Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/98BF5B30C834ABA56A689AEC6631F7C2D8E257D4AD18A41FDCDC08C151AC26CC/0/34352e3136322e38392e302f32342d3234203d3e20323633323434.roa
File:                     34352e3136322e38392e302f32342d3234203d3e20323633323434.roa (raw, json)
Hash identifier:          PUo9t6jcJH3wtXjJWJn9dldadlzK69q9nQfUJby6tg4=
Subject key identifier:   29:91:C6:2D:31:36:78:79:8D:5E:17:09:BB:C5:A5:EA:5F:56:E2:17
Certificate issuer:       /CN=CA3FAFC2E55BDFD33A2603F6839D05ECF52A2CEC
Certificate serial:       3B259236A9A2CD12B7EFEDAA9B57D168913F527A
Authority key identifier: CA:3F:AF:C2:E5:5B:DF:D3:3A:26:03:F6:83:9D:05:EC:F5:2A:2C:EC
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CA3FAFC2E55BDFD33A2603F6839D05ECF52A2CEC.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/98BF5B30C834ABA56A689AEC6631F7C2D8E257D4AD18A41FDCDC08C151AC26CC/0/34352e3136322e38392e302f32342d3234203d3e20323633323434.roa
Signing time:             Tue 05 Mar 2024 17:43:05 +0000
ROA not before:           Tue 05 Mar 2024 17:38:05 +0000
ROA not after:            Tue 04 Mar 2025 17:43:05 +0000
asID:                     263244
IP address blocks:        45.162.89.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/98BF5B30C834ABA56A689AEC6631F7C2D8E257D4AD18A41FDCDC08C151AC26CC/0/CA3FAFC2E55BDFD33A2603F6839D05ECF52A2CEC.crl
                          rsync://repository.lacnic.net/rpki/lacnic/98BF5B30C834ABA56A689AEC6631F7C2D8E257D4AD18A41FDCDC08C151AC26CC/0/CA3FAFC2E55BDFD33A2603F6839D05ECF52A2CEC.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CA3FAFC2E55BDFD33A2603F6839D05ECF52A2CEC.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:25:92:36:a9:a2:cd:12:b7:ef:ed:aa:9b:57:d1:68:91:3f:52:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CA3FAFC2E55BDFD33A2603F6839D05ECF52A2CEC
        Validity
            Not Before: Mar  5 17:38:05 2024 GMT
            Not After : Mar  4 17:43:05 2025 GMT
        Subject: CN=2991C62D313678798D5E1709BBC5A5EA5F56E217
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:0e:05:03:6b:d4:bd:96:a8:93:38:4d:b2:53:
                    c0:16:40:14:ec:d4:ac:ae:11:23:58:4e:7e:64:fe:
                    0b:22:07:7c:57:f0:af:82:02:22:6a:c8:75:aa:fc:
                    87:3b:53:45:93:26:32:2e:e0:f4:3c:76:15:11:d7:
                    b5:ae:d1:38:0e:b2:52:a3:b9:68:9c:63:ca:72:74:
                    ef:e1:83:4d:3c:57:d2:40:12:ad:5b:6f:a3:ee:53:
                    6f:cf:03:91:ba:59:62:0e:bb:34:02:9f:4e:47:bd:
                    16:06:2a:df:01:a4:dd:cb:e7:19:44:65:6e:64:5e:
                    81:b5:bc:af:82:ef:92:4f:36:f5:47:13:83:df:31:
                    38:bc:bd:82:86:46:41:0c:53:7c:c0:cc:f0:80:c9:
                    fa:fe:09:b6:b4:6a:3f:b0:5c:7b:84:79:78:3b:77:
                    44:1b:20:25:e0:88:e0:4e:51:95:5e:4b:45:8d:a0:
                    d6:a9:98:4d:ff:34:f4:ba:b5:2b:cd:a0:30:fd:68:
                    c8:39:05:89:26:60:47:b7:a6:65:2d:83:1e:fc:6b:
                    91:7d:73:5a:79:c9:be:1f:97:ba:ab:8a:9f:4a:98:
                    25:72:46:23:a4:75:e6:1f:c2:22:ec:3d:b8:99:c7:
                    13:03:5d:32:a4:a8:98:c9:ff:60:7b:a2:94:c5:13:
                    2d:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:91:C6:2D:31:36:78:79:8D:5E:17:09:BB:C5:A5:EA:5F:56:E2:17
            X509v3 Authority Key Identifier:
                keyid:CA:3F:AF:C2:E5:5B:DF:D3:3A:26:03:F6:83:9D:05:EC:F5:2A:2C:EC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/98BF5B30C834ABA56A689AEC6631F7C2D8E257D4AD18A41FDCDC08C151AC26CC/0/CA3FAFC2E55BDFD33A2603F6839D05ECF52A2CEC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/CA3FAFC2E55BDFD33A2603F6839D05ECF52A2CEC.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/98BF5B30C834ABA56A689AEC6631F7C2D8E257D4AD18A41FDCDC08C151AC26CC/0/34352e3136322e38392e302f32342d3234203d3e20323633323434.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.162.89.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:2b:19:23:96:cb:b3:d5:18:62:98:2c:42:4f:ff:b4:a1:05:
         b2:22:3d:dc:4f:49:1b:79:42:e5:e5:14:37:49:29:b3:79:aa:
         60:8a:76:dd:b3:d8:36:9e:d4:80:ff:cf:27:27:62:d3:b4:e1:
         a8:90:68:8c:15:fb:64:75:52:47:b4:c1:79:da:fc:fa:57:a4:
         c7:dd:d5:43:57:19:70:2a:45:ac:c4:b6:f0:ca:4c:ce:3b:7e:
         ac:02:04:8a:ff:1c:30:43:ab:ae:ac:e7:6e:f0:47:25:d1:5c:
         c7:52:3c:06:da:72:00:30:5c:20:41:8e:87:50:05:7b:b9:6c:
         46:03:9d:e5:e8:5d:45:59:5d:fe:01:36:40:f0:93:56:ab:aa:
         ab:3c:25:dd:4c:8c:79:70:79:93:af:f3:ea:8c:41:b4:dd:bc:
         48:71:1c:60:7a:72:a4:93:f4:cf:24:af:57:c8:67:6c:da:8d:
         10:6f:fe:e4:f3:04:fc:0d:60:ad:cc:67:86:0f:41:d4:d4:6e:
         06:6d:3b:89:a9:88:15:ad:97:9d:00:4b:af:11:05:6c:b1:c4:
         44:2d:8e:f5:30:e4:ae:83:54:c0:7c:c8:b4:cc:a1:d4:e6:bd:
         04:13:09:ed:97:7d:9e:87:9a:24:e5:9d:4d:c0:34:31:55:6d:
         a1:41:4a:3d
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUOyWSNqmizRK37+2qm1fRaJE/UnowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0EzRkFGQzJFNTVCREZEMzNBMjYwM0Y2ODM5RDA1RUNG
NTJBMkNFQzAeFw0yNDAzMDUxNzM4MDVaFw0yNTAzMDQxNzQzMDVaMDMxMTAvBgNV
BAMTKDI5OTFDNjJEMzEzNjc4Nzk4RDVFMTcwOUJCQzVBNUVBNUY1NkUyMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKDgUDa9S9lqiTOE2yU8AWQBTs
1KyuESNYTn5k/gsiB3xX8K+CAiJqyHWq/Ic7U0WTJjIu4PQ8dhUR17Wu0TgOslKj
uWicY8pydO/hg008V9JAEq1bb6PuU2/PA5G6WWIOuzQCn05HvRYGKt8BpN3L5xlE
ZW5kXoG1vK+C75JPNvVHE4PfMTi8vYKGRkEMU3zAzPCAyfr+Cba0aj+wXHuEeXg7
d0QbICXgiOBOUZVeS0WNoNapmE3/NPS6tSvNoDD9aMg5BYkmYEe3pmUtgx78a5F9
c1p5yb4fl7qrip9KmCVyRiOkdeYfwiLsPbiZxxMDXTKkqJjJ/2B7opTFEy2RAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUKZHGLTE2eHmNXhcJu8Wl6l9W4hcwHwYDVR0j
BBgwFoAUyj+vwuVb39M6JgP2g50F7PUqLOwwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85OEJGNUIzMEM4MzRBQkE1NkE2ODlBRUM2NjMxRjdDMkQ4
RTI1N0Q0QUQxOEE0MUZEQ0RDMDhDMTUxQUMyNkNDLzAvQ0EzRkFGQzJFNTVCREZE
MzNBMjYwM0Y2ODM5RDA1RUNGNTJBMkNFQy5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9DQTNGQUZDMkU1NUJERkQzM0Ey
NjAzRjY4MzlEMDVFQ0Y1MkEyQ0VDLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOThCRjVCMzBDODM0QUJBNTZBNjg5QUVDNjYzMUY3QzJEOEUyNTdENEFE
MThBNDFGRENEQzA4QzE1MUFDMjZDQy8wLzM0MzUyZTMxMzYzMjJlMzgzOTJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzMzMyMzQzNC5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2iWTAN
BgkqhkiG9w0BAQsFAAOCAQEAqisZI5bLs9UYYpgsQk//tKEFsiI93E9JG3lC5eUU
N0kps3mqYIp23bPYNp7UgP/PJydi07ThqJBojBX7ZHVSR7TBedr8+lekx93VQ1cZ
cCpFrMS28MpMzjt+rAIEiv8cMEOrrqznbvBHJdFcx1I8BtpyADBcIEGOh1AFe7ls
RgOd5ehdRVld/gE2QPCTVquqqzwl3UyMeXB5k6/z6oxBtN28SHEcYHpypJP0zySv
V8hnbNqNEG/+5PME/A1grcxnhg9B1NRuBm07iamIFa2XnQBLrxEFbLHERC2O9TDk
roNUwHzItMyh1Oa9BBMJ7Zd9noeaJOWdTcA0MVVtoUFKPQ==
-----END CERTIFICATE-----
Generated at Wed Nov 20 05:43:19 2024 by rpki-client on console-fra.rpki-client.org