Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A16E8F103146B2850335023A70A6D39874766368DBDA5F048D55972B98FD8367/0/34352e3232362e36382e302f32322d3234203d3e203237383433.roa
File:                     34352e3232362e36382e302f32322d3234203d3e203237383433.roa (raw, json)
Hash identifier:          Kuo7J5TixaQmSrOTknToJWNoiw+8QeXqdJlGZIQCRC8=
Subject key identifier:   78:20:FA:F4:AF:22:87:8E:CE:7A:1B:7C:EC:A3:29:DB:8F:A6:70:6F
Certificate issuer:       /CN=9F08D38D4571C09A83B45ACFD10AEB7826CE8F84
Certificate serial:       195952632D1F0CAE779A0CA075AAD5F0841E2915
Authority key identifier: 9F:08:D3:8D:45:71:C0:9A:83:B4:5A:CF:D1:0A:EB:78:26:CE:8F:84
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9F08D38D4571C09A83B45ACFD10AEB7826CE8F84.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A16E8F103146B2850335023A70A6D39874766368DBDA5F048D55972B98FD8367/0/34352e3232362e36382e302f32322d3234203d3e203237383433.roa
Signing time:             Tue 05 Mar 2024 17:44:48 +0000
ROA not before:           Tue 05 Mar 2024 17:39:48 +0000
ROA not after:            Tue 04 Mar 2025 17:44:48 +0000
asID:                     27843
IP address blocks:        45.226.68.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A16E8F103146B2850335023A70A6D39874766368DBDA5F048D55972B98FD8367/0/9F08D38D4571C09A83B45ACFD10AEB7826CE8F84.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A16E8F103146B2850335023A70A6D39874766368DBDA5F048D55972B98FD8367/0/9F08D38D4571C09A83B45ACFD10AEB7826CE8F84.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9F08D38D4571C09A83B45ACFD10AEB7826CE8F84.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:59:52:63:2d:1f:0c:ae:77:9a:0c:a0:75:aa:d5:f0:84:1e:29:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9F08D38D4571C09A83B45ACFD10AEB7826CE8F84
        Validity
            Not Before: Mar  5 17:39:48 2024 GMT
            Not After : Mar  4 17:44:48 2025 GMT
        Subject: CN=7820FAF4AF22878ECE7A1B7CECA329DB8FA6706F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:78:75:25:bf:9b:83:01:54:52:63:2d:1b:c9:
                    e5:8e:71:50:81:6c:f1:29:ac:5b:e4:00:ad:43:d3:
                    4f:f9:b5:1d:ae:cc:5e:37:be:d1:b0:81:d8:a6:13:
                    eb:4b:43:b8:12:50:1b:21:37:a2:ca:ee:53:5c:a5:
                    de:a9:42:2d:ba:2f:d2:1c:e1:65:5c:fa:92:19:49:
                    01:9a:ca:59:fc:0d:93:b4:37:a4:c0:75:c6:77:94:
                    fa:3f:ea:72:ff:31:c4:b0:26:7f:c7:76:37:48:e4:
                    aa:a2:bb:74:1b:a6:85:c4:ba:39:c7:f6:6b:33:17:
                    3c:86:bc:5d:0f:10:79:e6:8e:a0:0e:1f:a4:07:87:
                    11:ee:5a:dd:57:51:c5:52:4c:d4:49:1d:f3:a5:1d:
                    e2:89:07:0c:5d:a0:a4:10:c4:97:5f:f8:25:1c:94:
                    56:57:18:31:33:50:76:f5:93:69:be:bc:09:da:dc:
                    88:e6:ad:e3:d0:e8:d8:ba:1d:e2:1c:5a:15:48:ab:
                    48:e6:4b:00:0a:01:f3:79:85:47:49:87:f2:36:80:
                    fa:18:72:e5:bb:f9:02:77:08:19:85:fd:c2:94:c3:
                    80:92:c9:4f:06:07:28:50:51:38:8b:7a:99:b0:e1:
                    6c:86:e2:9d:21:54:da:a2:f3:1f:ce:c5:bc:d0:ae:
                    35:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:20:FA:F4:AF:22:87:8E:CE:7A:1B:7C:EC:A3:29:DB:8F:A6:70:6F
            X509v3 Authority Key Identifier:
                keyid:9F:08:D3:8D:45:71:C0:9A:83:B4:5A:CF:D1:0A:EB:78:26:CE:8F:84

