Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A1B7700E2FE0785B4B650FB6B7B1B35DE8DAFC93A318418EF112801832CDBA73/0/34352e3232352e3138352e302f32342d3234203d3e20323635383531.roa
File:                     34352e3232352e3138352e302f32342d3234203d3e20323635383531.roa (raw, json)
Hash identifier:          ujX6JQhHAoCvrAV6bdIwRi4sQb66HJ5vdmZWhRAWH5M=
Subject key identifier:   31:62:A6:DC:69:F8:F5:2C:93:68:DC:94:DE:03:D5:EC:7A:A2:D6:06
Certificate issuer:       /CN=A85589D4CB63F06CB0638FD83DC2356DDD2B6180
Certificate serial:       422CD8F6DAE500E3AB5BE2BF19EA8D485D2FD6EC
Authority key identifier: A8:55:89:D4:CB:63:F0:6C:B0:63:8F:D8:3D:C2:35:6D:DD:2B:61:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A85589D4CB63F06CB0638FD83DC2356DDD2B6180.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A1B7700E2FE0785B4B650FB6B7B1B35DE8DAFC93A318418EF112801832CDBA73/0/34352e3232352e3138352e302f32342d3234203d3e20323635383531.roa
Signing time:             Tue 05 Mar 2024 17:54:39 +0000
ROA not before:           Tue 05 Mar 2024 17:49:39 +0000
ROA not after:            Tue 04 Mar 2025 17:54:39 +0000
asID:                     265851
IP address blocks:        45.225.185.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A1B7700E2FE0785B4B650FB6B7B1B35DE8DAFC93A318418EF112801832CDBA73/0/A85589D4CB63F06CB0638FD83DC2356DDD2B6180.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1B7700E2FE0785B4B650FB6B7B1B35DE8DAFC93A318418EF112801832CDBA73/0/A85589D4CB63F06CB0638FD83DC2356DDD2B6180.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A85589D4CB63F06CB0638FD83DC2356DDD2B6180.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:2c:d8:f6:da:e5:00:e3:ab:5b:e2:bf:19:ea:8d:48:5d:2f:d6:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A85589D4CB63F06CB0638FD83DC2356DDD2B6180
        Validity
            Not Before: Mar  5 17:49:39 2024 GMT
            Not After : Mar  4 17:54:39 2025 GMT
        Subject: CN=3162A6DC69F8F52C9368DC94DE03D5EC7AA2D606
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:15:da:dd:5d:d5:5c:c2:93:10:41:f6:ad:7b:
                    79:28:e5:17:f3:88:b1:9f:27:b3:eb:f9:e3:2b:71:
                    2a:c4:55:4e:32:ad:11:c2:4c:70:55:87:4c:3b:56:
                    c4:44:13:70:57:81:24:85:d1:68:50:23:5b:ca:13:
                    ab:6f:be:41:ec:02:eb:66:38:3c:17:6d:34:24:9a:
                    25:39:6f:97:92:70:1a:39:6a:64:03:c5:e9:f6:f6:
                    88:a8:ef:25:15:e1:3a:0b:c1:d4:c8:0b:1c:cb:ef:
                    c2:54:86:29:e3:c0:80:6a:15:4b:52:87:1c:1e:45:
                    d6:1f:d2:18:b2:55:47:f7:f1:28:ed:0e:6e:91:de:
                    2f:2a:5a:92:ae:97:09:c6:da:b4:b7:c5:f5:99:2b:
                    51:8a:ad:51:18:24:9f:bb:c6:2c:fc:cc:13:58:71:
                    fd:ef:87:af:77:91:a2:36:9d:d0:9e:a8:4a:5a:3e:
                    10:ee:a9:3a:78:29:93:42:cf:81:07:41:71:2b:68:
                    4a:5c:95:6d:46:73:5c:82:3a:eb:7c:da:bc:9b:41:
                    6d:3c:08:c6:29:f9:8c:9d:c7:53:ee:c8:10:10:09:
                    be:1a:0d:7e:a8:af:86:94:8d:b9:33:1d:b0:5d:7e:
                    b0:f3:f1:56:4a:71:67:c0:bf:aa:a5:29:19:a0:00:
                    19:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:62:A6:DC:69:F8:F5:2C:93:68:DC:94:DE:03:D5:EC:7A:A2:D6:06
            X509v3 Authority Key Identifier:
