Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/40F8D6DA61C8DECD5A1243993CF904D26C9DA8ED1BA3C995A125A4A88C01EF1D/0/34352e3233342e38362e302f32342d3234203d3e20323636373832.roa
File:                     34352e3233342e38362e302f32342d3234203d3e20323636373832.roa (raw, json)
Hash identifier:          83XMRaiNMUZKgXwiDJijkGGHGeSHXDM38krOLDtvHCs=
Subject key identifier:   58:35:94:B5:B7:62:2B:09:E1:A8:FE:7E:49:BA:F8:97:8D:D5:F8:59
Certificate issuer:       /CN=FF06C33FB0001EE28FFC3647C9C6B9FD0B0A39A7
Certificate serial:       6B17AFB079C8EA4F7B58CC5C7B30649CE4D91EE8
Authority key identifier: FF:06:C3:3F:B0:00:1E:E2:8F:FC:36:47:C9:C6:B9:FD:0B:0A:39:A7
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FF06C33FB0001EE28FFC3647C9C6B9FD0B0A39A7.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/40F8D6DA61C8DECD5A1243993CF904D26C9DA8ED1BA3C995A125A4A88C01EF1D/0/34352e3233342e38362e302f32342d3234203d3e20323636373832.roa
Signing time:             Tue 05 Mar 2024 18:20:36 +0000
ROA not before:           Tue 05 Mar 2024 18:15:36 +0000
ROA not after:            Tue 04 Mar 2025 18:20:36 +0000
asID:                     266782
IP address blocks:        45.234.86.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/40F8D6DA61C8DECD5A1243993CF904D26C9DA8ED1BA3C995A125A4A88C01EF1D/0/FF06C33FB0001EE28FFC3647C9C6B9FD0B0A39A7.crl
                          rsync://repository.lacnic.net/rpki/lacnic/40F8D6DA61C8DECD5A1243993CF904D26C9DA8ED1BA3C995A125A4A88C01EF1D/0/FF06C33FB0001EE28FFC3647C9C6B9FD0B0A39A7.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FF06C33FB0001EE28FFC3647C9C6B9FD0B0A39A7.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 13 Jul 2024 10:06:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:17:af:b0:79:c8:ea:4f:7b:58:cc:5c:7b:30:64:9c:e4:d9:1e:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FF06C33FB0001EE28FFC3647C9C6B9FD0B0A39A7
        Validity
            Not Before: Mar  5 18:15:36 2024 GMT
            Not After : Mar  4 18:20:36 2025 GMT
        Subject: CN=583594B5B7622B09E1A8FE7E49BAF8978DD5F859
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:c5:43:d4:56:f2:4a:ff:f8:5e:fa:8b:c5:22:
                    3f:ae:1c:cf:d6:3f:9d:19:e1:4c:63:4a:51:94:b4:
                    18:03:99:05:93:73:c7:41:44:bf:8b:80:66:71:4d:
                    ab:25:88:9c:41:32:bb:f1:f1:5b:c5:27:41:92:ac:
                    be:b1:b9:e7:65:2c:c7:01:58:a9:eb:65:75:75:6d:
                    41:25:ba:c8:0c:50:42:00:f2:15:5f:5c:9b:8e:25:
                    08:a4:1c:e2:16:dc:30:04:dd:6c:15:1c:0c:86:fc:
                    84:1e:bb:67:6d:9f:5a:c1:1e:94:22:66:99:cc:99:
                    61:f2:26:e5:27:5c:7a:ea:0d:55:5c:fd:3c:f3:72:
                    65:3c:77:ab:c1:77:73:d1:fa:93:d0:2d:d1:c9:ca:
                    67:ed:9c:0a:c6:9a:fb:34:1d:d5:66:ed:e2:b1:29:
                    09:c6:ca:f7:d8:2d:f7:67:3c:27:ed:8c:86:ce:80:
                    4e:10:4d:bd:e4:a8:de:2e:a9:4b:82:2d:f6:37:77:
                    f2:e7:e5:3b:2e:60:10:56:c6:77:28:cd:d7:25:aa:
                    ba:ae:3e:40:01:32:2c:80:5a:97:1f:b7:93:bd:6b:
                    b1:a3:9a:98:67:e9:d3:aa:9e:31:51:d0:6f:f9:bd:
                    f3:ab:1f:74:ec:86:47:cb:4a:10:ab:b6:1a:fc:83:
                    47:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:35:94:B5:B7:62:2B:09:E1:A8:FE:7E:49:BA:F8:97:8D:D5:F8:59
            X509v3 Authority Key Identifier:
