Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6B04E12C2A0FE4D0633D4E8F2F4D6590CC843BA011459CC40A71A02B36A931B8/0/34352e3136392e3235332e302f32352d3235203d3e203133343839.roa
File:                     34352e3136392e3235332e302f32352d3235203d3e203133343839.roa (raw, json)
Hash identifier:          f45oK9PxcYGb/OyMcsm4hUFZD3uRMHMtKqwVBCXzFts=
Subject key identifier:   2F:8E:1C:B8:68:31:30:9E:BD:A0:01:99:0C:79:2C:39:07:C8:7A:13
Certificate issuer:       /CN=A369DF483898E89CE1253AC0B9004E797CC9AF0F
Certificate serial:       10B803D9DE1D5A160606DC13E136E192768EA7D0
Authority key identifier: A3:69:DF:48:38:98:E8:9C:E1:25:3A:C0:B9:00:4E:79:7C:C9:AF:0F
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A369DF483898E89CE1253AC0B9004E797CC9AF0F.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6B04E12C2A0FE4D0633D4E8F2F4D6590CC843BA011459CC40A71A02B36A931B8/0/34352e3136392e3235332e302f32352d3235203d3e203133343839.roa
Signing time:             Tue 05 Mar 2024 18:09:35 +0000
ROA not before:           Tue 05 Mar 2024 18:04:35 +0000
ROA not after:            Tue 04 Mar 2025 18:09:35 +0000
asID:                     13489
IP address blocks:        45.169.253.0/25 maxlen: 25

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6B04E12C2A0FE4D0633D4E8F2F4D6590CC843BA011459CC40A71A02B36A931B8/0/A369DF483898E89CE1253AC0B9004E797CC9AF0F.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6B04E12C2A0FE4D0633D4E8F2F4D6590CC843BA011459CC40A71A02B36A931B8/0/A369DF483898E89CE1253AC0B9004E797CC9AF0F.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A369DF483898E89CE1253AC0B9004E797CC9AF0F.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:b8:03:d9:de:1d:5a:16:06:06:dc:13:e1:36:e1:92:76:8e:a7:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A369DF483898E89CE1253AC0B9004E797CC9AF0F
        Validity
            Not Before: Mar  5 18:04:35 2024 GMT
            Not After : Mar  4 18:09:35 2025 GMT
        Subject: CN=2F8E1CB86831309EBDA001990C792C3907C87A13
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:61:0a:ab:ef:07:30:63:b7:e7:a4:5b:a1:21:
                    a9:da:41:e0:e3:cb:b2:01:5e:e3:97:b8:cb:f2:db:
                    40:4e:04:d7:c1:6f:56:a2:26:66:78:86:20:de:74:
                    a7:1e:05:b3:73:53:5a:96:7d:cb:31:1e:f9:04:fe:
                    24:31:04:30:2c:f0:c7:e7:79:64:07:5d:3a:8a:96:
                    54:af:6e:fa:7f:77:74:9e:b3:7c:a9:79:b2:34:21:
                    6c:5b:ea:d8:e6:37:07:f2:9e:51:84:39:99:80:8b:
                    15:ab:f1:34:a1:65:3c:43:37:9a:18:2b:b7:83:f3:
                    ea:a9:79:21:e2:f2:cc:ce:42:c2:79:12:e9:09:fa:
                    40:0c:91:ea:4e:eb:da:70:7e:d5:80:5d:71:85:ad:
                    66:b9:20:97:fd:5b:f6:d0:4c:66:aa:50:a1:fa:80:
                    d7:6d:6f:3c:24:df:54:49:e4:0f:df:9b:d7:3e:08:
                    d0:d2:0b:44:bf:97:be:8f:21:73:03:fe:f5:2e:e2:
                    28:2e:b4:cf:36:02:59:d2:77:56:39:2c:27:aa:3a:
                    53:07:9e:37:ca:59:32:98:44:a0:56:e3:08:18:5e:
                    d9:4e:34:4e:2e:bb:8f:76:4b:ad:42:0a:11:d5:05:
                    8f:99:3b:ba:54:b8:bb:03:88:ce:4e:6a:c8:fd:96:
                    58:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2F:8E:1C:B8:68:31:30:9E:BD:A0:01:99:0C:79:2C:39:07:C8:7A:13
            X509v3 Authority Key Identifier:
                keyid:A3:69:DF:48:38:98:E8:9C:E1:25:3A:C0:B9:00:4E:79:7C:C9:AF:0F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6B04E12C2A0FE4D0633D4E8F2F4D6590CC843BA011459CC40A71A02B36A931B8/0/A369DF483898E89CE1253AC0B9004E797CC9AF0F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A369DF483898E89CE1253AC0B9004E797CC9AF0F.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6B04E12C2A0FE4D0633D4E8F2F4D6590CC843BA011459CC40A71A02B36A931B8/0/34352e3136392e3235332e302f32352d3235203d3e203133343839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.169.253.0/25

    Signature Algorithm: sha256WithRSAEncryption
         30:9a:7c:ab:83:57:cd:f7:00:bb:da:be:c2:df:ff:bf:d5:28:
         15:1f:e9:9d:20:8f:eb:88:4d:84:ba:4b:5f:9d:2e:51:0d:f8:
         50:af:d1:01:0d:67:44:8a:fa:75:6c:dd:c3:d0:6a:a3:c0:38:
         ea:df:69:3e:b6:a0:cc:1e:3e:4d:46:b2:42:12:6d:28:c5:f8:
         56:3c:e6:6d:30:3a:0c:5d:bb:71:24:33:ea:ab:83:7a:af:38:
         5e:3c:af:da:32:85:9e:d9:ac:01:bc:b1:86:10:08:30:db:5f:
         1a:e8:c3:4b:ac:c9:83:44:bb:76:44:80:38:f0:7f:1a:48:22:
         00:ec:f1:8a:ae:ad:5c:27:cf:0e:99:33:79:f6:e2:43:55:a0:
         9e:6d:29:47:78:16:19:e5:ec:2c:3f:68:98:af:14:f1:6a:1c:
         a8:d5:cc:25:d6:e3:ab:7e:aa:68:8a:bc:b5:45:84:2b:cb:f7:
         37:75:50:b9:5a:db:f5:3c:f1:d9:68:08:99:e4:fc:f7:b6:e4:
         0a:e3:97:dc:2f:34:58:92:d2:f4:4b:cc:d1:7f:49:d0:1c:cf:
         56:63:eb:2c:61:ef:2a:c7:a0:42:49:95:0f:42:36:92:2c:47:
         96:53:2e:8c:f6:91:93:c0:23:18:42:bf:0a:89:e4:94:4e:03:
         05:1b:c4:7e
-----BEGIN CERTIFICATE-----
MIIFvzCCBKegAwIBAgIUELgD2d4dWhYGBtwT4TbhknaOp9AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTM2OURGNDgzODk4RTg5Q0UxMjUzQUMwQjkwMDRFNzk3
Q0M5QUYwRjAeFw0yNDAzMDUxODA0MzVaFw0yNTAzMDQxODA5MzVaMDMxMTAvBgNV
BAMTKDJGOEUxQ0I4NjgzMTMwOUVCREEwMDE5OTBDNzkyQzM5MDdDODdBMTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtYQqr7wcwY7fnpFuhIanaQeDj
y7IBXuOXuMvy20BOBNfBb1aiJmZ4hiDedKceBbNzU1qWfcsxHvkE/iQxBDAs8Mfn
eWQHXTqKllSvbvp/d3Ses3ypebI0IWxb6tjmNwfynlGEOZmAixWr8TShZTxDN5oY
K7eD8+qpeSHi8szOQsJ5EukJ+kAMkepO69pwftWAXXGFrWa5IJf9W/bQTGaqUKH6
gNdtbzwk31RJ5A/fm9c+CNDSC0S/l76PIXMD/vUu4igutM82AlnSd1Y5LCeqOlMH
njfKWTKYRKBW4wgYXtlONE4uu492S61CChHVBY+ZO7pUuLsDiM5Oasj9lliPAgMB
AAGjggLJMIICxTAdBgNVHQ4EFgQUL44cuGgxMJ69oAGZDHksOQfIehMwHwYDVR0j
BBgwFoAUo2nfSDiY6JzhJTrAuQBOeXzJrw8wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82QjA0RTEyQzJBMEZFNEQwNjMzRDRFOEYyRjRENjU5MEND
ODQzQkEwMTE0NTlDQzQwQTcxQTAyQjM2QTkzMUI4LzAvQTM2OURGNDgzODk4RTg5
Q0UxMjUzQUMwQjkwMDRFNzk3Q0M5QUYwRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMzY5REY0ODM4OThFODlDRTEy
NTNBQzBCOTAwNEU3OTdDQzlBRjBGLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNkIwNEUxMkMyQTBGRTREMDYzM0Q0RThGMkY0RDY1OTBDQzg0M0JBMDEx
NDU5Q0M0MEE3MUEwMkIzNkE5MzFCOC8wLzM0MzUyZTMxMzYzOTJlMzIzNTMzMmUz
MDJmMzIzNTJkMzIzNTIwM2QzZTIwMzEzMzM0MzgzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAEwBwMFBy2p/QAw
DQYJKoZIhvcNAQELBQADggEBADCafKuDV833ALvavsLf/7/VKBUf6Z0gj+uITYS6
S1+dLlEN+FCv0QENZ0SK+nVs3cPQaqPAOOrfaT62oMwePk1GskISbSjF+FY85m0w
Ogxdu3EkM+qrg3qvOF48r9oyhZ7ZrAG8sYYQCDDbXxrow0usyYNEu3ZEgDjwfxpI
IgDs8YqurVwnzw6ZM3n24kNVoJ5tKUd4Fhnl7Cw/aJivFPFqHKjVzCXW46t+qmiK
vLVFhCvL9zd1ULla2/U88dloCJnk/Pe25Arjl9wvNFiS0vRLzNF/SdAcz1Zj6yxh
7yrHoEJJlQ9CNpIsR5ZTLoz2kZPAIxhCvwqJ5JROAwUbxH4=
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:01:42 2024 by rpki-client on console-fra.rpki-client.org