Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/6E1DE3A03E0D54B52887C15D97800F42C5F0B25B6D8A9503545447CFF191530E/0/34352e3233352e3132382e302f32322d3232203d3e20323635353233.roa
File:                     34352e3233352e3132382e302f32322d3232203d3e20323635353233.roa (raw, json)
Hash identifier:          0MlaxWKUHgUHlvPR6jxy2ZgCrjjjGqnYgFFII5qiRsA=
Subject key identifier:   8C:4B:59:CE:AD:37:E2:4C:47:A6:99:6F:E2:DE:19:5D:76:E6:00:5E
Certificate issuer:       /CN=E72389DB363677115A40632E0F358D0066C2BC82
Certificate serial:       685081B9FC7CF3C8517827AB478CA531AF2EF796
Authority key identifier: E7:23:89:DB:36:36:77:11:5A:40:63:2E:0F:35:8D:00:66:C2:BC:82
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E72389DB363677115A40632E0F358D0066C2BC82.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/6E1DE3A03E0D54B52887C15D97800F42C5F0B25B6D8A9503545447CFF191530E/0/34352e3233352e3132382e302f32322d3232203d3e20323635353233.roa
Signing time:             Tue 05 Mar 2024 18:15:35 +0000
ROA not before:           Tue 05 Mar 2024 18:10:35 +0000
ROA not after:            Tue 04 Mar 2025 18:15:35 +0000
asID:                     265523
IP address blocks:        45.235.128.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/6E1DE3A03E0D54B52887C15D97800F42C5F0B25B6D8A9503545447CFF191530E/0/E72389DB363677115A40632E0F358D0066C2BC82.crl
                          rsync://repository.lacnic.net/rpki/lacnic/6E1DE3A03E0D54B52887C15D97800F42C5F0B25B6D8A9503545447CFF191530E/0/E72389DB363677115A40632E0F358D0066C2BC82.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E72389DB363677115A40632E0F358D0066C2BC82.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 27 Jul 2024 09:32:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:50:81:b9:fc:7c:f3:c8:51:78:27:ab:47:8c:a5:31:af:2e:f7:96
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E72389DB363677115A40632E0F358D0066C2BC82
        Validity
            Not Before: Mar  5 18:10:35 2024 GMT
            Not After : Mar  4 18:15:35 2025 GMT
        Subject: CN=8C4B59CEAD37E24C47A6996FE2DE195D76E6005E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:39:2c:91:be:76:61:1e:11:44:5b:cd:00:aa:
                    63:2c:a2:4a:5b:35:e6:8b:b6:73:cc:cd:57:d9:56:
                    9a:d9:18:ff:0a:00:86:c1:93:ab:ef:e7:75:50:e8:
                    82:58:1b:e9:18:e2:51:7b:96:c8:69:71:e2:93:56:
                    9a:10:2d:2b:97:c1:a2:15:9a:24:3c:36:65:40:27:
                    5e:41:f9:c5:9e:ce:c8:fe:1a:08:68:f8:85:2c:85:
                    45:26:49:66:c9:bb:c4:ec:ca:d8:21:c6:76:16:9b:
                    64:df:91:11:06:e7:6a:9d:94:98:1e:4d:a9:7e:34:
                    90:f3:90:03:90:e7:d3:5d:0d:84:f1:f3:30:f6:38:
                    aa:fd:76:17:28:eb:7e:8f:e1:0d:13:ce:01:be:ed:
                    3c:7b:27:3d:fb:c4:44:6a:a3:04:53:0c:e8:e8:a2:
                    46:1e:fd:ee:78:4e:f2:07:4b:41:2c:a9:8f:63:0b:
                    9b:ad:f6:7f:6f:a4:62:f3:2f:e8:26:a1:2b:b0:3f:
                    bb:91:d4:6a:35:e2:bc:f4:3c:70:97:e8:99:c4:4c:
                    bc:12:7a:f1:7b:fe:1a:66:eb:bd:18:c8:66:ef:99:
                    78:c2:c8:ef:c5:cd:54:59:15:e1:c9:b2:bc:3c:84:
                    b3:fe:fb:79:37:ce:fd:07:cb:98:01:fa:e9:0a:af:
                    aa:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:4B:59:CE:AD:37:E2:4C:47:A6:99:6F:E2:DE:19:5D:76:E6:00:5E
            X509v3 Authority Key Identifier:
                keyid:E7:23:89:DB:36:36:77:11:5A:40:63:2E:0F:35:8D:00:66:C2:BC:82

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/6E1DE3A03E0D54B52887C15D97800F42C5F0B25B6D8A9503545447CFF191530E/0/E72389DB363677115A40632E0F358D0066C2BC82.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E72389DB363677115A40632E0F358D0066C2BC82.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/6E1DE3A03E0D54B52887C15D97800F42C5F0B25B6D8A9503545447CFF191530E/0/34352e3233352e3132382e302f32322d3232203d3e20323635353233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.235.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ba:e3:13:b1:17:e1:c2:7e:b7:bc:72:1e:7b:69:2f:de:99:51:
         4f:b6:fb:f3:a4:b3:89:99:a9:33:8e:99:67:a7:c8:2a:73:3c:
         68:d2:66:bf:82:69:8d:58:b6:9a:ae:c6:cf:07:0d:cb:e1:63:
         cf:83:c0:1d:e7:10:81:8f:5c:9d:e4:cb:8f:e7:59:98:14:f0:
         06:3a:4b:77:4d:b9:8c:3a:15:93:fd:f6:ba:ca:6b:75:51:45:
         48:6b:13:51:ec:fe:8f:2e:e0:6e:39:c6:c3:9a:02:bd:07:cf:
         9b:ed:6c:4a:d6:42:9f:c6:90:2a:64:02:37:b3:1a:c3:3f:5a:
         70:6e:e4:ea:c5:4e:c1:c3:09:8d:78:0c:32:22:8d:55:57:2f:
         f6:ef:44:04:02:e8:b2:cc:aa:b6:c6:1c:5b:92:43:0b:4b:41:
         4e:56:eb:f4:74:30:e1:f1:4f:f1:11:00:d9:0f:58:7d:c4:5f:
         e7:62:87:ec:7b:79:d7:d3:2f:bd:02:fe:7c:06:e1:c5:e1:eb:
         d3:19:3e:cb:c3:d0:cf:0f:a7:62:e7:f3:94:10:af:84:db:23:
         c8:f5:02:15:30:93:1c:87:68:8d:94:ed:ac:be:4a:95:e6:15:
         48:dc:95:9d:a4:b0:ee:a0:e3:0c:26:f1:d2:7a:2a:d7:05:0b:
         bd:0d:44:5a
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUaFCBufx888hReCerR4ylMa8u95YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTcyMzg5REIzNjM2NzcxMTVBNDA2MzJFMEYzNThEMDA2
NkMyQkM4MjAeFw0yNDAzMDUxODEwMzVaFw0yNTAzMDQxODE1MzVaMDMxMTAvBgNV
BAMTKDhDNEI1OUNFQUQzN0UyNEM0N0E2OTk2RkUyREUxOTVENzZFNjAwNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZOSyRvnZhHhFEW80AqmMsokpb
NeaLtnPMzVfZVprZGP8KAIbBk6vv53VQ6IJYG+kY4lF7lshpceKTVpoQLSuXwaIV
miQ8NmVAJ15B+cWezsj+Ggho+IUshUUmSWbJu8TsytghxnYWm2TfkREG52qdlJge
Tal+NJDzkAOQ59NdDYTx8zD2OKr9dhco636P4Q0TzgG+7Tx7Jz37xERqowRTDOjo
okYe/e54TvIHS0EsqY9jC5ut9n9vpGLzL+gmoSuwP7uR1Go14rz0PHCX6JnETLwS
evF7/hpm670YyGbvmXjCyO/FzVRZFeHJsrw8hLP++3k3zv0Hy5gB+ukKr6rlAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUjEtZzq034kxHpplv4t4ZXXbmAF4wHwYDVR0j
BBgwFoAU5yOJ2zY2dxFaQGMuDzWNAGbCvIIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy82RTFERTNBMDNFMEQ1NEI1Mjg4N0MxNUQ5NzgwMEY0MkM1
RjBCMjVCNkQ4QTk1MDM1NDU0NDdDRkYxOTE1MzBFLzAvRTcyMzg5REIzNjM2Nzcx
MTVBNDA2MzJFMEYzNThEMDA2NkMyQkM4Mi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FNzIzODlEQjM2MzY3NzExNUE0
MDYzMkUwRjM1OEQwMDY2QzJCQzgyLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNkUxREUzQTAzRTBENTRCNTI4ODdDMTVEOTc4MDBGNDJDNUYwQjI1QjZE
OEE5NTAzNTQ1NDQ3Q0ZGMTkxNTMwRS8wLzM0MzUyZTMyMzMzNTJlMzEzMjM4MmUz
MDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzNjM1MzUzMjMzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLeuA
MA0GCSqGSIb3DQEBCwUAA4IBAQC64xOxF+HCfre8ch57aS/emVFPtvvzpLOJmakz
jplnp8gqczxo0ma/gmmNWLaarsbPBw3L4WPPg8Ad5xCBj1yd5MuP51mYFPAGOkt3
TbmMOhWT/fa6ymt1UUVIaxNR7P6PLuBuOcbDmgK9B8+b7WxK1kKfxpAqZAI3sxrD
P1pwbuTqxU7BwwmNeAwyIo1VVy/270QEAuiyzKq2xhxbkkMLS0FOVuv0dDDh8U/x
EQDZD1h9xF/nYofse3nX0y+9Av58BuHF4evTGT7Lw9DPD6di5/OUEK+E2yPI9QIV
MJMch2iNlO2svkqV5hVI3JWdpLDuoOMMJvHSeirXBQu9DURa
-----END CERTIFICATE-----
Generated at Tue Jul 23 18:11:50 2024 by rpki-client on console-fra.rpki-client.org