Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/70A1CEA842F9ED29DD27DD97EFAB2973D5BB279303E37390D508F0F778E89CB4/0/34352e3232392e3134382e302f32332d3233203d3e20323636373039.roa
File:                     34352e3232392e3134382e302f32332d3233203d3e20323636373039.roa (raw, json)
Hash identifier:          xz7kOZDzAsvtwnfFXbmtS5pKHwfzTFePILpzicxoTO8=
Subject key identifier:   CE:2B:E5:5A:40:7E:BE:19:BE:3B:E3:61:CD:BD:99:5E:33:6C:ED:D9
Certificate issuer:       /CN=779F88CEF196B5EBF62DE93CD9CB49C78F317C2A
Certificate serial:       71771E4E453E2AE4A7C0D8650039596DFD07FE17
Authority key identifier: 77:9F:88:CE:F1:96:B5:EB:F6:2D:E9:3C:D9:CB:49:C7:8F:31:7C:2A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/779F88CEF196B5EBF62DE93CD9CB49C78F317C2A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/70A1CEA842F9ED29DD27DD97EFAB2973D5BB279303E37390D508F0F778E89CB4/0/34352e3232392e3134382e302f32332d3233203d3e20323636373039.roa
Signing time:             Tue 05 Mar 2024 18:08:06 +0000
ROA not before:           Tue 05 Mar 2024 18:03:06 +0000
ROA not after:            Tue 04 Mar 2025 18:08:06 +0000
asID:                     266709
IP address blocks:        45.229.148.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/70A1CEA842F9ED29DD27DD97EFAB2973D5BB279303E37390D508F0F778E89CB4/0/779F88CEF196B5EBF62DE93CD9CB49C78F317C2A.crl
                          rsync://repository.lacnic.net/rpki/lacnic/70A1CEA842F9ED29DD27DD97EFAB2973D5BB279303E37390D508F0F778E89CB4/0/779F88CEF196B5EBF62DE93CD9CB49C78F317C2A.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/779F88CEF196B5EBF62DE93CD9CB49C78F317C2A.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:77:1e:4e:45:3e:2a:e4:a7:c0:d8:65:00:39:59:6d:fd:07:fe:17
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=779F88CEF196B5EBF62DE93CD9CB49C78F317C2A
        Validity
            Not Before: Mar  5 18:03:06 2024 GMT
            Not After : Mar  4 18:08:06 2025 GMT
        Subject: CN=CE2BE55A407EBE19BE3BE361CDBD995E336CEDD9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:70:46:8f:af:28:00:ab:49:d2:cc:7a:c6:1d:
                    b7:2a:6a:7e:be:cb:17:cc:28:c7:1b:20:e7:26:b1:
                    75:c8:6a:16:76:a4:39:1a:42:5b:74:56:b8:8f:83:
                    f9:bd:8f:23:f8:9d:f3:71:37:e1:90:87:27:cd:b3:
                    ff:72:02:9e:7d:0f:e5:93:58:fb:2f:84:3b:02:0c:
                    b3:0d:c5:7b:8f:0c:6a:80:e1:d3:5a:ee:15:34:c6:
                    e7:16:4c:29:98:5c:f5:69:41:55:56:20:a0:ce:42:
                    af:1e:db:40:58:bd:fc:32:28:1d:5a:22:61:80:c1:
                    95:48:45:85:1b:51:4f:e9:dd:ac:ed:71:8d:16:8f:
                    98:da:27:b7:75:bc:ae:a3:27:4d:66:59:2b:f5:5e:
                    95:9e:a9:95:ed:7b:47:0f:09:4b:fe:c8:12:06:8c:
                    c5:d7:ec:47:73:e5:4d:df:2e:10:30:1c:b7:35:a1:
                    f5:43:c1:23:d3:9f:47:1e:18:66:01:15:fb:99:f1:
                    04:6e:d8:e9:14:13:3f:cc:b7:35:94:55:af:f9:c8:
                    58:69:91:6a:3f:27:d2:a7:bd:39:44:db:0c:ec:52:
                    af:fd:f2:0a:26:07:5d:35:11:16:45:58:65:b7:5f:
                    93:e8:2a:05:80:38:01:44:88:72:e6:46:02:3d:50:
                    64:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:2B:E5:5A:40:7E:BE:19:BE:3B:E3:61:CD:BD:99:5E:33:6C:ED:D9
            X509v3 Authority Key Identifier:
                keyid:77:9F:88:CE:F1:96:B5:EB:F6:2D:E9:3C:D9:CB:49:C7:8F:31:7C:2A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/70A1CEA842F9ED29DD27DD97EFAB2973D5BB279303E37390D508F0F778E89CB4/0/779F88CEF196B5EBF62DE93CD9CB49C78F317C2A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/779F88CEF196B5EBF62DE93CD9CB49C78F317C2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/70A1CEA842F9ED29DD27DD97EFAB2973D5BB279303E37390D508F0F778E89CB4/0/34352e3232392e3134382e302f32332d3233203d3e20323636373039.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.229.148.0/23

    Signature Algorithm: sha256WithRSAEncryption
         32:99:82:90:5a:4f:ec:3c:6b:3c:2b:89:04:65:c2:9a:52:c2:
         7c:a2:c0:a6:45:57:b8:e7:85:5d:a7:54:3c:e0:f6:7b:27:94:
         bc:69:60:44:35:00:1f:63:ce:03:ff:fd:fb:e0:0c:fc:45:80:
         4b:f1:4c:2a:78:71:40:1a:40:8a:1d:d3:b1:38:8c:cb:09:46:
         af:43:d0:5b:a1:b6:62:22:52:b4:45:d7:51:4b:6a:29:21:f7:
         34:a7:fe:db:dc:a5:97:04:87:94:ed:b8:f5:20:4c:ac:17:f5:
         9f:b4:51:ef:1a:47:02:d1:a4:17:35:d2:d8:41:76:2e:35:b5:
         ec:b6:62:ae:fa:5a:93:c0:5b:b6:a7:8e:15:f6:47:0d:8a:13:
         3c:73:c9:71:9f:30:9c:2a:d2:ff:a5:60:6e:7e:33:b0:bc:52:
         7d:2b:4c:41:76:f3:c4:73:b8:45:65:0b:63:1b:5b:74:d0:20:
         9b:5f:ae:a7:02:57:84:9f:8b:1b:79:3b:68:ad:59:90:f6:44:
         8a:5d:fb:f0:82:80:bb:58:9c:40:a4:0a:30:c4:47:5f:54:26:
         4f:6f:d9:cf:d0:cb:d2:d7:52:e8:8d:ef:26:92:3a:a2:52:c4:
         bf:07:b2:fb:bd:65:01:b8:7b:db:db:ae:a7:91:06:35:f3:56:
         f4:4d:3b:06
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUcXceTkU+KuSnwNhlADlZbf0H/hcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzc5Rjg4Q0VGMTk2QjVFQkY2MkRFOTNDRDlDQjQ5Qzc4
RjMxN0MyQTAeFw0yNDAzMDUxODAzMDZaFw0yNTAzMDQxODA4MDZaMDMxMTAvBgNV
BAMTKENFMkJFNTVBNDA3RUJFMTlCRTNCRTM2MUNEQkQ5OTVFMzM2Q0VERDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3cEaPrygAq0nSzHrGHbcqan6+
yxfMKMcbIOcmsXXIahZ2pDkaQlt0VriPg/m9jyP4nfNxN+GQhyfNs/9yAp59D+WT
WPsvhDsCDLMNxXuPDGqA4dNa7hU0xucWTCmYXPVpQVVWIKDOQq8e20BYvfwyKB1a
ImGAwZVIRYUbUU/p3aztcY0Wj5jaJ7d1vK6jJ01mWSv1XpWeqZXte0cPCUv+yBIG
jMXX7Edz5U3fLhAwHLc1ofVDwSPTn0ceGGYBFfuZ8QRu2OkUEz/MtzWUVa/5yFhp
kWo/J9KnvTlE2wzsUq/98gomB101ERZFWGW3X5PoKgWAOAFEiHLmRgI9UGRHAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUzivlWkB+vhm+O+Nhzb2ZXjNs7dkwHwYDVR0j
BBgwFoAUd5+IzvGWtev2Lek82ctJx48xfCowDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83MEExQ0VBODQyRjlFRDI5REQyN0REOTdFRkFCMjk3M0Q1
QkIyNzkzMDNFMzczOTBENTA4RjBGNzc4RTg5Q0I0LzAvNzc5Rjg4Q0VGMTk2QjVF
QkY2MkRFOTNDRDlDQjQ5Qzc4RjMxN0MyQS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC83NzlGODhDRUYxOTZCNUVCRjYy
REU5M0NEOUNCNDlDNzhGMzE3QzJBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvNzBBMUNFQTg0MkY5RUQyOUREMjdERDk3RUZBQjI5NzNENUJCMjc5MzAz
RTM3MzkwRDUwOEYwRjc3OEU4OUNCNC8wLzM0MzUyZTMyMzIzOTJlMzEzNDM4MmUz
MDJmMzIzMzJkMzIzMzIwM2QzZTIwMzIzNjM2MzczMDM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLeWU
MA0GCSqGSIb3DQEBCwUAA4IBAQAymYKQWk/sPGs8K4kEZcKaUsJ8osCmRVe454Vd
p1Q84PZ7J5S8aWBENQAfY84D//374Az8RYBL8UwqeHFAGkCKHdOxOIzLCUavQ9Bb
obZiIlK0RddRS2opIfc0p/7b3KWXBIeU7bj1IEysF/WftFHvGkcC0aQXNdLYQXYu
NbXstmKu+lqTwFu2p44V9kcNihM8c8lxnzCcKtL/pWBufjOwvFJ9K0xBdvPEc7hF
ZQtjG1t00CCbX66nAleEn4sbeTtorVmQ9kSKXfvwgoC7WJxApAowxEdfVCZPb9nP
0MvS11Loje8mkjqiUsS/B7L7vWUBuHvb266nkQY181b0TTsG
-----END CERTIFICATE-----
Generated at Wed Nov 20 08:53:06 2024 by rpki-client on console-ams.rpki-client.org