Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3816577243AA72C5487729A69C85807DF313F50A25F48F861A626F1307DDB51C/0/34352e3232352e3234392e302f32342d3234203d3e20323732313332.roa
File:                     34352e3232352e3234392e302f32342d3234203d3e20323732313332.roa (raw, json)
Hash identifier:          P2I/0Cb9N4+HZSfwVThjkv53v8HiOFQ57Qd1mLnHQ8A=
Subject key identifier:   C6:E7:CD:2B:5D:BD:98:DB:4F:CA:D5:65:00:0D:24:EE:3D:9D:24:86
Certificate issuer:       /CN=A85D1774E80F4CB0427BCEB9864ACD860B83AA04
Certificate serial:       280286388C75BA86763A9D552EAF23F4FBCB5B80
Authority key identifier: A8:5D:17:74:E8:0F:4C:B0:42:7B:CE:B9:86:4A:CD:86:0B:83:AA:04
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A85D1774E80F4CB0427BCEB9864ACD860B83AA04.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3816577243AA72C5487729A69C85807DF313F50A25F48F861A626F1307DDB51C/0/34352e3232352e3234392e302f32342d3234203d3e20323732313332.roa
Signing time:             Tue 05 Mar 2024 17:45:40 +0000
ROA not before:           Tue 05 Mar 2024 17:40:40 +0000
ROA not after:            Tue 04 Mar 2025 17:45:40 +0000
asID:                     272132
IP address blocks:        45.225.249.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3816577243AA72C5487729A69C85807DF313F50A25F48F861A626F1307DDB51C/0/A85D1774E80F4CB0427BCEB9864ACD860B83AA04.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3816577243AA72C5487729A69C85807DF313F50A25F48F861A626F1307DDB51C/0/A85D1774E80F4CB0427BCEB9864ACD860B83AA04.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A85D1774E80F4CB0427BCEB9864ACD860B83AA04.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 28 Nov 2024 11:07:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:02:86:38:8c:75:ba:86:76:3a:9d:55:2e:af:23:f4:fb:cb:5b:80
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A85D1774E80F4CB0427BCEB9864ACD860B83AA04
        Validity
            Not Before: Mar  5 17:40:40 2024 GMT
            Not After : Mar  4 17:45:40 2025 GMT
        Subject: CN=C6E7CD2B5DBD98DB4FCAD565000D24EE3D9D2486
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:50:8d:a5:65:86:2f:e7:54:dd:aa:73:7a:12:
                    56:1a:48:b5:45:8c:72:0b:03:8d:41:35:37:6c:7f:
                    b3:b8:88:63:69:30:5e:ec:d1:73:8e:4b:a9:4f:27:
                    3c:2c:74:0b:86:ce:1a:33:38:a7:94:e9:fb:03:f2:
                    9f:e7:6d:f5:dd:31:b0:bb:12:89:f7:d4:ed:b6:fa:
                    3a:52:23:ff:7c:5b:de:e1:33:66:3b:92:4a:89:d3:
                    93:57:ba:5d:cc:65:ba:85:cb:9d:f4:53:4e:81:3e:
                    cd:23:e0:8a:62:f6:5c:26:cd:ca:6f:b5:ca:4f:16:
                    68:86:1f:e9:60:a3:b3:b8:45:69:8c:60:e7:76:26:
                    9b:4a:8c:45:cd:70:15:54:1b:4f:0b:59:18:2f:aa:
                    e5:ee:9e:89:fb:2e:4e:7f:da:70:22:4f:21:3d:f3:
                    23:0a:82:1d:bf:30:b2:29:a2:2a:04:92:44:4e:ad:
                    5d:93:8d:f3:bd:56:57:17:4a:e5:b1:5e:d1:ac:ae:
                    fd:0a:fd:9e:37:78:31:9f:92:4c:dc:42:2b:b6:0b:
                    c1:76:6d:55:73:42:dc:6d:b0:fb:f8:62:ba:1d:92:
                    34:90:fb:51:ee:98:e6:87:58:25:53:99:fa:16:9c:
                    84:1a:5f:8b:69:32:63:6e:9f:f1:25:67:e5:99:e2:
                    85:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:E7:CD:2B:5D:BD:98:DB:4F:CA:D5:65:00:0D:24:EE:3D:9D:24:86
            X509v3 Authority Key Identifier:
