Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/9B3DF9A96CB9DB5BCB6C5E0B5391C3D168AFF15B056E256B8869931E39BCEE23/0/34352e3137332e3138312e302f32342d3234203d3e20323637383237.roa
File:                     34352e3137332e3138312e302f32342d3234203d3e20323637383237.roa (raw, json)
Hash identifier:          7QfMuYufeQ34IKoziK3QLDfrrj9Mcwhkw1/rSHbmHSk=
Subject key identifier:   92:ED:78:D0:84:6F:53:B4:20:87:F5:C0:FD:10:9F:72:7D:FA:79:53
Certificate issuer:       /CN=D8F89B0675EFF23A256029EC78234AE7B97F6B52
Certificate serial:       2A8C1BE8BD607CD3AFC5EA20C938A1CEF1A99BC5
Authority key identifier: D8:F8:9B:06:75:EF:F2:3A:25:60:29:EC:78:23:4A:E7:B9:7F:6B:52
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D8F89B0675EFF23A256029EC78234AE7B97F6B52.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/9B3DF9A96CB9DB5BCB6C5E0B5391C3D168AFF15B056E256B8869931E39BCEE23/0/34352e3137332e3138312e302f32342d3234203d3e20323637383237.roa
Signing time:             Mon 11 Mar 2024 13:55:00 +0000
ROA not before:           Mon 11 Mar 2024 13:50:00 +0000
ROA not after:            Mon 10 Mar 2025 13:55:00 +0000
asID:                     267827
IP address blocks:        45.173.181.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/9B3DF9A96CB9DB5BCB6C5E0B5391C3D168AFF15B056E256B8869931E39BCEE23/0/D8F89B0675EFF23A256029EC78234AE7B97F6B52.crl
                          rsync://repository.lacnic.net/rpki/lacnic/9B3DF9A96CB9DB5BCB6C5E0B5391C3D168AFF15B056E256B8869931E39BCEE23/0/D8F89B0675EFF23A256029EC78234AE7B97F6B52.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D8F89B0675EFF23A256029EC78234AE7B97F6B52.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:8c:1b:e8:bd:60:7c:d3:af:c5:ea:20:c9:38:a1:ce:f1:a9:9b:c5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D8F89B0675EFF23A256029EC78234AE7B97F6B52
        Validity
            Not Before: Mar 11 13:50:00 2024 GMT
            Not After : Mar 10 13:55:00 2025 GMT
        Subject: CN=92ED78D0846F53B42087F5C0FD109F727DFA7953
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:7f:23:48:e0:38:db:d1:42:5c:8e:c6:b2:99:
                    55:1b:70:c9:aa:24:0a:b3:ab:e9:46:e5:3a:77:f1:
                    e1:aa:86:b0:d3:68:62:39:56:c8:a3:bd:08:69:52:
                    88:a2:4a:7f:1e:13:9e:9c:cd:41:23:8e:05:f6:05:
                    3f:5d:03:a5:12:02:6f:7b:4a:9f:ac:b8:72:ee:d7:
                    70:22:49:7f:37:26:57:90:e1:b0:35:77:97:8a:0b:
                    fe:c5:95:86:96:bd:f2:92:3e:fd:24:e3:e8:e1:39:
                    4e:97:69:05:ea:e8:ff:08:a9:43:9e:88:4f:b6:cd:
                    87:6b:04:b7:ea:c1:bd:96:a3:ea:bf:ea:89:c5:fe:
                    b9:31:46:e9:02:cc:38:cf:94:77:2f:f1:1d:78:f2:
                    5a:3e:8c:d3:33:31:45:b3:af:22:14:d0:fd:62:bd:
                    f0:3a:3b:6b:1a:58:0e:66:15:a6:39:e6:92:f3:cf:
                    f2:72:35:a5:84:ff:11:87:11:6d:84:27:03:ae:06:
                    66:24:c0:ad:3c:b9:dd:fb:82:b8:a4:e9:2d:c3:1d:
                    d3:b3:b1:2d:9f:3f:51:92:93:c2:f9:5d:10:78:d8:
                    4f:c6:b2:9c:fd:c8:95:82:b4:eb:7c:c3:fb:f9:4b:
                    25:6b:da:58:bb:44:d7:63:f7:78:eb:2d:b1:fe:c2:
                    7a:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:ED:78:D0:84:6F:53:B4:20:87:F5:C0:FD:10:9F:72:7D:FA:79:53
            X509v3 Authority Key Identifier:
                keyid:D8:F8:9B:06:75:EF:F2:3A:25:60:29:EC:78:23:4A:E7:B9:7F:6B:52

