Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7A23BF4BFB6A36CCD41850705D347E6DC581FD7F0237467C503F5EA7745C3DF2/0/34352e3233392e33362e302f32332d3233203d3e20323636383731.roa
File:                     34352e3233392e33362e302f32332d3233203d3e20323636383731.roa (raw, json)
Hash identifier:          36DfRrepx8Z0bz0knSYGdwQh//4ZLfgXjIlHyPQ8iiE=
Subject key identifier:   24:63:23:E8:54:6D:58:38:73:AF:CA:5F:FE:8A:7A:A4:23:9A:52:BA
Certificate issuer:       /CN=013C9FDB572F82FEBA26C5CBCA4321F421C02091
Certificate serial:       4C9FA36B3BD14A06DD2278D3E9A5A8B0FAD14F40
Authority key identifier: 01:3C:9F:DB:57:2F:82:FE:BA:26:C5:CB:CA:43:21:F4:21:C0:20:91
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/013C9FDB572F82FEBA26C5CBCA4321F421C02091.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7A23BF4BFB6A36CCD41850705D347E6DC581FD7F0237467C503F5EA7745C3DF2/0/34352e3233392e33362e302f32332d3233203d3e20323636383731.roa
Signing time:             Tue 05 Mar 2024 17:57:22 +0000
ROA not before:           Tue 05 Mar 2024 17:52:22 +0000
ROA not after:            Tue 04 Mar 2025 17:57:22 +0000
asID:                     266871
IP address blocks:        45.239.36.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/7A23BF4BFB6A36CCD41850705D347E6DC581FD7F0237467C503F5EA7745C3DF2/0/013C9FDB572F82FEBA26C5CBCA4321F421C02091.crl
                          rsync://repository.lacnic.net/rpki/lacnic/7A23BF4BFB6A36CCD41850705D347E6DC581FD7F0237467C503F5EA7745C3DF2/0/013C9FDB572F82FEBA26C5CBCA4321F421C02091.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/013C9FDB572F82FEBA26C5CBCA4321F421C02091.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:9f:a3:6b:3b:d1:4a:06:dd:22:78:d3:e9:a5:a8:b0:fa:d1:4f:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=013C9FDB572F82FEBA26C5CBCA4321F421C02091
        Validity
            Not Before: Mar  5 17:52:22 2024 GMT
            Not After : Mar  4 17:57:22 2025 GMT
        Subject: CN=246323E8546D583873AFCA5FFE8A7AA4239A52BA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:61:87:a2:ba:0b:8f:91:7f:94:ab:19:13:4f:
                    79:ae:8a:9e:f1:54:6d:2a:38:36:28:c4:6f:db:4b:
                    31:0b:ad:81:18:aa:39:6c:5b:03:83:a9:61:9a:c0:
                    a8:a3:09:58:a3:ef:6d:77:ea:28:8b:21:6a:f9:71:
                    8a:72:2a:82:b6:bb:43:cf:1d:3e:a3:46:e6:d4:3a:
                    38:23:91:de:db:cc:a4:15:dd:94:29:81:18:45:28:
                    89:8a:91:c9:84:a6:f9:b1:dc:78:d0:80:19:15:ca:
                    ac:88:01:00:54:5b:b4:8c:cb:6c:ff:ab:fa:b0:71:
                    0d:94:d3:14:5c:1b:91:9e:f4:73:14:39:38:0f:f1:
                    60:b4:ab:78:6f:e8:d9:b5:1c:fc:c5:db:fb:c1:cc:
                    b7:27:f9:a4:86:9c:5f:47:3a:90:11:11:a4:ed:ec:
                    cc:f4:02:50:07:49:d2:8b:ab:b4:de:f5:b1:61:b4:
                    3a:21:16:cd:f1:a6:cc:e3:a5:cb:db:35:a2:17:c1:
                    73:cd:3a:c7:83:7c:4a:e5:30:af:62:4a:0f:aa:18:
                    6a:32:9e:30:d0:35:42:6b:96:88:18:90:c0:aa:7a:
                    2f:9e:d0:62:ec:f1:db:9f:f8:24:7c:db:b8:83:29:
                    a5:4a:6a:a2:d7:67:09:79:eb:ef:9a:58:71:b5:85:
                    de:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:63:23:E8:54:6D:58:38:73:AF:CA:5F:FE:8A:7A:A4:23:9A:52:BA
            X509v3 Authority Key Identifier:
                keyid:01:3C:9F:DB:57:2F:82:FE:BA:26:C5:CB:CA:43:21:F4:21:C0:20:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7A23BF4BFB6A36CCD41850705D347E6DC581FD7F0237467C503F5EA7745C3DF2/0/013C9FDB572F82FEBA26C5CBCA4321F421C02091.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/013C9FDB572F82FEBA26C5CBCA4321F421C02091.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7A23BF4BFB6A36CCD41850705D347E6DC581FD7F0237467C503F5EA7745C3DF2/0/34352e3233392e33362e302f32332d3233203d3e20323636383731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.239.36.0/23

    Signature Algorithm: sha256WithRSAEncryption
         58:73:4b:c0:c7:78:b5:51:36:99:25:da:65:79:a0:5d:a3:66:
         bc:e6:8e:92:50:95:07:fa:87:68:94:72:98:35:29:9a:bd:5e:
         d5:bd:d2:d4:98:7c:90:3a:ab:76:a1:c9:28:46:8b:ae:f4:60:
         05:1e:02:58:3d:d3:1a:e2:a1:04:c9:68:af:11:a5:27:a6:40:
         54:ab:af:d9:72:c9:25:02:19:b8:e3:2b:40:3b:8e:26:18:fc:
         18:a3:c4:30:3e:e2:70:f9:f2:c9:ca:ee:1d:bb:05:7d:66:4b:
         02:00:69:29:2a:c3:59:89:dc:bf:e0:e3:df:a3:80:dc:bc:a6:
         2e:ed:ad:9d:cf:c1:c6:4d:8a:20:48:98:d4:3b:4d:1f:7a:0e:
         47:fb:60:70:3a:2a:c0:a1:1c:c9:e2:55:08:1d:33:a4:50:22:
         de:2f:a8:30:30:c9:de:17:8c:df:6d:05:53:ab:da:d2:43:3e:
         8b:1b:3a:48:e7:f8:f9:26:df:50:66:71:7a:81:6e:ec:5d:3d:
         72:c0:57:94:6e:ea:14:dc:7c:a0:96:be:13:c0:ec:6e:d8:69:
         1a:51:eb:72:a6:d5:89:b6:d0:c3:c2:6f:6f:ce:16:85:14:c1:
         15:bf:a7:80:fd:ad:23:9b:0c:f7:d2:a8:69:56:c9:30:d8:fe:
         f4:43:97:30
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUTJ+jazvRSgbdInjT6aWosPrRT0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDEzQzlGREI1NzJGODJGRUJBMjZDNUNCQ0E0MzIxRjQy
MUMwMjA5MTAeFw0yNDAzMDUxNzUyMjJaFw0yNTAzMDQxNzU3MjJaMDMxMTAvBgNV
BAMTKDI0NjMyM0U4NTQ2RDU4Mzg3M0FGQ0E1RkZFOEE3QUE0MjM5QTUyQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0YYeiuguPkX+UqxkTT3muip7x
VG0qODYoxG/bSzELrYEYqjlsWwODqWGawKijCVij72136iiLIWr5cYpyKoK2u0PP
HT6jRubUOjgjkd7bzKQV3ZQpgRhFKImKkcmEpvmx3HjQgBkVyqyIAQBUW7SMy2z/
q/qwcQ2U0xRcG5Ge9HMUOTgP8WC0q3hv6Nm1HPzF2/vBzLcn+aSGnF9HOpAREaTt
7Mz0AlAHSdKLq7Te9bFhtDohFs3xpszjpcvbNaIXwXPNOseDfErlMK9iSg+qGGoy
njDQNUJrlogYkMCqei+e0GLs8duf+CR827iDKaVKaqLXZwl56++aWHG1hd4tAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUJGMj6FRtWDhzr8pf/op6pCOaUrowHwYDVR0j
BBgwFoAUATyf21cvgv66JsXLykMh9CHAIJEwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy83QTIzQkY0QkZCNkEzNkNDRDQxODUwNzA1RDM0N0U2REM1
ODFGRDdGMDIzNzQ2N0M1MDNGNUVBNzc0NUMzREYyLzAvMDEzQzlGREI1NzJGODJG
RUJBMjZDNUNCQ0E0MzIxRjQyMUMwMjA5MS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8wMTNDOUZEQjU3MkY4MkZFQkEy
NkM1Q0JDQTQzMjFGNDIxQzAyMDkxLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvN0EyM0JGNEJGQjZBMzZDQ0Q0MTg1MDcwNUQzNDdFNkRDNTgxRkQ3RjAy
Mzc0NjdDNTAzRjVFQTc3NDVDM0RGMi8wLzM0MzUyZTMyMzMzOTJlMzMzNjJlMzAy
ZjMyMzMyZDMyMzMyMDNkM2UyMDMyMzYzNjM4MzczMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS3vJDAN
BgkqhkiG9w0BAQsFAAOCAQEAWHNLwMd4tVE2mSXaZXmgXaNmvOaOklCVB/qHaJRy
mDUpmr1e1b3S1Jh8kDqrdqHJKEaLrvRgBR4CWD3TGuKhBMlorxGlJ6ZAVKuv2XLJ
JQIZuOMrQDuOJhj8GKPEMD7icPnyycruHbsFfWZLAgBpKSrDWYncv+Dj36OA3Lym
Lu2tnc/Bxk2KIEiY1DtNH3oOR/tgcDoqwKEcyeJVCB0zpFAi3i+oMDDJ3heM320F
U6va0kM+ixs6SOf4+SbfUGZxeoFu7F09csBXlG7qFNx8oJa+E8DsbthpGlHrcqbV
ibbQw8Jvb84WhRTBFb+ngP2tI5sM99KoaVbJMNj+9EOXMA==
-----END CERTIFICATE-----
Generated at Wed Nov 20 14:21:30 2024 by rpki-client on console-fra.rpki-client.org