Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4DB7C5AAE9676CA8208B3D8721D1314553F1FC4BE5B500B3A8955E9362E8C00F/0/34352e342e3230342e302f32332d3233203d3e20313938363336.roa
File:                     34352e342e3230342e302f32332d3233203d3e20313938363336.roa (raw, json)
Hash identifier:          9I3n8NsVn8xsjtA7FmnNq+8mn8Q7OT2xI72tY6XpkbQ=
Subject key identifier:   47:A3:A7:2B:A4:B9:EC:C8:27:B5:F3:A2:BC:F7:B3:D9:1D:D6:80:9E
Certificate issuer:       /CN=B4CF94EC7154D2BC51066D5BB556A7589514A5C6
Certificate serial:       175312BDB4C172399F0E26075754BDDEBD6023CD
Authority key identifier: B4:CF:94:EC:71:54:D2:BC:51:06:6D:5B:B5:56:A7:58:95:14:A5:C6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B4CF94EC7154D2BC51066D5BB556A7589514A5C6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4DB7C5AAE9676CA8208B3D8721D1314553F1FC4BE5B500B3A8955E9362E8C00F/0/34352e342e3230342e302f32332d3233203d3e20313938363336.roa
Signing time:             Tue 05 Mar 2024 18:13:06 +0000
ROA not before:           Tue 05 Mar 2024 18:08:06 +0000
ROA not after:            Tue 04 Mar 2025 18:13:06 +0000
asID:                     198636
IP address blocks:        45.4.204.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4DB7C5AAE9676CA8208B3D8721D1314553F1FC4BE5B500B3A8955E9362E8C00F/0/B4CF94EC7154D2BC51066D5BB556A7589514A5C6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4DB7C5AAE9676CA8208B3D8721D1314553F1FC4BE5B500B3A8955E9362E8C00F/0/B4CF94EC7154D2BC51066D5BB556A7589514A5C6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B4CF94EC7154D2BC51066D5BB556A7589514A5C6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:53:12:bd:b4:c1:72:39:9f:0e:26:07:57:54:bd:de:bd:60:23:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B4CF94EC7154D2BC51066D5BB556A7589514A5C6
        Validity
            Not Before: Mar  5 18:08:06 2024 GMT
            Not After : Mar  4 18:13:06 2025 GMT
        Subject: CN=47A3A72BA4B9ECC827B5F3A2BCF7B3D91DD6809E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:2b:be:fc:fb:03:85:b7:f2:81:55:2b:a1:10:
                    41:af:a1:f0:11:c1:6f:41:df:cb:93:1f:ff:92:24:
                    ce:91:a8:a6:90:74:4e:36:65:85:25:c0:a8:ed:a8:
                    3c:77:e6:76:ca:d3:74:3b:c5:a0:ac:e9:66:cf:d8:
                    9b:fd:5d:c9:b4:30:82:63:17:79:c0:26:5a:ff:81:
                    01:e4:9e:49:89:06:7f:89:91:ba:f5:5e:47:1d:80:
                    b0:78:22:9d:e5:ad:0f:1c:bf:85:4c:d5:88:d9:c9:
                    0d:ba:52:f2:a3:b7:68:7c:19:25:a8:10:2c:8a:b3:
                    0c:be:bf:1d:b3:b3:18:26:73:9f:bb:5f:13:b0:f7:
                    c6:c3:3e:60:14:67:51:4b:5a:63:3b:f5:35:3e:51:
                    83:c8:91:5b:79:46:42:25:dc:4c:74:52:36:dc:6d:
                    62:bb:5c:26:b6:39:6d:49:55:f1:9c:0d:2d:94:56:
                    e9:6f:03:21:9e:76:36:17:d9:42:73:4f:71:fb:8a:
                    1a:9e:0b:db:80:b5:45:1b:45:5f:41:74:b0:05:ad:
                    9e:82:48:c8:aa:34:aa:4c:fa:ca:e1:5d:fe:7b:d8:
                    6c:3c:a5:ac:26:fc:f5:b3:45:85:62:85:79:11:5f:
                    d5:1a:ff:2e:06:ae:15:da:95:c9:25:a6:d6:06:fc:
                    fb:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:A3:A7:2B:A4:B9:EC:C8:27:B5:F3:A2:BC:F7:B3:D9:1D:D6:80:9E
            X509v3 Authority Key Identifier:
                keyid:B4:CF:94:EC:71:54:D2:BC:51:06:6D:5B:B5:56:A7:58:95:14:A5:C6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4DB7C5AAE9676CA8208B3D8721D1314553F1FC4BE5B500B3A8955E9362E8C00F/0/B4CF94EC7154D2BC51066D5BB556A7589514A5C6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B4CF94EC7154D2BC51066D5BB556A7589514A5C6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4DB7C5AAE9676CA8208B3D8721D1314553F1FC4BE5B500B3A8955E9362E8C00F/0/34352e342e3230342e302f32332d3233203d3e20313938363336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.4.204.0/23

    Signature Algorithm: sha256WithRSAEncryption
         71:0c:b7:0b:da:51:99:46:6a:82:35:de:58:ea:26:6d:e5:15:
         5b:b8:2f:92:ed:9d:55:d5:68:42:cd:47:d2:dc:01:d2:41:b4:
         88:2e:66:03:31:20:f2:18:68:0e:e1:dd:c3:19:28:1b:c3:a6:
         d3:7c:e6:49:25:a5:23:30:90:fb:c0:28:70:b8:f1:61:ce:a4:
         18:d1:f5:a0:9c:e3:3c:4b:65:51:56:70:83:81:56:15:26:a4:
         28:a5:06:40:ca:7c:59:27:fd:65:d6:dc:75:ac:8a:07:10:17:
         f9:45:58:97:04:4b:a3:33:55:39:f4:7d:1c:55:03:b9:6d:f1:
         d2:7d:75:5c:78:49:42:15:df:f0:52:72:69:2a:2f:17:38:59:
         6b:0a:a7:08:d1:07:cd:cd:16:89:dd:72:fe:25:b6:07:3c:e7:
         52:35:7c:e2:8a:f7:14:0f:c6:9b:5e:30:51:06:96:83:42:40:
         64:70:03:b6:05:5e:d7:f0:8f:c7:ad:b0:af:33:0f:69:bf:20:
         01:5c:5e:48:4c:06:b8:b6:9f:e0:02:3a:89:37:a4:0c:a2:ed:
         08:e5:65:ff:10:76:a1:0f:8f:38:b8:e8:79:d7:d1:ea:4d:10:
         9f:69:87:aa:d4:bc:83:ab:53:ed:fc:1e:90:f1:50:ed:a0:bc:
         a4:f5:5b:fc
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUF1MSvbTBcjmfDiYHV1S93r1gI80wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjRDRjk0RUM3MTU0RDJCQzUxMDY2RDVCQjU1NkE3NTg5
NTE0QTVDNjAeFw0yNDAzMDUxODA4MDZaFw0yNTAzMDQxODEzMDZaMDMxMTAvBgNV
BAMTKDQ3QTNBNzJCQTRCOUVDQzgyN0I1RjNBMkJDRjdCM0Q5MURENjgwOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAK778+wOFt/KBVSuhEEGvofAR
wW9B38uTH/+SJM6RqKaQdE42ZYUlwKjtqDx35nbK03Q7xaCs6WbP2Jv9Xcm0MIJj
F3nAJlr/gQHknkmJBn+Jkbr1XkcdgLB4Ip3lrQ8cv4VM1YjZyQ26UvKjt2h8GSWo
ECyKswy+vx2zsxgmc5+7XxOw98bDPmAUZ1FLWmM79TU+UYPIkVt5RkIl3Ex0Ujbc
bWK7XCa2OW1JVfGcDS2UVulvAyGedjYX2UJzT3H7ihqeC9uAtUUbRV9BdLAFrZ6C
SMiqNKpM+srhXf572Gw8pawm/PWzRYVihXkRX9Ua/y4GrhXalcklptYG/PuPAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUR6OnK6S57MgntfOivPez2R3WgJ4wHwYDVR0j
BBgwFoAUtM+U7HFU0rxRBm1btVanWJUUpcYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80REI3QzVBQUU5Njc2Q0E4MjA4QjNEODcyMUQxMzE0NTUz
RjFGQzRCRTVCNTAwQjNBODk1NUU5MzYyRThDMDBGLzAvQjRDRjk0RUM3MTU0RDJC
QzUxMDY2RDVCQjU1NkE3NTg5NTE0QTVDNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CNENGOTRFQzcxNTREMkJDNTEw
NjZENUJCNTU2QTc1ODk1MTRBNUM2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNERCN0M1QUFFOTY3NkNBODIwOEIzRDg3MjFEMTMxNDU1M0YxRkM0QkU1
QjUwMEIzQTg5NTVFOTM2MkU4QzAwRi8wLzM0MzUyZTM0MmUzMjMwMzQyZTMwMmYz
MjMzMmQzMjMzMjAzZDNlMjAzMTM5MzgzNjMzMzYucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEtBMwwDQYJ
KoZIhvcNAQELBQADggEBAHEMtwvaUZlGaoI13ljqJm3lFVu4L5LtnVXVaELNR9Lc
AdJBtIguZgMxIPIYaA7h3cMZKBvDptN85kklpSMwkPvAKHC48WHOpBjR9aCc4zxL
ZVFWcIOBVhUmpCilBkDKfFkn/WXW3HWsigcQF/lFWJcES6MzVTn0fRxVA7lt8dJ9
dVx4SUIV3/BScmkqLxc4WWsKpwjRB83NFondcv4ltgc851I1fOKK9xQPxpteMFEG
loNCQGRwA7YFXtfwj8etsK8zD2m/IAFcXkhMBri2n+ACOok3pAyi7QjlZf8QdqEP
jzi46HnX0epNEJ9ph6rUvIOrU+38HpDxUO2gvKT1W/w=
-----END CERTIFICATE-----
Generated at Sun Dec 8 21:19:08 2024 by rpki-client on console-ams.rpki-client.org