Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DAF2CD54D9F02C644333775CEC5E33041C81E7A6C0863FA98B1CB6ABD85633F5/0/34352e3233392e3131342e302f32342d3234203d3e203532333939.roa
File:                     34352e3233392e3131342e302f32342d3234203d3e203532333939.roa (raw, json)
Hash identifier:          5+G/u49IwJNltTLiWbpZeffdGiiA4C6m1ryLy4j1GeM=
Subject key identifier:   09:AC:F5:DF:88:B4:36:42:27:93:DD:12:0D:6A:B5:C0:E1:D6:2B:5F
Certificate issuer:       /CN=31F68B49343FE18C99A4C312FCEA2C54B701CE74
Certificate serial:       47DDF3289F7E69B0623416DA7087C33AD1D7EFEB
Authority key identifier: 31:F6:8B:49:34:3F:E1:8C:99:A4:C3:12:FC:EA:2C:54:B7:01:CE:74
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/31F68B49343FE18C99A4C312FCEA2C54B701CE74.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DAF2CD54D9F02C644333775CEC5E33041C81E7A6C0863FA98B1CB6ABD85633F5/0/34352e3233392e3131342e302f32342d3234203d3e203532333939.roa
Signing time:             Tue 04 Feb 2025 18:54:44 +0000
ROA not before:           Tue 04 Feb 2025 18:49:44 +0000
ROA not after:            Tue 03 Feb 2026 18:54:44 +0000
asID:                     52399
IP address blocks:        45.239.114.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DAF2CD54D9F02C644333775CEC5E33041C81E7A6C0863FA98B1CB6ABD85633F5/0/31F68B49343FE18C99A4C312FCEA2C54B701CE74.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DAF2CD54D9F02C644333775CEC5E33041C81E7A6C0863FA98B1CB6ABD85633F5/0/31F68B49343FE18C99A4C312FCEA2C54B701CE74.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/31F68B49343FE18C99A4C312FCEA2C54B701CE74.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 12 Feb 2025 23:10:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:dd:f3:28:9f:7e:69:b0:62:34:16:da:70:87:c3:3a:d1:d7:ef:eb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=31F68B49343FE18C99A4C312FCEA2C54B701CE74
        Validity
            Not Before: Feb  4 18:49:44 2025 GMT
            Not After : Feb  3 18:54:44 2026 GMT
        Subject: CN=09ACF5DF88B436422793DD120D6AB5C0E1D62B5F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:dd:51:dc:6e:6b:06:ad:23:5b:d2:06:6b:96:
                    2a:f3:66:ee:e1:04:65:51:45:9c:e0:6c:0a:f8:5f:
                    6c:eb:18:d5:24:8b:14:b3:c5:89:93:0e:b0:c6:04:
                    c1:d5:b7:db:c3:82:85:37:9f:ac:eb:e7:5e:ad:28:
                    50:40:78:b1:03:8b:3a:c6:07:ba:0a:05:93:74:3a:
                    69:14:ea:26:f0:0b:01:21:5c:8a:3c:b1:b3:a1:b5:
                    dc:73:c4:c2:f8:48:66:52:a4:f3:3f:79:7a:c4:f0:
                    20:88:be:de:90:19:7c:1d:36:0d:63:b1:c0:dc:e8:
                    3a:03:bd:48:ee:df:9b:35:3e:df:46:bb:76:63:00:
                    b0:33:e6:ac:bd:33:74:95:10:c0:44:d7:d1:03:20:
                    7a:4c:51:49:23:20:41:93:ba:4a:ed:6a:70:a3:9c:
                    37:96:d4:b2:79:be:aa:1d:1e:10:3f:4f:14:63:9d:
                    b0:5e:d4:13:16:bf:87:7e:e2:c6:f8:08:25:90:0d:
                    6a:29:6c:ea:e6:de:e1:ee:24:fa:f3:66:b1:f0:58:
                    3a:4a:33:e1:bb:b9:6b:57:86:89:e3:4f:a0:60:77:
                    8c:a5:ea:13:6c:38:18:a9:2e:0f:1b:13:27:b3:e8:
                    0f:23:b0:7a:ec:b4:18:c1:d8:b7:63:7e:17:24:7e:
                    77:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:AC:F5:DF:88:B4:36:42:27:93:DD:12:0D:6A:B5:C0:E1:D6:2B:5F
            X509v3 Authority Key Identifier:
