Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/46A4E245CBB6370AF16DB9F4974F0814BEE0E4809254BEFA48855BD042AA87CD/0/34352e3138312e31322e302f32322d3232203d3e20323635353233.roa
File:                     34352e3138312e31322e302f32322d3232203d3e20323635353233.roa (raw, json)
Hash identifier:          +pG56JkGebW+y5qc23T0vCPY1uJqSkjjIVdW5pVgePg=
Subject key identifier:   16:F4:E5:6F:F9:9A:56:A4:63:90:36:3E:6F:DA:F0:C0:8D:26:04:06
Certificate issuer:       /CN=27CE53490C8AFAC28B7A6430889E88978245BBC6
Certificate serial:       1879751261B332381530BC4FD0C1DCB8BB9DBBA5
Authority key identifier: 27:CE:53:49:0C:8A:FA:C2:8B:7A:64:30:88:9E:88:97:82:45:BB:C6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/27CE53490C8AFAC28B7A6430889E88978245BBC6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/46A4E245CBB6370AF16DB9F4974F0814BEE0E4809254BEFA48855BD042AA87CD/0/34352e3138312e31322e302f32322d3232203d3e20323635353233.roa
Signing time:             Tue 05 Mar 2024 17:41:26 +0000
ROA not before:           Tue 05 Mar 2024 17:36:26 +0000
ROA not after:            Tue 04 Mar 2025 17:41:26 +0000
asID:                     265523
IP address blocks:        45.181.12.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/46A4E245CBB6370AF16DB9F4974F0814BEE0E4809254BEFA48855BD042AA87CD/0/27CE53490C8AFAC28B7A6430889E88978245BBC6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/46A4E245CBB6370AF16DB9F4974F0814BEE0E4809254BEFA48855BD042AA87CD/0/27CE53490C8AFAC28B7A6430889E88978245BBC6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/27CE53490C8AFAC28B7A6430889E88978245BBC6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 27 Jul 2024 09:32:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:79:75:12:61:b3:32:38:15:30:bc:4f:d0:c1:dc:b8:bb:9d:bb:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=27CE53490C8AFAC28B7A6430889E88978245BBC6
        Validity
            Not Before: Mar  5 17:36:26 2024 GMT
            Not After : Mar  4 17:41:26 2025 GMT
        Subject: CN=16F4E56FF99A56A46390363E6FDAF0C08D260406
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:3a:0c:37:29:5f:04:1a:6b:36:9d:6d:15:78:
                    09:8c:fa:5a:00:98:5c:dc:66:18:04:43:6c:56:1d:
                    d8:96:14:e8:a1:2a:df:57:c5:7c:44:aa:60:41:96:
                    52:d9:0d:43:8e:70:fa:ca:8a:3b:01:98:3f:f2:7c:
                    f6:7b:30:82:c8:58:e6:e9:b0:45:ea:1f:35:ba:24:
                    43:5e:49:29:5a:b0:d0:67:da:95:34:d5:5d:43:0e:
                    63:fe:05:7d:4a:42:ab:22:22:b9:24:f4:79:ce:c3:
                    c9:bc:2f:d3:61:fe:de:d9:1c:ff:55:b2:43:db:69:
                    3f:54:e4:18:1a:f1:8f:d3:ce:ad:56:57:cf:93:67:
                    b1:a6:f3:93:e2:c3:10:a8:79:25:78:61:c5:01:a5:
                    21:a8:f0:e6:8c:e1:d1:2d:cb:aa:0f:ba:6f:9c:76:
                    5f:57:ea:15:d1:8c:68:56:56:62:f9:33:0a:84:eb:
                    a2:ba:50:f6:5f:6e:d3:8e:6c:a2:61:46:6c:93:fa:
                    5d:d7:e3:2f:7a:b5:1e:91:ff:42:69:72:49:60:bd:
                    8c:48:a4:a8:2a:70:9c:88:f7:b8:64:1f:23:db:a0:
                    70:a0:1a:f7:42:24:21:08:88:8a:33:6e:84:e7:9c:
                    7c:5b:11:c3:f7:91:a0:fa:41:18:1d:59:fa:c3:61:
                    99:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:F4:E5:6F:F9:9A:56:A4:63:90:36:3E:6F:DA:F0:C0:8D:26:04:06
            X509v3 Authority Key Identifier:
                keyid:27:CE:53:49:0C:8A:FA:C2:8B:7A:64:30:88:9E:88:97:82:45:BB:C6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/46A4E245CBB6370AF16DB9F4974F0814BEE0E4809254BEFA48855BD042AA87CD/0/27CE53490C8AFAC28B7A6430889E88978245BBC6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/27CE53490C8AFAC28B7A6430889E88978245BBC6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/46A4E245CBB6370AF16DB9F4974F0814BEE0E4809254BEFA48855BD042AA87CD/0/34352e3138312e31322e302f32322d3232203d3e20323635353233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.181.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1b:a5:0d:d5:e7:e1:67:63:41:6b:6f:f9:a1:4d:9e:0a:34:f2:
         47:1c:ce:60:ba:8a:77:65:66:33:6b:49:42:3c:9c:27:d4:19:
         1f:64:ea:f1:51:f3:2a:a9:be:9a:51:e0:8d:6e:b6:5f:f2:59:
         69:5b:21:f7:8a:c2:be:24:40:f5:27:07:84:5f:77:0d:47:19:
         35:cf:ac:1c:f4:20:cc:f1:1e:84:9d:f3:e7:f5:ac:91:5f:14:
         86:73:f5:e7:6a:36:6b:36:b3:ae:97:da:ea:51:fa:b7:db:bf:
         43:8c:de:b4:62:5b:ec:11:96:e3:6a:09:1d:25:bd:f3:4e:34:
         06:d3:58:34:f3:0e:ec:42:12:ee:6a:10:2f:56:95:71:3c:69:
         6c:26:8f:5f:2c:d0:6c:6d:16:93:b2:2c:4a:e2:2f:2f:5b:83:
         6f:07:21:10:82:d9:36:da:f2:67:14:94:fe:f2:dc:b4:91:44:
         bd:ef:46:3a:0e:a2:2b:c4:f7:57:83:ec:b4:e1:d1:a5:16:3f:
         f9:ae:8a:69:c2:38:6f:07:6e:ec:5c:d1:be:de:45:6b:70:11:
         94:d8:9c:31:32:38:83:3a:0a:d6:0a:96:ec:85:89:58:99:1e:
         29:5b:da:a1:65:80:07:a6:a6:30:5c:35:cd:27:7a:cb:64:ee:
         26:91:df:69
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUGHl1EmGzMjgVMLxP0MHcuLudu6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjdDRTUzNDkwQzhBRkFDMjhCN0E2NDMwODg5RTg4OTc4
MjQ1QkJDNjAeFw0yNDAzMDUxNzM2MjZaFw0yNTAzMDQxNzQxMjZaMDMxMTAvBgNV
BAMTKDE2RjRFNTZGRjk5QTU2QTQ2MzkwMzYzRTZGREFGMEMwOEQyNjA0MDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjOgw3KV8EGms2nW0VeAmM+loA
mFzcZhgEQ2xWHdiWFOihKt9XxXxEqmBBllLZDUOOcPrKijsBmD/yfPZ7MILIWObp
sEXqHzW6JENeSSlasNBn2pU01V1DDmP+BX1KQqsiIrkk9HnOw8m8L9Nh/t7ZHP9V
skPbaT9U5Bga8Y/Tzq1WV8+TZ7Gm85PiwxCoeSV4YcUBpSGo8OaM4dEty6oPum+c
dl9X6hXRjGhWVmL5MwqE66K6UPZfbtOObKJhRmyT+l3X4y96tR6R/0JpcklgvYxI
pKgqcJyI97hkHyPboHCgGvdCJCEIiIozboTnnHxbEcP3kaD6QRgdWfrDYZl/AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUFvTlb/maVqRjkDY+b9rwwI0mBAYwHwYDVR0j
BBgwFoAUJ85TSQyK+sKLemQwiJ6Il4JFu8YwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80NkE0RTI0NUNCQjYzNzBBRjE2REI5RjQ5NzRGMDgxNEJF
RTBFNDgwOTI1NEJFRkE0ODg1NUJEMDQyQUE4N0NELzAvMjdDRTUzNDkwQzhBRkFD
MjhCN0E2NDMwODg5RTg4OTc4MjQ1QkJDNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yN0NFNTM0OTBDOEFGQUMyOEI3
QTY0MzA4ODlFODg5NzgyNDVCQkM2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNDZBNEUyNDVDQkI2MzcwQUYxNkRCOUY0OTc0RjA4MTRCRUUwRTQ4MDky
NTRCRUZBNDg4NTVCRDA0MkFBODdDRC8wLzM0MzUyZTMxMzgzMTJlMzEzMjJlMzAy
ZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzYzNTM1MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi21DDAN
BgkqhkiG9w0BAQsFAAOCAQEAG6UN1efhZ2NBa2/5oU2eCjTyRxzOYLqKd2VmM2tJ
QjycJ9QZH2Tq8VHzKqm+mlHgjW62X/JZaVsh94rCviRA9ScHhF93DUcZNc+sHPQg
zPEehJ3z5/WskV8UhnP152o2azazrpfa6lH6t9u/Q4zetGJb7BGW42oJHSW98040
BtNYNPMO7EIS7moQL1aVcTxpbCaPXyzQbG0Wk7IsSuIvL1uDbwchEILZNtryZxSU
/vLctJFEve9GOg6iK8T3V4PstOHRpRY/+a6KacI4bwdu7FzRvt5Fa3ARlNicMTI4
gzoK1gqW7IWJWJkeKVvaoWWAB6amMFw1zSd6y2TuJpHfaQ==
-----END CERTIFICATE-----
Generated at Tue Jul 23 05:52:43 2024 by rpki-client on console-fra.rpki-client.org