Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/692A101380E9B33FEA9235250342038D944AA0461C7CE2A8C570D0ACB095052E/0/34352e3138322e32382e302f32322d3234203d3e20323635383136.roa
File:                     34352e3138322e32382e302f32322d3234203d3e20323635383136.roa (raw, json)
Hash identifier:          RQRJ/9KhE4JXTdgBM0Ik+/nDqmpqYS8+bAYavmPtphQ=
Subject key identifier:   96:3B:FA:2B:E7:34:A9:ED:BE:8D:88:15:6F:8B:95:C2:49:F8:31:DC
Certificate issuer:       /CN=D1B1A6D534F8C49C32B76E3C60C8174212B150E0
Certificate serial:       2595CF1F37F48D9A68B8A6AFDD7C145537268A73
Authority key identifier: D1:B1:A6:D5:34:F8:C4:9C:32:B7:6E:3C:60:C8:17:42:12:B1:50:E0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1B1A6D534F8C49C32B76E3C60C8174212B150E0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/692A101380E9B33FEA9235250342038D944AA0461C7CE2A8C570D0ACB095052E/0/34352e3138322e32382e302f32322d3234203d3e20323635383136.roa
Signing time:             Tue 05 Mar 2024 17:50:44 +0000
ROA not before:           Tue 05 Mar 2024 17:45:44 +0000
ROA not after:            Tue 04 Mar 2025 17:50:44 +0000
asID:                     265816
IP address blocks:        45.182.28.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/692A101380E9B33FEA9235250342038D944AA0461C7CE2A8C570D0ACB095052E/0/D1B1A6D534F8C49C32B76E3C60C8174212B150E0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/692A101380E9B33FEA9235250342038D944AA0461C7CE2A8C570D0ACB095052E/0/D1B1A6D534F8C49C32B76E3C60C8174212B150E0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1B1A6D534F8C49C32B76E3C60C8174212B150E0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:95:cf:1f:37:f4:8d:9a:68:b8:a6:af:dd:7c:14:55:37:26:8a:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D1B1A6D534F8C49C32B76E3C60C8174212B150E0
        Validity
            Not Before: Mar  5 17:45:44 2024 GMT
            Not After : Mar  4 17:50:44 2025 GMT
        Subject: CN=963BFA2BE734A9EDBE8D88156F8B95C249F831DC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:fe:2f:62:94:91:85:d2:2c:a8:72:8e:43:67:
                    60:8f:ce:2f:36:04:d9:a1:97:10:05:3f:93:f0:5c:
                    24:43:df:31:1a:6f:f8:74:91:58:89:55:4c:87:d0:
                    46:b2:c1:2b:17:d3:14:62:85:6b:42:39:83:97:d3:
                    ed:27:2c:96:1d:a5:81:b2:31:34:3a:27:5b:46:0a:
                    a9:d8:a0:61:4d:e5:49:ce:21:54:5e:1f:e4:4d:c0:
                    91:3c:fc:1a:64:6d:a6:e2:07:0d:1e:c2:4c:76:f4:
                    8f:78:84:89:68:12:3f:57:0b:1c:1c:ec:60:3e:89:
                    bf:05:df:8b:75:63:85:21:e5:2c:40:b5:e6:f2:9f:
                    4b:61:fd:b7:49:91:e4:d3:35:37:ac:07:dc:98:2f:
                    93:b2:cd:11:9b:e7:b2:21:30:b9:23:33:94:ea:03:
                    46:94:cb:53:64:db:13:3f:57:51:ba:da:32:49:5b:
                    35:ee:75:ab:e6:54:c6:2d:dc:2a:86:af:71:85:7c:
                    9f:2d:99:60:f1:f4:b8:19:26:a4:7a:e3:c9:8a:99:
                    ea:09:9e:f2:6e:05:28:ae:25:87:4b:e8:44:26:a9:
                    f2:6b:12:25:1a:89:91:d3:c8:d0:6f:94:0a:60:9d:
                    d4:3e:da:4d:6e:75:c2:da:29:c9:eb:d1:12:6f:e0:
                    ff:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:3B:FA:2B:E7:34:A9:ED:BE:8D:88:15:6F:8B:95:C2:49:F8:31:DC
            X509v3 Authority Key Identifier:
                keyid:D1:B1:A6:D5:34:F8:C4:9C:32:B7:6E:3C:60:C8:17:42:12:B1:50:E0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/692A101380E9B33FEA9235250342038D944AA0461C7CE2A8C570D0ACB095052E/0/D1B1A6D534F8C49C32B76E3C60C8174212B150E0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D1B1A6D534F8C49C32B76E3C60C8174212B150E0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/692A101380E9B33FEA9235250342038D944AA0461C7CE2A8C570D0ACB095052E/0/34352e3138322e32382e302f32322d3234203d3e20323635383136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.182.28.0/22

    Signature Algorithm: sha256WithRSAEncryption
         44:9a:7e:40:87:ce:f3:f8:97:78:43:f9:9a:83:fa:6f:e0:b2:
         1f:6f:60:74:fe:b5:9a:e1:6b:c7:49:2b:a1:3c:b7:5e:a4:ab:
         1c:62:79:1a:9d:7b:e9:eb:88:f5:12:29:8d:a3:d8:c3:3b:9c:
         64:36:03:39:6e:cf:47:71:ff:8b:f1:4a:e7:1d:1f:46:fb:d6:
         03:fd:cd:87:b7:2e:92:f9:35:2e:38:f2:f6:ee:c7:43:ca:d0:
         bc:c6:74:46:6b:9c:84:a3:8a:f6:8f:32:bc:0c:b8:88:28:24:
         e0:8f:5a:90:5e:28:fb:d4:78:a9:52:ff:f3:bc:38:39:d7:c3:
         05:38:4e:9c:85:ef:df:3b:89:aa:47:d4:12:01:01:87:1e:3f:
         c0:79:ec:e4:f1:7e:61:31:f7:88:56:6c:83:f3:aa:5e:47:2c:
         8c:b4:96:61:84:a3:8b:d1:3b:7f:83:36:66:1c:7d:1d:c0:e1:
         9e:d5:f7:05:c7:dd:2c:ca:69:7e:4f:53:f6:63:31:dd:ed:d7:
         ed:b3:c2:88:15:2c:15:0f:65:86:df:fa:20:0d:4a:7c:b2:d2:
         d7:98:4f:ec:45:da:5d:ca:4d:83:96:24:02:c5:b9:28:0e:5e:
         81:91:58:01:47:41:f5:f8:69:84:d3:a0:eb:96:b4:37:b9:25:
         57:ca:c7:91
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUJZXPHzf0jZpouKav3XwUVTcminMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDFCMUE2RDUzNEY4QzQ5QzMyQjc2RTNDNjBDODE3NDIx
MkIxNTBFMDAeFw0yNDAzMDUxNzQ1NDRaFw0yNTAzMDQxNzUwNDRaMDMxMTAvBgNV
BAMTKDk2M0JGQTJCRTczNEE5RURCRThEODgxNTZGOEI5NUMyNDlGODMxREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr/i9ilJGF0iyoco5DZ2CPzi82
BNmhlxAFP5PwXCRD3zEab/h0kViJVUyH0EaywSsX0xRihWtCOYOX0+0nLJYdpYGy
MTQ6J1tGCqnYoGFN5UnOIVReH+RNwJE8/BpkbabiBw0ewkx29I94hIloEj9XCxwc
7GA+ib8F34t1Y4Uh5SxAtebyn0th/bdJkeTTNTesB9yYL5OyzRGb57IhMLkjM5Tq
A0aUy1Nk2xM/V1G62jJJWzXudavmVMYt3CqGr3GFfJ8tmWDx9LgZJqR648mKmeoJ
nvJuBSiuJYdL6EQmqfJrEiUaiZHTyNBvlApgndQ+2k1udcLaKcnr0RJv4P+9AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUljv6K+c0qe2+jYgVb4uVwkn4MdwwHwYDVR0j
BBgwFoAU0bGm1TT4xJwyt248YMgXQhKxUOAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82OTJBMTAxMzgwRTlCMzNGRUE5MjM1MjUwMzQyMDM4RDk0
NEFBMDQ2MUM3Q0UyQThDNTcwRDBBQ0IwOTUwNTJFLzAvRDFCMUE2RDUzNEY4QzQ5
QzMyQjc2RTNDNjBDODE3NDIxMkIxNTBFMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EMUIxQTZENTM0RjhDNDlDMzJC
NzZFM0M2MEM4MTc0MjEyQjE1MEUwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNjkyQTEwMTM4MEU5QjMzRkVBOTIzNTI1MDM0MjAzOEQ5NDRBQTA0NjFD
N0NFMkE4QzU3MEQwQUNCMDk1MDUyRS8wLzM0MzUyZTMxMzgzMjJlMzIzODJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzYzNTM4MzEzNi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi22HDAN
BgkqhkiG9w0BAQsFAAOCAQEARJp+QIfO8/iXeEP5moP6b+CyH29gdP61muFrx0kr
oTy3XqSrHGJ5Gp176euI9RIpjaPYwzucZDYDOW7PR3H/i/FK5x0fRvvWA/3Nh7cu
kvk1Ljjy9u7HQ8rQvMZ0RmuchKOK9o8yvAy4iCgk4I9akF4o+9R4qVL/87w4OdfD
BThOnIXv3zuJqkfUEgEBhx4/wHns5PF+YTH3iFZsg/OqXkcsjLSWYYSji9E7f4M2
Zhx9HcDhntX3BcfdLMppfk9T9mMx3e3X7bPCiBUsFQ9lht/6IA1KfLLS15hP7EXa
XcpNg5YkAsW5KA5egZFYAUdB9fhphNOg65a0N7klV8rHkQ==
-----END CERTIFICATE-----
Generated at Wed Nov 20 18:42:11 2024 by rpki-client on console-fra.rpki-client.org