                keyid:31:F6:8B:49:34:3F:E1:8C:99:A4:C3:12:FC:EA:2C:54:B7:01:CE:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DAF2CD54D9F02C644333775CEC5E33041C81E7A6C0863FA98B1CB6ABD85633F5/0/31F68B49343FE18C99A4C312FCEA2C54B701CE74.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/31F68B49343FE18C99A4C312FCEA2C54B701CE74.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DAF2CD54D9F02C644333775CEC5E33041C81E7A6C0863FA98B1CB6ABD85633F5/0/34352e3233392e3131342e302f32342d3234203d3e203532333939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.239.114.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5f:43:ed:ad:08:12:d9:53:d0:1c:6f:d4:c5:5a:5a:3a:2b:fe:
         d8:0f:b8:46:38:52:e0:0f:60:93:2c:aa:52:4d:0b:2e:50:be:
         00:c0:8f:69:d2:72:86:66:fb:cc:41:de:91:88:3c:07:04:44:
         18:54:86:9e:3c:0a:58:f4:f2:ce:08:f9:a6:fe:84:fd:14:ea:
         41:34:97:5a:38:a0:bd:fc:5d:d4:e9:11:bc:94:f2:1e:ce:62:
         e2:49:d1:50:7d:3a:ff:62:d6:1c:24:d9:b2:35:ff:a2:c8:1a:
         9d:fc:2a:36:ed:31:42:a0:84:60:78:d5:d6:e2:96:1f:4f:8d:
         4e:dc:b6:92:62:dc:4f:38:e2:13:92:8d:10:a8:09:2c:39:ec:
         9e:48:59:d7:3e:36:6e:27:20:67:f5:82:0e:27:ed:35:22:26:
         be:09:ea:c0:a6:96:80:85:cc:c4:0d:48:85:18:f5:15:b3:9b:
         ff:33:a5:32:df:6a:63:62:56:ff:2e:1c:9a:41:19:25:92:1d:
         42:09:d4:32:72:f2:0d:5c:c6:9d:47:59:a3:e5:b1:51:82:27:
         f4:da:14:c9:b0:f0:6d:b5:b5:d9:b1:cb:f9:88:71:5b:1e:13:
         0f:70:3d:27:2c:97:d0:9f:13:df:4f:0a:d7:15:d7:07:2c:28:
         07:20:21:ff
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUR93zKJ9+abBiNBbacIfDOtHX7+swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzFGNjhCNDkzNDNGRTE4Qzk5QTRDMzEyRkNFQTJDNTRC
NzAxQ0U3NDAeFw0yNTAyMDQxODQ5NDRaFw0yNjAyMDMxODU0NDRaMDMxMTAvBgNV
BAMTKDA5QUNGNURGODhCNDM2NDIyNzkzREQxMjBENkFCNUMwRTFENjJCNUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC13VHcbmsGrSNb0gZrlirzZu7h
BGVRRZzgbAr4X2zrGNUkixSzxYmTDrDGBMHVt9vDgoU3n6zr516tKFBAeLEDizrG
B7oKBZN0OmkU6ibwCwEhXIo8sbOhtdxzxML4SGZSpPM/eXrE8CCIvt6QGXwdNg1j
scDc6DoDvUju35s1Pt9Gu3ZjALAz5qy9M3SVEMBE19EDIHpMUUkjIEGTukrtanCj
nDeW1LJ5vqodHhA/TxRjnbBe1BMWv4d+4sb4CCWQDWopbOrm3uHuJPrzZrHwWDpK
M+G7uWtXhonjT6Bgd4yl6hNsOBipLg8bEyez6A8jsHrstBjB2LdjfhckfnfbAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUCaz134i0NkInk90SDWq1wOHWK18wHwYDVR0j
BBgwFoAUMfaLSTQ/4YyZpMMS/OosVLcBznQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EQUYyQ0Q1NEQ5RjAyQzY0NDMzMzc3NUNFQzVFMzMwNDFD
ODFFN0E2QzA4NjNGQTk4QjFDQjZBQkQ4NTYzM0Y1LzAvMzFGNjhCNDkzNDNGRTE4
Qzk5QTRDMzEyRkNFQTJDNTRCNzAxQ0U3NC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8zMUY2OEI0OTM0M0ZFMThDOTlB
NEMzMTJGQ0VBMkM1NEI3MDFDRTc0LmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvREFGMkNENTREOUYwMkM2NDQzMzM3NzVDRUM1RTMzMDQxQzgxRTdBNkMw
ODYzRkE5OEIxQ0I2QUJEODU2MzNGNS8wLzM0MzUyZTMyMzMzOTJlMzEzMTM0MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjMzMzkzOS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC3vcjAN
BgkqhkiG9w0BAQsFAAOCAQEAX0PtrQgS2VPQHG/UxVpaOiv+2A+4RjhS4A9gkyyq
Uk0LLlC+AMCPadJyhmb7zEHekYg8BwREGFSGnjwKWPTyzgj5pv6E/RTqQTSXWjig
vfxd1OkRvJTyHs5i4knRUH06/2LWHCTZsjX/osganfwqNu0xQqCEYHjV1uKWH0+N
Tty2kmLcTzjiE5KNEKgJLDnsnkhZ1z42bicgZ/WCDiftNSImvgnqwKaWgIXMxA1I
hRj1FbOb/zOlMt9qY2JW/y4cmkEZJZIdQgnUMnLyDVzGnUdZo+WxUYIn9NoUybDw
bbW12bHL+YhxWx4TD3A9JyyX0J8T308K1xXXBywoByAh/w==
-----END CERTIFICATE-----
Generated at Sun Feb 9 15:14:48 2025 by rpki-client