Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/AEF4C39A558544AE54CC71DBA2AA80B36BFBE2CA5BF4F0DB9823D2AB6B747E63/0/3136382e3232372e32332e302f32342d3234203d3e20323635373830.roa
File:                     3136382e3232372e32332e302f32342d3234203d3e20323635373830.roa (raw, json)
Hash identifier:          8+uXDhBBBMFAPyzL8K61tdNLCv2INqiKY3zWYvFweHY=
Subject key identifier:   81:4A:46:5B:FD:CB:02:DD:B9:C2:9D:3E:EF:08:6D:7F:E5:8F:A6:22
Certificate issuer:       /CN=45E01B7B9B876AE1F0C01505969888DB05F86C32
Certificate serial:       5477813189EA3F6A67E4529543592705F519434B
Authority key identifier: 45:E0:1B:7B:9B:87:6A:E1:F0:C0:15:05:96:98:88:DB:05:F8:6C:32
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/45E01B7B9B876AE1F0C01505969888DB05F86C32.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/AEF4C39A558544AE54CC71DBA2AA80B36BFBE2CA5BF4F0DB9823D2AB6B747E63/0/3136382e3232372e32332e302f32342d3234203d3e20323635373830.roa
Signing time:             Tue 05 Mar 2024 18:13:15 +0000
ROA not before:           Tue 05 Mar 2024 18:08:15 +0000
ROA not after:            Tue 04 Mar 2025 18:13:15 +0000
asID:                     265780
IP address blocks:        168.227.23.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/AEF4C39A558544AE54CC71DBA2AA80B36BFBE2CA5BF4F0DB9823D2AB6B747E63/0/45E01B7B9B876AE1F0C01505969888DB05F86C32.crl
                          rsync://repository.lacnic.net/rpki/lacnic/AEF4C39A558544AE54CC71DBA2AA80B36BFBE2CA5BF4F0DB9823D2AB6B747E63/0/45E01B7B9B876AE1F0C01505969888DB05F86C32.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/45E01B7B9B876AE1F0C01505969888DB05F86C32.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:77:81:31:89:ea:3f:6a:67:e4:52:95:43:59:27:05:f5:19:43:4b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=45E01B7B9B876AE1F0C01505969888DB05F86C32
        Validity
            Not Before: Mar  5 18:08:15 2024 GMT
            Not After : Mar  4 18:13:15 2025 GMT
        Subject: CN=814A465BFDCB02DDB9C29D3EEF086D7FE58FA622
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:bf:fc:d7:de:3a:c5:2b:48:55:d0:e0:75:55:
                    82:cd:80:82:59:e8:34:fc:c8:a8:33:9f:93:be:1e:
                    54:5d:2f:29:08:c4:0e:8b:6d:0a:ac:d3:fa:a9:25:
                    68:97:4e:88:df:2c:ed:e4:d9:2f:a5:14:03:7c:86:
                    23:f6:54:24:ed:33:a1:da:8d:2c:94:bf:6f:34:77:
                    8a:78:ae:31:c6:26:95:02:30:ef:b2:93:57:0b:0f:
                    53:9d:b3:5a:55:9b:68:16:01:4e:23:e0:08:24:bc:
                    fa:7f:b2:c6:37:b4:62:fd:c1:7d:53:59:46:dd:91:
                    ee:00:02:6a:a8:2b:05:87:ae:e5:56:49:f8:d1:7a:
                    47:f7:4e:77:ed:81:83:64:55:6a:3b:15:67:55:15:
                    f3:c1:03:b8:9d:5f:a2:8b:a1:d4:5d:a2:7e:fe:8c:
                    a6:04:85:14:53:3f:b2:e0:d8:29:45:36:6e:92:59:
                    0c:de:19:04:9d:ca:b2:0b:48:28:b5:7d:af:91:ed:
                    92:66:98:39:b4:e3:0e:11:f9:ad:2a:bd:9f:b8:44:
                    36:cf:cd:95:50:38:61:b6:28:d3:2b:c7:3f:77:39:
                    fb:75:dc:7b:ea:a1:35:23:96:9b:c7:e8:92:65:38:
                    ac:5f:98:3f:69:d8:59:66:68:e3:3d:1d:d6:84:bc:
                    68:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:4A:46:5B:FD:CB:02:DD:B9:C2:9D:3E:EF:08:6D:7F:E5:8F:A6:22
            X509v3 Authority Key Identifier:
                keyid:45:E0:1B:7B:9B:87:6A:E1:F0:C0:15:05:96:98:88:DB:05:F8:6C:32

