Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5359CB115707A94B2C3E128BC01B48F5E95FE98A6FCD66581274DFFCB6447AAF/0/34352e3233382e3138382e302f32342d3234203d3e20323635353531.roa
File:                     34352e3233382e3138382e302f32342d3234203d3e20323635353531.roa (raw, json)
Hash identifier:          yo5Sy1srbwrsPvCLdRDNJlxk4OTg+V8Z9iYghqJBcN4=
Subject key identifier:   48:41:B4:2C:EC:1E:3F:A0:0A:94:43:47:D2:19:90:AC:C2:D5:BC:B0
Certificate issuer:       /CN=22E20380327B2CB679071D7FE9AC4DBFA317A166
Certificate serial:       4EA14D997CED8BBE80E28261C6149CFB88B72CD0
Authority key identifier: 22:E2:03:80:32:7B:2C:B6:79:07:1D:7F:E9:AC:4D:BF:A3:17:A1:66
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/22E20380327B2CB679071D7FE9AC4DBFA317A166.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5359CB115707A94B2C3E128BC01B48F5E95FE98A6FCD66581274DFFCB6447AAF/0/34352e3233382e3138382e302f32342d3234203d3e20323635353531.roa
Signing time:             Tue 05 Mar 2024 17:49:42 +0000
ROA not before:           Tue 05 Mar 2024 17:44:42 +0000
ROA not after:            Tue 04 Mar 2025 17:49:42 +0000
asID:                     265551
IP address blocks:        45.238.188.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5359CB115707A94B2C3E128BC01B48F5E95FE98A6FCD66581274DFFCB6447AAF/0/22E20380327B2CB679071D7FE9AC4DBFA317A166.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5359CB115707A94B2C3E128BC01B48F5E95FE98A6FCD66581274DFFCB6447AAF/0/22E20380327B2CB679071D7FE9AC4DBFA317A166.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/22E20380327B2CB679071D7FE9AC4DBFA317A166.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Dec 2024 18:44:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:a1:4d:99:7c:ed:8b:be:80:e2:82:61:c6:14:9c:fb:88:b7:2c:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22E20380327B2CB679071D7FE9AC4DBFA317A166
        Validity
            Not Before: Mar  5 17:44:42 2024 GMT
            Not After : Mar  4 17:49:42 2025 GMT
        Subject: CN=4841B42CEC1E3FA00A944347D21990ACC2D5BCB0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:c0:79:95:8b:06:8e:53:84:65:99:ff:11:a8:
                    67:88:18:2b:73:f7:3f:85:b8:56:91:d0:6b:a8:bf:
                    a7:c8:3f:a4:41:eb:ca:f6:1f:00:32:0e:34:33:20:
                    a8:d4:84:0d:60:b7:13:d6:48:9c:be:ff:bc:23:62:
                    2e:b8:43:07:68:89:c5:ba:76:7a:7d:95:aa:b0:f0:
                    41:30:4a:50:9d:9b:58:d9:d6:9c:00:10:a7:e8:5e:
                    eb:98:f2:3a:c0:4c:a7:32:f0:cd:b5:7d:f8:d0:0d:
                    c9:3f:86:36:14:49:5a:8b:4a:2f:7f:a0:86:19:10:
                    f8:fd:77:65:da:08:cd:0c:a4:42:a5:a3:d3:af:e2:
                    10:68:42:7b:eb:f3:bf:78:e2:ee:81:c2:57:5f:85:
                    b5:f8:77:56:92:12:d4:b6:34:f6:f6:c6:28:b3:cb:
                    4a:8a:6e:65:05:c1:65:01:88:42:e1:e1:ac:4c:23:
                    d1:34:82:97:99:18:9a:75:71:81:98:e2:b4:0d:d8:
                    93:fc:30:0b:7f:13:63:88:80:9b:62:5b:26:48:9c:
                    cd:95:89:ce:be:34:7e:46:52:5a:58:09:52:0b:65:
                    ec:11:1d:66:76:0e:5d:ec:3e:42:67:9a:52:89:b3:
                    10:9d:d6:d2:21:51:5a:b0:aa:e3:fc:22:4c:ab:cb:
                    c3:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                48:41:B4:2C:EC:1E:3F:A0:0A:94:43:47:D2:19:90:AC:C2:D5:BC:B0
            X509v3 Authority Key Identifier:
                keyid:22:E2:03:80:32:7B:2C:B6:79:07:1D:7F:E9:AC:4D:BF:A3:17:A1:66

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5359CB115707A94B2C3E128BC01B48F5E95FE98A6FCD66581274DFFCB6447AAF/0/22E20380327B2CB679071D7FE9AC4DBFA317A166.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/22E20380327B2CB679071D7FE9AC4DBFA317A166.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5359CB115707A94B2C3E128BC01B48F5E95FE98A6FCD66581274DFFCB6447AAF/0/34352e3233382e3138382e302f32342d3234203d3e20323635353531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.238.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6c:6e:5d:c0:d4:8c:17:6c:ed:8b:89:c4:21:48:2e:ac:e0:76:
         0f:3a:82:2c:91:36:c0:94:a5:07:48:93:28:60:b3:ce:60:cc:
         0b:25:29:74:dd:50:67:c9:64:fa:b2:e5:6a:87:57:70:ad:06:
         b5:95:c7:cd:e4:dc:16:64:50:99:7c:8e:43:ff:ab:3a:a4:78:
         dd:c4:57:c1:27:e2:36:19:a4:91:6f:74:3f:1d:c5:b3:35:54:
         1a:a3:13:ee:b8:eb:3e:77:60:f7:cb:13:ea:a9:6a:b7:df:9a:
         e2:e0:23:99:87:48:8f:ab:c8:2b:6f:bd:15:46:67:e6:50:33:
         28:3a:96:e0:4d:e6:38:4b:ab:27:8b:ef:0b:8d:33:17:ed:19:
         cf:e2:23:56:71:47:3a:f3:66:4d:0c:f4:8b:e8:9e:db:fe:80:
         b7:3c:89:63:be:10:0b:90:82:37:82:60:32:69:d5:27:7e:dc:
         6e:c9:15:1e:6d:5c:3b:b9:c9:f6:cd:c9:ba:e6:77:3e:50:60:
         bb:ed:f8:dc:b3:48:85:be:ae:df:91:ae:59:b7:3a:38:ef:c4:
         44:c4:68:c6:a3:c6:fb:0f:f2:8b:2d:cc:9c:9d:9d:22:01:34:
         16:e3:de:c9:03:04:41:e0:6b:69:8b:5d:9f:67:ff:e8:df:11:
         f3:d7:2c:48
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUTqFNmXzti76A4oJhxhSc+4i3LNAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJFMjAzODAzMjdCMkNCNjc5MDcxRDdGRTlBQzREQkZB
MzE3QTE2NjAeFw0yNDAzMDUxNzQ0NDJaFw0yNTAzMDQxNzQ5NDJaMDMxMTAvBgNV
BAMTKDQ4NDFCNDJDRUMxRTNGQTAwQTk0NDM0N0QyMTk5MEFDQzJENUJDQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClwHmViwaOU4Rlmf8RqGeIGCtz
9z+FuFaR0Guov6fIP6RB68r2HwAyDjQzIKjUhA1gtxPWSJy+/7wjYi64QwdoicW6
dnp9laqw8EEwSlCdm1jZ1pwAEKfoXuuY8jrATKcy8M21ffjQDck/hjYUSVqLSi9/
oIYZEPj9d2XaCM0MpEKlo9Ov4hBoQnvr87944u6BwldfhbX4d1aSEtS2NPb2xiiz
y0qKbmUFwWUBiELh4axMI9E0gpeZGJp1cYGY4rQN2JP8MAt/E2OIgJtiWyZInM2V
ic6+NH5GUlpYCVILZewRHWZ2Dl3sPkJnmlKJsxCd1tIhUVqwquP8Ikyry8PPAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUSEG0LOweP6AKlENH0hmQrMLVvLAwHwYDVR0j
BBgwFoAUIuIDgDJ7LLZ5Bx1/6axNv6MXoWYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MzU5Q0IxMTU3MDdBOTRCMkMzRTEyOEJDMDFCNDhGNUU5
NUZFOThBNkZDRDY2NTgxMjc0REZGQ0I2NDQ3QUFGLzAvMjJFMjAzODAzMjdCMkNC
Njc5MDcxRDdGRTlBQzREQkZBMzE3QTE2Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMkUyMDM4MDMyN0IyQ0I2Nzkw
NzFEN0ZFOUFDNERCRkEzMTdBMTY2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTM1OUNCMTE1NzA3QTk0QjJDM0UxMjhCQzAxQjQ4RjVFOTVGRTk4QTZG
Q0Q2NjU4MTI3NERGRkNCNjQ0N0FBRi8wLzM0MzUyZTMyMzMzODJlMzEzODM4MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM1MzUzNTMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALe68
MA0GCSqGSIb3DQEBCwUAA4IBAQBsbl3A1IwXbO2LicQhSC6s4HYPOoIskTbAlKUH
SJMoYLPOYMwLJSl03VBnyWT6suVqh1dwrQa1lcfN5NwWZFCZfI5D/6s6pHjdxFfB
J+I2GaSRb3Q/HcWzNVQaoxPuuOs+d2D3yxPqqWq335ri4COZh0iPq8grb70VRmfm
UDMoOpbgTeY4S6sni+8LjTMX7RnP4iNWcUc682ZNDPSL6J7b/oC3PIljvhALkII3
gmAyadUnftxuyRUebVw7ucn2zcm65nc+UGC77fjcs0iFvq7fka5Ztzo478RExGjG
o8b7D/KLLcycnZ0iATQW497JAwRB4Gtpi12fZ//o3xHz1yxI
-----END CERTIFICATE-----
Generated at Sat Dec 7 19:31:24 2024 by rpki-client on console-ams.rpki-client.org