Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/D395E3DEE53AE48F967BF9936904795047474139F7E7D4149BFE2597CAE3D718/0/34352e3233382e3135342e302f32332d3233203d3e20323636383434.roa
File:                     34352e3233382e3135342e302f32332d3233203d3e20323636383434.roa (raw, json)
Hash identifier:          KqR5COzQIvKVlHs2LyEAiDEHR+Po1OlErIgaMjK+isY=
Subject key identifier:   A8:24:86:E5:77:1A:3A:EA:0A:5E:5D:FF:08:99:16:5D:B3:08:90:01
Certificate issuer:       /CN=A070374834B30E4E1EAC2F337D7138EE06F6AB7A
Certificate serial:       551785B952CACC59BB2F590571CE2947031C4C5D
Authority key identifier: A0:70:37:48:34:B3:0E:4E:1E:AC:2F:33:7D:71:38:EE:06:F6:AB:7A
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A070374834B30E4E1EAC2F337D7138EE06F6AB7A.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/D395E3DEE53AE48F967BF9936904795047474139F7E7D4149BFE2597CAE3D718/0/34352e3233382e3135342e302f32332d3233203d3e20323636383434.roa
Signing time:             Tue 05 Mar 2024 17:53:08 +0000
ROA not before:           Tue 05 Mar 2024 17:48:08 +0000
ROA not after:            Tue 04 Mar 2025 17:53:08 +0000
asID:                     266844
IP address blocks:        45.238.154.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/D395E3DEE53AE48F967BF9936904795047474139F7E7D4149BFE2597CAE3D718/0/A070374834B30E4E1EAC2F337D7138EE06F6AB7A.crl
                          rsync://repository.lacnic.net/rpki/lacnic/D395E3DEE53AE48F967BF9936904795047474139F7E7D4149BFE2597CAE3D718/0/A070374834B30E4E1EAC2F337D7138EE06F6AB7A.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A070374834B30E4E1EAC2F337D7138EE06F6AB7A.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:17:85:b9:52:ca:cc:59:bb:2f:59:05:71:ce:29:47:03:1c:4c:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A070374834B30E4E1EAC2F337D7138EE06F6AB7A
        Validity
            Not Before: Mar  5 17:48:08 2024 GMT
            Not After : Mar  4 17:53:08 2025 GMT
        Subject: CN=A82486E5771A3AEA0A5E5DFF0899165DB3089001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:6f:2f:21:e6:78:2d:0d:6e:5a:bd:1e:c3:80:
                    7d:94:46:85:2d:b2:b6:e4:eb:70:45:7a:31:c5:61:
                    5c:9f:3f:f6:5d:d8:c5:f4:ce:e8:f1:82:ea:b8:20:
                    56:64:3c:a6:60:37:a3:aa:b9:61:c4:1e:ec:5b:a6:
                    63:fb:49:a7:5c:00:c9:a0:00:cd:a2:48:ff:39:a2:
                    09:49:e7:6f:a1:42:67:65:8e:c6:17:3e:37:c6:88:
                    18:40:ef:29:4c:e5:40:fe:b3:c0:5c:2f:df:11:30:
                    32:42:4c:ef:a2:49:fe:4b:1b:74:7c:59:1d:a3:fc:
                    b6:72:f1:03:c3:2d:e6:a7:3b:79:9a:30:e3:bb:c4:
                    dd:cc:69:31:20:cd:91:c9:d8:b4:4f:1c:e4:e3:7c:
                    96:0f:6b:9e:9e:24:3f:e1:43:35:9c:f3:93:ad:b8:
                    b3:cc:76:90:86:91:aa:a3:2b:70:08:ba:32:08:fb:
                    71:60:0a:02:f1:ce:53:57:08:55:b1:e1:22:73:97:
                    33:9d:2b:98:bd:0e:0c:fd:d0:94:e0:3a:2c:7f:18:
                    67:22:39:2b:77:50:e5:fc:01:ca:24:e4:ef:2e:b2:
                    57:d2:81:08:45:ef:72:cf:26:e1:6c:cc:7c:78:ef:
                    25:28:f1:1d:24:87:d2:73:0d:95:10:21:1a:97:39:
                    c2:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:24:86:E5:77:1A:3A:EA:0A:5E:5D:FF:08:99:16:5D:B3:08:90:01
            X509v3 Authority Key Identifier:
                keyid:A0:70:37:48:34:B3:0E:4E:1E:AC:2F:33:7D:71:38:EE:06:F6:AB:7A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/D395E3DEE53AE48F967BF9936904795047474139F7E7D4149BFE2597CAE3D718/0/A070374834B30E4E1EAC2F337D7138EE06F6AB7A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A070374834B30E4E1EAC2F337D7138EE06F6AB7A.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/D395E3DEE53AE48F967BF9936904795047474139F7E7D4149BFE2597CAE3D718/0/34352e3233382e3135342e302f32332d3233203d3e20323636383434.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.238.154.0/23

    Signature Algorithm: sha256WithRSAEncryption
         e2:14:f5:72:bd:70:e6:47:b9:75:f3:1b:db:6e:48:03:cc:ef:
         27:6e:fe:8c:ec:5e:98:3f:55:40:72:75:07:52:99:01:00:14:
         e5:82:3c:f6:1c:28:8f:c7:67:b3:cd:66:42:63:db:8f:ef:f7:
         80:d9:dd:7a:69:d2:b3:32:44:19:eb:29:d6:cd:60:11:be:ef:
         ad:20:b8:b5:b9:44:97:55:fb:be:a2:1e:bb:a9:9a:61:7e:fd:
         41:57:a6:55:f7:5a:9b:9a:94:be:13:a2:78:59:61:b2:06:f4:
         c9:a9:23:be:80:d7:22:6d:cb:8f:58:f4:e9:8a:f1:ff:88:b3:
         fb:6d:54:b9:f6:07:1d:94:22:0b:4c:99:bc:39:01:ab:4e:57:
         84:f5:86:db:4c:f2:c8:64:09:b2:12:82:ca:0d:5e:bc:d0:55:
         15:15:d2:6f:58:db:18:4e:4b:6d:0c:7b:3c:15:36:a6:a3:3b:
         a7:15:81:e7:61:a1:93:c8:96:8a:fa:e0:df:a6:4c:ff:f6:46:
         1c:13:bf:bc:c5:d6:b9:bc:c6:06:5b:7b:55:73:0a:8f:bb:b1:
         2c:9a:f0:e0:0c:06:da:d9:66:5e:cc:86:aa:ca:eb:87:20:82:
         76:95:ac:80:ec:00:7c:e1:a0:23:a9:aa:84:e2:56:38:cc:5e:
         08:5e:66:64
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUVReFuVLKzFm7L1kFcc4pRwMcTF0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTA3MDM3NDgzNEIzMEU0RTFFQUMyRjMzN0Q3MTM4RUUw
NkY2QUI3QTAeFw0yNDAzMDUxNzQ4MDhaFw0yNTAzMDQxNzUzMDhaMDMxMTAvBgNV
BAMTKEE4MjQ4NkU1NzcxQTNBRUEwQTVFNURGRjA4OTkxNjVEQjMwODkwMDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/by8h5ngtDW5avR7DgH2URoUt
srbk63BFejHFYVyfP/Zd2MX0zujxguq4IFZkPKZgN6OquWHEHuxbpmP7SadcAMmg
AM2iSP85oglJ52+hQmdljsYXPjfGiBhA7ylM5UD+s8BcL98RMDJCTO+iSf5LG3R8
WR2j/LZy8QPDLeanO3maMOO7xN3MaTEgzZHJ2LRPHOTjfJYPa56eJD/hQzWc85Ot
uLPMdpCGkaqjK3AIujII+3FgCgLxzlNXCFWx4SJzlzOdK5i9Dgz90JTgOix/GGci
OSt3UOX8Acok5O8uslfSgQhF73LPJuFszHx47yUo8R0kh9JzDZUQIRqXOcKnAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUqCSG5XcaOuoKXl3/CJkWXbMIkAEwHwYDVR0j
BBgwFoAUoHA3SDSzDk4erC8zfXE47gb2q3owDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EMzk1RTNERUU1M0FFNDhGOTY3QkY5OTM2OTA0Nzk1MDQ3
NDc0MTM5RjdFN0Q0MTQ5QkZFMjU5N0NBRTNENzE4LzAvQTA3MDM3NDgzNEIzMEU0
RTFFQUMyRjMzN0Q3MTM4RUUwNkY2QUI3QS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BMDcwMzc0ODM0QjMwRTRFMUVB
QzJGMzM3RDcxMzhFRTA2RjZBQjdBLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRDM5NUUzREVFNTNBRTQ4Rjk2N0JGOTkzNjkwNDc5NTA0NzQ3NDEzOUY3
RTdENDE0OUJGRTI1OTdDQUUzRDcxOC8wLzM0MzUyZTMyMzMzODJlMzEzNTM0MmUz
MDJmMzIzMzJkMzIzMzIwM2QzZTIwMzIzNjM2MzgzNDM0LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLe6a
MA0GCSqGSIb3DQEBCwUAA4IBAQDiFPVyvXDmR7l18xvbbkgDzO8nbv6M7F6YP1VA
cnUHUpkBABTlgjz2HCiPx2ezzWZCY9uP7/eA2d16adKzMkQZ6ynWzWARvu+tILi1
uUSXVfu+oh67qZphfv1BV6ZV91qbmpS+E6J4WWGyBvTJqSO+gNcibcuPWPTpivH/
iLP7bVS59gcdlCILTJm8OQGrTleE9YbbTPLIZAmyEoLKDV680FUVFdJvWNsYTktt
DHs8FTamozunFYHnYaGTyJaK+uDfpkz/9kYcE7+8xda5vMYGW3tVcwqPu7EsmvDg
DAba2WZezIaqyuuHIIJ2layA7AB84aAjqaqE4lY4zF4IXmZk
-----END CERTIFICATE-----
Generated at Thu Nov 21 03:17:52 2024 by rpki-client on console-ams.rpki-client.org