Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/527E3926928299A7706301114EBC9E9DDEC7277138E6390FCBFD7F60F67B00C1/0/34352e3233322e3139322e302f32322d3234203d3e20323637373439.roa
File:                     34352e3233322e3139322e302f32322d3234203d3e20323637373439.roa (raw, json)
Hash identifier:          Lzr13N6GCtpRYmhi00QGrIkLAp3ZKu81KZbQ61yDx+w=
Subject key identifier:   68:C4:02:91:5A:1B:15:0F:98:BB:00:B6:AB:8D:6C:7A:64:84:43:7E
Certificate issuer:       /CN=D5767ECDC104A4B4552F12CA53FE6F2F06C312B8
Certificate serial:       1E81B2ABC7706765519EEF15DBA6610EF970FC60
Authority key identifier: D5:76:7E:CD:C1:04:A4:B4:55:2F:12:CA:53:FE:6F:2F:06:C3:12:B8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D5767ECDC104A4B4552F12CA53FE6F2F06C312B8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/527E3926928299A7706301114EBC9E9DDEC7277138E6390FCBFD7F60F67B00C1/0/34352e3233322e3139322e302f32322d3234203d3e20323637373439.roa
Signing time:             Tue 05 Mar 2024 18:15:11 +0000
ROA not before:           Tue 05 Mar 2024 18:10:11 +0000
ROA not after:            Tue 04 Mar 2025 18:15:11 +0000
asID:                     267749
IP address blocks:        45.232.192.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/527E3926928299A7706301114EBC9E9DDEC7277138E6390FCBFD7F60F67B00C1/0/D5767ECDC104A4B4552F12CA53FE6F2F06C312B8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/527E3926928299A7706301114EBC9E9DDEC7277138E6390FCBFD7F60F67B00C1/0/D5767ECDC104A4B4552F12CA53FE6F2F06C312B8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D5767ECDC104A4B4552F12CA53FE6F2F06C312B8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Dec 2024 19:02:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1e:81:b2:ab:c7:70:67:65:51:9e:ef:15:db:a6:61:0e:f9:70:fc:60
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D5767ECDC104A4B4552F12CA53FE6F2F06C312B8
        Validity
            Not Before: Mar  5 18:10:11 2024 GMT
            Not After : Mar  4 18:15:11 2025 GMT
        Subject: CN=68C402915A1B150F98BB00B6AB8D6C7A6484437E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:52:a0:d0:1d:77:a7:3b:41:35:68:b1:ec:bf:
                    d1:db:ca:7e:da:8d:1b:cf:dd:02:40:2a:1d:a0:85:
                    c9:f3:c3:d6:06:72:57:02:c8:fc:f3:9a:9c:07:61:
                    68:21:f3:b5:42:84:2c:31:ea:2f:22:b4:f6:d7:48:
                    5b:2b:2b:c9:f8:6a:a9:63:95:ef:97:72:5e:91:dd:
                    60:62:69:ff:02:2c:d7:33:15:54:d4:85:39:aa:01:
                    e5:5f:a6:4b:17:0e:cb:e2:a0:43:76:96:4f:0e:2e:
                    38:10:9c:c4:74:5f:2e:a2:14:8f:14:43:21:c6:2c:
                    5a:a0:3f:02:09:06:b7:9f:17:87:02:1e:1d:a8:39:
                    30:b3:b7:04:5f:c8:a0:7e:5d:82:89:1b:67:2f:bc:
                    c7:7d:0c:b8:f9:14:81:34:21:95:78:b8:46:46:a7:
                    b8:0c:ba:df:39:63:ca:17:57:6d:a3:d8:d5:61:f4:
                    87:9f:e6:39:99:97:ff:0f:c5:4a:7a:3d:b6:d1:2f:
                    9d:ec:55:9c:d0:77:c8:70:38:1f:7e:5b:35:29:51:
                    92:b3:fc:47:8b:f3:83:28:cb:99:7a:c5:ef:6c:3e:
                    01:a2:a5:bf:6d:05:c1:59:35:be:bb:63:8d:4f:6a:
                    97:d4:da:61:76:83:a2:a4:d6:51:25:7c:0e:28:3c:
                    d6:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:C4:02:91:5A:1B:15:0F:98:BB:00:B6:AB:8D:6C:7A:64:84:43:7E
            X509v3 Authority Key Identifier:
                keyid:D5:76:7E:CD:C1:04:A4:B4:55:2F:12:CA:53:FE:6F:2F:06:C3:12:B8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/527E3926928299A7706301114EBC9E9DDEC7277138E6390FCBFD7F60F67B00C1/0/D5767ECDC104A4B4552F12CA53FE6F2F06C312B8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D5767ECDC104A4B4552F12CA53FE6F2F06C312B8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/527E3926928299A7706301114EBC9E9DDEC7277138E6390FCBFD7F60F67B00C1/0/34352e3233322e3139322e302f32322d3234203d3e20323637373439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.232.192.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8b:ed:bc:a9:0a:35:b0:5a:02:27:ea:d3:07:90:5a:47:6c:10:
         4d:cf:45:49:b9:56:fa:57:83:4e:53:7d:c8:0b:67:85:65:5f:
         4c:07:69:0f:1a:c7:0c:5d:1e:1a:36:22:5f:3c:2b:78:47:fb:
         da:b8:8e:99:86:05:c7:03:8b:82:cc:a5:1a:35:41:f5:81:94:
         f2:4d:f5:13:0a:ac:bc:a6:b8:ab:b5:09:9b:2f:74:a1:80:b8:
         f6:ef:0c:57:89:e0:f5:2c:19:c1:3a:08:a5:e6:61:bf:5d:79:
         02:d0:67:da:27:69:a6:69:b0:2a:e2:ca:18:ea:62:f5:e0:31:
         5b:7c:dc:85:27:6d:ce:fa:8c:33:fc:f2:40:1e:3a:51:85:28:
         4b:13:9f:dd:9f:c3:46:dc:71:23:45:05:cb:0f:d4:1e:44:46:
         cd:1e:0a:fd:16:18:ea:a0:4b:e9:97:a2:7e:51:4f:6e:fd:34:
         63:ae:b2:8f:18:c1:e1:e7:17:17:bf:af:af:7f:c7:06:42:18:
         71:87:a6:05:5e:db:fc:64:9b:c6:77:5b:ad:5c:64:57:cc:34:
         6b:79:69:30:38:6a:71:aa:a2:5a:3b:7e:e9:7e:ca:cd:3e:0e:
         a6:18:69:cb:86:33:16:68:f8:b6:48:aa:bb:9d:a2:77:4e:bb:
         53:02:e6:62
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUHoGyq8dwZ2VRnu8V26ZhDvlw/GAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDU3NjdFQ0RDMTA0QTRCNDU1MkYxMkNBNTNGRTZGMkYw
NkMzMTJCODAeFw0yNDAzMDUxODEwMTFaFw0yNTAzMDQxODE1MTFaMDMxMTAvBgNV
BAMTKDY4QzQwMjkxNUExQjE1MEY5OEJCMDBCNkFCOEQ2QzdBNjQ4NDQzN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbUqDQHXenO0E1aLHsv9Hbyn7a
jRvP3QJAKh2ghcnzw9YGclcCyPzzmpwHYWgh87VChCwx6i8itPbXSFsrK8n4aqlj
le+Xcl6R3WBiaf8CLNczFVTUhTmqAeVfpksXDsvioEN2lk8OLjgQnMR0Xy6iFI8U
QyHGLFqgPwIJBrefF4cCHh2oOTCztwRfyKB+XYKJG2cvvMd9DLj5FIE0IZV4uEZG
p7gMut85Y8oXV22j2NVh9Ief5jmZl/8PxUp6PbbRL53sVZzQd8hwOB9+WzUpUZKz
/EeL84Moy5l6xe9sPgGipb9tBcFZNb67Y41PapfU2mF2g6Kk1lElfA4oPNZvAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUaMQCkVobFQ+YuwC2q41semSEQ34wHwYDVR0j
BBgwFoAU1XZ+zcEEpLRVLxLKU/5vLwbDErgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MjdFMzkyNjkyODI5OUE3NzA2MzAxMTE0RUJDOUU5RERF
QzcyNzcxMzhFNjM5MEZDQkZEN0Y2MEY2N0IwMEMxLzAvRDU3NjdFQ0RDMTA0QTRC
NDU1MkYxMkNBNTNGRTZGMkYwNkMzMTJCOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9ENTc2N0VDREMxMDRBNEI0NTUy
RjEyQ0E1M0ZFNkYyRjA2QzMxMkI4LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTI3RTM5MjY5MjgyOTlBNzcwNjMwMTExNEVCQzlFOURERUM3Mjc3MTM4
RTYzOTBGQ0JGRDdGNjBGNjdCMDBDMS8wLzM0MzUyZTMyMzMzMjJlMzEzOTMyMmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM3MzczNDM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLejA
MA0GCSqGSIb3DQEBCwUAA4IBAQCL7bypCjWwWgIn6tMHkFpHbBBNz0VJuVb6V4NO
U33IC2eFZV9MB2kPGscMXR4aNiJfPCt4R/vauI6ZhgXHA4uCzKUaNUH1gZTyTfUT
Cqy8prirtQmbL3ShgLj27wxXieD1LBnBOgil5mG/XXkC0GfaJ2mmabAq4soY6mL1
4DFbfNyFJ23O+owz/PJAHjpRhShLE5/dn8NG3HEjRQXLD9QeREbNHgr9FhjqoEvp
l6J+UU9u/TRjrrKPGMHh5xcXv6+vf8cGQhhxh6YFXtv8ZJvGd1utXGRXzDRreWkw
OGpxqqJaO37pfsrNPg6mGGnLhjMWaPi2SKq7naJ3TrtTAuZi
-----END CERTIFICATE-----
Generated at Tue Dec 10 06:52:52 2024 by rpki-client on console-fra.rpki-client.org