Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/C5AECF7168D2B7B27339E271375FE49F02F581407550D99225722354D01DD19F/0/34352e3138392e3134382e302f32322d3232203d3e203238343335.roa
File:                     34352e3138392e3134382e302f32322d3232203d3e203238343335.roa (raw, json)
Hash identifier:          xgCn4PnEhhSxgkCa6Bb5b0AVEmL/6OipHccCxImZI0M=
Subject key identifier:   FA:0B:E6:CC:49:C5:10:70:F7:C1:C6:9C:E6:34:33:83:18:50:DC:6A
Certificate issuer:       /CN=9616F367BC1934BBCB4A42293F8C4ABD6ECEBAE0
Certificate serial:       55450CECFDC1B6E0332F34B2001031039A2F3983
Authority key identifier: 96:16:F3:67:BC:19:34:BB:CB:4A:42:29:3F:8C:4A:BD:6E:CE:BA:E0
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9616F367BC1934BBCB4A42293F8C4ABD6ECEBAE0.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/C5AECF7168D2B7B27339E271375FE49F02F581407550D99225722354D01DD19F/0/34352e3138392e3134382e302f32322d3232203d3e203238343335.roa
Signing time:             Tue 05 Mar 2024 18:12:45 +0000
ROA not before:           Tue 05 Mar 2024 18:07:45 +0000
ROA not after:            Tue 04 Mar 2025 18:12:45 +0000
asID:                     28435
IP address blocks:        45.189.148.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/C5AECF7168D2B7B27339E271375FE49F02F581407550D99225722354D01DD19F/0/9616F367BC1934BBCB4A42293F8C4ABD6ECEBAE0.crl
                          rsync://repository.lacnic.net/rpki/lacnic/C5AECF7168D2B7B27339E271375FE49F02F581407550D99225722354D01DD19F/0/9616F367BC1934BBCB4A42293F8C4ABD6ECEBAE0.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9616F367BC1934BBCB4A42293F8C4ABD6ECEBAE0.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:22:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:45:0c:ec:fd:c1:b6:e0:33:2f:34:b2:00:10:31:03:9a:2f:39:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9616F367BC1934BBCB4A42293F8C4ABD6ECEBAE0
        Validity
            Not Before: Mar  5 18:07:45 2024 GMT
            Not After : Mar  4 18:12:45 2025 GMT
        Subject: CN=FA0BE6CC49C51070F7C1C69CE63433831850DC6A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8f:5f:fd:93:60:0a:8b:5c:36:79:af:62:aa:95:
                    e5:7a:ec:a0:4a:7c:c0:40:fb:34:9a:b4:97:ab:31:
                    d7:53:8c:4c:11:01:fe:fe:7d:1c:9e:0f:c9:34:b0:
                    29:aa:70:18:b5:7d:2d:a6:86:1f:5f:5e:e8:ad:5d:
                    2c:88:92:85:f1:20:47:fb:53:46:48:78:56:0d:16:
                    8e:98:ab:fc:0c:36:b7:e5:02:8e:3f:04:d2:fe:4b:
                    bb:bb:9a:e0:fe:28:fc:52:30:55:88:ac:71:e8:f7:
                    06:6d:ba:2a:4e:c2:d6:91:8d:c3:7b:3a:31:16:f5:
                    b7:90:e9:28:e0:5e:6e:37:fd:da:12:23:3a:02:f7:
                    70:68:9b:e3:1d:9f:79:a2:97:38:84:3d:36:7d:e3:
                    76:e4:b2:bc:bb:88:f2:3d:9c:87:ee:65:a0:ea:20:
                    3c:42:d3:c9:d5:63:47:4d:e5:58:cf:35:96:76:51:
                    94:28:6c:44:0d:3a:77:47:45:f2:a1:67:7f:ab:af:
                    4e:47:65:8f:a6:9d:c4:e9:1b:dd:d2:b0:d3:97:7d:
                    81:f7:78:b8:aa:a0:0a:a6:4c:0e:a0:66:c9:e1:3a:
                    c3:0e:25:22:25:d3:2f:e2:e5:fa:7e:33:8b:10:b2:
                    d6:9a:18:d8:e3:f0:b2:b3:9e:d8:3c:6e:0e:bf:9a:
                    45:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:0B:E6:CC:49:C5:10:70:F7:C1:C6:9C:E6:34:33:83:18:50:DC:6A
            X509v3 Authority Key Identifier:
                keyid:96:16:F3:67:BC:19:34:BB:CB:4A:42:29:3F:8C:4A:BD:6E:CE:BA:E0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/C5AECF7168D2B7B27339E271375FE49F02F581407550D99225722354D01DD19F/0/9616F367BC1934BBCB4A42293F8C4ABD6ECEBAE0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/9616F367BC1934BBCB4A42293F8C4ABD6ECEBAE0.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/C5AECF7168D2B7B27339E271375FE49F02F581407550D99225722354D01DD19F/0/34352e3138392e3134382e302f32322d3232203d3e203238343335.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.189.148.0/22

    Signature Algorithm: sha256WithRSAEncryption
         51:d3:dd:4d:1e:98:df:ba:26:20:00:b8:37:65:b9:c7:79:89:
         3e:b0:9a:71:f0:92:56:a1:a6:73:da:88:d9:85:4e:44:76:f8:
         05:89:fc:5b:55:c9:8c:e5:2b:b5:d3:54:aa:4c:91:99:de:e4:
         8a:03:e7:b6:08:5f:e2:39:75:4b:f1:ee:ea:db:a7:e1:de:98:
         62:44:13:66:fa:a3:6a:8c:6b:cd:ec:02:92:3f:e9:ac:73:e8:
         a6:11:c4:d6:42:e6:3c:20:7b:2e:8b:3b:52:63:20:db:fa:16:
         2f:07:10:50:9c:30:95:4a:23:55:23:14:b9:80:d4:33:6d:5f:
         7b:f9:77:f2:30:e8:a2:8c:5a:89:f5:8d:ee:45:eb:f0:67:55:
         0f:56:df:8b:b4:a6:39:88:05:4a:17:61:64:b5:c5:5e:8e:84:
         3f:ea:c9:ff:00:3b:57:b2:48:66:d5:e2:ad:62:02:a7:92:99:
         f0:7c:99:a5:fe:43:b2:49:8a:35:92:bb:d7:fd:9d:67:e4:36:
         17:ca:83:3e:e7:75:fd:dc:b0:ca:80:80:2c:4e:07:73:37:09:
         34:a4:f7:ac:ed:2e:59:8c:06:16:40:71:c6:dd:ae:b5:d1:ba:
         88:de:39:bc:22:ad:9d:e9:67:b1:25:20:bf:ef:34:d1:cd:d6:
         55:c8:1f:7d
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUVUUM7P3BtuAzLzSyABAxA5ovOYMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTYxNkYzNjdCQzE5MzRCQkNCNEE0MjI5M0Y4QzRBQkQ2
RUNFQkFFMDAeFw0yNDAzMDUxODA3NDVaFw0yNTAzMDQxODEyNDVaMDMxMTAvBgNV
BAMTKEZBMEJFNkNDNDlDNTEwNzBGN0MxQzY5Q0U2MzQzMzgzMTg1MERDNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCPX/2TYAqLXDZ5r2KqleV67KBK
fMBA+zSatJerMddTjEwRAf7+fRyeD8k0sCmqcBi1fS2mhh9fXuitXSyIkoXxIEf7
U0ZIeFYNFo6Yq/wMNrflAo4/BNL+S7u7muD+KPxSMFWIrHHo9wZtuipOwtaRjcN7
OjEW9beQ6SjgXm43/doSIzoC93Bom+Mdn3milziEPTZ943bksry7iPI9nIfuZaDq
IDxC08nVY0dN5VjPNZZ2UZQobEQNOndHRfKhZ3+rr05HZY+mncTpG93SsNOXfYH3
eLiqoAqmTA6gZsnhOsMOJSIl0y/i5fp+M4sQstaaGNjj8LKzntg8bg6/mkVhAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU+gvmzEnFEHD3wcac5jQzgxhQ3GowHwYDVR0j
BBgwFoAUlhbzZ7wZNLvLSkIpP4xKvW7OuuAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DNUFFQ0Y3MTY4RDJCN0IyNzMzOUUyNzEzNzVGRTQ5RjAy
RjU4MTQwNzU1MEQ5OTIyNTcyMjM1NEQwMUREMTlGLzAvOTYxNkYzNjdCQzE5MzRC
QkNCNEE0MjI5M0Y4QzRBQkQ2RUNFQkFFMC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC85NjE2RjM2N0JDMTkzNEJCQ0I0
QTQyMjkzRjhDNEFCRDZFQ0VCQUUwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQzVBRUNGNzE2OEQyQjdCMjczMzlFMjcxMzc1RkU0OUYwMkY1ODE0MDc1
NTBEOTkyMjU3MjIzNTREMDFERDE5Ri8wLzM0MzUyZTMxMzgzOTJlMzEzNDM4MmUz
MDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzODM0MzMzNS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi29lDAN
BgkqhkiG9w0BAQsFAAOCAQEAUdPdTR6Y37omIAC4N2W5x3mJPrCacfCSVqGmc9qI
2YVORHb4BYn8W1XJjOUrtdNUqkyRmd7kigPntghf4jl1S/Hu6tun4d6YYkQTZvqj
aoxrzewCkj/prHPophHE1kLmPCB7Los7UmMg2/oWLwcQUJwwlUojVSMUuYDUM21f
e/l38jDoooxaifWN7kXr8GdVD1bfi7SmOYgFShdhZLXFXo6EP+rJ/wA7V7JIZtXi
rWICp5KZ8HyZpf5DskmKNZK71/2dZ+Q2F8qDPud1/dywyoCALE4HczcJNKT3rO0u
WYwGFkBxxt2utdG6iN45vCKtnelnsSUgv+800c3WVcgffQ==
-----END CERTIFICATE-----
Generated at Tue Nov 19 20:38:23 2024 by rpki-client on console-fra.rpki-client.org