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A16E8F103146B2850335023A70A6D39874766368DBDA5F048D55972B98FD8367/0/9F08D38D4571C09A83B45ACFD10AEB7826CE8F84.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9F08D38D4571C09A83B45ACFD10AEB7826CE8F84.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A16E8F103146B2850335023A70A6D39874766368DBDA5F048D55972B98FD8367/0/34352e3232362e36382e302f32322d3234203d3e203237383433.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.226.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         01:5d:72:c2:2f:7c:97:0f:56:2f:00:4f:1c:7a:a6:d2:75:42:
         7b:1c:8c:77:f8:8d:8d:6e:60:c7:35:d7:0a:82:87:be:10:9e:
         40:b6:69:20:2b:f7:2a:13:98:5e:8d:2e:3d:53:2e:13:29:6a:
         6a:6f:4d:ec:15:95:13:64:39:61:42:29:43:f2:ff:10:f6:b9:
         bf:31:9e:ad:f7:06:87:c6:88:a4:4a:ce:f9:3b:fb:0a:6d:e3:
         00:98:74:4b:1d:ad:b0:ae:85:b3:41:6e:43:ae:e0:e0:10:f6:
         a5:bd:ed:04:22:2a:9f:c1:b9:80:7b:0d:19:b4:da:bb:4f:32:
         1e:48:33:0a:34:94:34:f8:9a:62:82:2b:6b:c4:94:c0:24:4b:
         ba:a6:15:5e:f0:ee:a7:fc:8b:0a:6a:15:50:29:9e:3c:87:3f:
         ed:f4:d9:80:4f:4e:76:9b:68:15:1e:74:37:19:6e:07:92:6c:
         bc:e1:83:a1:17:59:fb:3f:91:45:c3:1d:e3:d3:5a:63:6b:b1:
         c4:b4:a1:23:c0:21:4d:23:07:14:a4:32:ac:d9:a9:98:ae:4b:
         c3:bc:ed:4d:a1:fd:95:8d:bf:30:47:ff:31:11:fb:9e:c1:2d:
         b2:14:34:8a:a3:c3:2c:0e:26:5d:03:f9:f0:7d:8a:26:6e:d6:
         0d:b3:51:b8
-----BEGIN CERTIFICATE-----
MIIFvDCCBKSgAwIBAgIUGVlSYy0fDK53mgygdarV8IQeKRUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUYwOEQzOEQ0NTcxQzA5QTgzQjQ1QUNGRDEwQUVCNzgy
NkNFOEY4NDAeFw0yNDAzMDUxNzM5NDhaFw0yNTAzMDQxNzQ0NDhaMDMxMTAvBgNV
BAMTKDc4MjBGQUY0QUYyMjg3OEVDRTdBMUI3Q0VDQTMyOURCOEZBNjcwNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEeHUlv5uDAVRSYy0byeWOcVCB
bPEprFvkAK1D00/5tR2uzF43vtGwgdimE+tLQ7gSUBshN6LK7lNcpd6pQi26L9Ic
4WVc+pIZSQGayln8DZO0N6TAdcZ3lPo/6nL/McSwJn/HdjdI5Kqiu3QbpoXEujnH
9mszFzyGvF0PEHnmjqAOH6QHhxHuWt1XUcVSTNRJHfOlHeKJBwxdoKQQxJdf+CUc
lFZXGDEzUHb1k2m+vAna3IjmrePQ6Ni6HeIcWhVIq0jmSwAKAfN5hUdJh/I2gPoY
cuW7+QJ3CBmF/cKUw4CSyU8GByhQUTiLepmw4WyG4p0hVNqi8x/OxbzQrjUBAgMB
AAGjggLGMIICwjAdBgNVHQ4EFgQUeCD69K8ih47Oeht87KMp24+mcG8wHwYDVR0j
BBgwFoAUnwjTjUVxwJqDtFrP0QrreCbOj4QwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMTZFOEYxMDMxNDZCMjg1MDMzNTAyM0E3MEE2RDM5ODc0
NzY2MzY4REJEQTVGMDQ4RDU1OTcyQjk4RkQ4MzY3LzAvOUYwOEQzOEQ0NTcxQzA5
QTgzQjQ1QUNGRDEwQUVCNzgyNkNFOEY4NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85RjA4RDM4RDQ1NzFDMDlBODNC
NDVBQ0ZEMTBBRUI3ODI2Q0U4Rjg0LmNlcjCBxQYIKwYBBQUHAQsEgbgwgbUwgbIG
CCsGAQUFBzALhoGlcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTE2RThGMTAzMTQ2QjI4NTAzMzUwMjNBNzBBNkQzOTg3NDc2NjM2OERC
REE1RjA0OEQ1NTk3MkI5OEZEODM2Ny8wLzM0MzUyZTMyMzIzNjJlMzYzODJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzczODM0MzMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAIt4kQwDQYJ
KoZIhvcNAQELBQADggEBAAFdcsIvfJcPVi8ATxx6ptJ1QnscjHf4jY1uYMc11wqC
h74QnkC2aSAr9yoTmF6NLj1TLhMpampvTewVlRNkOWFCKUPy/xD2ub8xnq33BofG
iKRKzvk7+wpt4wCYdEsdrbCuhbNBbkOu4OAQ9qW97QQiKp/BuYB7DRm02rtPMh5I
Mwo0lDT4mmKCK2vElMAkS7qmFV7w7qf8iwpqFVApnjyHP+302YBPTnabaBUedDcZ
bgeSbLzhg6EXWfs/kUXDHePTWmNrscS0oSPAIU0jBxSkMqzZqZiuS8O87U2h/ZWN
vzBH/zER+57BLbIUNIqjwywOJl0D+fB9iiZu1g2zUbg=
-----END CERTIFICATE-----
Generated at Thu Nov 21 13:17:06 2024 by rpki-client on console-fra.rpki-client.org