Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/95A2529B164CB267D41D7E5A0A5283D6DC3D618E2B21986BB43C0DDEA21848D5/0/34352e3232372e3137362e302f32322d3234203d3e203631343636.roa
File:                     34352e3232372e3137362e302f32322d3234203d3e203631343636.roa (raw, json)
Hash identifier:          CrN83hgVfa+xucv6smOeAnNjB7FRYcFkgLZct7inbeM=
Subject key identifier:   92:CE:E2:2E:29:B8:13:78:B2:44:AD:5C:C4:5C:87:CB:9F:42:87:FB
Certificate issuer:       /CN=EB3AECDAD8C4958B0358946FA5F06CCFFDB76BBF
Certificate serial:       369112FA7300C6351A86C8743A191C00CE3FA1C6
Authority key identifier: EB:3A:EC:DA:D8:C4:95:8B:03:58:94:6F:A5:F0:6C:CF:FD:B7:6B:BF
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EB3AECDAD8C4958B0358946FA5F06CCFFDB76BBF.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/95A2529B164CB267D41D7E5A0A5283D6DC3D618E2B21986BB43C0DDEA21848D5/0/34352e3232372e3137362e302f32322d3234203d3e203631343636.roa
Signing time:             Tue 04 Feb 2025 18:45:30 +0000
ROA not before:           Tue 04 Feb 2025 18:40:30 +0000
ROA not after:            Tue 03 Feb 2026 18:45:30 +0000
asID:                     61466
IP address blocks:        45.227.176.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/95A2529B164CB267D41D7E5A0A5283D6DC3D618E2B21986BB43C0DDEA21848D5/0/EB3AECDAD8C4958B0358946FA5F06CCFFDB76BBF.crl
                          rsync://repository.lacnic.net/rpki/lacnic/95A2529B164CB267D41D7E5A0A5283D6DC3D618E2B21986BB43C0DDEA21848D5/0/EB3AECDAD8C4958B0358946FA5F06CCFFDB76BBF.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EB3AECDAD8C4958B0358946FA5F06CCFFDB76BBF.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 12:40:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:91:12:fa:73:00:c6:35:1a:86:c8:74:3a:19:1c:00:ce:3f:a1:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EB3AECDAD8C4958B0358946FA5F06CCFFDB76BBF
        Validity
            Not Before: Feb  4 18:40:30 2025 GMT
            Not After : Feb  3 18:45:30 2026 GMT
        Subject: CN=92CEE22E29B81378B244AD5CC45C87CB9F4287FB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:1a:7a:d0:df:84:4a:6e:9e:18:0a:a9:9a:40:
                    cf:ec:69:17:a0:60:1c:73:2a:bc:bf:65:a9:9c:1d:
                    8f:42:9b:ec:89:f4:28:44:bf:07:44:81:1a:5d:f6:
                    73:37:8f:8d:ab:a8:0c:a2:c5:97:86:6d:59:5d:4f:
                    e4:61:40:19:e2:0a:f0:a2:63:7a:fd:f5:b1:96:a2:
                    5c:2d:24:25:1a:60:0f:d9:58:71:23:1c:ad:9f:5f:
                    92:35:16:25:6a:9d:be:8d:81:f5:1c:11:e7:7c:a8:
                    27:10:7f:f0:ba:89:9c:88:9f:16:6e:bc:c5:c8:bc:
                    de:3c:f9:69:c2:d0:59:9f:25:d8:a1:7f:13:f9:f1:
                    31:8e:50:ba:5d:f9:02:84:94:c7:40:38:85:18:25:
                    d7:52:9f:d9:57:10:fc:24:a1:d3:a2:1b:8a:10:e8:
                    48:73:0f:b1:6f:c6:30:95:ec:f5:ce:f7:df:ea:d0:
                    93:07:d5:4e:80:c3:6e:06:36:39:92:83:88:26:a1:
                    d9:e7:14:c5:c1:f6:ee:0d:4c:54:13:55:e7:e2:fb:
                    2f:e2:2a:65:7c:53:c7:a7:c1:d9:ce:dc:f8:04:5c:
                    5d:5c:a8:95:62:25:b6:0e:bd:7e:f9:82:fe:17:5d:
                    ad:12:cd:9e:45:d2:8c:4f:b7:3a:c3:fb:1a:64:c3:
                    d0:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:CE:E2:2E:29:B8:13:78:B2:44:AD:5C:C4:5C:87:CB:9F:42:87:FB
            X509v3 Authority Key Identifier:
