Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/57335F8FDF1714020F9E1AE69D767055C38FA7877A1D2D6527EC84AEB4D354A2/0/34352e3232392e3139312e302f32342d3234203d3e20323636373036.roa
File:                     34352e3232392e3139312e302f32342d3234203d3e20323636373036.roa (raw, json)
Hash identifier:          ha5if3OHWcoZU2my/RaYSGr6mBzoz/DSn1QxtqYkmoY=
Subject key identifier:   1A:37:99:E2:65:74:3D:DE:1E:61:5E:25:9A:EB:C9:05:37:78:6D:C7
Certificate issuer:       /CN=BFF12804AD7A6B67DB33CA504BCC2BAC34A850D8
Certificate serial:       2198DEAE8175E106A0084627D983FB3E583C5E05
Authority key identifier: BF:F1:28:04:AD:7A:6B:67:DB:33:CA:50:4B:CC:2B:AC:34:A8:50:D8
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BFF12804AD7A6B67DB33CA504BCC2BAC34A850D8.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/57335F8FDF1714020F9E1AE69D767055C38FA7877A1D2D6527EC84AEB4D354A2/0/34352e3232392e3139312e302f32342d3234203d3e20323636373036.roa
Signing time:             Tue 05 Mar 2024 18:07:47 +0000
ROA not before:           Tue 05 Mar 2024 18:02:47 +0000
ROA not after:            Tue 04 Mar 2025 18:07:47 +0000
asID:                     266706
IP address blocks:        45.229.191.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/57335F8FDF1714020F9E1AE69D767055C38FA7877A1D2D6527EC84AEB4D354A2/0/BFF12804AD7A6B67DB33CA504BCC2BAC34A850D8.crl
                          rsync://repository.lacnic.net/rpki/lacnic/57335F8FDF1714020F9E1AE69D767055C38FA7877A1D2D6527EC84AEB4D354A2/0/BFF12804AD7A6B67DB33CA504BCC2BAC34A850D8.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BFF12804AD7A6B67DB33CA504BCC2BAC34A850D8.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:98:de:ae:81:75:e1:06:a0:08:46:27:d9:83:fb:3e:58:3c:5e:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BFF12804AD7A6B67DB33CA504BCC2BAC34A850D8
        Validity
            Not Before: Mar  5 18:02:47 2024 GMT
            Not After : Mar  4 18:07:47 2025 GMT
        Subject: CN=1A3799E265743DDE1E615E259AEBC90537786DC7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:59:32:b9:5b:be:0f:d4:ea:42:6f:0a:c8:f1:
                    40:10:67:eb:43:28:f9:95:8f:0c:15:04:1c:7c:00:
                    08:da:15:22:e5:ef:5e:1b:b6:8c:4d:e6:4a:3d:c4:
                    6d:80:c1:55:0d:bc:eb:4b:1d:56:91:b8:93:c5:c3:
                    c0:d5:6d:e6:0c:c9:8c:56:d7:83:4b:9c:25:4e:0c:
                    c9:d6:f1:73:3c:2c:53:f7:e3:c9:7f:e9:2b:5b:1c:
                    42:c0:ab:7d:f9:82:5e:0b:c7:a1:64:00:c9:01:5e:
                    5c:0e:4e:23:48:27:73:1e:ce:8b:5c:6a:d2:06:33:
                    0b:0e:86:55:9e:ce:6f:00:35:2f:e9:7b:7c:8f:94:
                    02:c7:f6:5b:81:9b:74:c8:a4:43:38:49:40:65:99:
                    e4:9e:9a:c3:b3:c9:36:ae:72:77:5a:bf:b7:ef:d3:
                    65:94:1f:06:8c:d4:f3:d9:8f:e7:a0:ae:55:b8:92:
                    f9:17:1a:b1:9b:ba:a0:4d:c8:6f:0e:36:10:93:da:
                    82:35:71:c2:31:4e:74:9d:83:3a:f0:d0:4f:ee:de:
                    49:f5:1a:6a:51:3a:34:f0:15:23:eb:5d:f3:6d:c4:
                    98:b3:bd:95:c9:78:cc:6d:70:a9:d0:23:ae:5a:35:
                    9e:83:11:02:12:04:a1:92:7c:9c:be:2e:fe:76:30:
                    ff:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:37:99:E2:65:74:3D:DE:1E:61:5E:25:9A:EB:C9:05:37:78:6D:C7
            X509v3 Authority Key Identifier:
                keyid:BF:F1:28:04:AD:7A:6B:67:DB:33:CA:50:4B:CC:2B:AC:34:A8:50:D8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/57335F8FDF1714020F9E1AE69D767055C38FA7877A1D2D6527EC84AEB4D354A2/0/BFF12804AD7A6B67DB33CA504BCC2BAC34A850D8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BFF12804AD7A6B67DB33CA504BCC2BAC34A850D8.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/57335F8FDF1714020F9E1AE69D767055C38FA7877A1D2D6527EC84AEB4D354A2/0/34352e3232392e3139312e302f32342d3234203d3e20323636373036.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.229.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         0c:0a:33:ee:03:50:fa:2a:8b:d8:86:e8:ad:79:3b:7b:53:82:
         a5:ce:c1:41:fb:60:7d:1c:73:ef:c6:87:5e:bb:71:e5:0c:a3:
         75:f8:a7:c7:93:a6:d8:58:5c:2d:50:c7:de:b0:97:4b:f9:15:
         44:99:48:cb:9f:b1:83:4d:cc:50:1e:6d:1e:a7:75:22:9a:b7:
         a9:0d:2b:eb:30:37:42:c3:6a:9f:02:2b:1d:ce:19:d3:c9:bb:
         09:1d:f1:f4:f8:0f:71:f0:c7:cb:3b:b9:de:fe:9f:b6:5a:62:
         54:43:52:4f:8d:03:3a:c8:fa:f2:84:a1:7d:e1:03:13:10:a4:
         cf:5e:d5:b0:ac:bb:a8:7e:57:a4:41:09:d6:5a:dc:80:81:35:
         e2:81:9e:95:80:21:b7:9b:30:9d:a1:70:bb:d6:bc:d2:47:6a:
         2b:eb:e6:96:db:e3:68:45:70:1a:20:44:ca:ad:2a:71:8a:af:
         3c:03:88:d8:70:07:c5:5a:9c:b0:74:c5:ed:be:38:66:1d:7a:
         ba:41:5d:49:12:e5:40:e0:21:24:eb:1b:0c:3d:31:68:7c:ad:
         08:f3:45:62:09:ac:df:1a:ff:5d:a7:5f:1f:f1:4f:9c:c8:bd:
         cd:ba:67:dc:df:81:db:bf:48:92:65:79:eb:b3:6b:ab:2f:81:
         ba:3a:29:83
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUIZjeroF14QagCEYn2YP7Plg8XgUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkZGMTI4MDRBRDdBNkI2N0RCMzNDQTUwNEJDQzJCQUMz
NEE4NTBEODAeFw0yNDAzMDUxODAyNDdaFw0yNTAzMDQxODA3NDdaMDMxMTAvBgNV
BAMTKDFBMzc5OUUyNjU3NDNEREUxRTYxNUUyNTlBRUJDOTA1Mzc3ODZEQzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQWTK5W74P1OpCbwrI8UAQZ+tD
KPmVjwwVBBx8AAjaFSLl714btoxN5ko9xG2AwVUNvOtLHVaRuJPFw8DVbeYMyYxW
14NLnCVODMnW8XM8LFP348l/6StbHELAq335gl4Lx6FkAMkBXlwOTiNIJ3Mezotc
atIGMwsOhlWezm8ANS/pe3yPlALH9luBm3TIpEM4SUBlmeSemsOzyTaucndav7fv
02WUHwaM1PPZj+egrlW4kvkXGrGbuqBNyG8ONhCT2oI1ccIxTnSdgzrw0E/u3kn1
GmpROjTwFSPrXfNtxJizvZXJeMxtcKnQI65aNZ6DEQISBKGSfJy+Lv52MP//AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUGjeZ4mV0Pd4eYV4lmuvJBTd4bccwHwYDVR0j
BBgwFoAUv/EoBK16a2fbM8pQS8wrrDSoUNgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81NzMzNUY4RkRGMTcxNDAyMEY5RTFBRTY5RDc2NzA1NUMz
OEZBNzg3N0ExRDJENjUyN0VDODRBRUI0RDM1NEEyLzAvQkZGMTI4MDRBRDdBNkI2
N0RCMzNDQTUwNEJDQzJCQUMzNEE4NTBEOC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CRkYxMjgwNEFEN0E2QjY3REIz
M0NBNTA0QkNDMkJBQzM0QTg1MEQ4LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNTczMzVGOEZERjE3MTQwMjBGOUUxQUU2OUQ3NjcwNTVDMzhGQTc4NzdB
MUQyRDY1MjdFQzg0QUVCNEQzNTRBMi8wLzM0MzUyZTMyMzIzOTJlMzEzOTMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM2MzczMDM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALeW/
MA0GCSqGSIb3DQEBCwUAA4IBAQAMCjPuA1D6KovYhuiteTt7U4KlzsFB+2B9HHPv
xodeu3HlDKN1+KfHk6bYWFwtUMfesJdL+RVEmUjLn7GDTcxQHm0ep3UimrepDSvr
MDdCw2qfAisdzhnTybsJHfH0+A9x8MfLO7ne/p+2WmJUQ1JPjQM6yPryhKF94QMT
EKTPXtWwrLuoflekQQnWWtyAgTXigZ6VgCG3mzCdoXC71rzSR2or6+aW2+NoRXAa
IETKrSpxiq88A4jYcAfFWpywdMXtvjhmHXq6QV1JEuVA4CEk6xsMPTFofK0I80Vi
CazfGv9dp18f8U+cyL3Numfc34Hbv0iSZXnrs2urL4G6OimD
-----END CERTIFICATE-----
Generated at Thu Nov 21 05:03:54 2024 by rpki-client on console-fra.rpki-client.org