Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5359CB115707A94B2C3E128BC01B48F5E95FE98A6FCD66581274DFFCB6447AAF/0/34352e3233382e3139312e302f32342d3234203d3e20323635353531.roa
File:                     34352e3233382e3139312e302f32342d3234203d3e20323635353531.roa (raw, json)
Hash identifier:          BJhBSZIjO1yoUyMTAjD6gIYOkQiiimueSrnboLqqGtY=
Subject key identifier:   76:2F:07:4E:D0:19:0C:A8:09:50:F3:20:E2:94:D2:A7:DF:F5:93:D0
Certificate issuer:       /CN=22E20380327B2CB679071D7FE9AC4DBFA317A166
Certificate serial:       775AAE2229DF25E9B36E0B531694A35213415E93
Authority key identifier: 22:E2:03:80:32:7B:2C:B6:79:07:1D:7F:E9:AC:4D:BF:A3:17:A1:66
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/22E20380327B2CB679071D7FE9AC4DBFA317A166.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5359CB115707A94B2C3E128BC01B48F5E95FE98A6FCD66581274DFFCB6447AAF/0/34352e3233382e3139312e302f32342d3234203d3e20323635353531.roa
Signing time:             Tue 05 Mar 2024 17:49:43 +0000
ROA not before:           Tue 05 Mar 2024 17:44:43 +0000
ROA not after:            Tue 04 Mar 2025 17:49:43 +0000
asID:                     265551
IP address blocks:        45.238.191.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5359CB115707A94B2C3E128BC01B48F5E95FE98A6FCD66581274DFFCB6447AAF/0/22E20380327B2CB679071D7FE9AC4DBFA317A166.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5359CB115707A94B2C3E128BC01B48F5E95FE98A6FCD66581274DFFCB6447AAF/0/22E20380327B2CB679071D7FE9AC4DBFA317A166.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/22E20380327B2CB679071D7FE9AC4DBFA317A166.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Dec 2024 18:44:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:5a:ae:22:29:df:25:e9:b3:6e:0b:53:16:94:a3:52:13:41:5e:93
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22E20380327B2CB679071D7FE9AC4DBFA317A166
        Validity
            Not Before: Mar  5 17:44:43 2024 GMT
            Not After : Mar  4 17:49:43 2025 GMT
        Subject: CN=762F074ED0190CA80950F320E294D2A7DFF593D0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:0d:34:7c:86:7b:2c:a9:64:8d:67:f2:1c:e4:
                    e7:ec:1e:d5:f0:6f:7f:c7:b3:87:b3:6b:4f:46:2d:
                    e9:9d:cf:0a:76:8e:1b:14:c4:3c:15:12:43:ad:f8:
                    e1:81:4f:77:9a:31:63:fc:d7:63:09:a9:cb:46:a1:
                    9f:70:d5:7e:bd:54:60:6c:aa:b5:b3:d0:40:74:d5:
                    3e:9b:6c:8c:41:72:d4:1f:c6:f1:3d:fe:fb:41:5b:
                    db:1f:3e:89:e1:a7:d3:eb:fc:00:23:46:71:a5:d9:
                    29:ea:71:04:a4:28:2a:16:82:01:6f:17:fc:13:70:
                    d5:2e:8a:09:fd:0a:7a:87:11:95:d5:dc:16:d1:35:
                    78:e5:dd:01:7a:25:00:49:0d:0b:9e:74:4e:e1:ac:
                    2d:87:d0:51:6e:79:8d:d0:fa:cc:bb:84:a8:63:98:
                    d4:44:81:12:ec:93:fa:d9:eb:cf:39:c2:bb:49:20:
                    ad:e5:34:bc:14:8c:ea:aa:b0:dd:4d:22:1c:07:f0:
                    ac:1d:fe:39:3f:75:ed:e2:b4:9e:dc:df:39:38:61:
                    b2:47:de:7e:83:53:2b:69:01:99:8c:8b:30:8e:fc:
                    9e:0b:6c:ac:0c:6a:58:44:c9:f1:ea:e9:76:13:f0:
                    7c:77:4c:e6:00:59:46:7c:33:cb:c8:5a:5b:55:a1:
                    31:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:2F:07:4E:D0:19:0C:A8:09:50:F3:20:E2:94:D2:A7:DF:F5:93:D0
            X509v3 Authority Key Identifier:
                keyid:22:E2:03:80:32:7B:2C:B6:79:07:1D:7F:E9:AC:4D:BF:A3:17:A1:66

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5359CB115707A94B2C3E128BC01B48F5E95FE98A6FCD66581274DFFCB6447AAF/0/22E20380327B2CB679071D7FE9AC4DBFA317A166.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/22E20380327B2CB679071D7FE9AC4DBFA317A166.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5359CB115707A94B2C3E128BC01B48F5E95FE98A6FCD66581274DFFCB6447AAF/0/34352e3233382e3139312e302f32342d3234203d3e20323635353531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.238.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:85:e5:17:51:e2:77:9b:9c:31:18:9a:0f:17:36:4d:1c:99:
         bb:c5:81:23:d0:26:ba:32:38:5f:73:cf:1e:a2:a9:a8:0c:2a:
         4e:a0:ca:29:04:35:d9:51:80:48:b1:f1:79:8d:a0:3e:61:38:
         56:4d:07:1f:1c:6c:52:b3:98:31:54:9a:cb:8b:c8:9c:bd:a5:
         e1:49:6a:db:d8:91:c1:9e:1d:22:8b:fd:69:83:ba:21:e1:cc:
         65:d0:48:7b:b4:17:4b:43:a6:b3:6a:04:5c:86:6e:2c:db:1a:
         5d:cb:8a:4f:1b:56:86:75:7e:3b:51:cc:72:ea:69:cf:13:ba:
         c8:bc:fd:8f:1b:46:76:50:22:75:52:8d:7b:d0:a2:d0:97:33:
         ba:29:e5:77:f6:6c:0c:cd:71:1a:da:6d:d1:70:4b:59:12:0a:
         0e:3c:76:a0:60:e5:c8:b2:59:32:e2:cc:35:68:e7:cb:e2:e9:
         76:b7:c8:da:64:71:fd:b1:af:aa:32:af:0b:1d:3a:0b:b8:20:
         08:a6:92:b7:66:b4:8d:42:0c:88:49:67:5c:53:d7:fe:4d:f6:
         51:7d:d0:70:32:14:00:43:3a:c9:61:04:28:5e:b6:9e:9e:8a:
         97:cb:f8:40:05:c1:86:15:a2:dd:4b:bc:76:a7:01:2d:4f:5c:
         9a:ca:7d:f0
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUd1quIinfJemzbgtTFpSjUhNBXpMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJFMjAzODAzMjdCMkNCNjc5MDcxRDdGRTlBQzREQkZB
MzE3QTE2NjAeFw0yNDAzMDUxNzQ0NDNaFw0yNTAzMDQxNzQ5NDNaMDMxMTAvBgNV
BAMTKDc2MkYwNzRFRDAxOTBDQTgwOTUwRjMyMEUyOTREMkE3REZGNTkzRDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbDTR8hnssqWSNZ/Ic5OfsHtXw
b3/Hs4eza09GLemdzwp2jhsUxDwVEkOt+OGBT3eaMWP812MJqctGoZ9w1X69VGBs
qrWz0EB01T6bbIxBctQfxvE9/vtBW9sfPonhp9Pr/AAjRnGl2SnqcQSkKCoWggFv
F/wTcNUuign9CnqHEZXV3BbRNXjl3QF6JQBJDQuedE7hrC2H0FFueY3Q+sy7hKhj
mNREgRLsk/rZ6885wrtJIK3lNLwUjOqqsN1NIhwH8Kwd/jk/de3itJ7c3zk4YbJH
3n6DUytpAZmMizCO/J4LbKwMalhEyfHq6XYT8Hx3TOYAWUZ8M8vIWltVoTFBAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUdi8HTtAZDKgJUPMg4pTSp9/1k9AwHwYDVR0j
BBgwFoAUIuIDgDJ7LLZ5Bx1/6axNv6MXoWYwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81MzU5Q0IxMTU3MDdBOTRCMkMzRTEyOEJDMDFCNDhGNUU5
NUZFOThBNkZDRDY2NTgxMjc0REZGQ0I2NDQ3QUFGLzAvMjJFMjAzODAzMjdCMkNC
Njc5MDcxRDdGRTlBQzREQkZBMzE3QTE2Ni5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8yMkUyMDM4MDMyN0IyQ0I2Nzkw
NzFEN0ZFOUFDNERCRkEzMTdBMTY2LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTM1OUNCMTE1NzA3QTk0QjJDM0UxMjhCQzAxQjQ4RjVFOTVGRTk4QTZG
Q0Q2NjU4MTI3NERGRkNCNjQ0N0FBRi8wLzM0MzUyZTMyMzMzODJlMzEzOTMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM1MzUzNTMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALe6/
MA0GCSqGSIb3DQEBCwUAA4IBAQCCheUXUeJ3m5wxGJoPFzZNHJm7xYEj0Ca6Mjhf
c88eoqmoDCpOoMopBDXZUYBIsfF5jaA+YThWTQcfHGxSs5gxVJrLi8icvaXhSWrb
2JHBnh0ii/1pg7oh4cxl0Eh7tBdLQ6azagRchm4s2xpdy4pPG1aGdX47Ucxy6mnP
E7rIvP2PG0Z2UCJ1Uo170KLQlzO6KeV39mwMzXEa2m3RcEtZEgoOPHagYOXIslky
4sw1aOfL4ul2t8jaZHH9sa+qMq8LHToLuCAIppK3ZrSNQgyISWdcU9f+TfZRfdBw
MhQAQzrJYQQoXraenoqXy/hABcGGFaLdS7x2pwEtT1yayn3w
-----END CERTIFICATE-----
Generated at Sat Dec 7 19:55:53 2024 by rpki-client on console-fra.rpki-client.org