                keyid:FF:06:C3:3F:B0:00:1E:E2:8F:FC:36:47:C9:C6:B9:FD:0B:0A:39:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/40F8D6DA61C8DECD5A1243993CF904D26C9DA8ED1BA3C995A125A4A88C01EF1D/0/FF06C33FB0001EE28FFC3647C9C6B9FD0B0A39A7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/FF06C33FB0001EE28FFC3647C9C6B9FD0B0A39A7.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/40F8D6DA61C8DECD5A1243993CF904D26C9DA8ED1BA3C995A125A4A88C01EF1D/0/34352e3233342e38362e302f32342d3234203d3e20323636373832.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.234.86.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5e:b6:cd:63:c9:7d:b4:a7:4a:f5:f6:55:5e:bf:f8:a0:78:01:
         2f:fa:8e:ed:eb:9d:c8:b4:75:8e:3f:2b:59:36:e0:45:8d:c0:
         69:8a:4e:da:ae:21:69:96:87:18:39:59:d0:ba:2d:b7:8b:2c:
         eb:9d:f9:7b:6d:43:3a:15:a0:95:b7:d5:b6:6c:89:40:19:75:
         78:b4:88:34:52:50:80:7f:08:25:52:93:a8:ea:6b:8e:dc:90:
         7d:8c:c9:45:ff:e7:c2:c2:66:99:7d:74:72:7b:77:85:1c:3c:
         7d:32:de:23:ec:c5:70:e0:30:9d:c1:73:a3:fb:3c:33:19:df:
         99:8d:d6:5f:9a:b2:a6:7c:54:bc:d1:92:66:9d:b6:6c:00:3f:
         ad:d7:e7:94:c5:50:74:4a:14:d3:ef:d8:7b:74:9d:5e:7d:6d:
         5f:c0:bb:df:d9:12:11:43:e0:34:0f:fd:36:fd:50:fd:f8:4b:
         40:c0:c9:d6:eb:dd:ef:6f:3f:5a:cf:71:ef:af:22:0a:07:ea:
         bd:f5:db:8d:8d:54:f9:3c:01:c0:63:71:32:52:c9:f7:4e:39:
         45:30:8c:4b:9f:7c:15:d8:65:05:6e:17:d2:77:38:a8:69:30:
         60:ac:77:b1:d5:5f:49:74:dc:c7:c1:13:76:13:cb:f3:ae:4b:
         c2:ff:b3:c1
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUaxevsHnI6k97WMxcezBknOTZHugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkYwNkMzM0ZCMDAwMUVFMjhGRkMzNjQ3QzlDNkI5RkQw
QjBBMzlBNzAeFw0yNDAzMDUxODE1MzZaFw0yNTAzMDQxODIwMzZaMDMxMTAvBgNV
BAMTKDU4MzU5NEI1Qjc2MjJCMDlFMUE4RkU3RTQ5QkFGODk3OERENUY4NTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYxUPUVvJK//he+ovFIj+uHM/W
P50Z4UxjSlGUtBgDmQWTc8dBRL+LgGZxTasliJxBMrvx8VvFJ0GSrL6xuedlLMcB
WKnrZXV1bUElusgMUEIA8hVfXJuOJQikHOIW3DAE3WwVHAyG/IQeu2dtn1rBHpQi
ZpnMmWHyJuUnXHrqDVVc/TzzcmU8d6vBd3PR+pPQLdHJymftnArGmvs0HdVm7eKx
KQnGyvfYLfdnPCftjIbOgE4QTb3kqN4uqUuCLfY3d/Ln5TsuYBBWxncozdclqrqu
PkABMiyAWpcft5O9a7Gjmphn6dOqnjFR0G/5vfOrH3TshkfLShCrthr8g0cXAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUWDWUtbdiKwnhqP5+Sbr4l43V+FkwHwYDVR0j
BBgwFoAU/wbDP7AAHuKP/DZHyca5/QsKOacwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80MEY4RDZEQTYxQzhERUNENUExMjQzOTkzQ0Y5MDREMjZD
OURBOEVEMUJBM0M5OTVBMTI1QTRBODhDMDFFRjFELzAvRkYwNkMzM0ZCMDAwMUVF
MjhGRkMzNjQ3QzlDNkI5RkQwQjBBMzlBNy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GRjA2QzMzRkIwMDAxRUUyOEZG
QzM2NDdDOUM2QjlGRDBCMEEzOUE3LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDBGOEQ2REE2MUM4REVDRDVBMTI0Mzk5M0NGOTA0RDI2QzlEQThFRDFC
QTNDOTk1QTEyNUE0QTg4QzAxRUYxRC8wLzM0MzUyZTMyMzMzNDJlMzgzNjJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzNjM3MzgzMi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC3qVjAN
BgkqhkiG9w0BAQsFAAOCAQEAXrbNY8l9tKdK9fZVXr/4oHgBL/qO7eudyLR1jj8r
WTbgRY3AaYpO2q4haZaHGDlZ0Lott4ss6535e21DOhWglbfVtmyJQBl1eLSINFJQ
gH8IJVKTqOprjtyQfYzJRf/nwsJmmX10cnt3hRw8fTLeI+zFcOAwncFzo/s8Mxnf
mY3WX5qypnxUvNGSZp22bAA/rdfnlMVQdEoU0+/Ye3SdXn1tX8C739kSEUPgNA/9
Nv1Q/fhLQMDJ1uvd728/Ws9x768iCgfqvfXbjY1U+TwBwGNxMlLJ9045RTCMS598
FdhlBW4X0nc4qGkwYKx3sdVfSXTcx8ETdhPL865Lwv+zwQ==
-----END CERTIFICATE-----
Generated at Wed Jul 10 10:17:11 2024 by rpki-client on console-fra.rpki-client.org