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/9B3DF9A96CB9DB5BCB6C5E0B5391C3D168AFF15B056E256B8869931E39BCEE23/0/D8F89B0675EFF23A256029EC78234AE7B97F6B52.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/D8F89B0675EFF23A256029EC78234AE7B97F6B52.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/9B3DF9A96CB9DB5BCB6C5E0B5391C3D168AFF15B056E256B8869931E39BCEE23/0/34352e3137332e3138312e302f32342d3234203d3e20323637383237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.173.181.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:bd:d5:63:08:6e:f6:82:86:3b:57:56:df:cb:4f:b3:5f:69:
         9b:6d:23:b2:90:4c:07:de:ef:50:1e:86:d8:3b:ee:b6:e9:00:
         f4:03:ce:6a:a7:bf:6b:fa:d1:61:a6:54:39:8e:37:81:a5:d5:
         a9:03:20:19:e3:e8:28:97:df:ae:f2:52:8e:bf:d3:a4:b3:8e:
         3d:42:01:99:29:52:8c:5c:09:ae:6c:01:50:23:c6:2d:64:67:
         86:7d:93:2c:4e:ce:fa:19:1f:e2:b3:3e:d5:3b:1c:6f:30:83:
         2e:aa:6e:67:6c:e5:25:c5:c7:c3:68:0f:ee:8e:23:18:5b:28:
         7e:61:40:e5:b3:a5:a6:1d:98:e5:d8:3d:74:71:d4:a2:fd:2f:
         16:b0:36:91:6c:d8:79:57:6f:f6:1f:a8:ee:9a:8f:4e:06:3a:
         73:40:3b:94:76:9e:e5:51:10:2c:42:cd:ab:53:4d:99:fb:41:
         b3:60:49:11:f9:9f:b3:93:a1:06:61:2e:01:31:80:bf:5a:07:
         38:80:df:4f:0a:d6:88:90:23:52:3e:7d:1c:88:aa:2a:e7:b3:
         4c:7d:87:12:ea:b9:7a:88:d0:87:08:2f:e1:90:80:e0:aa:3a:
         3e:b0:62:78:58:f4:e9:12:43:c6:3d:d5:c3:dc:c1:27:ce:4c:
         ba:e2:34:14
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUKowb6L1gfNOvxeogyTihzvGpm8UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDhGODlCMDY3NUVGRjIzQTI1NjAyOUVDNzgyMzRBRTdC
OTdGNkI1MjAeFw0yNDAzMTExMzUwMDBaFw0yNTAzMTAxMzU1MDBaMDMxMTAvBgNV
BAMTKDkyRUQ3OEQwODQ2RjUzQjQyMDg3RjVDMEZEMTA5RjcyN0RGQTc5NTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCufyNI4Djb0UJcjsaymVUbcMmq
JAqzq+lG5Tp38eGqhrDTaGI5VsijvQhpUoiiSn8eE56czUEjjgX2BT9dA6USAm97
Sp+suHLu13AiSX83JleQ4bA1d5eKC/7FlYaWvfKSPv0k4+jhOU6XaQXq6P8IqUOe
iE+2zYdrBLfqwb2Wo+q/6onF/rkxRukCzDjPlHcv8R148lo+jNMzMUWzryIU0P1i
vfA6O2saWA5mFaY55pLzz/JyNaWE/xGHEW2EJwOuBmYkwK08ud37grik6S3DHdOz
sS2fP1GSk8L5XRB42E/Gspz9yJWCtOt8w/v5SyVr2li7RNdj93jrLbH+wnrrAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUku140IRvU7Qgh/XA/RCfcn36eVMwHwYDVR0j
BBgwFoAU2PibBnXv8jolYCnseCNK57l/a1IwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy85QjNERjlBOTZDQjlEQjVCQ0I2QzVFMEI1MzkxQzNEMTY4
QUZGMTVCMDU2RTI1NkI4ODY5OTMxRTM5QkNFRTIzLzAvRDhGODlCMDY3NUVGRjIz
QTI1NjAyOUVDNzgyMzRBRTdCOTdGNkI1Mi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9EOEY4OUIwNjc1RUZGMjNBMjU2
MDI5RUM3ODIzNEFFN0I5N0Y2QjUyLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvOUIzREY5QTk2Q0I5REI1QkNCNkM1RTBCNTM5MUMzRDE2OEFGRjE1QjA1
NkUyNTZCODg2OTkzMUUzOUJDRUUyMy8wLzM0MzUyZTMxMzczMzJlMzEzODMxMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM3MzgzMjM3LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALa21
MA0GCSqGSIb3DQEBCwUAA4IBAQCXvdVjCG72goY7V1bfy0+zX2mbbSOykEwH3u9Q
HobYO+626QD0A85qp79r+tFhplQ5jjeBpdWpAyAZ4+gol9+u8lKOv9Oks449QgGZ
KVKMXAmubAFQI8YtZGeGfZMsTs76GR/isz7VOxxvMIMuqm5nbOUlxcfDaA/ujiMY
Wyh+YUDls6WmHZjl2D10cdSi/S8WsDaRbNh5V2/2H6jumo9OBjpzQDuUdp7lURAs
Qs2rU02Z+0GzYEkR+Z+zk6EGYS4BMYC/Wgc4gN9PCtaIkCNSPn0ciKoq57NMfYcS
6rl6iNCHCC/hkIDgqjo+sGJ4WPTpEkPGPdXD3MEnzky64jQU
-----END CERTIFICATE-----
Generated at Sat Jun 15 07:39:51 2024 by rpki-client on console-ams.rpki-client.org