Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/64C5AC39B5DB725F76ACE257AB817AEC58D38CBA44F22B3387966B4AB9A2296D/0/34352e3138312e3230352e302f32342d3234203d3e20323634363436.roa
File:                     34352e3138312e3230352e302f32342d3234203d3e20323634363436.roa (raw, json)
Hash identifier:          Csa71cSFbSw3gaUDLqLIkj5NB4gcYY0eqMaAEPO287c=
Subject key identifier:   91:C9:27:94:9C:9E:5C:3C:58:B2:12:DF:B7:92:FE:73:E9:4B:0C:5A
Certificate issuer:       /CN=7E656418FBD6F519E8CA146E061CF553AFE480F1
Certificate serial:       0D991B2C667B964BC8A65A21A83ECDC1789D684C
Authority key identifier: 7E:65:64:18:FB:D6:F5:19:E8:CA:14:6E:06:1C:F5:53:AF:E4:80:F1
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7E656418FBD6F519E8CA146E061CF553AFE480F1.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/64C5AC39B5DB725F76ACE257AB817AEC58D38CBA44F22B3387966B4AB9A2296D/0/34352e3138312e3230352e302f32342d3234203d3e20323634363436.roa
Signing time:             Fri 05 Apr 2024 13:15:00 +0000
ROA not before:           Fri 05 Apr 2024 13:10:00 +0000
ROA not after:            Fri 04 Apr 2025 13:15:00 +0000
asID:                     264646
IP address blocks:        45.181.205.0/24 maxlen: 24
Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:99:1b:2c:66:7b:96:4b:c8:a6:5a:21:a8:3e:cd:c1:78:9d:68:4c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7E656418FBD6F519E8CA146E061CF553AFE480F1
        Validity
            Not Before: Apr  5 13:10:00 2024 GMT
            Not After : Apr  4 13:15:00 2025 GMT
        Subject: CN=91C927949C9E5C3C58B212DFB792FE73E94B0C5A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:ad:20:77:ab:23:88:58:a3:23:89:e0:26:8d:
                    b1:a1:a8:4d:ba:f4:5a:b9:5b:26:dd:e7:c1:91:e5:
                    40:5b:83:e2:dd:5f:16:54:73:5c:29:38:2b:58:34:
                    0d:0c:e5:17:ae:36:e4:9e:76:cc:ee:5b:cc:0e:d9:
                    c6:eb:a4:7f:eb:03:0a:f0:ab:73:b4:6d:b4:16:36:
                    ca:32:c5:77:d7:b1:85:f1:0c:e5:34:bb:b0:68:96:
                    6b:35:7b:af:53:6d:e6:ec:be:62:ed:c1:52:b6:d8:
                    d0:03:9a:45:49:06:e1:e7:95:62:8b:39:ad:13:31:
                    0e:eb:e6:80:b6:31:99:20:e5:b3:24:b2:49:01:2e:
                    21:df:5d:46:44:4e:a3:8a:a4:86:b5:25:8c:9d:fb:
                    4a:45:6b:f9:55:b7:cf:6a:23:c8:30:f1:69:c1:bd:
                    52:64:66:51:cd:cd:de:70:a8:2d:d0:9e:c6:e5:4f:
                    3d:d9:92:9d:77:2b:54:f6:be:c0:13:6b:ce:14:c8:
                    ba:43:51:e5:a1:b5:a7:a7:9a:58:3b:ff:51:e6:5b:
                    06:04:a3:41:9b:e3:eb:a8:60:5a:7e:59:40:7a:ec:
                    5a:9c:1d:7e:63:fd:3e:39:df:2f:11:f2:91:71:32:
                    95:11:2d:54:76:a1:8b:8b:e6:07:a0:d6:76:ab:49:
                    c3:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                91:C9:27:94:9C:9E:5C:3C:58:B2:12:DF:B7:92:FE:73:E9:4B:0C:5A
            X509v3 Authority Key Identifier:
