Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/4FF4E360FA5AA65B38880D0FD2F73B4AAF8FED36ACE02A776A3294553A6E4C60/0/34352e3233362e38332e302f32342d3234203d3e203237393833.roa
File:                     34352e3233362e38332e302f32342d3234203d3e203237393833.roa (raw, json)
Hash identifier:          nLTk3urK/5TkcPwGjRe/HZTjbndTvgyfL18tMX7heZw=
Subject key identifier:   1E:E1:B6:28:7C:12:3E:06:03:6B:61:E9:94:F7:89:DF:B3:AE:59:2B
Certificate issuer:       /CN=9FE81A9D6A9B36D6B8E8F02955BEF63C3210C9E0
Certificate serial:       30CD1651B0E820DD392F113C8E9F7D0F3D200D29
Authority key identifier: 9F:E8:1A:9D:6A:9B:36:D6:B8:E8:F0:29:55:BE:F6:3C:32:10:C9:E0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9FE81A9D6A9B36D6B8E8F02955BEF63C3210C9E0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/4FF4E360FA5AA65B38880D0FD2F73B4AAF8FED36ACE02A776A3294553A6E4C60/0/34352e3233362e38332e302f32342d3234203d3e203237393833.roa
Signing time:             Tue 05 Mar 2024 18:01:02 +0000
ROA not before:           Tue 05 Mar 2024 17:56:02 +0000
ROA not after:            Tue 04 Mar 2025 18:01:02 +0000
asID:                     27983
IP address blocks:        45.236.83.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/4FF4E360FA5AA65B38880D0FD2F73B4AAF8FED36ACE02A776A3294553A6E4C60/0/9FE81A9D6A9B36D6B8E8F02955BEF63C3210C9E0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/4FF4E360FA5AA65B38880D0FD2F73B4AAF8FED36ACE02A776A3294553A6E4C60/0/9FE81A9D6A9B36D6B8E8F02955BEF63C3210C9E0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9FE81A9D6A9B36D6B8E8F02955BEF63C3210C9E0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 13 Oct 2024 05:04:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:cd:16:51:b0:e8:20:dd:39:2f:11:3c:8e:9f:7d:0f:3d:20:0d:29
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9FE81A9D6A9B36D6B8E8F02955BEF63C3210C9E0
        Validity
            Not Before: Mar  5 17:56:02 2024 GMT
            Not After : Mar  4 18:01:02 2025 GMT
        Subject: CN=1EE1B6287C123E06036B61E994F789DFB3AE592B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:84:d6:66:e0:2f:a4:81:1c:e5:e8:0f:25:0a:
                    a3:a7:1c:e0:dc:5d:26:76:bf:84:3a:d3:57:ca:ca:
                    86:7a:e5:b3:9b:4c:b3:e5:ed:29:d7:73:ce:63:89:
                    c5:d9:c3:85:a4:a2:2e:4e:1b:bf:f6:3b:17:ff:68:
                    7a:8d:49:da:64:86:9f:61:39:63:a0:06:c1:43:97:
                    39:af:6c:d0:f3:dd:c0:2e:11:0a:b1:7a:f9:17:58:
                    b1:da:97:bb:a6:9c:8b:ad:28:eb:29:b9:4b:3b:1c:
                    db:20:c4:90:f0:23:75:23:86:25:bc:37:bc:1a:f3:
                    93:13:a2:c7:36:b8:8a:1d:84:b0:fa:6b:d6:39:a1:
                    3e:b3:1f:57:20:47:92:4c:e0:c9:a7:97:8c:dd:79:
                    2b:4a:e9:7a:cb:3d:fe:3d:d9:ed:ad:3e:ec:31:d1:
                    0c:f0:55:dd:e6:60:78:00:8c:d0:90:69:88:d0:89:
                    14:9d:d6:76:61:1b:61:a2:f4:19:97:f7:36:6f:d1:
                    2f:a9:00:b9:ed:01:1e:2c:fe:60:53:aa:17:51:40:
                    ac:b8:42:42:04:0a:4b:b5:b5:8e:27:d7:57:56:f3:
                    a9:92:fe:98:a6:ff:9a:dc:84:6f:e9:03:62:5e:82:
                    ab:72:52:b5:a1:37:60:51:a5:d7:ba:9b:7f:ce:15:
                    85:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:E1:B6:28:7C:12:3E:06:03:6B:61:E9:94:F7:89:DF:B3:AE:59:2B
            X509v3 Authority Key Identifier:
                keyid:9F:E8:1A:9D:6A:9B:36:D6:B8:E8:F0:29:55:BE:F6:3C:32:10:C9:E0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/4FF4E360FA5AA65B38880D0FD2F73B4AAF8FED36ACE02A776A3294553A6E4C60/0/9FE81A9D6A9B36D6B8E8F02955BEF63C3210C9E0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9FE81A9D6A9B36D6B8E8F02955BEF63C3210C9E0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/4FF4E360FA5AA65B38880D0FD2F73B4AAF8FED36ACE02A776A3294553A6E4C60/0/34352e3233362e38332e302f32342d3234203d3e203237393833.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.236.83.0/24

    Signature Algorithm: sha256WithRSAEncryption
         07:24:12:49:f8:4b:8b:00:03:e2:ae:bc:32:9c:81:64:30:f5:
         80:ef:32:f9:b3:5c:3c:03:e6:7e:de:a3:0f:28:2e:7d:75:fb:
         db:78:90:4a:c4:c5:bf:53:30:d6:9e:3a:ab:17:5b:84:24:1e:
         16:f6:e6:86:6c:12:de:3f:47:5d:8a:fa:bc:e5:eb:1d:81:72:
         99:31:a4:d1:69:da:2e:0f:5a:86:f9:60:8f:ce:90:1a:12:8c:
         d0:08:25:ab:e6:85:07:83:b2:33:5c:31:d7:ca:d4:35:4d:a4:
         c0:f1:3c:05:10:00:e7:15:82:e7:a6:44:7f:1f:a6:be:ce:81:
         e7:03:6d:fa:22:a7:63:dc:0a:33:40:8e:1b:cb:8b:91:3f:4b:
         c3:36:d7:10:7d:1e:1a:bf:d9:be:7f:84:fe:4c:80:7f:00:17:
         44:02:ef:6b:31:c2:4b:44:92:9a:3b:ce:6b:d1:e5:cb:87:6f:
         9e:ac:38:f6:3d:bf:d3:28:0f:b5:af:99:27:bb:37:c7:a5:05:
         08:65:27:7c:9f:c9:78:5e:81:77:8d:d6:5b:f8:81:28:dc:da:
         27:05:93:39:ec:89:64:0e:9c:c4:8d:0f:6e:73:72:21:76:2b:
         fd:ac:9f:15:68:b3:6e:cd:be:62:24:5b:1c:3b:03:1b:d6:0f:
         20:f4:09:03
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUMM0WUbDoIN05LxE8jp99Dz0gDSkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUZFODFBOUQ2QTlCMzZENkI4RThGMDI5NTVCRUY2M0Mz
MjEwQzlFMDAeFw0yNDAzMDUxNzU2MDJaFw0yNTAzMDQxODAxMDJaMDMxMTAvBgNV
BAMTKDFFRTFCNjI4N0MxMjNFMDYwMzZCNjFFOTk0Rjc4OURGQjNBRTU5MkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEhNZm4C+kgRzl6A8lCqOnHODc
XSZ2v4Q601fKyoZ65bObTLPl7SnXc85jicXZw4Wkoi5OG7/2Oxf/aHqNSdpkhp9h
OWOgBsFDlzmvbNDz3cAuEQqxevkXWLHal7umnIutKOspuUs7HNsgxJDwI3UjhiW8
N7wa85MTosc2uIodhLD6a9Y5oT6zH1cgR5JM4Mmnl4zdeStK6XrLPf492e2tPuwx
0QzwVd3mYHgAjNCQaYjQiRSd1nZhG2Gi9BmX9zZv0S+pALntAR4s/mBTqhdRQKy4
QkIECku1tY4n11dW86mS/pim/5rchG/pA2JegqtyUrWhN2BRpde6m3/OFYXbAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUHuG2KHwSPgYDa2HplPeJ37OuWSswHwYDVR0j
BBgwFoAUn+ganWqbNta46PApVb72PDIQyeAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy80RkY0RTM2MEZBNUFBNjVCMzg4ODBEMEZEMkY3M0I0QUFG
OEZFRDM2QUNFMDJBNzc2QTMyOTQ1NTNBNkU0QzYwLzAvOUZFODFBOUQ2QTlCMzZE
NkI4RThGMDI5NTVCRUY2M0MzMjEwQzlFMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85RkU4MUE5RDZBOUIzNkQ2QjhF
OEYwMjk1NUJFRjYzQzMyMTBDOUUwLmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNEZGNEUzNjBGQTVBQTY1QjM4ODgwRDBGRDJGNzNCNEFBRjhGRUQzNkFD
RTAyQTc3NkEzMjk0NTUzQTZFNEM2MC8wLzM0MzUyZTMyMzMzNjJlMzgzMzJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzczOTM4MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAt7FMwDQYJ
KoZIhvcNAQELBQADggEBAAckEkn4S4sAA+KuvDKcgWQw9YDvMvmzXDwD5n7eow8o
Ln11+9t4kErExb9TMNaeOqsXW4QkHhb25oZsEt4/R12K+rzl6x2BcpkxpNFp2i4P
Wob5YI/OkBoSjNAIJavmhQeDsjNcMdfK1DVNpMDxPAUQAOcVguemRH8fpr7OgecD
bfoip2PcCjNAjhvLi5E/S8M21xB9Hhq/2b5/hP5MgH8AF0QC72sxwktEkpo7zmvR
5cuHb56sOPY9v9MoD7WvmSe7N8elBQhlJ3yfyXhegXeN1lv4gSjc2icFkznsiWQO
nMSND25zciF2K/2snxVos27NvmIkWxw7AxvWDyD0CQM=
-----END CERTIFICATE-----
Generated at Tue Oct 8 23:57:17 2024 by rpki-client on console-fra.rpki-client.org