Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/3DF10705730A1E4D8C493F2790B6F69D6C13A14D111E91284DF88FABABEA2E82/0/34352e3137382e36382e302f32322d3232203d3e20323634373538.roa
File:                     34352e3137382e36382e302f32322d3232203d3e20323634373538.roa (raw, json)
Hash identifier:          0Q3tltU4MmyOG0VmcYjnJdxk4wTAMxfL2oHB7wri978=
Subject key identifier:   18:E6:70:A3:04:55:50:27:D3:33:63:0F:32:6A:7C:F3:C7:43:C9:7D
Certificate issuer:       /CN=DB636261E4B370BE1ABAE7E5B50921E00A6D5979
Certificate serial:       48DEA6B6AE2910EB95A4CC2D9126F4AB097D3EAC
Authority key identifier: DB:63:62:61:E4:B3:70:BE:1A:BA:E7:E5:B5:09:21:E0:0A:6D:59:79
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DB636261E4B370BE1ABAE7E5B50921E00A6D5979.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/3DF10705730A1E4D8C493F2790B6F69D6C13A14D111E91284DF88FABABEA2E82/0/34352e3137382e36382e302f32322d3232203d3e20323634373538.roa
Signing time:             Tue 19 Mar 2024 15:50:00 +0000
ROA not before:           Tue 19 Mar 2024 15:45:00 +0000
ROA not after:            Tue 18 Mar 2025 15:50:00 +0000
asID:                     264758
IP address blocks:        45.178.68.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/3DF10705730A1E4D8C493F2790B6F69D6C13A14D111E91284DF88FABABEA2E82/0/DB636261E4B370BE1ABAE7E5B50921E00A6D5979.crl
                          rsync://repository.lacnic.net/rpki/lacnic/3DF10705730A1E4D8C493F2790B6F69D6C13A14D111E91284DF88FABABEA2E82/0/DB636261E4B370BE1ABAE7E5B50921E00A6D5979.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DB636261E4B370BE1ABAE7E5B50921E00A6D5979.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:de:a6:b6:ae:29:10:eb:95:a4:cc:2d:91:26:f4:ab:09:7d:3e:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DB636261E4B370BE1ABAE7E5B50921E00A6D5979
        Validity
            Not Before: Mar 19 15:45:00 2024 GMT
            Not After : Mar 18 15:50:00 2025 GMT
        Subject: CN=18E670A304555027D333630F326A7CF3C743C97D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:88:7c:da:89:c4:99:81:41:ea:e3:39:56:f3:
                    99:af:9d:a8:de:e8:e5:8e:5b:10:87:24:03:85:ff:
                    ca:cd:c6:be:d3:e0:85:5b:a4:a0:3e:2d:e8:96:26:
                    6c:fd:a3:85:39:02:06:5f:b4:bd:ab:d3:57:8f:6b:
                    84:17:ca:9f:c4:7e:b1:a8:35:ea:f0:20:a7:6a:2e:
                    66:1e:ad:02:da:96:2a:2b:28:1e:3d:3a:54:86:51:
                    43:e7:02:bb:92:aa:a1:a5:ab:73:58:9e:28:03:4d:
                    fa:94:95:a4:89:38:08:ff:4d:7f:32:92:f1:ee:45:
                    9b:af:87:20:f2:b1:e1:84:81:21:a0:2d:23:41:a1:
                    50:c3:71:c3:bc:81:29:af:bc:ba:ff:81:f5:b1:6c:
                    9e:5e:f7:d8:a2:a4:54:84:57:2b:a7:18:3a:a5:e8:
                    00:13:86:97:62:00:b1:d4:40:b4:7c:b0:7e:00:81:
                    31:0a:a1:a9:60:5d:e1:bb:75:37:27:af:56:44:9a:
                    f2:f6:56:56:ac:02:33:7c:5c:26:4a:8b:35:8e:1a:
                    01:43:84:cb:56:a5:85:77:16:3c:e5:32:12:74:2e:
                    cb:ee:a9:43:4b:23:9c:65:c4:d1:dc:bd:7a:38:dc:
                    1d:63:75:a0:63:85:41:87:d3:2d:80:62:a5:3d:d9:
                    48:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:E6:70:A3:04:55:50:27:D3:33:63:0F:32:6A:7C:F3:C7:43:C9:7D
            X509v3 Authority Key Identifier:
                keyid:DB:63:62:61:E4:B3:70:BE:1A:BA:E7:E5:B5:09:21:E0:0A:6D:59:79

