Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4DB7C5AAE9676CA8208B3D8721D1314553F1FC4BE5B500B3A8955E9362E8C00F/0/34352e342e3230342e302f32332d3233203d3e20323034333030.roa
File:                     34352e342e3230342e302f32332d3233203d3e20323034333030.roa (raw, json)
Hash identifier:          blJWOfj9qc+S/iyHngW5sF6OAYACAjvvHoW7DieFu5k=
Subject key identifier:   1A:8A:CD:31:03:C7:B8:C8:8E:4B:4A:DF:3A:52:72:74:A9:D7:07:8C
Certificate issuer:       /CN=B4CF94EC7154D2BC51066D5BB556A7589514A5C6
Certificate serial:       6CB6C109A2814E9CAAA51647DA3780DF0DFE4756
Authority key identifier: B4:CF:94:EC:71:54:D2:BC:51:06:6D:5B:B5:56:A7:58:95:14:A5:C6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B4CF94EC7154D2BC51066D5BB556A7589514A5C6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4DB7C5AAE9676CA8208B3D8721D1314553F1FC4BE5B500B3A8955E9362E8C00F/0/34352e342e3230342e302f32332d3233203d3e20323034333030.roa
Signing time:             Tue 05 Mar 2024 18:13:06 +0000
ROA not before:           Tue 05 Mar 2024 18:08:06 +0000
ROA not after:            Tue 04 Mar 2025 18:13:06 +0000
asID:                     204300
IP address blocks:        45.4.204.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4DB7C5AAE9676CA8208B3D8721D1314553F1FC4BE5B500B3A8955E9362E8C00F/0/B4CF94EC7154D2BC51066D5BB556A7589514A5C6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4DB7C5AAE9676CA8208B3D8721D1314553F1FC4BE5B500B3A8955E9362E8C00F/0/B4CF94EC7154D2BC51066D5BB556A7589514A5C6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B4CF94EC7154D2BC51066D5BB556A7589514A5C6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 18:19:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:b6:c1:09:a2:81:4e:9c:aa:a5:16:47:da:37:80:df:0d:fe:47:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B4CF94EC7154D2BC51066D5BB556A7589514A5C6
        Validity
            Not Before: Mar  5 18:08:06 2024 GMT
            Not After : Mar  4 18:13:06 2025 GMT
        Subject: CN=1A8ACD3103C7B8C88E4B4ADF3A527274A9D7078C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:18:b5:ec:29:4f:cb:2b:06:aa:b3:63:39:d2:
                    bd:a7:1a:1a:9d:be:dc:76:eb:1f:45:12:1c:59:56:
                    f3:f1:ed:38:e5:4c:a6:52:3a:60:38:30:dc:f9:7e:
                    bc:0c:d3:6f:1f:f0:5f:76:a5:8b:08:13:c4:3b:46:
                    0b:24:a3:98:24:a6:e0:29:da:2a:af:f0:18:e4:c4:
                    5b:58:ce:a0:48:d3:b1:8a:f6:af:f1:10:93:40:07:
                    8e:4e:64:5f:3f:a2:c6:13:22:cc:80:bc:60:72:af:
                    2c:98:c4:44:d7:62:70:5d:56:84:e5:0a:71:98:02:
                    24:fb:cd:ce:da:aa:74:3d:80:17:68:f4:87:93:68:
                    4c:06:dc:9e:2a:9c:ff:0f:31:5b:32:e3:d7:3c:aa:
                    34:3d:15:86:cb:97:9d:9b:86:87:01:50:e7:ea:ca:
                    3a:ab:b5:80:8c:74:70:16:06:0c:be:47:59:8a:da:
                    5a:53:d2:72:95:98:c5:e9:02:ca:e6:2c:fb:a7:2c:
                    e4:60:8e:a6:b6:e3:c7:52:d3:c1:30:4b:26:a1:98:
                    45:a8:f4:e7:6e:75:a4:af:51:d7:7e:42:a9:f6:b2:
                    55:32:e2:a3:bf:ec:82:13:f1:b7:02:53:fb:94:a3:
                    e3:be:42:69:62:ae:b3:81:45:97:88:8f:c5:c6:2a:
                    28:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:8A:CD:31:03:C7:B8:C8:8E:4B:4A:DF:3A:52:72:74:A9:D7:07:8C
            X509v3 Authority Key Identifier:
                keyid:B4:CF:94:EC:71:54:D2:BC:51:06:6D:5B:B5:56:A7:58:95:14:A5:C6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4DB7C5AAE9676CA8208B3D8721D1314553F1FC4BE5B500B3A8955E9362E8C00F/0/B4CF94EC7154D2BC51066D5BB556A7589514A5C6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B4CF94EC7154D2BC51066D5BB556A7589514A5C6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4DB7C5AAE9676CA8208B3D8721D1314553F1FC4BE5B500B3A8955E9362E8C00F/0/34352e342e3230342e302f32332d3233203d3e20323034333030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.4.204.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3b:94:35:38:97:fe:0d:ba:8d:cb:69:96:ac:64:19:ff:3d:da:
         d3:ee:3d:42:29:21:b0:af:77:4b:cb:75:0a:27:6a:be:db:c0:
         b2:51:b1:51:7f:77:82:5c:8e:1d:b9:f0:68:a6:3c:c0:7a:d6:
         c1:17:8c:d1:19:bb:da:0d:08:cf:e3:f9:4c:db:20:e2:ea:47:
         46:51:1d:48:1c:bf:84:3b:3b:7c:51:99:4a:42:70:66:dd:7c:
         2c:51:ab:8c:0b:a6:1f:b3:6b:09:03:41:16:ca:0e:79:5a:90:
         40:5a:43:86:7a:b5:3d:72:67:7d:28:fe:e6:f2:48:79:34:a2:
         4d:c3:15:bd:71:45:7e:92:ea:2d:18:cc:ff:26:05:14:8a:d8:
         50:8b:7e:1a:3d:a8:f3:33:f4:75:5f:d5:8e:8c:cc:e4:a3:a4:
         bb:1f:3b:6b:0e:5f:5b:5b:c4:4b:d6:be:b1:76:84:38:90:cb:
         61:a0:00:47:5c:be:2b:28:15:1f:b2:7f:5d:97:84:ae:08:fe:
         24:e5:2c:fd:18:37:0e:58:72:c6:16:e2:10:f4:cd:97:fd:78:
         48:b0:9c:7c:f9:56:cf:25:c5:e8:57:a7:cb:c0:8b:52:78:b2:
         38:ae:1b:8c:68:81:87:8f:fa:15:22:63:ce:86:cd:c6:9a:16:
         38:d8:70:26
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUbLbBCaKBTpyqpRZH2jeA3w3+R1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjRDRjk0RUM3MTU0RDJCQzUxMDY2RDVCQjU1NkE3NTg5
NTE0QTVDNjAeFw0yNDAzMDUxODA4MDZaFw0yNTAzMDQxODEzMDZaMDMxMTAvBgNV
BAMTKDFBOEFDRDMxMDNDN0I4Qzg4RTRCNEFERjNBNTI3Mjc0QTlENzA3OEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFGLXsKU/LKwaqs2M50r2nGhqd
vtx26x9FEhxZVvPx7TjlTKZSOmA4MNz5frwM028f8F92pYsIE8Q7Rgsko5gkpuAp
2iqv8BjkxFtYzqBI07GK9q/xEJNAB45OZF8/osYTIsyAvGByryyYxETXYnBdVoTl
CnGYAiT7zc7aqnQ9gBdo9IeTaEwG3J4qnP8PMVsy49c8qjQ9FYbLl52bhocBUOfq
yjqrtYCMdHAWBgy+R1mK2lpT0nKVmMXpAsrmLPunLORgjqa248dS08EwSyahmEWo
9OdudaSvUdd+Qqn2slUy4qO/7IIT8bcCU/uUo+O+QmlirrOBRZeIj8XGKihVAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUGorNMQPHuMiOS0rfOlJydKnXB4wwHwYDVR0j
BBgwFoAUtM+U7HFU0rxRBm1btVanWJUUpcYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80REI3QzVBQUU5Njc2Q0E4MjA4QjNEODcyMUQxMzE0NTUz
RjFGQzRCRTVCNTAwQjNBODk1NUU5MzYyRThDMDBGLzAvQjRDRjk0RUM3MTU0RDJC
QzUxMDY2RDVCQjU1NkE3NTg5NTE0QTVDNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CNENGOTRFQzcxNTREMkJDNTEw
NjZENUJCNTU2QTc1ODk1MTRBNUM2LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNERCN0M1QUFFOTY3NkNBODIwOEIzRDg3MjFEMTMxNDU1M0YxRkM0QkU1
QjUwMEIzQTg5NTVFOTM2MkU4QzAwRi8wLzM0MzUyZTM0MmUzMjMwMzQyZTMwMmYz
MjMzMmQzMjMzMjAzZDNlMjAzMjMwMzQzMzMwMzAucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEtBMwwDQYJ
KoZIhvcNAQELBQADggEBADuUNTiX/g26jctplqxkGf892tPuPUIpIbCvd0vLdQon
ar7bwLJRsVF/d4Jcjh258GimPMB61sEXjNEZu9oNCM/j+UzbIOLqR0ZRHUgcv4Q7
O3xRmUpCcGbdfCxRq4wLph+zawkDQRbKDnlakEBaQ4Z6tT1yZ30o/ubySHk0ok3D
Fb1xRX6S6i0YzP8mBRSK2FCLfho9qPMz9HVf1Y6MzOSjpLsfO2sOX1tbxEvWvrF2
hDiQy2GgAEdcvisoFR+yf12XhK4I/iTlLP0YNw5YcsYW4hD0zZf9eEiwnHz5Vs8l
xehXp8vAi1J4sjiuG4xogYeP+hUiY86GzcaaFjjYcCY=
-----END CERTIFICATE-----
Generated at Sun Dec 8 22:30:57 2024 by rpki-client on console-fra.rpki-client.org