Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/DDB201F6FA82D551FD4804520FA77DE3A67BD1461B64099C5DD9FC5F5FB04F98/0/34352e3136362e37362e302f32332d3233203d3e20323637373331.roa
File:                     34352e3136362e37362e302f32332d3233203d3e20323637373331.roa (raw, json)
Hash identifier:          Xb3vnksrmlooePzyXhfM3xy62NU12ihkJb3Y+kS4edQ=
Subject key identifier:   C1:38:85:AA:A0:4D:DE:B8:EC:4B:BB:6D:74:03:F7:63:D1:10:28:34
Certificate issuer:       /CN=1F5F5C11C49716D846EAAFC3D825E3CEA2CF91DB
Certificate serial:       26421DB543ABD6A283F8A5E5C16A2022EE437D4A
Authority key identifier: 1F:5F:5C:11:C4:97:16:D8:46:EA:AF:C3:D8:25:E3:CE:A2:CF:91:DB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1F5F5C11C49716D846EAAFC3D825E3CEA2CF91DB.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/DDB201F6FA82D551FD4804520FA77DE3A67BD1461B64099C5DD9FC5F5FB04F98/0/34352e3136362e37362e302f32332d3233203d3e20323637373331.roa
Signing time:             Tue 05 Mar 2024 18:02:03 +0000
ROA not before:           Tue 05 Mar 2024 17:57:03 +0000
ROA not after:            Tue 04 Mar 2025 18:02:03 +0000
asID:                     267731
IP address blocks:        45.166.76.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/DDB201F6FA82D551FD4804520FA77DE3A67BD1461B64099C5DD9FC5F5FB04F98/0/1F5F5C11C49716D846EAAFC3D825E3CEA2CF91DB.crl
                          rsync://repository.lacnic.net/rpki/lacnic/DDB201F6FA82D551FD4804520FA77DE3A67BD1461B64099C5DD9FC5F5FB04F98/0/1F5F5C11C49716D846EAAFC3D825E3CEA2CF91DB.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1F5F5C11C49716D846EAAFC3D825E3CEA2CF91DB.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:42:1d:b5:43:ab:d6:a2:83:f8:a5:e5:c1:6a:20:22:ee:43:7d:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1F5F5C11C49716D846EAAFC3D825E3CEA2CF91DB
        Validity
            Not Before: Mar  5 17:57:03 2024 GMT
            Not After : Mar  4 18:02:03 2025 GMT
        Subject: CN=C13885AAA04DDEB8EC4BBB6D7403F763D1102834
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:46:a8:52:7c:44:75:73:20:dc:2f:9c:eb:2e:
                    cd:35:5d:67:a1:ab:5b:75:49:67:bd:f3:c9:07:8e:
                    88:8d:37:c6:9c:6b:05:5f:a7:21:3f:0f:fb:28:67:
                    f0:1c:19:8d:15:ef:09:8b:c9:a4:c1:21:8c:88:9a:
                    3e:2a:c6:18:7e:a6:59:02:96:31:30:5c:7a:ee:9c:
                    fc:60:aa:5c:28:38:95:fa:0e:76:f2:08:d0:e2:36:
                    bf:ee:11:24:d3:a4:af:79:04:67:75:5d:7a:ac:9e:
                    62:09:65:2f:c0:36:cc:41:96:ee:f5:0b:92:fe:3b:
                    45:e1:30:9b:0a:33:b8:da:2b:88:26:d8:b0:a8:dc:
                    5c:b6:02:a0:56:61:37:35:3a:ff:1e:fb:4a:82:70:
                    19:28:f9:d4:87:57:3d:9d:1d:b8:33:6c:20:25:3a:
                    0c:53:5e:ec:90:97:19:f1:d9:9e:6e:87:91:e1:a5:
                    4b:2f:c1:18:59:f6:00:0e:51:e2:27:3c:c7:04:c8:
                    8e:1c:e9:fa:43:6e:52:c5:ca:97:85:d4:4a:36:62:
                    f4:eb:e8:60:22:41:58:79:4b:9e:73:21:61:5a:85:
                    53:fa:67:dc:48:aa:ca:81:70:48:db:11:ba:5c:05:
                    33:66:73:46:e0:8b:d5:2d:1b:9f:0d:78:39:ae:fb:
                    c0:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:38:85:AA:A0:4D:DE:B8:EC:4B:BB:6D:74:03:F7:63:D1:10:28:34
            X509v3 Authority Key Identifier:
                keyid:1F:5F:5C:11:C4:97:16:D8:46:EA:AF:C3:D8:25:E3:CE:A2:CF:91:DB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/DDB201F6FA82D551FD4804520FA77DE3A67BD1461B64099C5DD9FC5F5FB04F98/0/1F5F5C11C49716D846EAAFC3D825E3CEA2CF91DB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/1F5F5C11C49716D846EAAFC3D825E3CEA2CF91DB.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/DDB201F6FA82D551FD4804520FA77DE3A67BD1461B64099C5DD9FC5F5FB04F98/0/34352e3136362e37362e302f32332d3233203d3e20323637373331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.166.76.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3a:a3:1e:88:21:75:3e:a2:a7:8b:30:09:33:5c:16:49:57:62:
         f3:1a:9d:2a:0a:d4:62:85:35:78:77:86:dd:72:eb:6f:51:dd:
         29:6a:07:39:42:80:cf:df:2f:e0:df:95:b1:cb:8a:28:d6:0f:
         d1:9c:a2:d5:bc:e0:18:c0:e7:4d:62:be:4d:33:9e:bc:54:9d:
         23:f2:61:87:c5:e9:64:a7:00:f6:68:16:ae:b6:1d:90:30:ff:
         fc:ac:f7:26:aa:bc:0a:da:93:89:55:cc:99:a8:10:43:6a:a8:
         f4:d9:e1:53:55:01:9d:f6:f9:29:04:d1:75:b4:86:c1:ee:3c:
         f9:ed:65:10:16:61:3c:8c:68:5b:ab:04:ec:5c:5a:d9:1c:ed:
         e4:31:ba:44:b4:cf:41:a7:5a:ae:72:96:ba:7f:03:01:3b:3e:
         26:48:25:7e:3c:a5:46:94:12:68:2a:e2:f1:e8:86:1d:c1:2a:
         a8:8f:a8:bd:ba:ac:f3:60:e7:9b:a1:f6:5d:cf:a6:98:08:69:
         83:b9:ad:6a:49:df:05:34:69:0c:15:55:62:c6:1b:3b:19:1e:
         67:1d:94:44:80:57:6c:a5:19:42:08:65:6c:ca:30:e0:34:be:
         d6:a7:37:ec:5a:56:1b:1d:ed:49:8a:16:f4:04:d6:5f:c2:4e:
         69:a4:40:a1
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUJkIdtUOr1qKD+KXlwWogIu5DfUowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUY1RjVDMTFDNDk3MTZEODQ2RUFBRkMzRDgyNUUzQ0VB
MkNGOTFEQjAeFw0yNDAzMDUxNzU3MDNaFw0yNTAzMDQxODAyMDNaMDMxMTAvBgNV
BAMTKEMxMzg4NUFBQTA0RERFQjhFQzRCQkI2RDc0MDNGNzYzRDExMDI4MzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZRqhSfER1cyDcL5zrLs01XWeh
q1t1SWe988kHjoiNN8acawVfpyE/D/soZ/AcGY0V7wmLyaTBIYyImj4qxhh+plkC
ljEwXHrunPxgqlwoOJX6DnbyCNDiNr/uESTTpK95BGd1XXqsnmIJZS/ANsxBlu71
C5L+O0XhMJsKM7jaK4gm2LCo3Fy2AqBWYTc1Ov8e+0qCcBko+dSHVz2dHbgzbCAl
OgxTXuyQlxnx2Z5uh5HhpUsvwRhZ9gAOUeInPMcEyI4c6fpDblLFypeF1Eo2YvTr
6GAiQVh5S55zIWFahVP6Z9xIqsqBcEjbEbpcBTNmc0bgi9UtG58NeDmu+8BdAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUwTiFqqBN3rjsS7ttdAP3Y9EQKDQwHwYDVR0j
BBgwFoAUH19cEcSXFthG6q/D2CXjzqLPkdswDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9EREIyMDFGNkZBODJENTUxRkQ0ODA0NTIwRkE3N0RFM0E2
N0JEMTQ2MUI2NDA5OUM1REQ5RkM1RjVGQjA0Rjk4LzAvMUY1RjVDMTFDNDk3MTZE
ODQ2RUFBRkMzRDgyNUUzQ0VBMkNGOTFEQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC8xRjVGNUMxMUM0OTcxNkQ4NDZF
QUFGQzNEODI1RTNDRUEyQ0Y5MURCLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRERCMjAxRjZGQTgyRDU1MUZENDgwNDUyMEZBNzdERTNBNjdCRDE0NjFC
NjQwOTlDNUREOUZDNUY1RkIwNEY5OC8wLzM0MzUyZTMxMzYzNjJlMzczNjJlMzAy
ZjMyMzMyZDMyMzMyMDNkM2UyMDMyMzYzNzM3MzMzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAS2mTDAN
BgkqhkiG9w0BAQsFAAOCAQEAOqMeiCF1PqKnizAJM1wWSVdi8xqdKgrUYoU1eHeG
3XLrb1HdKWoHOUKAz98v4N+VscuKKNYP0Zyi1bzgGMDnTWK+TTOevFSdI/Jhh8Xp
ZKcA9mgWrrYdkDD//Kz3Jqq8CtqTiVXMmagQQ2qo9NnhU1UBnfb5KQTRdbSGwe48
+e1lEBZhPIxoW6sE7Fxa2Rzt5DG6RLTPQadarnKWun8DATs+JkglfjylRpQSaCri
8eiGHcEqqI+ovbqs82Dnm6H2Xc+mmAhpg7mtaknfBTRpDBVVYsYbOxkeZx2URIBX
bKUZQghlbMow4DS+1qc37FpWGx3tSYoW9ATWX8JOaaRAoQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 15:45:28 2024 by rpki-client on console-ams.rpki-client.org