                keyid:A8:55:89:D4:CB:63:F0:6C:B0:63:8F:D8:3D:C2:35:6D:DD:2B:61:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A1B7700E2FE0785B4B650FB6B7B1B35DE8DAFC93A318418EF112801832CDBA73/0/A85589D4CB63F06CB0638FD83DC2356DDD2B6180.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A85589D4CB63F06CB0638FD83DC2356DDD2B6180.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A1B7700E2FE0785B4B650FB6B7B1B35DE8DAFC93A318418EF112801832CDBA73/0/34352e3232352e3138352e302f32342d3234203d3e20323635383531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.225.185.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c8:4a:ee:b8:17:24:34:f6:fd:32:8b:fd:cf:59:ca:da:f4:29:
         24:b4:92:66:1b:1e:d3:c3:e6:86:e9:f6:68:56:25:04:5b:b2:
         d9:0c:d8:a8:29:4e:70:6a:11:ff:15:e9:2f:98:ca:d7:a2:bc:
         4b:49:f4:aa:ce:1c:25:4c:b5:ae:7e:00:b2:d9:39:67:81:7d:
         0a:e0:e5:a5:b2:aa:5c:75:fb:93:cb:dd:04:40:e5:f6:3b:1b:
         07:1b:fa:74:1d:62:bc:8c:61:19:c8:11:fc:9f:2d:67:09:04:
         dc:41:db:c2:34:a4:8c:48:0a:2e:f5:87:d8:68:8e:35:dc:60:
         73:3e:53:0a:e9:f8:7b:48:0f:03:b1:48:ec:63:0b:ff:2a:7e:
         dd:f0:4b:54:43:71:cc:cd:a5:39:2f:29:66:14:2f:39:97:c7:
         13:b3:f9:5f:0a:3d:5a:15:c7:84:96:26:48:0b:d6:2c:b7:61:
         de:63:23:1a:05:89:90:09:0b:96:e9:a3:30:34:21:f3:f8:db:
         1e:7e:7e:d7:6e:c7:47:4e:42:33:19:47:ef:ca:e5:2e:47:d4:
         ea:bb:3c:7b:d0:89:f0:78:a1:c8:e5:34:72:4d:28:b5:1f:82:
         ac:91:ab:c5:72:55:85:cd:21:9f:90:85:b4:19:18:20:48:f6:
         13:aa:2c:09
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUQizY9trlAOOrW+K/GeqNSF0v1uwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTg1NTg5RDRDQjYzRjA2Q0IwNjM4RkQ4M0RDMjM1NkRE
RDJCNjE4MDAeFw0yNDAzMDUxNzQ5MzlaFw0yNTAzMDQxNzU0MzlaMDMxMTAvBgNV
BAMTKDMxNjJBNkRDNjlGOEY1MkM5MzY4REM5NERFMDNENUVDN0FBMkQ2MDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFdrdXdVcwpMQQfate3ko5Rfz
iLGfJ7Pr+eMrcSrEVU4yrRHCTHBVh0w7VsREE3BXgSSF0WhQI1vKE6tvvkHsAutm
ODwXbTQkmiU5b5eScBo5amQDxen29oio7yUV4ToLwdTICxzL78JUhinjwIBqFUtS
hxweRdYf0hiyVUf38SjtDm6R3i8qWpKulwnG2rS3xfWZK1GKrVEYJJ+7xiz8zBNY
cf3vh693kaI2ndCeqEpaPhDuqTp4KZNCz4EHQXEraEpclW1Gc1yCOut82rybQW08
CMYp+Yydx1PuyBAQCb4aDX6or4aUjbkzHbBdfrDz8VZKcWfAv6qlKRmgABlhAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUMWKm3Gn49SyTaNyU3gPV7Hqi1gYwHwYDVR0j
BBgwFoAUqFWJ1Mtj8GywY4/YPcI1bd0rYYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BMUI3NzAwRTJGRTA3ODVCNEI2NTBGQjZCN0IxQjM1REU4
REFGQzkzQTMxODQxOEVGMTEyODAxODMyQ0RCQTczLzAvQTg1NTg5RDRDQjYzRjA2
Q0IwNjM4RkQ4M0RDMjM1NkRERDJCNjE4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BODU1ODlENENCNjNGMDZDQjA2
MzhGRDgzREMyMzU2REREMkI2MTgwLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTFCNzcwMEUyRkUwNzg1QjRCNjUwRkI2QjdCMUIzNURFOERBRkM5M0Ez
MTg0MThFRjExMjgwMTgzMkNEQkE3My8wLzM0MzUyZTMyMzIzNTJlMzEzODM1MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM1MzgzNTMxLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALeG5
MA0GCSqGSIb3DQEBCwUAA4IBAQDISu64FyQ09v0yi/3PWcra9CkktJJmGx7Tw+aG
6fZoViUEW7LZDNioKU5wahH/FekvmMrXorxLSfSqzhwlTLWufgCy2TlngX0K4OWl
sqpcdfuTy90EQOX2OxsHG/p0HWK8jGEZyBH8ny1nCQTcQdvCNKSMSAou9YfYaI41
3GBzPlMK6fh7SA8DsUjsYwv/Kn7d8EtUQ3HMzaU5LylmFC85l8cTs/lfCj1aFceE
liZIC9Yst2HeYyMaBYmQCQuW6aMwNCHz+Nsefn7XbsdHTkIzGUfvyuUuR9Tquzx7
0InweKHI5TRyTSi1H4KskavFclWFzSGfkIW0GRggSPYTqiwJ
-----END CERTIFICATE-----
Generated at Wed Nov 20 16:08:11 2024 by rpki-client on console-fra.rpki-client.org