Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/34171FFEFFD119D3640DAC769DB2DE3BE7308E74A2E551BE8917A5A8D241B031/0/34352e36352e3134392e302f32342d3234203d3e20323635373135.roa
File:                     34352e36352e3134392e302f32342d3234203d3e20323635373135.roa (raw, json)
Hash identifier:          al5Cl/7EP8v3YbmxCcay6PWxbU6Q7UXx/F+eCahzjSQ=
Subject key identifier:   6C:74:EA:B2:0C:29:92:F9:20:2E:74:2C:47:06:5A:7B:29:79:10:9E
Certificate issuer:       /CN=5998B120B3E73E1A83319F353329C3ABD0E1E67C
Certificate serial:       0E0B40ABD76CDF5A305336D4F0DF6002CF46E03E
Authority key identifier: 59:98:B1:20:B3:E7:3E:1A:83:31:9F:35:33:29:C3:AB:D0:E1:E6:7C
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5998B120B3E73E1A83319F353329C3ABD0E1E67C.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/34171FFEFFD119D3640DAC769DB2DE3BE7308E74A2E551BE8917A5A8D241B031/0/34352e36352e3134392e302f32342d3234203d3e20323635373135.roa
Signing time:             Tue 05 Mar 2024 18:02:44 +0000
ROA not before:           Tue 05 Mar 2024 17:57:44 +0000
ROA not after:            Tue 04 Mar 2025 18:02:44 +0000
asID:                     265715
IP address blocks:        45.65.149.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/34171FFEFFD119D3640DAC769DB2DE3BE7308E74A2E551BE8917A5A8D241B031/0/5998B120B3E73E1A83319F353329C3ABD0E1E67C.crl
                          rsync://repository.lacnic.net/rpki/lacnic/34171FFEFFD119D3640DAC769DB2DE3BE7308E74A2E551BE8917A5A8D241B031/0/5998B120B3E73E1A83319F353329C3ABD0E1E67C.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5998B120B3E73E1A83319F353329C3ABD0E1E67C.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:0b:40:ab:d7:6c:df:5a:30:53:36:d4:f0:df:60:02:cf:46:e0:3e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5998B120B3E73E1A83319F353329C3ABD0E1E67C
        Validity
            Not Before: Mar  5 17:57:44 2024 GMT
            Not After : Mar  4 18:02:44 2025 GMT
        Subject: CN=6C74EAB20C2992F9202E742C47065A7B2979109E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:24:fa:f2:a4:c0:a8:3a:a7:e2:c8:88:61:6f:
                    ca:ab:88:2a:9f:89:f6:de:97:db:64:1c:5b:f9:47:
                    a7:b8:d2:62:9f:16:2a:e5:56:32:3a:4f:a8:7d:14:
                    78:39:dc:fe:da:1e:b1:9d:37:e9:00:a2:65:90:8b:
                    22:e2:f2:3d:7c:df:f2:8b:73:5a:95:00:19:12:ab:
                    57:56:b3:15:9d:a9:4d:f2:e5:36:72:3a:5a:2c:c8:
                    47:b0:e7:6c:5e:c9:e8:d4:05:6e:02:f8:cd:53:01:
                    4e:07:44:e2:f1:81:98:5f:b5:54:f8:3b:ce:e7:12:
                    3b:45:15:6e:29:d8:d0:f3:aa:18:90:a5:f9:04:f6:
                    58:8f:51:94:3e:66:49:b6:7c:82:29:02:c0:1d:a6:
                    0a:f3:0e:01:62:98:64:f9:bc:3f:73:e4:0e:30:b5:
                    4b:31:f0:cb:82:19:11:89:97:b4:f0:5d:40:9a:d1:
                    1d:00:a8:c0:61:3c:bf:d2:92:23:b4:b0:ab:a4:a8:
                    dc:55:f8:24:c5:bc:91:bb:2f:57:05:99:59:5b:ed:
                    dc:e1:3c:e9:6e:1f:e3:e7:a2:4c:8b:49:7e:35:12:
                    cb:9d:ff:64:2b:5c:7e:ad:d4:d3:9d:01:32:9e:34:
                    79:79:c6:04:7f:bb:c4:f9:84:94:f4:cb:3e:cf:ff:
                    62:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:74:EA:B2:0C:29:92:F9:20:2E:74:2C:47:06:5A:7B:29:79:10:9E
            X509v3 Authority Key Identifier:
