34352e3138312e3132382e302f32322d3234203d3e20323634373635.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.181.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         28:93:c4:ea:c0:6f:ec:a3:ab:14:03:b1:b3:36:7a:1f:70:93:
         fd:92:7d:09:96:89:12:b7:62:1a:bb:07:6c:13:23:4f:bf:28:
         c6:61:f5:be:43:51:fb:4f:53:d5:cf:ec:2a:c6:c2:5b:8b:f7:
         d9:97:21:66:f5:86:1a:7f:1c:bc:58:3d:12:e1:0e:a2:4f:c1:
         26:29:58:a7:da:9d:48:fb:16:55:63:75:86:a2:83:2a:5f:32:
         54:01:ad:bc:18:be:97:fa:f1:31:9b:dd:b3:f6:7d:d0:50:1e:
         f8:b4:49:e8:2f:a7:15:b9:de:f9:a0:91:95:59:e0:de:90:30:
         b1:20:c8:a9:d9:55:c9:9c:87:2f:02:c8:68:c1:6b:ae:b8:cd:
         7a:0f:9a:d3:8a:34:cf:2e:a9:81:77:80:fe:c9:98:ab:36:ea:
         bc:0b:55:6a:20:55:80:c0:49:13:1c:ba:85:1e:99:20:4e:b0:
         a5:ee:d7:ca:d9:ab:b5:38:80:38:46:ac:88:b5:44:83:0d:c5:
         1d:dd:66:e0:40:68:d5:64:53:3f:7b:5f:44:51:db:a3:5a:49:
         a3:91:a4:41:75:87:c0:fd:ed:43:ba:36:81:3c:b0:7f:23:46:
         e7:a1:3c:b1:9c:a8:52:63:aa:83:fd:65:fe:75:b2:5c:71:c5:
         53:4f:c2:a8
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUK3iNysJ/hYcMLChBfawVt64SUOkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDFGRkJDODZCMjVCNDg3NzM2MjM1QzVDQTBENkREMDA0
QzBDQUE2QTAeFw0yNDAzMDUxNzQwMzBaFw0yNTAzMDQxNzQ1MzBaMDMxMTAvBgNV
BAMTKDQ1MjY4REU2NTJDRkQwRjgwMjFBNURCREI1REM0MjU1NkRGRDUwNzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgKumC2xcuoXEBx8lymjD0BgfI
p3UJdhG/FDhQWNsHko/ZvXbkpbfUP/jk1kPssd+RccdFPJLaff09+KNNYTjJBjgB
Ld6j06RomnSj1tfQKV7CU2XSqC1/nQ3NON8mYfX1d0qsoJp7zfd6WzMGQ0kcu28D
Xkw7ewLp6cBV5b/nyRRUw+Z4Rt/Z4cQJF7ntjYd13GdSmC8XvkV+ON3UyqsIIBLw
Xa5N3WkhRMpvarYmPYZ5nIgygwGk9P+fBZlgaPEymHZ4Wrsk/v98ybUo7rjoE86Z
QCh5I4bTuCJsdKh+MAX7TGcKKZsEge9E6Y91tdBd578z9r1/Ret0Lq8wSLJXAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQURSaN5lLP0PgCGl29tdxCVW39UHAwHwYDVR0j
BBgwFoAU0f+8hrJbSHc2I1xcoNbdAEwMqmowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zMEEyRjQzRjNGQjU2OTQ0RjMxRjhFNzQ4OTI3NjlBMEQy
Q0ZDMkIwMDgxMEJDMEZFMEQ3RTg2MTc4Rjk5QkYzLzAvRDFGRkJDODZCMjVCNDg3
NzM2MjM1QzVDQTBENkREMDA0QzBDQUE2QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMUZGQkM4NkIyNUI0ODc3MzYy
MzVDNUNBMEQ2REQwMDRDMENBQTZBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzBBMkY0M0YzRkI1Njk0NEYzMUY4RTc0ODkyNzY5QTBEMkNGQzJCMDA4
MTBCQzBGRTBEN0U4NjE3OEY5OUJGMy8wLzM0MzUyZTMxMzgzMTJlMzEzMjM4MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM0MzczNjM1LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLbWA
MA0GCSqGSIb3DQEBCwUAA4IBAQAok8TqwG/so6sUA7GzNnofcJP9kn0JlokSt2Ia
uwdsEyNPvyjGYfW+Q1H7T1PVz+wqxsJbi/fZlyFm9YYafxy8WD0S4Q6iT8EmKVin
2p1I+xZVY3WGooMqXzJUAa28GL6X+vExm92z9n3QUB74tEnoL6cVud75oJGVWeDe
kDCxIMip2VXJnIcvAshowWuuuM16D5rTijTPLqmBd4D+yZirNuq8C1VqIFWAwEkT
HLqFHpkgTrCl7tfK2au1OIA4RqyItUSDDcUd3WbgQGjVZFM/e19EUdujWkmjkaRB
dYfA/e1DujaBPLB/I0bnoTyxnKhSY6qD/WX+dbJcccVTT8Ko
-----END CERTIFICATE-----
Generated at Mon Jun 17 08:41:03 2024 by rpki-client on console-ams.rpki-client.org