Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/5D5BDC4006B2D7EA9E59D54B452005C51A260DD47CC6CABA7D577D1CE2D13801/0/34352e3233372e35322e302f32332d3233203d3e203532333138.roa
File:                     34352e3233372e35322e302f32332d3233203d3e203532333138.roa (raw, json)
Hash identifier:          MiApGmwMekCe3iXXqN02paG3QhBZrDiGS1wRdGVinFk=
Subject key identifier:   28:CC:38:5A:91:AE:39:59:25:76:47:76:61:55:24:26:D4:A7:56:B0
Certificate issuer:       /CN=3802AD95B7CACA97DDF17AEBD1AAA914EE988E98
Certificate serial:       7163BD87A8508F15BB49F930B6E4AC8AEFDFBEB7
Authority key identifier: 38:02:AD:95:B7:CA:CA:97:DD:F1:7A:EB:D1:AA:A9:14:EE:98:8E:98
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3802AD95B7CACA97DDF17AEBD1AAA914EE988E98.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/5D5BDC4006B2D7EA9E59D54B452005C51A260DD47CC6CABA7D577D1CE2D13801/0/34352e3233372e35322e302f32332d3233203d3e203532333138.roa
Signing time:             Tue 05 Mar 2024 17:52:40 +0000
ROA not before:           Tue 05 Mar 2024 17:47:40 +0000
ROA not after:            Tue 04 Mar 2025 17:52:40 +0000
asID:                     52318
IP address blocks:        45.237.52.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/5D5BDC4006B2D7EA9E59D54B452005C51A260DD47CC6CABA7D577D1CE2D13801/0/3802AD95B7CACA97DDF17AEBD1AAA914EE988E98.crl
                          rsync://repository.lacnic.net/rpki/lacnic/5D5BDC4006B2D7EA9E59D54B452005C51A260DD47CC6CABA7D577D1CE2D13801/0/3802AD95B7CACA97DDF17AEBD1AAA914EE988E98.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3802AD95B7CACA97DDF17AEBD1AAA914EE988E98.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:63:bd:87:a8:50:8f:15:bb:49:f9:30:b6:e4:ac:8a:ef:df:be:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3802AD95B7CACA97DDF17AEBD1AAA914EE988E98
        Validity
            Not Before: Mar  5 17:47:40 2024 GMT
            Not After : Mar  4 17:52:40 2025 GMT
        Subject: CN=28CC385A91AE39592576477661552426D4A756B0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b6:63:82:c7:3a:58:63:37:7c:cc:78:69:b8:
                    a3:1a:85:08:e4:49:ca:ed:74:29:3e:f0:a0:09:e5:
                    38:45:4e:81:40:1e:d4:27:56:97:3f:d7:2e:c4:f1:
                    58:e8:7f:d6:28:a9:f9:10:fc:f8:5f:c6:6d:54:b5:
                    c2:78:36:63:02:a6:b1:98:d0:e6:ad:39:d1:7f:d5:
                    5d:4c:b0:41:3c:82:61:68:7b:b8:b3:2d:7b:f6:8c:
                    3e:51:2b:9b:b2:c8:02:86:54:bb:26:0a:d0:88:df:
                    cf:3c:49:bc:a2:0b:04:34:2b:9d:a2:0f:4d:74:67:
                    4e:fe:31:8e:ce:cd:69:7f:95:df:f0:1a:e4:b3:1e:
                    51:cb:16:da:d4:9f:37:69:f1:68:22:cf:04:1f:42:
                    eb:d6:ba:42:b7:b7:26:bf:ab:fe:21:83:bc:c9:f9:
                    ee:eb:dc:e8:e8:45:1f:89:86:ec:c9:28:33:95:05:
                    08:af:98:b2:06:a2:46:11:8b:c0:6b:bd:b4:1c:d7:
                    6f:9a:6d:41:a7:07:cf:82:13:83:a1:84:a3:bc:1f:
                    e5:43:7b:75:9b:49:76:fa:6f:ad:fe:5d:d8:9f:7b:
                    ed:59:d8:d3:5b:16:1a:7f:0d:af:fe:7f:c7:fb:c3:
                    0a:a4:a8:e2:38:f4:64:ae:ac:df:08:0f:54:d8:6f:
                    9c:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:CC:38:5A:91:AE:39:59:25:76:47:76:61:55:24:26:D4:A7:56:B0
            X509v3 Authority Key Identifier:
                keyid:38:02:AD:95:B7:CA:CA:97:DD:F1:7A:EB:D1:AA:A9:14:EE:98:8E:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/5D5BDC4006B2D7EA9E59D54B452005C51A260DD47CC6CABA7D577D1CE2D13801/0/3802AD95B7CACA97DDF17AEBD1AAA914EE988E98.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/3802AD95B7CACA97DDF17AEBD1AAA914EE988E98.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/5D5BDC4006B2D7EA9E59D54B452005C51A260DD47CC6CABA7D577D1CE2D13801/0/34352e3233372e35322e302f32332d3233203d3e203532333138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.237.52.0/23

    Signature Algorithm: sha256WithRSAEncryption
         31:7d:07:db:a4:c7:4f:f1:6f:d8:05:86:df:9c:15:cc:88:0c:
         21:7a:56:31:30:fc:d4:a9:8b:2e:07:98:d4:b2:85:47:24:ea:
         7b:38:75:e1:de:0b:d6:b3:50:83:22:00:c7:46:f3:f1:0d:2d:
         cd:42:58:bb:23:1d:ed:1d:4d:fa:e0:34:5c:0c:f5:5a:10:91:
         62:d6:42:63:18:46:63:fb:94:13:f3:de:fd:17:33:ea:41:f1:
         54:29:6a:e0:b5:30:b2:85:03:93:b2:82:a4:7c:d4:67:59:5a:
         c6:92:19:de:96:18:12:6e:31:01:9d:ad:74:0f:52:c4:df:13:
         2b:92:14:8a:bb:77:e1:c0:cc:84:bc:34:ac:f4:5c:e7:3d:d0:
         9d:7e:cf:a8:e1:88:10:f5:ab:1e:ea:ea:a0:de:3e:7a:a2:0d:
         fb:d7:05:69:a4:54:cd:7e:28:99:ea:18:a4:a0:c8:a5:c4:a4:
         11:ca:4d:ee:c6:71:ed:89:d1:21:6c:f1:7c:bb:fa:c8:ed:ac:
         b6:1a:5e:a2:f9:05:a0:25:86:59:48:2a:32:a0:b7:2f:8c:cf:
         79:8a:f8:1f:fa:a7:3d:d1:1d:8e:12:7b:1d:e3:1c:66:47:8b:
         2b:7b:e1:ea:1f:fa:b2:a5:af:8e:c7:78:2c:0f:30:4e:59:b5:
         88:d0:10:e4
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUcWO9h6hQjxW7SfkwtuSsiu/fvrcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzgwMkFEOTVCN0NBQ0E5N0RERjE3QUVCRDFBQUE5MTRF
RTk4OEU5ODAeFw0yNDAzMDUxNzQ3NDBaFw0yNTAzMDQxNzUyNDBaMDMxMTAvBgNV
BAMTKDI4Q0MzODVBOTFBRTM5NTkyNTc2NDc3NjYxNTUyNDI2RDRBNzU2QjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAtmOCxzpYYzd8zHhpuKMahQjk
ScrtdCk+8KAJ5ThFToFAHtQnVpc/1y7E8Vjof9YoqfkQ/Phfxm1UtcJ4NmMCprGY
0OatOdF/1V1MsEE8gmFoe7izLXv2jD5RK5uyyAKGVLsmCtCI3888SbyiCwQ0K52i
D010Z07+MY7OzWl/ld/wGuSzHlHLFtrUnzdp8WgizwQfQuvWukK3tya/q/4hg7zJ
+e7r3OjoRR+JhuzJKDOVBQivmLIGokYRi8BrvbQc12+abUGnB8+CE4OhhKO8H+VD
e3WbSXb6b63+Xdife+1Z2NNbFhp/Da/+f8f7wwqkqOI49GSurN8ID1TYb5xvAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUKMw4WpGuOVkldkd2YVUkJtSnVrAwHwYDVR0j
BBgwFoAUOAKtlbfKypfd8Xrr0aqpFO6YjpgwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy81RDVCREM0MDA2QjJEN0VBOUU1OUQ1NEI0NTIwMDVDNTFB
MjYwREQ0N0NDNkNBQkE3RDU3N0QxQ0UyRDEzODAxLzAvMzgwMkFEOTVCN0NBQ0E5
N0RERjE3QUVCRDFBQUE5MTRFRTk4OEU5OC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zODAyQUQ5NUI3Q0FDQTk3RERG
MTdBRUJEMUFBQTkxNEVFOTg4RTk4LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNUQ1QkRDNDAwNkIyRDdFQTlFNTlENTRCNDUyMDA1QzUxQTI2MERENDdD
QzZDQUJBN0Q1NzdEMUNFMkQxMzgwMS8wLzM0MzUyZTMyMzMzNzJlMzUzMjJlMzAy
ZjMyMzMyZDMyMzMyMDNkM2UyMDM1MzIzMzMxMzgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEt7TQwDQYJ
KoZIhvcNAQELBQADggEBADF9B9ukx0/xb9gFht+cFcyIDCF6VjEw/NSpiy4HmNSy
hUck6ns4deHeC9azUIMiAMdG8/ENLc1CWLsjHe0dTfrgNFwM9VoQkWLWQmMYRmP7
lBPz3v0XM+pB8VQpauC1MLKFA5OygqR81GdZWsaSGd6WGBJuMQGdrXQPUsTfEyuS
FIq7d+HAzIS8NKz0XOc90J1+z6jhiBD1qx7q6qDePnqiDfvXBWmkVM1+KJnqGKSg
yKXEpBHKTe7Gce2J0SFs8Xy7+sjtrLYaXqL5BaAlhllIKjKgty+Mz3mK+B/6pz3R
HY4Sex3jHGZHiyt74eof+rKlr47HeCwPME5ZtYjQEOQ=
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:30:33 2024 by rpki-client on console-ams.rpki-client.org