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/AEF4C39A558544AE54CC71DBA2AA80B36BFBE2CA5BF4F0DB9823D2AB6B747E63/0/45E01B7B9B876AE1F0C01505969888DB05F86C32.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/45E01B7B9B876AE1F0C01505969888DB05F86C32.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/AEF4C39A558544AE54CC71DBA2AA80B36BFBE2CA5BF4F0DB9823D2AB6B747E63/0/3136382e3232372e32332e302f32342d3234203d3e20323635373830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.227.23.0/24

    Signature Algorithm: sha256WithRSAEncryption
         29:e7:5e:fa:34:b3:e9:84:a3:b1:dc:29:5c:43:ee:4f:61:0c:
         d6:dc:1d:e4:ea:db:2d:4a:64:81:fb:88:97:56:d4:59:35:e8:
         5c:12:8f:1b:28:da:df:bf:a0:09:f3:27:02:ff:94:c7:ac:1b:
         97:93:a9:11:00:a1:86:69:50:f3:be:2d:0f:d7:d4:bf:87:d2:
         61:fa:db:df:7a:56:3a:58:7f:9a:83:0e:0b:91:aa:5d:f6:d6:
         29:0e:53:fb:b1:49:d3:f7:9d:98:1f:b0:1f:2b:09:e0:00:9a:
         20:75:85:62:ed:33:6a:4c:3f:38:eb:70:0a:98:52:fc:aa:62:
         02:d7:41:0f:44:28:8c:c0:71:e7:22:5b:d4:d8:c1:6a:22:7c:
         bb:2f:49:30:ba:75:76:42:cd:e6:19:68:2d:39:25:30:44:42:
         2a:4d:2e:d6:38:d0:a7:ad:71:4c:92:a0:e6:d6:74:cb:e2:e7:
         cd:38:23:62:65:c4:5b:1e:94:08:60:a8:68:8d:91:26:b3:12:
         6d:60:dc:bf:56:08:43:fc:91:2e:ac:8f:82:3b:2d:b0:2c:32:
         bd:f9:14:5d:c2:e1:cd:c6:3e:a9:3a:47:2b:b6:51:a3:34:f2:
         f2:9d:00:6f:e9:45:19:fd:44:23:2c:8c:b9:b7:a8:52:d2:9a:
         d2:2c:ca:74
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUVHeBMYnqP2pn5FKVQ1knBfUZQ0swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDVFMDFCN0I5Qjg3NkFFMUYwQzAxNTA1OTY5ODg4REIw
NUY4NkMzMjAeFw0yNDAzMDUxODA4MTVaFw0yNTAzMDQxODEzMTVaMDMxMTAvBgNV
BAMTKDgxNEE0NjVCRkRDQjAyRERCOUMyOUQzRUVGMDg2RDdGRTU4RkE2MjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsv/zX3jrFK0hV0OB1VYLNgIJZ
6DT8yKgzn5O+HlRdLykIxA6LbQqs0/qpJWiXTojfLO3k2S+lFAN8hiP2VCTtM6Ha
jSyUv280d4p4rjHGJpUCMO+yk1cLD1Ods1pVm2gWAU4j4AgkvPp/ssY3tGL9wX1T
WUbdke4AAmqoKwWHruVWSfjRekf3TnftgYNkVWo7FWdVFfPBA7idX6KLodRdon7+
jKYEhRRTP7Lg2ClFNm6SWQzeGQSdyrILSCi1fa+R7ZJmmDm04w4R+a0qvZ+4RDbP
zZVQOGG2KNMrxz93Oft13HvqoTUjlpvH6JJlOKxfmD9p2FlmaOM9HdaEvGh/AgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUgUpGW/3LAt25wp0+7whtf+WPpiIwHwYDVR0j
BBgwFoAUReAbe5uHauHwwBUFlpiI2wX4bDIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9BRUY0QzM5QTU1ODU0NEFFNTRDQzcxREJBMkFBODBCMzZC
RkJFMkNBNUJGNEYwREI5ODIzRDJBQjZCNzQ3RTYzLzAvNDVFMDFCN0I5Qjg3NkFF
MUYwQzAxNTA1OTY5ODg4REIwNUY4NkMzMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80NUUwMUI3QjlCODc2QUUxRjBD
MDE1MDU5Njk4ODhEQjA1Rjg2QzMyLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQUVGNEMzOUE1NTg1NDRBRTU0Q0M3MURCQTJBQTgwQjM2QkZCRTJDQTVC
RjRGMERCOTgyM0QyQUI2Qjc0N0U2My8wLzMxMzYzODJlMzIzMjM3MmUzMjMzMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM1MzczODMwLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqOMX
MA0GCSqGSIb3DQEBCwUAA4IBAQAp5176NLPphKOx3ClcQ+5PYQzW3B3k6tstSmSB
+4iXVtRZNehcEo8bKNrfv6AJ8ycC/5THrBuXk6kRAKGGaVDzvi0P19S/h9Jh+tvf
elY6WH+agw4Lkapd9tYpDlP7sUnT952YH7AfKwngAJogdYVi7TNqTD8463AKmFL8
qmIC10EPRCiMwHHnIlvU2MFqIny7L0kwunV2Qs3mGWgtOSUwREIqTS7WONCnrXFM
kqDm1nTL4ufNOCNiZcRbHpQIYKhojZEmsxJtYNy/VghD/JEurI+COy2wLDK9+RRd
wuHNxj6pOkcrtlGjNPLynQBv6UUZ/UQjLIy5t6hS0prSLMp0
-----END CERTIFICATE-----
Generated at Thu Nov 21 01:29:59 2024 by rpki-client on console-fra.rpki-client.org