Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/E8A0F23486007EBC1C2CE171937F655C2EB3B7AE546DF73B7B20C7EA6B13186A/0/34352e3137322e3138342e302f32322d3234203d3e20323637373936.roa
File:                     34352e3137322e3138342e302f32322d3234203d3e20323637373936.roa (raw, json)
Hash identifier:          NMq5F7d/sFii0Dm22WWDL48O17hVD4ftHCIijf1ZAi4=
Subject key identifier:   27:23:D8:B8:50:A9:D7:47:2F:17:EC:B7:61:E8:4D:FF:A1:03:4A:C2
Certificate issuer:       /CN=64809BD796069FBEC80C8A9D099A38497D71CA12
Certificate serial:       3985E38DDCA26C75A256B4EB723F7F28AD95D04E
Authority key identifier: 64:80:9B:D7:96:06:9F:BE:C8:0C:8A:9D:09:9A:38:49:7D:71:CA:12
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/64809BD796069FBEC80C8A9D099A38497D71CA12.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/E8A0F23486007EBC1C2CE171937F655C2EB3B7AE546DF73B7B20C7EA6B13186A/0/34352e3137322e3138342e302f32322d3234203d3e20323637373936.roa
Signing time:             Tue 04 Feb 2025 18:20:15 +0000
ROA not before:           Tue 04 Feb 2025 18:15:15 +0000
ROA not after:            Tue 03 Feb 2026 18:20:15 +0000
asID:                     267796
IP address blocks:        45.172.184.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/E8A0F23486007EBC1C2CE171937F655C2EB3B7AE546DF73B7B20C7EA6B13186A/0/64809BD796069FBEC80C8A9D099A38497D71CA12.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E8A0F23486007EBC1C2CE171937F655C2EB3B7AE546DF73B7B20C7EA6B13186A/0/64809BD796069FBEC80C8A9D099A38497D71CA12.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/64809BD796069FBEC80C8A9D099A38497D71CA12.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Feb 2025 16:58:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:85:e3:8d:dc:a2:6c:75:a2:56:b4:eb:72:3f:7f:28:ad:95:d0:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=64809BD796069FBEC80C8A9D099A38497D71CA12
        Validity
            Not Before: Feb  4 18:15:15 2025 GMT
            Not After : Feb  3 18:20:15 2026 GMT
        Subject: CN=2723D8B850A9D7472F17ECB761E84DFFA1034AC2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:98:23:09:99:d3:c1:1d:b8:bc:76:fc:3d:33:
                    71:d3:46:72:53:40:55:16:33:e7:be:4d:51:e2:9e:
                    32:19:28:55:33:5c:b9:89:fe:73:6e:5d:15:55:01:
                    37:bb:f7:12:d7:10:eb:34:7a:04:8f:64:68:38:dd:
                    a8:1b:78:bf:1e:59:f7:7d:09:97:10:f5:64:f8:b8:
                    da:fc:94:9d:51:8e:df:2c:49:1a:38:78:77:a3:05:
                    7b:f7:ab:b2:14:b6:d9:39:b9:f5:03:db:61:3a:f9:
                    76:77:de:ce:fc:50:0f:3c:92:58:cb:38:b1:b0:c3:
                    87:08:27:f8:98:ed:15:7d:04:3e:0a:87:36:65:41:
                    4c:c5:0a:aa:6b:d0:ee:a8:ef:ed:38:13:b2:3c:a1:
                    6e:12:0b:2a:82:8c:a8:de:e1:df:98:0f:fb:4d:3a:
                    2a:58:ac:db:80:59:a7:e2:43:d5:7a:7b:33:1d:0a:
                    c4:19:91:2f:42:3d:49:10:47:08:bc:79:34:63:c3:
                    28:59:5e:57:2c:06:94:ae:e7:5f:18:28:c6:be:01:
                    36:48:7f:84:ac:30:5a:b0:9d:4d:6e:65:bc:09:2e:
                    95:77:ae:0d:f9:fd:c3:75:4e:53:65:86:00:30:e9:
                    cb:b8:34:cd:07:57:bb:5c:13:a2:c4:16:98:19:30:
                    bd:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:23:D8:B8:50:A9:D7:47:2F:17:EC:B7:61:E8:4D:FF:A1:03:4A:C2
            X509v3 Authority Key Identifier:
                keyid:64:80:9B:D7:96:06:9F:BE:C8:0C:8A:9D:09:9A:38:49:7D:71:CA:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/E8A0F23486007EBC1C2CE171937F655C2EB3B7AE546DF73B7B20C7EA6B13186A/0/64809BD796069FBEC80C8A9D099A38497D71CA12.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/64809BD796069FBEC80C8A9D099A38497D71CA12.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/E8A0F23486007EBC1C2CE171937F655C2EB3B7AE546DF73B7B20C7EA6B13186A/0/34352e3137322e3138342e302f32322d3234203d3e20323637373936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.172.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c5:e4:3c:0a:ee:07:9c:6f:62:7b:67:71:48:2b:ed:97:46:70:
         96:29:af:89:67:ef:90:7c:2f:58:9d:f7:98:48:0c:44:1b:7a:
         cb:32:95:62:17:b9:0d:70:2f:3e:20:d3:94:b8:42:70:f6:dc:
         37:7c:18:93:bc:63:1c:bb:4c:17:7b:bd:73:d0:1a:74:be:d8:
         bb:c4:79:52:ec:6e:c2:b0:40:f1:fe:3d:7d:fd:d6:44:0d:86:
         fb:c7:21:4d:fa:aa:e5:75:da:cd:b0:35:b6:15:23:53:6d:7d:
         2f:e6:be:9b:88:c5:1c:59:58:a5:b6:fd:e2:cb:64:4c:43:a1:
         79:47:14:f6:19:90:c5:fc:47:fc:34:f9:c4:9b:7f:e6:a8:19:
         65:f1:43:48:2f:45:c7:06:63:d5:e2:0d:1b:19:1d:e7:11:9d:
         87:09:fc:29:04:5d:2c:fb:56:5a:b9:52:0b:ea:a8:a3:44:77:
         55:2f:da:c8:48:b1:ee:ee:94:71:0e:dd:95:02:56:ea:94:72:
         c6:4a:ec:ea:7b:7d:9c:4b:4f:dd:57:8e:4e:9e:b9:9b:5d:53:
         70:d5:b0:db:a7:9a:3e:58:62:25:e8:15:b3:74:f4:e4:7e:c7:
         4f:b1:61:4a:88:1f:eb:98:03:34:af:38:cd:51:a2:68:66:3e:
         68:94:62:22
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUOYXjjdyibHWiVrTrcj9/KK2V0E4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjQ4MDlCRDc5NjA2OUZCRUM4MEM4QTlEMDk5QTM4NDk3
RDcxQ0ExMjAeFw0yNTAyMDQxODE1MTVaFw0yNjAyMDMxODIwMTVaMDMxMTAvBgNV
BAMTKDI3MjNEOEI4NTBBOUQ3NDcyRjE3RUNCNzYxRTg0REZGQTEwMzRBQzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDmCMJmdPBHbi8dvw9M3HTRnJT
QFUWM+e+TVHinjIZKFUzXLmJ/nNuXRVVATe79xLXEOs0egSPZGg43agbeL8eWfd9
CZcQ9WT4uNr8lJ1Rjt8sSRo4eHejBXv3q7IUttk5ufUD22E6+XZ33s78UA88kljL
OLGww4cIJ/iY7RV9BD4KhzZlQUzFCqpr0O6o7+04E7I8oW4SCyqCjKje4d+YD/tN
OipYrNuAWafiQ9V6ezMdCsQZkS9CPUkQRwi8eTRjwyhZXlcsBpSu518YKMa+ATZI
f4SsMFqwnU1uZbwJLpV3rg35/cN1TlNlhgAw6cu4NM0HV7tcE6LEFpgZML3zAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUJyPYuFCp10cvF+y3YehN/6EDSsIwHwYDVR0j
BBgwFoAUZICb15YGn77IDIqdCZo4SX1xyhIwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9FOEEwRjIzNDg2MDA3RUJDMUMyQ0UxNzE5MzdGNjU1QzJF
QjNCN0FFNTQ2REY3M0I3QjIwQzdFQTZCMTMxODZBLzAvNjQ4MDlCRDc5NjA2OUZC
RUM4MEM4QTlEMDk5QTM4NDk3RDcxQ0ExMi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC82NDgwOUJENzk2MDY5RkJFQzgw
QzhBOUQwOTlBMzg0OTdENzFDQTEyLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRThBMEYyMzQ4NjAwN0VCQzFDMkNFMTcxOTM3RjY1NUMyRUIzQjdBRTU0
NkRGNzNCN0IyMEM3RUE2QjEzMTg2QS8wLzM0MzUyZTMxMzczMjJlMzEzODM0MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM3MzczOTM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLay4
MA0GCSqGSIb3DQEBCwUAA4IBAQDF5DwK7gecb2J7Z3FIK+2XRnCWKa+JZ++QfC9Y
nfeYSAxEG3rLMpViF7kNcC8+INOUuEJw9tw3fBiTvGMcu0wXe71z0Bp0vti7xHlS
7G7CsEDx/j19/dZEDYb7xyFN+qrlddrNsDW2FSNTbX0v5r6biMUcWViltv3iy2RM
Q6F5RxT2GZDF/Ef8NPnEm3/mqBll8UNIL0XHBmPV4g0bGR3nEZ2HCfwpBF0s+1Za
uVIL6qijRHdVL9rISLHu7pRxDt2VAlbqlHLGSuzqe32cS0/dV45OnrmbXVNw1bDb
p5o+WGIl6BWzdPTkfsdPsWFKiB/rmAM0rzjNUaJoZj5olGIi
-----END CERTIFICATE-----
Generated at Sat Feb 15 01:25:43 2025 by rpki-client