Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3D597C5D3A278EA56F9B0B669807AF2EA429D758CF27567E05936C3E80DC3CFE/0/34352e3232342e3132342e302f32322d3234203d3e203532333237.roa
File:                     34352e3232342e3132342e302f32322d3234203d3e203532333237.roa (raw, json)
Hash identifier:          7wQiP/M8694BlNpRFjqaUBKPf8M4LJZjGOr4B5SF+Dk=
Subject key identifier:   28:0D:7F:C2:03:BA:59:4F:20:5C:5B:DA:E6:E9:62:D3:7D:E5:D5:EB
Certificate issuer:       /CN=6C43D070D53868DD0F1A352EAB84A7642B5CEF73
Certificate serial:       78DCB5B67EE5EA62DB804E60DBE7A51FCD085BD2
Authority key identifier: 6C:43:D0:70:D5:38:68:DD:0F:1A:35:2E:AB:84:A7:64:2B:5C:EF:73
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6C43D070D53868DD0F1A352EAB84A7642B5CEF73.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3D597C5D3A278EA56F9B0B669807AF2EA429D758CF27567E05936C3E80DC3CFE/0/34352e3232342e3132342e302f32322d3234203d3e203532333237.roa
Signing time:             Wed 06 Mar 2024 18:35:00 +0000
ROA not before:           Wed 06 Mar 2024 18:30:00 +0000
ROA not after:            Wed 05 Mar 2025 18:35:00 +0000
asID:                     52327
IP address blocks:        45.224.124.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3D597C5D3A278EA56F9B0B669807AF2EA429D758CF27567E05936C3E80DC3CFE/0/6C43D070D53868DD0F1A352EAB84A7642B5CEF73.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3D597C5D3A278EA56F9B0B669807AF2EA429D758CF27567E05936C3E80DC3CFE/0/6C43D070D53868DD0F1A352EAB84A7642B5CEF73.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6C43D070D53868DD0F1A352EAB84A7642B5CEF73.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 21 Jul 2024 04:10:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:dc:b5:b6:7e:e5:ea:62:db:80:4e:60:db:e7:a5:1f:cd:08:5b:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6C43D070D53868DD0F1A352EAB84A7642B5CEF73
        Validity
            Not Before: Mar  6 18:30:00 2024 GMT
            Not After : Mar  5 18:35:00 2025 GMT
        Subject: CN=280D7FC203BA594F205C5BDAE6E962D37DE5D5EB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f1:d6:49:62:a9:e3:9d:6e:e9:a6:54:8a:c7:ca:
                    cf:19:af:44:89:b9:f2:a9:92:f2:b2:3e:22:1e:02:
                    da:38:e1:88:1c:64:7b:5d:4d:13:7d:e8:bb:f2:56:
                    52:65:91:dd:d9:4d:c6:be:37:d8:06:48:92:5b:d1:
                    65:4e:7c:50:a1:89:84:ff:88:13:ed:27:1c:df:7c:
                    8b:71:60:c9:46:c0:2e:9e:e0:50:2b:c0:fe:ad:43:
                    d9:55:1d:67:71:1f:30:8c:1f:04:6e:3d:16:6b:32:
                    11:9c:d3:28:95:f4:75:07:04:cc:3b:c7:78:d0:74:
                    c7:d9:93:28:3e:a0:ff:02:ed:28:25:98:d2:24:4b:
                    28:40:6c:f7:b0:c7:ce:13:66:f2:ba:b1:bf:b7:d4:
                    6b:e7:78:d2:53:90:f2:87:34:1f:95:47:57:b7:b0:
                    6a:2b:ad:7d:07:01:03:b0:3b:05:61:13:70:c8:f8:
                    40:69:58:6a:81:3b:c1:6d:d4:00:37:f8:97:ca:fa:
                    9c:0b:ae:b2:f7:e4:d8:4c:83:ee:c4:2e:9b:6d:a9:
                    6d:31:0e:c8:51:4f:1e:00:11:f7:41:73:bb:4c:7f:
                    56:6b:99:22:58:a3:f7:05:82:8b:9f:a5:3d:3c:91:
                    8e:b6:7b:de:ea:24:26:ce:83:60:6c:36:c6:35:b1:
                    07:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:0D:7F:C2:03:BA:59:4F:20:5C:5B:DA:E6:E9:62:D3:7D:E5:D5:EB
            X509v3 Authority Key Identifier:
                keyid:6C:43:D0:70:D5:38:68:DD:0F:1A:35:2E:AB:84:A7:64:2B:5C:EF:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3D597C5D3A278EA56F9B0B669807AF2EA429D758CF27567E05936C3E80DC3CFE/0/6C43D070D53868DD0F1A352EAB84A7642B5CEF73.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6C43D070D53868DD0F1A352EAB84A7642B5CEF73.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3D597C5D3A278EA56F9B0B669807AF2EA429D758CF27567E05936C3E80DC3CFE/0/34352e3232342e3132342e302f32322d3234203d3e203532333237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.224.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2b:41:55:66:d7:11:d7:f9:db:34:a4:48:f3:db:ff:53:e1:e5:
         55:33:9b:b9:d2:68:e1:2d:49:e2:86:6b:e2:fe:af:4d:35:d3:
         97:ab:40:97:ce:ac:e8:ab:ef:13:bb:3a:d2:63:cc:d8:f9:0b:
         a2:71:1d:cf:b7:43:a2:6f:d2:6b:50:06:55:00:0f:fe:e0:fa:
         51:04:a3:fe:81:b1:28:75:20:fe:3a:3d:20:3f:79:09:c1:97:
         b3:61:cc:cd:ae:ad:c2:23:b6:01:5e:43:f3:ff:eb:5f:f9:6d:
         f9:1d:c8:7c:20:df:3d:3d:54:ee:64:99:35:7c:c6:38:c2:87:
         68:3a:e1:0b:ed:e6:21:30:54:d2:5b:21:44:95:4c:29:6d:b1:
         54:69:e9:85:2b:a5:8c:82:03:0e:7d:72:20:c1:8c:75:07:45:
         cd:9b:e0:b7:2d:f7:9f:a6:03:c1:da:7a:53:a3:72:9c:89:62:
         c0:12:f0:21:90:17:ea:d1:79:7a:9f:c3:25:7a:ee:13:7b:6a:
         1c:88:f3:f7:96:d5:d3:60:bf:6c:33:a0:c9:2d:e6:af:cf:10:
         58:90:c0:be:fe:a6:88:89:8c:00:96:9f:ce:31:ca:14:84:f2:
         84:a6:ef:17:f9:c0:61:6b:ec:3f:41:74:58:2f:de:2f:b1:e9:
         bc:a4:9f:79
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUeNy1tn7l6mLbgE5g2+elH80IW9IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkM0M0QwNzBENTM4NjhERDBGMUEzNTJFQUI4NEE3NjQy
QjVDRUY3MzAeFw0yNDAzMDYxODMwMDBaFw0yNTAzMDUxODM1MDBaMDMxMTAvBgNV
BAMTKDI4MEQ3RkMyMDNCQTU5NEYyMDVDNUJEQUU2RTk2MkQzN0RFNUQ1RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDx1kliqeOdbummVIrHys8Zr0SJ
ufKpkvKyPiIeAto44YgcZHtdTRN96LvyVlJlkd3ZTca+N9gGSJJb0WVOfFChiYT/
iBPtJxzffItxYMlGwC6e4FArwP6tQ9lVHWdxHzCMHwRuPRZrMhGc0yiV9HUHBMw7
x3jQdMfZkyg+oP8C7SglmNIkSyhAbPewx84TZvK6sb+31GvneNJTkPKHNB+VR1e3
sGorrX0HAQOwOwVhE3DI+EBpWGqBO8Ft1AA3+JfK+pwLrrL35NhMg+7ELpttqW0x
DshRTx4AEfdBc7tMf1ZrmSJYo/cFgoufpT08kY62e97qJCbOg2BsNsY1sQd/AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUKA1/wgO6WU8gXFva5uli033l1eswHwYDVR0j
BBgwFoAUbEPQcNU4aN0PGjUuq4SnZCtc73MwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zRDU5N0M1RDNBMjc4RUE1NkY5QjBCNjY5ODA3QUYyRUE0
MjlENzU4Q0YyNzU2N0UwNTkzNkMzRTgwREMzQ0ZFLzAvNkM0M0QwNzBENTM4NjhE
RDBGMUEzNTJFQUI4NEE3NjQyQjVDRUY3My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82QzQzRDA3MEQ1Mzg2OEREMEYx
QTM1MkVBQjg0QTc2NDJCNUNFRjczLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0Q1OTdDNUQzQTI3OEVBNTZGOUIwQjY2OTgwN0FGMkVBNDI5RDc1OENG
Mjc1NjdFMDU5MzZDM0U4MERDM0NGRS8wLzM0MzUyZTMyMzIzNDJlMzEzMjM0MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzUzMjMzMzIzNy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi3gfDAN
BgkqhkiG9w0BAQsFAAOCAQEAK0FVZtcR1/nbNKRI89v/U+HlVTObudJo4S1J4oZr
4v6vTTXTl6tAl86s6KvvE7s60mPM2PkLonEdz7dDom/Sa1AGVQAP/uD6UQSj/oGx
KHUg/jo9ID95CcGXs2HMza6twiO2AV5D8//rX/lt+R3IfCDfPT1U7mSZNXzGOMKH
aDrhC+3mITBU0lshRJVMKW2xVGnphSuljIIDDn1yIMGMdQdFzZvgty33n6YDwdp6
U6NynIliwBLwIZAX6tF5ep/DJXruE3tqHIjz95bV02C/bDOgyS3mr88QWJDAvv6m
iImMAJafzjHKFITyhKbvF/nAYWvsP0F0WC/eL7HpvKSfeQ==
-----END CERTIFICATE-----
Generated at Tue Jul 16 23:58:28 2024 by rpki-client on console-fra.rpki-client.org