Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/354A3E4D205849409AD697183E6B77310BBE00D4D1FFB5CDD63E3E7C339BB10D/0/34352e3136352e3135342e302f32332d3233203d3e20323635383136.roa
File:                     34352e3136352e3135342e302f32332d3233203d3e20323635383136.roa (raw, json)
Hash identifier:          91CITAZfyWa3oQR+PhcDDHMzuuPCALkrGagB9QgheM0=
Subject key identifier:   BD:80:E7:E4:AB:EC:7E:5A:9D:C6:92:0D:62:6B:EE:7C:96:EC:6F:9D
Certificate issuer:       /CN=1D659E7F406978CCF0042D2379FC560A6CE966A1
Certificate serial:       22DE9F06782B03D73B56C80224F91AF2E39175AD
Authority key identifier: 1D:65:9E:7F:40:69:78:CC:F0:04:2D:23:79:FC:56:0A:6C:E9:66:A1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1D659E7F406978CCF0042D2379FC560A6CE966A1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/354A3E4D205849409AD697183E6B77310BBE00D4D1FFB5CDD63E3E7C339BB10D/0/34352e3136352e3135342e302f32332d3233203d3e20323635383136.roa
Signing time:             Tue 05 Mar 2024 17:50:11 +0000
ROA not before:           Tue 05 Mar 2024 17:45:11 +0000
ROA not after:            Tue 04 Mar 2025 17:50:11 +0000
asID:                     265816
IP address blocks:        45.165.154.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/354A3E4D205849409AD697183E6B77310BBE00D4D1FFB5CDD63E3E7C339BB10D/0/1D659E7F406978CCF0042D2379FC560A6CE966A1.crl
                          rsync://repository.lacnic.net/rpki/lacnic/354A3E4D205849409AD697183E6B77310BBE00D4D1FFB5CDD63E3E7C339BB10D/0/1D659E7F406978CCF0042D2379FC560A6CE966A1.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1D659E7F406978CCF0042D2379FC560A6CE966A1.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:de:9f:06:78:2b:03:d7:3b:56:c8:02:24:f9:1a:f2:e3:91:75:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1D659E7F406978CCF0042D2379FC560A6CE966A1
        Validity
            Not Before: Mar  5 17:45:11 2024 GMT
            Not After : Mar  4 17:50:11 2025 GMT
        Subject: CN=BD80E7E4ABEC7E5A9DC6920D626BEE7C96EC6F9D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:7c:f9:f1:c8:b4:fd:92:56:b8:5e:4b:5c:3e:
                    22:83:f5:46:e8:92:6b:f8:44:e8:ef:c6:98:aa:73:
                    02:49:3b:25:64:dc:14:84:69:5b:87:74:58:80:69:
                    ef:22:fd:35:6a:c5:21:46:c2:08:92:be:f4:13:17:
                    5c:0c:9a:93:35:bc:5f:bf:ee:3a:9b:dd:82:9b:c1:
                    73:33:d1:fa:00:f2:15:ed:0b:0d:75:34:28:11:80:
                    de:ce:b2:80:7b:7b:e7:6f:d3:a0:a7:79:8b:3c:15:
                    c6:3d:4a:07:1e:07:ed:52:95:64:7f:82:ce:72:ab:
                    f7:1d:08:7e:52:53:8c:0e:bb:97:4f:59:1c:42:85:
                    85:03:4a:8b:73:c0:ba:4d:af:32:03:4e:aa:d6:e2:
                    35:fb:60:33:dd:c4:71:57:b4:a6:26:c9:34:15:e6:
                    0d:f1:23:bc:4f:0e:b7:6e:5b:58:e8:c3:81:9d:95:
                    4b:be:7d:30:f4:eb:9f:a6:8b:7a:5f:ae:87:d8:b7:
                    66:03:0d:d6:1a:c3:50:c4:8b:c8:b2:77:68:3a:6d:
                    87:4e:6d:43:61:2e:4b:04:7d:46:66:61:2a:db:07:
                    e9:08:02:85:40:d3:57:85:02:c9:69:a3:14:a4:b1:
                    27:43:6f:56:60:19:99:6a:ce:e0:9d:99:c5:fb:2e:
                    f0:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:80:E7:E4:AB:EC:7E:5A:9D:C6:92:0D:62:6B:EE:7C:96:EC:6F:9D
            X509v3 Authority Key Identifier:
                keyid:1D:65:9E:7F:40:69:78:CC:F0:04:2D:23:79:FC:56:0A:6C:E9:66:A1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/354A3E4D205849409AD697183E6B77310BBE00D4D1FFB5CDD63E3E7C339BB10D/0/1D659E7F406978CCF0042D2379FC560A6CE966A1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1D659E7F406978CCF0042D2379FC560A6CE966A1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/354A3E4D205849409AD697183E6B77310BBE00D4D1FFB5CDD63E3E7C339BB10D/0/34352e3136352e3135342e302f32332d3233203d3e20323635383136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.165.154.0/23

    Signature Algorithm: sha256WithRSAEncryption
         33:20:f7:df:6e:9d:3a:b0:f9:6c:eb:6e:0e:aa:55:0f:80:41:
         cb:99:db:8b:d2:dc:a0:e0:24:67:55:7e:c5:55:ae:3e:e4:01:
         cf:a1:19:c9:94:30:2a:27:25:da:02:38:8f:2d:24:25:a6:b6:
         d3:65:d4:c9:2e:77:5d:3f:d0:34:f1:ac:c2:ea:6e:36:e5:d7:
         e2:04:f0:62:30:d8:96:8f:aa:be:57:6b:03:22:4e:4f:78:b8:
         ee:c6:3c:fe:95:69:05:ee:1c:c0:e1:61:89:21:ef:e3:a7:f5:
         c6:e3:82:dd:46:54:dd:9b:38:2a:3b:4c:6b:45:0b:ab:57:35:
         f2:21:a8:65:16:2a:fa:fd:36:1f:38:39:80:d2:b5:b8:33:b1:
         41:a5:83:91:96:b2:0e:b6:01:a2:b4:ef:2c:51:78:40:28:96:
         66:9d:e0:9a:a5:c5:89:c9:6d:ad:13:db:09:c6:69:d6:09:f6:
         77:6f:09:7f:fb:ad:c1:4d:eb:0e:c0:3f:e0:74:2f:99:5c:99:
         ef:92:ab:87:f2:fa:ff:4b:49:1a:bd:4d:76:4e:97:83:06:db:
         8b:4e:ee:a9:a2:0e:61:68:95:8c:64:16:c4:29:c9:de:25:3c:
         e0:8b:2f:b7:e6:be:4f:18:71:ee:dd:da:5d:1b:cc:b0:63:12:
         dd:39:bf:f4
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUIt6fBngrA9c7VsgCJPka8uORda0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUQ2NTlFN0Y0MDY5NzhDQ0YwMDQyRDIzNzlGQzU2MEE2
Q0U5NjZBMTAeFw0yNDAzMDUxNzQ1MTFaFw0yNTAzMDQxNzUwMTFaMDMxMTAvBgNV
BAMTKEJEODBFN0U0QUJFQzdFNUE5REM2OTIwRDYyNkJFRTdDOTZFQzZGOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTfPnxyLT9kla4XktcPiKD9Ubo
kmv4ROjvxpiqcwJJOyVk3BSEaVuHdFiAae8i/TVqxSFGwgiSvvQTF1wMmpM1vF+/
7jqb3YKbwXMz0foA8hXtCw11NCgRgN7OsoB7e+dv06CneYs8FcY9SgceB+1SlWR/
gs5yq/cdCH5SU4wOu5dPWRxChYUDSotzwLpNrzIDTqrW4jX7YDPdxHFXtKYmyTQV
5g3xI7xPDrduW1jow4GdlUu+fTD065+mi3pfrofYt2YDDdYaw1DEi8iyd2g6bYdO
bUNhLksEfUZmYSrbB+kIAoVA01eFAslpoxSksSdDb1ZgGZlqzuCdmcX7LvBfAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUvYDn5KvsflqdxpINYmvufJbsb50wHwYDVR0j
BBgwFoAUHWWef0BpeMzwBC0jefxWCmzpZqEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zNTRBM0U0RDIwNTg0OTQwOUFENjk3MTgzRTZCNzczMTBC
QkUwMEQ0RDFGRkI1Q0RENjNFM0U3QzMzOUJCMTBELzAvMUQ2NTlFN0Y0MDY5NzhD
Q0YwMDQyRDIzNzlGQzU2MEE2Q0U5NjZBMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRDY1OUU3RjQwNjk3OENDRjAw
NDJEMjM3OUZDNTYwQTZDRTk2NkExLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzU0QTNFNEQyMDU4NDk0MDlBRDY5NzE4M0U2Qjc3MzEwQkJFMDBENEQx
RkZCNUNERDYzRTNFN0MzMzlCQjEwRC8wLzM0MzUyZTMxMzYzNTJlMzEzNTM0MmUz
MDJmMzIzMzJkMzIzMzIwM2QzZTIwMzIzNjM1MzgzMTM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLaWa
MA0GCSqGSIb3DQEBCwUAA4IBAQAzIPffbp06sPls624OqlUPgEHLmduL0tyg4CRn
VX7FVa4+5AHPoRnJlDAqJyXaAjiPLSQlprbTZdTJLnddP9A08azC6m425dfiBPBi
MNiWj6q+V2sDIk5PeLjuxjz+lWkF7hzA4WGJIe/jp/XG44LdRlTdmzgqO0xrRQur
VzXyIahlFir6/TYfODmA0rW4M7FBpYORlrIOtgGitO8sUXhAKJZmneCapcWJyW2t
E9sJxmnWCfZ3bwl/+63BTesOwD/gdC+ZXJnvkquH8vr/S0kavU12TpeDBtuLTu6p
og5haJWMZBbEKcneJTzgiy+35r5PGHHu3dpdG8ywYxLdOb/0
-----END CERTIFICATE-----
Generated at Wed Nov 20 13:43:34 2024 by rpki-client on console-ams.rpki-client.org