                keyid:7E:65:64:18:FB:D6:F5:19:E8:CA:14:6E:06:1C:F5:53:AF:E4:80:F1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/64C5AC39B5DB725F76ACE257AB817AEC58D38CBA44F22B3387966B4AB9A2296D/0/7E656418FBD6F519E8CA146E061CF553AFE480F1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/7E656418FBD6F519E8CA146E061CF553AFE480F1.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/64C5AC39B5DB725F76ACE257AB817AEC58D38CBA44F22B3387966B4AB9A2296D/0/34352e3138312e3230352e302f32342d3234203d3e20323634363436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.181.205.0/24

    Signature Algorithm: sha256WithRSAEncryption
         46:a2:c9:d4:cb:92:e9:d2:d4:f6:9a:d6:91:9f:16:9d:45:43:
         94:f1:7d:d5:62:78:76:35:eb:21:a5:e5:76:de:f2:a5:83:07:
         04:d2:de:d6:77:0d:cb:37:c0:65:fa:cb:d9:f8:5d:aa:b8:8d:
         dc:1f:2a:19:43:50:29:c3:cd:c4:37:43:74:18:03:29:d6:3b:
         16:f6:9f:94:0f:c7:d6:41:02:35:4d:e7:d3:6b:ad:b5:6c:f7:
         80:7c:d9:65:52:09:a9:12:c1:fa:19:30:4e:e2:7f:4a:16:f6:
         ed:2a:bc:48:0d:f5:98:e4:2b:15:d3:e7:cb:a1:78:c1:7c:4d:
         ee:68:91:8b:76:bd:ee:34:74:44:83:8c:2e:29:42:bc:8d:98:
         c1:9f:54:c5:80:cc:e2:3f:69:77:39:81:6e:08:45:d3:6c:a5:
         c2:0c:42:bd:59:f3:d3:de:23:f0:37:3e:16:21:f9:4a:68:85:
         3c:df:4c:77:7c:76:7d:4e:c0:61:79:87:35:87:1b:63:b7:b1:
         23:50:71:d2:70:56:5f:cd:76:03:1e:8d:25:06:8f:97:d3:d2:
         3d:09:5a:39:da:af:41:69:5a:e6:c2:0a:e2:2a:ff:47:9c:b7:
         09:21:5a:1a:19:c9:e3:c6:d5:86:ad:83:f7:38:17:59:fe:97:
         b4:15:3c:2f
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUDZkbLGZ7lkvIplohqD7NwXidaEwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0U2NTY0MThGQkQ2RjUxOUU4Q0ExNDZFMDYxQ0Y1NTNB
RkU0ODBGMTAeFw0yNDA0MDUxMzEwMDBaFw0yNTA0MDQxMzE1MDBaMDMxMTAvBgNV
BAMTKDkxQzkyNzk0OUM5RTVDM0M1OEIyMTJERkI3OTJGRTczRTk0QjBDNUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYrSB3qyOIWKMjieAmjbGhqE26
9Fq5Wybd58GR5UBbg+LdXxZUc1wpOCtYNA0M5ReuNuSedszuW8wO2cbrpH/rAwrw
q3O0bbQWNsoyxXfXsYXxDOU0u7Bolms1e69TbebsvmLtwVK22NADmkVJBuHnlWKL
Oa0TMQ7r5oC2MZkg5bMkskkBLiHfXUZETqOKpIa1JYyd+0pFa/lVt89qI8gw8WnB
vVJkZlHNzd5wqC3QnsblTz3Zkp13K1T2vsATa84UyLpDUeWhtaenmlg7/1HmWwYE
o0Gb4+uoYFp+WUB67FqcHX5j/T453y8R8pFxMpURLVR2oYuL5geg1narScOdAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUkcknlJyeXDxYshLft5L+c+lLDFowHwYDVR0j
BBgwFoAUfmVkGPvW9RnoyhRuBhz1U6/kgPEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82NEM1QUMzOUI1REI3MjVGNzZBQ0UyNTdBQjgxN0FFQzU4
RDM4Q0JBNDRGMjJCMzM4Nzk2NkI0QUI5QTIyOTZELzAvN0U2NTY0MThGQkQ2RjUx
OUU4Q0ExNDZFMDYxQ0Y1NTNBRkU0ODBGMS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83RTY1NjQxOEZCRDZGNTE5RThD
QTE0NkUwNjFDRjU1M0FGRTQ4MEYxLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjRDNUFDMzlCNURCNzI1Rjc2QUNFMjU3QUI4MTdBRUM1OEQzOENCQTQ0
RjIyQjMzODc5NjZCNEFCOUEyMjk2RC8wLzM0MzUyZTMxMzgzMTJlMzIzMDM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM0MzYzNDM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALbXN
MA0GCSqGSIb3DQEBCwUAA4IBAQBGosnUy5Lp0tT2mtaRnxadRUOU8X3VYnh2Nesh
peV23vKlgwcE0t7Wdw3LN8Bl+svZ+F2quI3cHyoZQ1Apw83EN0N0GAMp1jsW9p+U
D8fWQQI1TefTa621bPeAfNllUgmpEsH6GTBO4n9KFvbtKrxIDfWY5CsV0+fLoXjB
fE3uaJGLdr3uNHREg4wuKUK8jZjBn1TFgMziP2l3OYFuCEXTbKXCDEK9WfPT3iPw
Nz4WIflKaIU830x3fHZ9TsBheYc1hxtjt7EjUHHScFZfzXYDHo0lBo+X09I9CVo5
2q9BaVrmwgriKv9HnLcJIVoaGcnjxtWGrYP3OBdZ/pe0FTwv
-----END CERTIFICATE-----