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/3DF10705730A1E4D8C493F2790B6F69D6C13A14D111E91284DF88FABABEA2E82/0/DB636261E4B370BE1ABAE7E5B50921E00A6D5979.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/DB636261E4B370BE1ABAE7E5B50921E00A6D5979.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/3DF10705730A1E4D8C493F2790B6F69D6C13A14D111E91284DF88FABABEA2E82/0/34352e3137382e36382e302f32322d3232203d3e20323634373538.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.178.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         90:9f:97:34:d7:84:b7:ae:ff:49:a4:90:f5:99:72:92:40:54:
         c7:29:5a:dc:5f:db:58:26:0b:93:70:0d:8f:c8:61:11:e9:bd:
         ae:ce:04:52:69:d3:32:fc:2c:18:9b:64:96:72:58:d8:1b:5f:
         65:43:f4:52:e7:51:02:78:cb:3d:f3:3d:fa:d7:d1:d7:44:9d:
         e5:68:cb:48:7f:fd:62:07:f8:7f:ae:3f:d4:90:09:73:5c:12:
         c5:38:23:29:18:45:92:1e:be:60:f1:d3:03:c8:d5:c6:e0:3c:
         5e:e8:f7:74:cf:52:4b:61:de:5f:d4:2b:24:29:5b:f6:64:ce:
         22:cd:59:95:22:9f:5a:14:10:17:83:e6:6a:1f:54:9a:c2:4e:
         91:ad:d8:c7:eb:7c:fa:08:6f:dd:cd:76:8c:4d:ca:3f:2a:14:
         33:cf:44:9d:e4:ae:b8:b5:71:8b:62:52:5e:92:ec:e3:bd:11:
         0a:98:66:65:69:2c:93:97:99:e8:bb:53:fb:d2:7c:74:82:99:
         2d:ae:2d:73:e9:27:7b:88:89:7f:bb:e2:0a:9a:28:7a:3e:66:
         37:3e:9b:e1:db:30:39:68:87:62:79:55:cc:04:d0:a9:5c:ca:
         22:7c:34:4d:40:d8:fe:b0:36:2b:fe:8a:58:20:fb:08:a7:93:
         69:7d:5d:cd
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUSN6mtq4pEOuVpMwtkSb0qwl9PqwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREI2MzYyNjFFNEIzNzBCRTFBQkFFN0U1QjUwOTIxRTAw
QTZENTk3OTAeFw0yNDAzMTkxNTQ1MDBaFw0yNTAzMTgxNTUwMDBaMDMxMTAvBgNV
BAMTKDE4RTY3MEEzMDQ1NTUwMjdEMzMzNjMwRjMyNkE3Q0YzQzc0M0M5N0QwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkiHzaicSZgUHq4zlW85mvnaje
6OWOWxCHJAOF/8rNxr7T4IVbpKA+LeiWJmz9o4U5AgZftL2r01ePa4QXyp/EfrGo
NerwIKdqLmYerQLaliorKB49OlSGUUPnAruSqqGlq3NYnigDTfqUlaSJOAj/TX8y
kvHuRZuvhyDyseGEgSGgLSNBoVDDccO8gSmvvLr/gfWxbJ5e99iipFSEVyunGDql
6AAThpdiALHUQLR8sH4AgTEKoalgXeG7dTcnr1ZEmvL2VlasAjN8XCZKizWOGgFD
hMtWpYV3FjzlMhJ0LsvuqUNLI5xlxNHcvXo43B1jdaBjhUGH0y2AYqU92UjHAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUGOZwowRVUCfTM2MPMmp888dDyX0wHwYDVR0j
BBgwFoAU22NiYeSzcL4auufltQkh4AptWXkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8zREYxMDcwNTczMEExRTREOEM0OTNGMjc5MEI2RjY5RDZD
MTNBMTREMTExRTkxMjg0REY4OEZBQkFCRUEyRTgyLzAvREI2MzYyNjFFNEIzNzBC
RTFBQkFFN0U1QjUwOTIxRTAwQTZENTk3OS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EQjYzNjI2MUU0QjM3MEJFMUFC
QUU3RTVCNTA5MjFFMDBBNkQ1OTc5LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvM0RGMTA3MDU3MzBBMUU0RDhDNDkzRjI3OTBCNkY2OUQ2QzEzQTE0RDEx
MUU5MTI4NERGODhGQUJBQkVBMkU4Mi8wLzM0MzUyZTMxMzczODJlMzYzODJlMzAy
ZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzYzNDM3MzUzOC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2yRDAN
BgkqhkiG9w0BAQsFAAOCAQEAkJ+XNNeEt67/SaSQ9ZlykkBUxyla3F/bWCYLk3AN
j8hhEem9rs4EUmnTMvwsGJtklnJY2BtfZUP0UudRAnjLPfM9+tfR10Sd5WjLSH/9
Ygf4f64/1JAJc1wSxTgjKRhFkh6+YPHTA8jVxuA8Xuj3dM9SS2HeX9QrJClb9mTO
Is1ZlSKfWhQQF4Pmah9UmsJOka3Yx+t8+ghv3c12jE3KPyoUM89EneSuuLVxi2JS
XpLs470RCphmZWksk5eZ6LtT+9J8dIKZLa4tc+kne4iJf7viCpooej5mNz6b4dsw
OWiHYnlVzATQqVzKInw0TUDY/rA2K/6KWCD7CKeTaX1dzQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 07:38:04 2024 by rpki-client on console-ams.rpki-client.org