Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5359CB115707A94B2C3E128BC01B48F5E95FE98A6FCD66581274DFFCB6447AAF/0/34352e3233382e3138392e302f32342d3234203d3e20323635353531.roa
File:                     34352e3233382e3138392e302f32342d3234203d3e20323635353531.roa (raw, json)
Hash identifier:          f/F8q5gA72dYz2SkgMQXVNUoX7162sZknSu0+5NwaZI=
Subject key identifier:   8B:D6:6F:73:39:CD:65:FD:6A:59:55:E4:1B:A8:41:63:2A:42:34:C7
Certificate issuer:       /CN=22E20380327B2CB679071D7FE9AC4DBFA317A166
Certificate serial:       111E0E52DB18A1A325BFE33B9A5A27AD96F9B9C5
Authority key identifier: 22:E2:03:80:32:7B:2C:B6:79:07:1D:7F:E9:AC:4D:BF:A3:17:A1:66
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/22E20380327B2CB679071D7FE9AC4DBFA317A166.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5359CB115707A94B2C3E128BC01B48F5E95FE98A6FCD66581274DFFCB6447AAF/0/34352e3233382e3138392e302f32342d3234203d3e20323635353531.roa
Signing time:             Tue 05 Mar 2024 17:49:42 +0000
ROA not before:           Tue 05 Mar 2024 17:44:42 +0000
ROA not after:            Tue 04 Mar 2025 17:49:42 +0000
asID:                     265551
IP address blocks:        45.238.189.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5359CB115707A94B2C3E128BC01B48F5E95FE98A6FCD66581274DFFCB6447AAF/0/22E20380327B2CB679071D7FE9AC4DBFA317A166.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5359CB115707A94B2C3E128BC01B48F5E95FE98A6FCD66581274DFFCB6447AAF/0/22E20380327B2CB679071D7FE9AC4DBFA317A166.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/22E20380327B2CB679071D7FE9AC4DBFA317A166.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 16 Dec 2024 04:49:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:1e:0e:52:db:18:a1:a3:25:bf:e3:3b:9a:5a:27:ad:96:f9:b9:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22E20380327B2CB679071D7FE9AC4DBFA317A166
        Validity
            Not Before: Mar  5 17:44:42 2024 GMT
            Not After : Mar  4 17:49:42 2025 GMT
        Subject: CN=8BD66F7339CD65FD6A5955E41BA841632A4234C7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:8a:90:f7:90:e3:2e:d6:4a:62:09:4c:1b:92:
                    b2:4a:2c:68:72:f7:99:0d:c8:d4:11:71:d8:0e:51:
                    28:34:78:b8:a9:51:fa:a7:39:d9:97:87:bc:fd:a1:
                    98:af:93:df:2b:a7:76:6b:c6:71:03:3d:98:49:86:
                    1d:d5:51:ae:70:47:49:71:7f:39:0b:2d:0c:2d:fb:
                    91:2f:d4:6a:a6:11:b6:ee:61:5f:5e:00:bc:b6:69:
                    52:d5:56:c3:36:5f:1f:d8:8f:f7:09:7f:59:2e:2e:
                    ce:d2:28:1f:ae:18:0b:f1:21:8d:1a:b0:65:a9:ea:
                    42:5c:ab:b5:6c:d9:ad:e3:b8:b1:39:5a:00:17:5c:
                    13:58:6c:19:5a:0c:6b:43:77:23:78:76:de:e4:dc:
                    25:64:50:7e:02:b3:bb:9a:d0:f9:2a:c0:75:c7:78:
                    aa:68:aa:ba:05:44:85:cc:8c:cd:b0:5e:57:de:19:
                    fb:2a:79:65:4a:7c:cf:f7:ed:16:60:15:84:59:4b:
                    e1:a8:66:67:e4:f1:db:33:e9:6b:1f:39:32:64:0f:
                    09:a0:28:e5:40:76:df:0a:13:ab:fd:99:71:af:90:
                    70:3d:5a:10:54:dd:15:c1:ab:d4:ed:62:1c:81:63:
                    c5:6a:0d:17:16:e8:7a:14:5d:a3:b7:45:22:4e:56:
                    a0:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:D6:6F:73:39:CD:65:FD:6A:59:55:E4:1B:A8:41:63:2A:42:34:C7
            X509v3 Authority Key Identifier:
                keyid:22:E2:03:80:32:7B:2C:B6:79:07:1D:7F:E9:AC:4D:BF:A3:17:A1:66

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5359CB115707A94B2C3E128BC01B48F5E95FE98A6FCD66581274DFFCB6447AAF/0/22E20380327B2CB679071D7FE9AC4DBFA317A166.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/22E20380327B2CB679071D7FE9AC4DBFA317A166.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5359CB115707A94B2C3E128BC01B48F5E95FE98A6FCD66581274DFFCB6447AAF/0/34352e3233382e3138392e302f32342d3234203d3e20323635353531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.238.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:ea:bc:9b:d4:7a:88:e3:94:0c:04:e8:04:d9:99:a2:36:43:
         81:0c:cd:37:53:f7:88:1a:de:27:13:5e:54:fa:10:25:5e:a3:
         13:bc:e0:bf:c7:c3:56:b4:86:0f:cf:6a:10:e9:05:27:3b:54:
         e8:ac:86:8d:84:96:ff:8f:94:d3:93:0a:53:74:cc:d0:e0:b0:
         29:1e:0d:12:1b:a1:64:8e:a6:b1:fb:f0:8a:ac:cc:57:2b:d5:
         c0:c9:5b:e7:c8:cc:72:37:53:9f:d2:51:38:1f:0e:eb:23:2a:
         7d:5c:b5:82:1c:18:0f:68:c2:d5:5c:c7:a0:c4:15:42:b5:1b:
         ea:bd:66:c5:86:e9:5a:ef:54:9e:8d:86:2a:0a:e5:c1:a3:cb:
         0a:5a:4b:4c:96:ba:f2:2f:c7:cc:71:a4:3c:87:da:e6:b0:55:
         57:80:91:cd:c6:ee:7e:e9:53:51:72:69:f1:fa:2d:ac:aa:75:
         5e:7a:3c:3b:74:c8:46:e6:02:1a:c0:27:b0:c2:b5:b5:b7:4c:
         67:8a:ed:4b:a1:0e:ec:45:e5:ae:bc:48:3f:9b:95:ba:11:1f:
         a7:d9:c1:04:e7:45:96:08:b4:66:bd:4e:3d:42:75:28:1b:9d:
         ea:04:be:f3:2b:dc:83:c0:2c:eb:3f:5c:8c:50:7a:dd:04:5d:
         c9:a5:97:6c
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUER4OUtsYoaMlv+M7mlonrZb5ucUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJFMjAzODAzMjdCMkNCNjc5MDcxRDdGRTlBQzREQkZB
MzE3QTE2NjAeFw0yNDAzMDUxNzQ0NDJaFw0yNTAzMDQxNzQ5NDJaMDMxMTAvBgNV
BAMTKDhCRDY2RjczMzlDRDY1RkQ2QTU5NTVFNDFCQTg0MTYzMkE0MjM0QzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5ipD3kOMu1kpiCUwbkrJKLGhy
95kNyNQRcdgOUSg0eLipUfqnOdmXh7z9oZivk98rp3ZrxnEDPZhJhh3VUa5wR0lx
fzkLLQwt+5Ev1GqmEbbuYV9eALy2aVLVVsM2Xx/Yj/cJf1kuLs7SKB+uGAvxIY0a
sGWp6kJcq7Vs2a3juLE5WgAXXBNYbBlaDGtDdyN4dt7k3CVkUH4Cs7ua0PkqwHXH
eKpoqroFRIXMjM2wXlfeGfsqeWVKfM/37RZgFYRZS+GoZmfk8dsz6WsfOTJkDwmg
KOVAdt8KE6v9mXGvkHA9WhBU3RXBq9TtYhyBY8VqDRcW6HoUXaO3RSJOVqDvAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUi9ZvcznNZf1qWVXkG6hBYypCNMcwHwYDVR0j
BBgwFoAUIuIDgDJ7LLZ5Bx1/6axNv6MXoWYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MzU5Q0IxMTU3MDdBOTRCMkMzRTEyOEJDMDFCNDhGNUU5
NUZFOThBNkZDRDY2NTgxMjc0REZGQ0I2NDQ3QUFGLzAvMjJFMjAzODAzMjdCMkNC
Njc5MDcxRDdGRTlBQzREQkZBMzE3QTE2Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMkUyMDM4MDMyN0IyQ0I2Nzkw
NzFEN0ZFOUFDNERCRkEzMTdBMTY2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTM1OUNCMTE1NzA3QTk0QjJDM0UxMjhCQzAxQjQ4RjVFOTVGRTk4QTZG
Q0Q2NjU4MTI3NERGRkNCNjQ0N0FBRi8wLzM0MzUyZTMyMzMzODJlMzEzODM5MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM1MzUzNTMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALe69
MA0GCSqGSIb3DQEBCwUAA4IBAQBC6ryb1HqI45QMBOgE2ZmiNkOBDM03U/eIGt4n
E15U+hAlXqMTvOC/x8NWtIYPz2oQ6QUnO1TorIaNhJb/j5TTkwpTdMzQ4LApHg0S
G6Fkjqax+/CKrMxXK9XAyVvnyMxyN1Of0lE4Hw7rIyp9XLWCHBgPaMLVXMegxBVC
tRvqvWbFhula71SejYYqCuXBo8sKWktMlrryL8fMcaQ8h9rmsFVXgJHNxu5+6VNR
cmnx+i2sqnVeejw7dMhG5gIawCewwrW1t0xniu1LoQ7sReWuvEg/m5W6ER+n2cEE
50WWCLRmvU49QnUoG53qBL7zK9yDwCzrP1yMUHrdBF3JpZds
-----END CERTIFICATE-----
Generated at Thu Dec 12 18:25:36 2024 by rpki-client on console-fra.rpki-client.org