                keyid:59:98:B1:20:B3:E7:3E:1A:83:31:9F:35:33:29:C3:AB:D0:E1:E6:7C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/34171FFEFFD119D3640DAC769DB2DE3BE7308E74A2E551BE8917A5A8D241B031/0/5998B120B3E73E1A83319F353329C3ABD0E1E67C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/5998B120B3E73E1A83319F353329C3ABD0E1E67C.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/34171FFEFFD119D3640DAC769DB2DE3BE7308E74A2E551BE8917A5A8D241B031/0/34352e36352e3134392e302f32342d3234203d3e20323635373135.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.65.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2c:35:57:d2:af:13:13:59:84:6c:fc:a8:fd:4d:2d:6c:69:9d:
         41:d4:5a:57:b5:6b:e3:1a:4c:9c:f5:09:31:a1:5c:5c:5d:44:
         77:54:69:e2:74:38:a7:14:77:40:80:42:73:d0:2a:d6:5e:aa:
         92:04:7e:23:58:30:c2:0d:75:2e:93:46:3c:65:d4:be:65:65:
         d4:fb:e2:16:16:68:e6:52:3f:f6:da:41:fd:fd:25:7a:f2:dc:
         ab:3c:b5:91:e5:a2:be:fe:2d:3b:9a:f0:6b:77:0b:5a:76:26:
         65:7b:10:40:45:dc:97:33:e6:e9:b9:ab:da:07:05:bd:83:2c:
         d6:cf:e8:b2:d7:3b:dc:bf:7f:9c:6d:83:0f:d5:7b:77:51:73:
         10:6a:e3:ae:9c:9e:a0:78:ba:17:da:04:e6:a5:57:a4:46:3f:
         03:85:af:26:87:08:fb:61:4f:db:09:eb:23:bd:7e:97:24:9f:
         26:72:e0:46:68:1e:a8:7e:00:3a:62:33:30:7f:85:b9:13:ca:
         b0:6a:a9:52:ec:59:31:74:ee:a9:d8:1b:6c:39:9c:f1:8b:e1:
         0f:ac:bd:9e:f0:95:f8:92:7a:d6:f7:cb:f8:4a:61:3c:28:bc:
         61:c3:d0:60:da:a5:98:b6:99:02:7b:3b:af:e5:fc:65:f5:c9:
         ce:5c:a1:e6
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUDgtAq9ds31owUzbU8N9gAs9G4D4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTk5OEIxMjBCM0U3M0UxQTgzMzE5RjM1MzMyOUMzQUJE
MEUxRTY3QzAeFw0yNDAzMDUxNzU3NDRaFw0yNTAzMDQxODAyNDRaMDMxMTAvBgNV
BAMTKDZDNzRFQUIyMEMyOTkyRjkyMDJFNzQyQzQ3MDY1QTdCMjk3OTEwOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNJPrypMCoOqfiyIhhb8qriCqf
ifbel9tkHFv5R6e40mKfFirlVjI6T6h9FHg53P7aHrGdN+kAomWQiyLi8j183/KL
c1qVABkSq1dWsxWdqU3y5TZyOlosyEew52xeyejUBW4C+M1TAU4HROLxgZhftVT4
O87nEjtFFW4p2NDzqhiQpfkE9liPUZQ+Zkm2fIIpAsAdpgrzDgFimGT5vD9z5A4w
tUsx8MuCGRGJl7TwXUCa0R0AqMBhPL/SkiO0sKukqNxV+CTFvJG7L1cFmVlb7dzh
POluH+PnokyLSX41Esud/2QrXH6t1NOdATKeNHl5xgR/u8T5hJT0yz7P/2LLAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUbHTqsgwpkvkgLnQsRwZaeyl5EJ4wHwYDVR0j
BBgwFoAUWZixILPnPhqDMZ81MynDq9Dh5nwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNDE3MUZGRUZGRDExOUQzNjQwREFDNzY5REIyREUzQkU3
MzA4RTc0QTJFNTUxQkU4OTE3QTVBOEQyNDFCMDMxLzAvNTk5OEIxMjBCM0U3M0Ux
QTgzMzE5RjM1MzMyOUMzQUJEMEUxRTY3Qy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC81OTk4QjEyMEIzRTczRTFBODMz
MTlGMzUzMzI5QzNBQkQwRTFFNjdDLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzQxNzFGRkVGRkQxMTlEMzY0MERBQzc2OURCMkRFM0JFNzMwOEU3NEEy
RTU1MUJFODkxN0E1QThEMjQxQjAzMS8wLzM0MzUyZTM2MzUyZTMxMzQzOTJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzNTM3MzEzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC1BlTAN
BgkqhkiG9w0BAQsFAAOCAQEALDVX0q8TE1mEbPyo/U0tbGmdQdRaV7Vr4xpMnPUJ
MaFcXF1Ed1Rp4nQ4pxR3QIBCc9Aq1l6qkgR+I1gwwg11LpNGPGXUvmVl1PviFhZo
5lI/9tpB/f0levLcqzy1keWivv4tO5rwa3cLWnYmZXsQQEXclzPm6bmr2gcFvYMs
1s/ostc73L9/nG2DD9V7d1FzEGrjrpyeoHi6F9oE5qVXpEY/A4WvJocI+2FP2wnr
I71+lySfJnLgRmgeqH4AOmIzMH+FuRPKsGqpUuxZMXTuqdgbbDmc8YvhD6y9nvCV
+JJ61vfL+EphPCi8YcPQYNqlmLaZAns7r+X8ZfXJzlyh5g==
-----END CERTIFICATE-----
Generated at Thu Nov 21 09:07:22 2024 by rpki-client on console-ams.rpki-client.org