                keyid:A8:5D:17:74:E8:0F:4C:B0:42:7B:CE:B9:86:4A:CD:86:0B:83:AA:04

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3816577243AA72C5487729A69C85807DF313F50A25F48F861A626F1307DDB51C/0/A85D1774E80F4CB0427BCEB9864ACD860B83AA04.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A85D1774E80F4CB0427BCEB9864ACD860B83AA04.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3816577243AA72C5487729A69C85807DF313F50A25F48F861A626F1307DDB51C/0/34352e3232352e3234392e302f32342d3234203d3e20323732313332.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.225.249.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0a:01:6d:ff:00:e7:65:15:73:6b:17:85:82:19:b9:e6:d2:15:
         bc:20:0f:a3:00:f1:e3:a5:29:bb:b5:8a:ca:9c:da:0f:21:7e:
         28:72:af:cd:b8:9d:39:e8:12:5e:42:9e:fc:eb:2a:3f:ae:ff:
         07:fc:4e:72:f8:a8:32:74:21:ee:9d:0e:53:11:d2:08:5b:32:
         e7:7b:c6:a0:d1:c0:85:1b:61:5e:a9:d6:6f:e1:db:e2:4a:6c:
         79:93:f1:d7:4b:93:d9:cf:c2:64:c7:49:22:64:b7:30:f4:0c:
         37:05:58:e4:39:1e:30:d1:73:25:b2:16:b0:48:7b:9e:d7:1f:
         53:dc:12:9a:23:26:4b:09:5d:d7:5c:fa:c8:f4:4b:d9:eb:a4:
         1c:cb:80:5d:3c:a1:f4:91:34:fc:44:ec:33:bb:ec:b1:e2:e2:
         0e:b2:07:e3:df:d1:86:40:b9:b2:de:54:f9:72:bc:07:a4:74:
         aa:05:c4:91:71:01:0a:e6:cc:5f:6b:50:c1:91:b0:ad:02:76:
         f2:69:ed:f5:8c:90:52:e8:9f:c1:a7:2e:ce:0b:fa:f4:6c:f5:
         2b:e8:50:4d:6c:c7:3f:72:f3:e8:9a:a4:08:90:b2:ed:ac:e3:
         f2:16:18:84:5e:dd:c7:43:43:c9:eb:4c:e6:29:9f:41:eb:cd:
         c2:1d:5e:b6
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUKAKGOIx1uoZ2Op1VLq8j9PvLW4AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTg1RDE3NzRFODBGNENCMDQyN0JDRUI5ODY0QUNEODYw
QjgzQUEwNDAeFw0yNDAzMDUxNzQwNDBaFw0yNTAzMDQxNzQ1NDBaMDMxMTAvBgNV
BAMTKEM2RTdDRDJCNURCRDk4REI0RkNBRDU2NTAwMEQyNEVFM0Q5RDI0ODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKUI2lZYYv51TdqnN6ElYaSLVF
jHILA41BNTdsf7O4iGNpMF7s0XOOS6lPJzwsdAuGzhozOKeU6fsD8p/nbfXdMbC7
Eon31O22+jpSI/98W97hM2Y7kkqJ05NXul3MZbqFy530U06BPs0j4Ipi9lwmzcpv
tcpPFmiGH+lgo7O4RWmMYOd2JptKjEXNcBVUG08LWRgvquXunon7Lk5/2nAiTyE9
8yMKgh2/MLIpoioEkkROrV2TjfO9VlcXSuWxXtGsrv0K/Z43eDGfkkzcQiu2C8F2
bVVzQtxtsPv4YrodkjSQ+1HumOaHWCVTmfoWnIQaX4tpMmNun/ElZ+WZ4oWZAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUxufNK129mNtPytVlAA0k7j2dJIYwHwYDVR0j
BBgwFoAUqF0XdOgPTLBCe865hkrNhguDqgQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zODE2NTc3MjQzQUE3MkM1NDg3NzI5QTY5Qzg1ODA3REYz
MTNGNTBBMjVGNDhGODYxQTYyNkYxMzA3RERCNTFDLzAvQTg1RDE3NzRFODBGNENC
MDQyN0JDRUI5ODY0QUNEODYwQjgzQUEwNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BODVEMTc3NEU4MEY0Q0IwNDI3
QkNFQjk4NjRBQ0Q4NjBCODNBQTA0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMzgxNjU3NzI0M0FBNzJDNTQ4NzcyOUE2OUM4NTgwN0RGMzEzRjUwQTI1
RjQ4Rjg2MUE2MjZGMTMwN0REQjUxQy8wLzM0MzUyZTMyMzIzNTJlMzIzNDM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzMyMzEzMzMyLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALeH5
MA0GCSqGSIb3DQEBCwUAA4IBAQAKAW3/AOdlFXNrF4WCGbnm0hW8IA+jAPHjpSm7
tYrKnNoPIX4ocq/NuJ056BJeQp786yo/rv8H/E5y+KgydCHunQ5TEdIIWzLne8ag
0cCFG2FeqdZv4dviSmx5k/HXS5PZz8Jkx0kiZLcw9Aw3BVjkOR4w0XMlshawSHue
1x9T3BKaIyZLCV3XXPrI9EvZ66Qcy4BdPKH0kTT8ROwzu+yx4uIOsgfj39GGQLmy
3lT5crwHpHSqBcSRcQEK5sxfa1DBkbCtAnbyae31jJBS6J/Bpy7OC/r0bPUr6FBN
bMc/cvPomqQIkLLtrOPyFhiEXt3HQ0PJ60zmKZ9B683CHV62
-----END CERTIFICATE-----
Generated at Sun Nov 24 08:01:27 2024 by rpki-client on console-fra.rpki-client.org