Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D395E3DEE53AE48F967BF9936904795047474139F7E7D4149BFE2597CAE3D718/0/34352e3233382e3135322e302f32342d3234203d3e20323636383434.roa
File:                     34352e3233382e3135322e302f32342d3234203d3e20323636383434.roa (raw, json)
Hash identifier:          3SPzoqCMzPkoqqhsEvbNOB7X5q58yzfEB+gdduJ2QQ4=
Subject key identifier:   E9:0D:E4:82:43:DB:62:AD:17:77:EA:1A:85:0B:7D:A0:D3:24:5C:55
Certificate issuer:       /CN=A070374834B30E4E1EAC2F337D7138EE06F6AB7A
Certificate serial:       6DF7D23A40826131F91FDFF6D85C6658F2DFC54F
Authority key identifier: A0:70:37:48:34:B3:0E:4E:1E:AC:2F:33:7D:71:38:EE:06:F6:AB:7A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A070374834B30E4E1EAC2F337D7138EE06F6AB7A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D395E3DEE53AE48F967BF9936904795047474139F7E7D4149BFE2597CAE3D718/0/34352e3233382e3135322e302f32342d3234203d3e20323636383434.roa
Signing time:             Tue 05 Mar 2024 17:53:09 +0000
ROA not before:           Tue 05 Mar 2024 17:48:09 +0000
ROA not after:            Tue 04 Mar 2025 17:53:09 +0000
asID:                     266844
IP address blocks:        45.238.152.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D395E3DEE53AE48F967BF9936904795047474139F7E7D4149BFE2597CAE3D718/0/A070374834B30E4E1EAC2F337D7138EE06F6AB7A.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D395E3DEE53AE48F967BF9936904795047474139F7E7D4149BFE2597CAE3D718/0/A070374834B30E4E1EAC2F337D7138EE06F6AB7A.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A070374834B30E4E1EAC2F337D7138EE06F6AB7A.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6d:f7:d2:3a:40:82:61:31:f9:1f:df:f6:d8:5c:66:58:f2:df:c5:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A070374834B30E4E1EAC2F337D7138EE06F6AB7A
        Validity
            Not Before: Mar  5 17:48:09 2024 GMT
            Not After : Mar  4 17:53:09 2025 GMT
        Subject: CN=E90DE48243DB62AD1777EA1A850B7DA0D3245C55
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:ea:95:3e:cb:4a:d1:a6:7b:f2:f4:b1:5b:32:
                    06:08:5e:55:74:38:b9:24:b0:a2:92:6c:93:ac:05:
                    25:24:02:14:98:0d:fc:a0:05:ef:91:70:7f:3a:d6:
                    98:07:fc:3b:59:7b:a9:d3:b6:df:60:34:d0:65:7f:
                    07:eb:d7:4a:f3:77:f2:eb:bc:8b:db:7b:a6:73:14:
                    87:7b:ea:8e:1b:cf:b1:38:d6:56:93:52:2c:de:bf:
                    ac:2b:e4:03:bc:0e:72:3a:3f:27:59:e6:77:82:11:
                    ba:1f:62:36:fd:cc:09:d5:6a:94:e1:1c:5b:72:45:
                    01:75:c4:c4:4f:5a:9f:4d:9c:af:ea:95:0d:7f:9f:
                    50:2d:e9:64:c4:99:8a:1d:a1:84:47:a2:b4:9e:07:
                    3a:3e:e8:3c:6e:73:d9:e4:07:42:91:89:61:ef:dd:
                    8d:24:e6:9e:e7:44:aa:6d:9c:0b:fc:4a:5e:83:85:
                    e9:72:04:98:ca:a2:64:56:2e:99:cf:a1:4a:ee:4f:
                    04:01:70:03:f2:af:cc:b0:cd:79:76:dc:f9:54:03:
                    e7:c1:55:fd:86:e8:a3:0e:88:5b:b6:7a:85:ba:5b:
                    01:fa:a8:f0:58:c9:07:6f:a5:92:74:7d:c0:3e:2b:
                    ad:37:8c:b7:58:d6:56:69:2a:af:83:e3:fa:9f:b0:
                    1b:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:0D:E4:82:43:DB:62:AD:17:77:EA:1A:85:0B:7D:A0:D3:24:5C:55
            X509v3 Authority Key Identifier:
                keyid:A0:70:37:48:34:B3:0E:4E:1E:AC:2F:33:7D:71:38:EE:06:F6:AB:7A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D395E3DEE53AE48F967BF9936904795047474139F7E7D4149BFE2597CAE3D718/0/A070374834B30E4E1EAC2F337D7138EE06F6AB7A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A070374834B30E4E1EAC2F337D7138EE06F6AB7A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D395E3DEE53AE48F967BF9936904795047474139F7E7D4149BFE2597CAE3D718/0/34352e3233382e3135322e302f32342d3234203d3e20323636383434.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.238.152.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:9d:d9:31:43:d4:fb:21:b4:f0:d5:28:ce:ba:79:b4:88:36:
         77:f4:34:81:6a:9d:f3:61:ea:55:f6:5a:4f:b3:ea:29:54:44:
         cf:34:67:7a:a8:4a:30:0a:32:ba:9e:6a:36:94:77:0c:7e:6d:
         37:19:8c:43:25:0a:69:2c:36:7b:a7:ef:01:de:4a:12:30:e9:
         70:03:d3:48:29:7c:da:74:f2:e7:b4:10:b1:32:bd:2e:98:5e:
         ad:b2:17:32:6e:08:71:60:cd:ca:2e:0a:11:3d:b6:a8:56:b2:
         1e:7e:6b:88:48:67:53:de:2b:82:d4:8b:d7:f5:0f:4a:07:5d:
         9f:65:4b:96:f9:46:3d:8d:1c:e3:38:52:f3:28:d8:df:c5:82:
         ac:41:54:67:e0:74:94:91:0b:17:59:f5:e2:4b:79:42:e1:a6:
         b6:e8:c4:c0:dd:7c:ed:00:d8:02:2e:60:d2:07:5e:08:c7:23:
         98:75:46:75:09:b4:11:40:ee:d1:6c:e4:c7:83:b6:3e:7e:68:
         d3:97:f0:fd:16:7b:12:4f:7a:31:18:e4:a9:ec:4a:4b:ce:ca:
         54:0f:91:29:dd:8b:91:5f:ac:ff:ea:a1:92:a0:35:20:46:a1:
         92:a6:b2:69:46:a1:72:e9:4f:1d:35:36:22:0d:70:65:78:11:
         85:4c:9a:c6
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUbffSOkCCYTH5H9/22FxmWPLfxU8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTA3MDM3NDgzNEIzMEU0RTFFQUMyRjMzN0Q3MTM4RUUw
NkY2QUI3QTAeFw0yNDAzMDUxNzQ4MDlaFw0yNTAzMDQxNzUzMDlaMDMxMTAvBgNV
BAMTKEU5MERFNDgyNDNEQjYyQUQxNzc3RUExQTg1MEI3REEwRDMyNDVDNTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCH6pU+y0rRpnvy9LFbMgYIXlV0
OLkksKKSbJOsBSUkAhSYDfygBe+RcH861pgH/DtZe6nTtt9gNNBlfwfr10rzd/Lr
vIvbe6ZzFId76o4bz7E41laTUizev6wr5AO8DnI6PydZ5neCEbofYjb9zAnVapTh
HFtyRQF1xMRPWp9NnK/qlQ1/n1At6WTEmYodoYRHorSeBzo+6Dxuc9nkB0KRiWHv
3Y0k5p7nRKptnAv8Sl6DhelyBJjKomRWLpnPoUruTwQBcAPyr8ywzXl23PlUA+fB
Vf2G6KMOiFu2eoW6WwH6qPBYyQdvpZJ0fcA+K603jLdY1lZpKq+D4/qfsBtpAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQU6Q3kgkPbYq0Xd+oahQt9oNMkXFUwHwYDVR0j
BBgwFoAUoHA3SDSzDk4erC8zfXE47gb2q3owDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMzk1RTNERUU1M0FFNDhGOTY3QkY5OTM2OTA0Nzk1MDQ3
NDc0MTM5RjdFN0Q0MTQ5QkZFMjU5N0NBRTNENzE4LzAvQTA3MDM3NDgzNEIzMEU0
RTFFQUMyRjMzN0Q3MTM4RUUwNkY2QUI3QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMDcwMzc0ODM0QjMwRTRFMUVB
QzJGMzM3RDcxMzhFRTA2RjZBQjdBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDM5NUUzREVFNTNBRTQ4Rjk2N0JGOTkzNjkwNDc5NTA0NzQ3NDEzOUY3
RTdENDE0OUJGRTI1OTdDQUUzRDcxOC8wLzM0MzUyZTMyMzMzODJlMzEzNTMyMmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM2MzgzNDM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALe6Y
MA0GCSqGSIb3DQEBCwUAA4IBAQBondkxQ9T7IbTw1SjOunm0iDZ39DSBap3zYepV
9lpPs+opVETPNGd6qEowCjK6nmo2lHcMfm03GYxDJQppLDZ7p+8B3koSMOlwA9NI
KXzadPLntBCxMr0umF6tshcybghxYM3KLgoRPbaoVrIefmuISGdT3iuC1IvX9Q9K
B12fZUuW+UY9jRzjOFLzKNjfxYKsQVRn4HSUkQsXWfXiS3lC4aa26MTA3XztANgC
LmDSB14IxyOYdUZ1CbQRQO7RbOTHg7Y+fmjTl/D9FnsST3oxGOSp7EpLzspUD5Ep
3YuRX6z/6qGSoDUgRqGSprJpRqFy6U8dNTYiDXBleBGFTJrG
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:09:42 2024 by rpki-client on console-fra.rpki-client.org