Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D1D83E7D62FF9F2819B8397A5B0C0700A38D9C86143647E7EA6A7065A22B37A4/0/34352e3137342e32302e302f32322d3234203d3e20323636383036.roa
File:                     34352e3137342e32302e302f32322d3234203d3e20323636383036.roa (raw, json)
Hash identifier:          UPE3qfDtTaxXjZ5IhifpeCSw8UcJVjrUgvc3pm+KQNw=
Subject key identifier:   46:C8:92:E8:DA:0E:7E:95:EC:8F:FC:0D:42:58:29:0B:BE:CE:98:51
Certificate issuer:       /CN=49B598270D6A49A2FED8BA121D3BBE19726010C9
Certificate serial:       06198CF7C2AF21127A3AF79C0F4F85975ACF4CCA
Authority key identifier: 49:B5:98:27:0D:6A:49:A2:FE:D8:BA:12:1D:3B:BE:19:72:60:10:C9
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/49B598270D6A49A2FED8BA121D3BBE19726010C9.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D1D83E7D62FF9F2819B8397A5B0C0700A38D9C86143647E7EA6A7065A22B37A4/0/34352e3137342e32302e302f32322d3234203d3e20323636383036.roa
Signing time:             Tue 05 Mar 2024 17:58:06 +0000
ROA not before:           Tue 05 Mar 2024 17:53:06 +0000
ROA not after:            Tue 04 Mar 2025 17:58:06 +0000
asID:                     266806
IP address blocks:        45.174.20.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D1D83E7D62FF9F2819B8397A5B0C0700A38D9C86143647E7EA6A7065A22B37A4/0/49B598270D6A49A2FED8BA121D3BBE19726010C9.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D1D83E7D62FF9F2819B8397A5B0C0700A38D9C86143647E7EA6A7065A22B37A4/0/49B598270D6A49A2FED8BA121D3BBE19726010C9.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/49B598270D6A49A2FED8BA121D3BBE19726010C9.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Jul 2024 18:21:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:19:8c:f7:c2:af:21:12:7a:3a:f7:9c:0f:4f:85:97:5a:cf:4c:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=49B598270D6A49A2FED8BA121D3BBE19726010C9
        Validity
            Not Before: Mar  5 17:53:06 2024 GMT
            Not After : Mar  4 17:58:06 2025 GMT
        Subject: CN=46C892E8DA0E7E95EC8FFC0D4258290BBECE9851
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:95:bc:48:e0:ef:de:e3:b9:c8:19:0c:c9:99:
                    db:63:b4:00:35:03:1b:30:39:59:a4:79:13:10:57:
                    0c:d0:37:41:98:07:ca:6d:81:d6:71:cc:58:18:cc:
                    92:5b:41:2f:76:5e:47:34:98:0c:20:f7:a6:2b:06:
                    0a:9e:94:ff:37:e8:a8:4b:da:49:61:8f:f5:eb:41:
                    d1:25:f3:56:c5:4c:cc:c1:35:31:0b:f1:7b:8c:fc:
                    6e:b1:f7:f7:42:16:18:cc:3d:6d:5d:ff:94:15:8a:
                    87:94:ce:02:a5:7f:0f:95:3c:51:8a:98:27:95:33:
                    39:e0:89:3b:dd:d8:43:71:5e:99:20:e1:b9:4b:01:
                    16:50:db:d0:0f:bc:73:58:c1:0f:75:02:c8:b3:60:
                    ac:56:99:d2:fa:b8:da:17:0e:0f:7f:f7:13:d0:5b:
                    d3:b8:17:ed:3d:a1:ee:99:79:2e:e2:3e:5a:67:f6:
                    d4:1c:79:72:59:8e:e7:63:07:a9:e1:de:01:56:2c:
                    47:56:3a:5d:2b:85:d0:d3:b2:fb:98:76:30:5e:42:
                    bb:16:60:e9:fb:8f:c7:9c:8b:d9:32:04:d8:f8:eb:
                    cc:0d:f0:11:a8:07:44:5c:de:01:a6:48:1b:49:8e:
                    39:e5:66:65:2e:9e:a5:3e:51:a3:2f:d2:6d:df:3e:
                    ff:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                46:C8:92:E8:DA:0E:7E:95:EC:8F:FC:0D:42:58:29:0B:BE:CE:98:51
            X509v3 Authority Key Identifier:
                keyid:49:B5:98:27:0D:6A:49:A2:FE:D8:BA:12:1D:3B:BE:19:72:60:10:C9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D1D83E7D62FF9F2819B8397A5B0C0700A38D9C86143647E7EA6A7065A22B37A4/0/49B598270D6A49A2FED8BA121D3BBE19726010C9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/49B598270D6A49A2FED8BA121D3BBE19726010C9.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D1D83E7D62FF9F2819B8397A5B0C0700A38D9C86143647E7EA6A7065A22B37A4/0/34352e3137342e32302e302f32322d3234203d3e20323636383036.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.174.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         26:70:64:88:08:1f:0d:da:5f:43:3a:7b:d5:1e:0a:d1:2f:0d:
         0e:41:fd:29:a4:dd:62:cc:74:fd:de:19:1b:75:bd:e8:e2:d0:
         42:ac:1b:28:8b:4d:15:fd:fa:13:34:aa:b3:eb:1a:62:97:24:
         ee:23:30:65:83:2b:24:5f:8b:62:6f:b5:6c:ae:5e:a2:15:08:
         31:7f:1c:4c:44:9e:43:6c:b9:1e:4f:3d:7a:a0:27:f1:9e:89:
         40:56:fb:a2:da:36:46:dd:18:09:1c:7c:58:65:35:10:66:ee:
         48:de:54:ec:93:c3:3e:71:03:7d:67:cc:4a:28:58:38:e4:be:
         8e:1f:ac:0d:65:40:66:41:92:6e:51:5b:0e:3b:fb:6c:4e:7f:
         7f:a8:42:2e:f1:61:2f:79:65:06:00:29:1d:c3:d9:25:33:d7:
         c4:e8:1c:d0:7d:00:ee:0e:04:87:e7:65:d4:79:d1:d9:e8:22:
         2f:c6:ef:9e:77:0c:58:a1:e0:04:d3:e0:9c:88:7c:c7:81:39:
         35:5f:b7:f4:02:0f:0e:1f:e4:0e:5c:f8:83:9a:43:d3:09:8c:
         4d:fe:a6:09:df:eb:8f:d3:1f:52:1c:1b:48:4d:87:d4:0e:98:
         71:0e:94:94:b7:90:79:e1:d5:49:0c:65:86:0f:79:a0:64:2b:
         d2:d4:8e:5a
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUBhmM98KvIRJ6OvecD0+Fl1rPTMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDlCNTk4MjcwRDZBNDlBMkZFRDhCQTEyMUQzQkJFMTk3
MjYwMTBDOTAeFw0yNDAzMDUxNzUzMDZaFw0yNTAzMDQxNzU4MDZaMDMxMTAvBgNV
BAMTKDQ2Qzg5MkU4REEwRTdFOTVFQzhGRkMwRDQyNTgyOTBCQkVDRTk4NTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNlbxI4O/e47nIGQzJmdtjtAA1
AxswOVmkeRMQVwzQN0GYB8ptgdZxzFgYzJJbQS92Xkc0mAwg96YrBgqelP836KhL
2klhj/XrQdEl81bFTMzBNTEL8XuM/G6x9/dCFhjMPW1d/5QVioeUzgKlfw+VPFGK
mCeVMzngiTvd2ENxXpkg4blLARZQ29APvHNYwQ91AsizYKxWmdL6uNoXDg9/9xPQ
W9O4F+09oe6ZeS7iPlpn9tQceXJZjudjB6nh3gFWLEdWOl0rhdDTsvuYdjBeQrsW
YOn7j8eci9kyBNj468wN8BGoB0Rc3gGmSBtJjjnlZmUunqU+UaMv0m3fPv8HAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQURsiS6NoOfpXsj/wNQlgpC77OmFEwHwYDVR0j
BBgwFoAUSbWYJw1qSaL+2LoSHTu+GXJgEMkwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMUQ4M0U3RDYyRkY5RjI4MTlCODM5N0E1QjBDMDcwMEEz
OEQ5Qzg2MTQzNjQ3RTdFQTZBNzA2NUEyMkIzN0E0LzAvNDlCNTk4MjcwRDZBNDlB
MkZFRDhCQTEyMUQzQkJFMTk3MjYwMTBDOS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC80OUI1OTgyNzBENkE0OUEyRkVE
OEJBMTIxRDNCQkUxOTcyNjAxMEM5LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDFEODNFN0Q2MkZGOUYyODE5QjgzOTdBNUIwQzA3MDBBMzhEOUM4NjE0
MzY0N0U3RUE2QTcwNjVBMjJCMzdBNC8wLzM0MzUyZTMxMzczNDJlMzIzMDJlMzAy
ZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzYzNjM4MzAzNi5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2uFDAN
BgkqhkiG9w0BAQsFAAOCAQEAJnBkiAgfDdpfQzp71R4K0S8NDkH9KaTdYsx0/d4Z
G3W96OLQQqwbKItNFf36EzSqs+saYpck7iMwZYMrJF+LYm+1bK5eohUIMX8cTESe
Q2y5Hk89eqAn8Z6JQFb7oto2Rt0YCRx8WGU1EGbuSN5U7JPDPnEDfWfMSihYOOS+
jh+sDWVAZkGSblFbDjv7bE5/f6hCLvFhL3llBgApHcPZJTPXxOgc0H0A7g4Eh+dl
1HnR2egiL8bvnncMWKHgBNPgnIh8x4E5NV+39AIPDh/kDlz4g5pD0wmMTf6mCd/r
j9MfUhwbSE2H1A6YcQ6UlLeQeeHVSQxlhg95oGQr0tSOWg==
-----END CERTIFICATE-----
Generated at Fri Jul 12 02:56:54 2024 by rpki-client on console-ams.rpki-client.org