                keyid:EB:3A:EC:DA:D8:C4:95:8B:03:58:94:6F:A5:F0:6C:CF:FD:B7:6B:BF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/95A2529B164CB267D41D7E5A0A5283D6DC3D618E2B21986BB43C0DDEA21848D5/0/EB3AECDAD8C4958B0358946FA5F06CCFFDB76BBF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/EB3AECDAD8C4958B0358946FA5F06CCFFDB76BBF.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/95A2529B164CB267D41D7E5A0A5283D6DC3D618E2B21986BB43C0DDEA21848D5/0/34352e3232372e3137362e302f32322d3234203d3e203631343636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.227.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0c:78:44:17:39:f0:f2:56:bf:df:bc:e3:41:13:4d:14:d3:37:
         30:90:b5:12:5a:00:a9:ca:ec:88:6a:a4:d8:3d:08:ce:d1:d3:
         9e:9f:d8:b3:9e:a8:33:ab:01:bf:97:1c:13:2e:37:e4:04:3b:
         16:73:eb:6c:f4:7a:0e:81:cc:7f:85:b9:d2:09:c3:c3:c2:3d:
         d7:40:50:a0:82:60:fc:6a:3c:a4:a7:e3:c7:5b:7e:e5:36:8f:
         0b:f0:af:4a:71:53:32:33:2d:f7:9b:12:e0:07:c2:a1:c7:f7:
         51:a6:37:e0:1b:f1:57:f9:20:aa:fe:04:02:bd:f6:aa:84:e7:
         4f:79:84:3e:2f:65:65:1a:d3:15:0d:a1:93:9c:24:25:a0:e9:
         4e:1d:da:b1:ca:93:a5:36:d1:32:9c:33:b0:28:5e:82:a1:4a:
         03:83:d3:1f:51:13:3c:aa:3d:52:07:90:26:12:46:6b:da:fc:
         c8:a6:2c:b1:07:81:59:76:a3:ba:1a:53:ec:42:8b:f2:7e:54:
         8a:24:7b:52:18:48:02:e4:64:2f:dc:f8:96:13:67:af:82:19:
         33:b5:d8:05:0d:69:66:11:2f:d8:24:26:8a:a1:d6:30:ed:40:
         eb:aa:3d:13:a1:48:ff:d9:c3:06:4d:a2:9b:7c:f2:05:85:42:
         dd:df:52:44
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUNpES+nMAxjUahsh0OhkcAM4/ocYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUIzQUVDREFEOEM0OTU4QjAzNTg5NDZGQTVGMDZDQ0ZG
REI3NkJCRjAeFw0yNTAyMDQxODQwMzBaFw0yNjAyMDMxODQ1MzBaMDMxMTAvBgNV
BAMTKDkyQ0VFMjJFMjlCODEzNzhCMjQ0QUQ1Q0M0NUM4N0NCOUY0Mjg3RkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIGnrQ34RKbp4YCqmaQM/saReg
YBxzKry/ZamcHY9Cm+yJ9ChEvwdEgRpd9nM3j42rqAyixZeGbVldT+RhQBniCvCi
Y3r99bGWolwtJCUaYA/ZWHEjHK2fX5I1FiVqnb6NgfUcEed8qCcQf/C6iZyInxZu
vMXIvN48+WnC0FmfJdihfxP58TGOULpd+QKElMdAOIUYJddSn9lXEPwkodOiG4oQ
6EhzD7FvxjCV7PXO99/q0JMH1U6Aw24GNjmSg4gmodnnFMXB9u4NTFQTVefi+y/i
KmV8U8enwdnO3PgEXF1cqJViJbYOvX75gv4XXa0SzZ5F0oxPtzrD+xpkw9A9AgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUks7iLim4E3iyRK1cxFyHy59Ch/swHwYDVR0j
BBgwFoAU6zrs2tjElYsDWJRvpfBsz/23a78wDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85NUEyNTI5QjE2NENCMjY3RDQxRDdFNUEwQTUyODNENkRD
M0Q2MThFMkIyMTk4NkJCNDNDMERERUEyMTg0OEQ1LzAvRUIzQUVDREFEOEM0OTU4
QjAzNTg5NDZGQTVGMDZDQ0ZGREI3NkJCRi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FQjNBRUNEQUQ4QzQ5NThCMDM1
ODk0NkZBNUYwNkNDRkZEQjc2QkJGLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOTVBMjUyOUIxNjRDQjI2N0Q0MUQ3RTVBMEE1MjgzRDZEQzNENjE4RTJC
MjE5ODZCQjQzQzBEREVBMjE4NDhENS8wLzM0MzUyZTMyMzIzNzJlMzEzNzM2MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzYzMTM0MzYzNi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi3jsDAN
BgkqhkiG9w0BAQsFAAOCAQEADHhEFznw8la/37zjQRNNFNM3MJC1EloAqcrsiGqk
2D0IztHTnp/Ys56oM6sBv5ccEy435AQ7FnPrbPR6DoHMf4W50gnDw8I910BQoIJg
/Go8pKfjx1t+5TaPC/CvSnFTMjMt95sS4AfCocf3UaY34BvxV/kgqv4EAr32qoTn
T3mEPi9lZRrTFQ2hk5wkJaDpTh3ascqTpTbRMpwzsChegqFKA4PTH1ETPKo9UgeQ
JhJGa9r8yKYssQeBWXajuhpT7EKL8n5UiiR7UhhIAuRkL9z4lhNnr4IZM7XYBQ1p
ZhEv2CQmiqHWMO1A66o9E6FI/9nDBk2im3zyBYVC3d9SRA==
-----END CERTIFICATE-----
Generated at Thu Feb 13 19:53:53 2025 by rpki-client