Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/B365A22F7894A2132ED3847D4085798E3711EC53AD6FCE7B8C050B24E8329276/0/34352e3136322e36332e302f32342d3234203d3e20323637363739.roa
File:                     34352e3136322e36332e302f32342d3234203d3e20323637363739.roa (raw, json)
Hash identifier:          Fj/CUkyjYBSqCJdPnZWuy+e25dKTbn2RHI0ODL7C9QM=
Subject key identifier:   E2:D3:76:1C:94:69:B0:DA:B2:D3:18:18:31:8D:DE:D3:1D:B1:25:02
Certificate issuer:       /CN=11C844BF5D6347E3DB9F44B8C3EFAC1F1499B795
Certificate serial:       1A78AFE08D612C58C55AE5AC03888155176F5BFD
Authority key identifier: 11:C8:44:BF:5D:63:47:E3:DB:9F:44:B8:C3:EF:AC:1F:14:99:B7:95
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/11C844BF5D6347E3DB9F44B8C3EFAC1F1499B795.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/B365A22F7894A2132ED3847D4085798E3711EC53AD6FCE7B8C050B24E8329276/0/34352e3136322e36332e302f32342d3234203d3e20323637363739.roa
Signing time:             Tue 05 Mar 2024 17:42:47 +0000
ROA not before:           Tue 05 Mar 2024 17:37:47 +0000
ROA not after:            Tue 04 Mar 2025 17:42:47 +0000
asID:                     267679
IP address blocks:        45.162.63.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/B365A22F7894A2132ED3847D4085798E3711EC53AD6FCE7B8C050B24E8329276/0/11C844BF5D6347E3DB9F44B8C3EFAC1F1499B795.crl
                          rsync://repository.lacnic.net/rpki/lacnic/B365A22F7894A2132ED3847D4085798E3711EC53AD6FCE7B8C050B24E8329276/0/11C844BF5D6347E3DB9F44B8C3EFAC1F1499B795.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/11C844BF5D6347E3DB9F44B8C3EFAC1F1499B795.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 22 Nov 2024 14:52:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:78:af:e0:8d:61:2c:58:c5:5a:e5:ac:03:88:81:55:17:6f:5b:fd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11C844BF5D6347E3DB9F44B8C3EFAC1F1499B795
        Validity
            Not Before: Mar  5 17:37:47 2024 GMT
            Not After : Mar  4 17:42:47 2025 GMT
        Subject: CN=E2D3761C9469B0DAB2D31818318DDED31DB12502
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:38:a4:df:a3:31:86:e2:59:0f:69:2b:a2:b9:
                    ae:52:74:8d:0f:79:0a:0b:82:46:ca:17:1c:31:c6:
                    a9:18:68:08:57:ca:30:2d:45:0d:20:0d:f2:4e:53:
                    d5:97:cd:b9:d5:53:0e:87:0c:39:fc:96:8c:d7:8c:
                    b3:c5:84:07:bd:56:66:6a:82:54:2a:ef:21:e9:43:
                    ad:aa:85:87:ac:0e:ce:60:6b:84:73:06:9a:62:f4:
                    bc:81:f0:27:78:46:fc:6e:94:f0:06:01:64:13:09:
                    8c:5b:52:23:8d:51:8f:0c:90:e9:9f:68:ed:e9:54:
                    3a:49:07:d9:12:cd:10:83:92:35:ee:6c:39:a7:30:
                    bd:e9:89:fe:b9:59:e6:64:0c:1a:9c:65:98:5b:d2:
                    d7:79:17:97:18:ae:56:ed:35:70:4c:d6:c3:f4:12:
                    df:38:f5:7d:9d:33:01:0a:50:20:89:f4:c7:2f:ba:
                    d0:33:c5:2d:22:a7:e0:0c:3e:4f:a0:db:9f:91:40:
                    1e:ab:7c:52:5f:5b:2a:72:49:85:2a:fb:51:fa:39:
                    ed:48:b2:43:40:1c:9e:6f:cf:89:12:a4:65:7a:8f:
                    4e:86:60:de:45:65:12:f7:a2:4c:5c:7a:8b:cf:55:
                    7d:0d:00:5b:34:34:63:4b:dd:c2:a5:be:fd:63:f0:
                    87:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:D3:76:1C:94:69:B0:DA:B2:D3:18:18:31:8D:DE:D3:1D:B1:25:02
            X509v3 Authority Key Identifier:
                keyid:11:C8:44:BF:5D:63:47:E3:DB:9F:44:B8:C3:EF:AC:1F:14:99:B7:95

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/B365A22F7894A2132ED3847D4085798E3711EC53AD6FCE7B8C050B24E8329276/0/11C844BF5D6347E3DB9F44B8C3EFAC1F1499B795.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/11C844BF5D6347E3DB9F44B8C3EFAC1F1499B795.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/B365A22F7894A2132ED3847D4085798E3711EC53AD6FCE7B8C050B24E8329276/0/34352e3136322e36332e302f32342d3234203d3e20323637363739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.162.63.0/24

    Signature Algorithm: sha256WithRSAEncryption
         16:96:56:60:63:2c:8c:fa:2f:b3:64:21:ed:b1:95:a0:90:07:
         fc:f1:d4:53:94:f3:0f:34:4e:4f:a9:84:d7:74:26:e8:a4:11:
         9f:a7:2c:db:b0:86:ba:4f:a3:6c:bc:4f:2f:e3:2a:ad:f0:af:
         3b:f8:87:97:23:92:06:65:75:50:c2:b2:c3:fd:9f:70:61:d8:
         8d:18:38:78:ab:a8:3e:a7:af:9b:4b:86:bc:a9:0d:00:d6:97:
         4c:13:b8:67:ec:67:a0:ce:64:ed:5a:60:5b:79:f8:9f:a5:c4:
         44:09:f4:25:a5:c4:a4:07:f1:ac:15:b0:e1:c0:2f:9d:15:0f:
         1e:10:4f:4f:32:fd:53:04:a5:9b:aa:94:85:0d:89:ed:f9:e4:
         54:13:e3:63:dd:75:3f:aa:6d:81:2a:e0:bd:00:83:00:26:c2:
         2e:ce:9c:39:04:47:1d:97:c4:5a:73:7c:af:e4:c6:50:55:6a:
         18:6f:de:21:b3:28:6a:88:cc:c5:26:29:51:9d:11:4d:79:d6:
         f8:53:ba:71:d5:5a:f0:4b:d9:7a:e8:89:1d:2b:b3:80:c8:53:
         bd:9d:c4:5b:2d:e4:06:f9:57:24:93:34:44:21:3c:8d:a5:74:
         4a:76:26:ef:9d:cb:48:a0:e9:23:d2:60:41:e7:25:5f:b5:79:
         6f:4f:90:ed
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUGniv4I1hLFjFWuWsA4iBVRdvW/0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFDODQ0QkY1RDYzNDdFM0RCOUY0NEI4QzNFRkFDMUYx
NDk5Qjc5NTAeFw0yNDAzMDUxNzM3NDdaFw0yNTAzMDQxNzQyNDdaMDMxMTAvBgNV
BAMTKEUyRDM3NjFDOTQ2OUIwREFCMkQzMTgxODMxOERERUQzMURCMTI1MDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdOKTfozGG4lkPaSuiua5SdI0P
eQoLgkbKFxwxxqkYaAhXyjAtRQ0gDfJOU9WXzbnVUw6HDDn8lozXjLPFhAe9VmZq
glQq7yHpQ62qhYesDs5ga4RzBppi9LyB8Cd4RvxulPAGAWQTCYxbUiONUY8MkOmf
aO3pVDpJB9kSzRCDkjXubDmnML3pif65WeZkDBqcZZhb0td5F5cYrlbtNXBM1sP0
Et849X2dMwEKUCCJ9McvutAzxS0ip+AMPk+g25+RQB6rfFJfWypySYUq+1H6Oe1I
skNAHJ5vz4kSpGV6j06GYN5FZRL3okxceovPVX0NAFs0NGNL3cKlvv1j8IehAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU4tN2HJRpsNqy0xgYMY3e0x2xJQIwHwYDVR0j
BBgwFoAUEchEv11jR+Pbn0S4w++sHxSZt5UwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9CMzY1QTIyRjc4OTRBMjEzMkVEMzg0N0Q0MDg1Nzk4RTM3
MTFFQzUzQUQ2RkNFN0I4QzA1MEIyNEU4MzI5Mjc2LzAvMTFDODQ0QkY1RDYzNDdF
M0RCOUY0NEI4QzNFRkFDMUYxNDk5Qjc5NS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xMUM4NDRCRjVENjM0N0UzREI5
RjQ0QjhDM0VGQUMxRjE0OTlCNzk1LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQjM2NUEyMkY3ODk0QTIxMzJFRDM4NDdENDA4NTc5OEUzNzExRUM1M0FE
NkZDRTdCOEMwNTBCMjRFODMyOTI3Ni8wLzM0MzUyZTMxMzYzMjJlMzYzMzJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzNzM2MzczOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2iPzAN
BgkqhkiG9w0BAQsFAAOCAQEAFpZWYGMsjPovs2Qh7bGVoJAH/PHUU5TzDzROT6mE
13Qm6KQRn6cs27CGuk+jbLxPL+MqrfCvO/iHlyOSBmV1UMKyw/2fcGHYjRg4eKuo
Pqevm0uGvKkNANaXTBO4Z+xnoM5k7VpgW3n4n6XERAn0JaXEpAfxrBWw4cAvnRUP
HhBPTzL9UwSlm6qUhQ2J7fnkVBPjY911P6ptgSrgvQCDACbCLs6cOQRHHZfEWnN8
r+TGUFVqGG/eIbMoaojMxSYpUZ0RTXnW+FO6cdVa8EvZeuiJHSuzgMhTvZ3EWy3k
BvlXJJM0RCE8jaV0SnYm753LSKDpI9JgQeclX7V5b0+Q7Q==
-----END CERTIFICATE-----
Generated at Tue Nov 19 10:29:38 2024 by rpki-client on console-fra.rpki-client.org