Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/A7DC418CFD9DDEF3CC4206D062EAEE2046492C71EFF5C5EBEB346FBD148EB268/0/34352e3233392e32322e302f32332d3233203d3e20323636383539.roa
File:                     34352e3233392e32322e302f32332d3233203d3e20323636383539.roa (raw, json)
Hash identifier:          cSO7UpMU6544i+vUpPYcnjjVzkQFmedAA3pYq56H0+s=
Subject key identifier:   8E:E9:FE:F9:3D:8C:31:11:F8:DA:D2:21:8F:4D:A3:55:D0:F4:F9:C1
Certificate issuer:       /CN=6D038F54D0F5250BE46D0A6BBD77EA1813E7EBC6
Certificate serial:       2C3C5CC3869A870AA5F2276B424CF62862A9DCEF
Authority key identifier: 6D:03:8F:54:D0:F5:25:0B:E4:6D:0A:6B:BD:77:EA:18:13:E7:EB:C6
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6D038F54D0F5250BE46D0A6BBD77EA1813E7EBC6.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/A7DC418CFD9DDEF3CC4206D062EAEE2046492C71EFF5C5EBEB346FBD148EB268/0/34352e3233392e32322e302f32332d3233203d3e20323636383539.roa
Signing time:             Tue 05 Mar 2024 17:59:02 +0000
ROA not before:           Tue 05 Mar 2024 17:54:02 +0000
ROA not after:            Tue 04 Mar 2025 17:59:02 +0000
asID:                     266859
IP address blocks:        45.239.22.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/A7DC418CFD9DDEF3CC4206D062EAEE2046492C71EFF5C5EBEB346FBD148EB268/0/6D038F54D0F5250BE46D0A6BBD77EA1813E7EBC6.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A7DC418CFD9DDEF3CC4206D062EAEE2046492C71EFF5C5EBEB346FBD148EB268/0/6D038F54D0F5250BE46D0A6BBD77EA1813E7EBC6.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6D038F54D0F5250BE46D0A6BBD77EA1813E7EBC6.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:3c:5c:c3:86:9a:87:0a:a5:f2:27:6b:42:4c:f6:28:62:a9:dc:ef
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6D038F54D0F5250BE46D0A6BBD77EA1813E7EBC6
        Validity
            Not Before: Mar  5 17:54:02 2024 GMT
            Not After : Mar  4 17:59:02 2025 GMT
        Subject: CN=8EE9FEF93D8C3111F8DAD2218F4DA355D0F4F9C1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:70:26:13:d5:e3:3c:e5:57:b6:44:50:33:15:
                    ae:c3:94:ec:d2:02:10:e4:3e:4a:99:ff:ea:c1:d7:
                    9d:b4:fd:f0:88:cb:07:18:38:85:93:f6:d6:57:2b:
                    33:8b:6a:7a:21:c8:95:1b:f3:f4:82:b4:ac:cd:91:
                    bc:3a:04:c2:24:76:df:78:1c:d8:ae:73:f7:89:46:
                    27:01:47:cc:f6:3b:0e:7c:2a:09:77:9a:ce:97:31:
                    72:ed:73:67:87:be:7b:86:91:a6:38:ff:aa:e3:15:
                    8e:55:ca:88:a4:57:0d:fe:7e:df:a8:8a:e8:2e:e7:
                    26:e4:bd:6e:11:07:19:09:3d:a9:6d:f1:46:78:13:
                    24:af:5c:81:6c:0e:be:b1:78:d0:60:0e:1d:74:e7:
                    e3:93:bc:5f:76:24:ba:d9:12:1b:d8:5b:ee:42:12:
                    24:c5:f4:4a:a7:90:43:72:dc:61:fd:38:13:25:6d:
                    0d:29:38:60:31:2d:e9:aa:71:76:b5:93:ef:36:4e:
                    78:9e:b7:cc:04:df:49:fb:d1:c4:9c:d3:8f:30:7f:
                    9e:a2:e9:1d:45:a5:19:8b:09:9a:a5:cc:8a:67:3a:
                    5d:9b:f5:f2:44:4e:71:8c:60:93:c1:ea:8f:d4:ff:
                    94:f2:9b:08:b7:dd:8c:31:37:82:ef:6c:5c:da:4a:
                    ef:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:E9:FE:F9:3D:8C:31:11:F8:DA:D2:21:8F:4D:A3:55:D0:F4:F9:C1
            X509v3 Authority Key Identifier:
                keyid:6D:03:8F:54:D0:F5:25:0B:E4:6D:0A:6B:BD:77:EA:18:13:E7:EB:C6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/A7DC418CFD9DDEF3CC4206D062EAEE2046492C71EFF5C5EBEB346FBD148EB268/0/6D038F54D0F5250BE46D0A6BBD77EA1813E7EBC6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/6D038F54D0F5250BE46D0A6BBD77EA1813E7EBC6.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/A7DC418CFD9DDEF3CC4206D062EAEE2046492C71EFF5C5EBEB346FBD148EB268/0/34352e3233392e32322e302f32332d3233203d3e20323636383539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.239.22.0/23

    Signature Algorithm: sha256WithRSAEncryption
         58:b1:9e:a3:6b:0c:45:6f:be:34:93:58:a3:80:ba:06:d5:af:
         88:c5:82:7f:6e:9b:6b:49:da:ce:61:13:86:78:4c:99:93:4f:
         f8:a3:39:b9:50:6e:2f:84:02:e1:da:a5:36:bf:35:2e:ed:50:
         af:50:7f:62:17:55:c6:f9:ae:15:0a:97:b4:27:e1:bd:91:99:
         f8:a8:5c:5d:95:c8:57:18:7f:2a:87:fa:b0:b8:22:d2:fb:07:
         d0:ae:b6:88:e5:74:38:e4:b5:bc:2a:66:e1:d8:58:bf:02:fa:
         1d:cf:aa:31:eb:1b:1d:95:3e:15:2e:93:3d:02:96:c6:da:7a:
         c3:e8:ac:19:38:36:5c:d4:7c:53:b8:ce:07:33:f6:e9:9e:05:
         a1:aa:f9:97:a8:e1:f2:d1:12:d4:e0:5d:31:b3:17:0f:41:68:
         c5:5c:1d:d6:6a:fc:80:69:fc:1a:0f:96:0b:d2:4c:76:17:46:
         17:a9:e9:60:a3:5a:7d:49:e0:2e:15:43:cf:42:d4:35:03:af:
         e5:cc:94:06:8d:37:19:ed:ff:00:db:70:9f:56:2d:72:f9:19:
         1b:d8:9d:44:70:25:81:78:00:75:d8:b1:67:6d:86:c8:c5:5f:
         1c:73:1e:5c:9d:78:99:9f:47:c6:72:c4:06:78:dd:f6:a9:86:
         12:c9:31:11
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIULDxcw4aahwql8idrQkz2KGKp3O8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkQwMzhGNTREMEY1MjUwQkU0NkQwQTZCQkQ3N0VBMTgx
M0U3RUJDNjAeFw0yNDAzMDUxNzU0MDJaFw0yNTAzMDQxNzU5MDJaMDMxMTAvBgNV
BAMTKDhFRTlGRUY5M0Q4QzMxMTFGOERBRDIyMThGNERBMzU1RDBGNEY5QzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkcCYT1eM85Ve2RFAzFa7DlOzS
AhDkPkqZ/+rB1520/fCIywcYOIWT9tZXKzOLanohyJUb8/SCtKzNkbw6BMIkdt94
HNiuc/eJRicBR8z2Ow58Kgl3ms6XMXLtc2eHvnuGkaY4/6rjFY5VyoikVw3+ft+o
iugu5ybkvW4RBxkJPalt8UZ4EySvXIFsDr6xeNBgDh105+OTvF92JLrZEhvYW+5C
EiTF9EqnkENy3GH9OBMlbQ0pOGAxLemqcXa1k+82Tniet8wE30n70cSc048wf56i
6R1FpRmLCZqlzIpnOl2b9fJETnGMYJPB6o/U/5Tymwi33YwxN4LvbFzaSu+XAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUjun++T2MMRH42tIhj02jVdD0+cEwHwYDVR0j
BBgwFoAUbQOPVND1JQvkbQprvXfqGBPn68YwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BN0RDNDE4Q0ZEOURERUYzQ0M0MjA2RDA2MkVBRUUyMDQ2
NDkyQzcxRUZGNUM1RUJFQjM0NkZCRDE0OEVCMjY4LzAvNkQwMzhGNTREMEY1MjUw
QkU0NkQwQTZCQkQ3N0VBMTgxM0U3RUJDNi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82RDAzOEY1NEQwRjUyNTBCRTQ2
RDBBNkJCRDc3RUExODEzRTdFQkM2LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQTdEQzQxOENGRDlEREVGM0NDNDIwNkQwNjJFQUVFMjA0NjQ5MkM3MUVG
RjVDNUVCRUIzNDZGQkQxNDhFQjI2OC8wLzM0MzUyZTMyMzMzOTJlMzIzMjJlMzAy
ZjMyMzMyZDMyMzMyMDNkM2UyMDMyMzYzNjM4MzUzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS3vFjAN
BgkqhkiG9w0BAQsFAAOCAQEAWLGeo2sMRW++NJNYo4C6BtWviMWCf26ba0nazmET
hnhMmZNP+KM5uVBuL4QC4dqlNr81Lu1Qr1B/YhdVxvmuFQqXtCfhvZGZ+KhcXZXI
Vxh/Kof6sLgi0vsH0K62iOV0OOS1vCpm4dhYvwL6Hc+qMesbHZU+FS6TPQKWxtp6
w+isGTg2XNR8U7jOBzP26Z4Foar5l6jh8tES1OBdMbMXD0FoxVwd1mr8gGn8Gg+W
C9JMdhdGF6npYKNafUngLhVDz0LUNQOv5cyUBo03Ge3/ANtwn1YtcvkZG9idRHAl
gXgAddixZ22GyMVfHHMeXJ14mZ9HxnLEBnjd9qmGEskxEQ==
-----END CERTIFICATE-----
Generated at Sat Jun 15 22:11:12 2024 by rpki-client on console-fra.rpki-client.org