Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F377EE792808ACB7B88A4E6029FB03F60F388560B82424C1A3650BE67672A8E5/0/34352e3232342e3135322e302f32322d3234203d3e20323634363638.roa
File:                     34352e3232342e3135322e302f32322d3234203d3e20323634363638.roa (raw, json)
Hash identifier:          T6vw/1PBYkRl85OJtuoA1NkDszGAWppbcQPho0tcz28=
Subject key identifier:   CB:27:AB:39:9E:F3:EA:25:4C:9B:A3:32:05:85:41:FD:84:6F:C2:0B
Certificate issuer:       /CN=AC4F66836F8621D5CE8015EE7A781F4C097A7F15
Certificate serial:       358C7BAD4DA5429A2DEC0C879CAD9905092144B3
Authority key identifier: AC:4F:66:83:6F:86:21:D5:CE:80:15:EE:7A:78:1F:4C:09:7A:7F:15
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AC4F66836F8621D5CE8015EE7A781F4C097A7F15.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F377EE792808ACB7B88A4E6029FB03F60F388560B82424C1A3650BE67672A8E5/0/34352e3232342e3135322e302f32322d3234203d3e20323634363638.roa
Signing time:             Tue 05 Mar 2024 17:50:48 +0000
ROA not before:           Tue 05 Mar 2024 17:45:48 +0000
ROA not after:            Tue 04 Mar 2025 17:50:48 +0000
asID:                     264668
IP address blocks:        45.224.152.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/F377EE792808ACB7B88A4E6029FB03F60F388560B82424C1A3650BE67672A8E5/0/AC4F66836F8621D5CE8015EE7A781F4C097A7F15.crl
                          rsync://repository.lacnic.net/rpki/lacnic/F377EE792808ACB7B88A4E6029FB03F60F388560B82424C1A3650BE67672A8E5/0/AC4F66836F8621D5CE8015EE7A781F4C097A7F15.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AC4F66836F8621D5CE8015EE7A781F4C097A7F15.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:8c:7b:ad:4d:a5:42:9a:2d:ec:0c:87:9c:ad:99:05:09:21:44:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC4F66836F8621D5CE8015EE7A781F4C097A7F15
        Validity
            Not Before: Mar  5 17:45:48 2024 GMT
            Not After : Mar  4 17:50:48 2025 GMT
        Subject: CN=CB27AB399EF3EA254C9BA332058541FD846FC20B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:d0:4f:5e:da:57:56:e1:d9:fc:a2:16:a2:eb:
                    c3:d5:3d:21:2d:79:44:f6:9d:7c:8b:3d:6a:85:a5:
                    1b:0a:92:e2:6b:d5:f5:d5:1e:6c:5b:6c:e3:8b:98:
                    9d:3c:fe:51:ac:0a:80:d3:ab:e0:18:8a:1e:e7:a2:
                    d2:57:c9:10:17:33:2f:c0:42:bf:99:73:7e:1b:10:
                    c8:14:90:1f:ad:e6:98:f0:ea:d5:d7:71:4e:aa:f6:
                    5b:c3:bf:e3:ad:01:22:c5:0d:7e:56:fe:81:0a:f2:
                    a7:9a:ca:c6:6e:99:f1:91:45:29:b0:34:bd:37:32:
                    e3:26:9a:9b:54:7e:12:af:da:57:e8:c3:f2:e5:f2:
                    a2:03:97:4f:dc:39:9f:19:06:a4:50:ec:01:da:ab:
                    f9:09:6f:82:8e:9e:50:0e:70:24:08:96:e5:c4:59:
                    2c:db:ff:43:19:f1:da:07:98:9a:b4:d4:1d:c2:88:
                    8b:ee:63:0d:48:56:e7:ce:56:a4:e8:5e:73:b0:f5:
                    13:8c:ec:d4:b6:a4:1c:4d:ac:71:c2:f2:f2:de:d2:
                    e2:56:96:0b:58:b6:47:e6:9c:0d:00:dc:ce:2a:cf:
                    f4:e5:45:3c:40:c1:84:71:4c:8f:c7:4f:79:4c:e7:
                    5f:45:b4:b3:f8:69:3d:40:d8:c2:86:1d:73:c0:b0:
                    1f:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:27:AB:39:9E:F3:EA:25:4C:9B:A3:32:05:85:41:FD:84:6F:C2:0B
            X509v3 Authority Key Identifier:
                keyid:AC:4F:66:83:6F:86:21:D5:CE:80:15:EE:7A:78:1F:4C:09:7A:7F:15

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F377EE792808ACB7B88A4E6029FB03F60F388560B82424C1A3650BE67672A8E5/0/AC4F66836F8621D5CE8015EE7A781F4C097A7F15.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/AC4F66836F8621D5CE8015EE7A781F4C097A7F15.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F377EE792808ACB7B88A4E6029FB03F60F388560B82424C1A3650BE67672A8E5/0/34352e3232342e3135322e302f32322d3234203d3e20323634363638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.224.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a9:98:a7:32:d9:bc:4d:46:5c:ff:6f:65:a4:28:1c:4b:f9:cc:
         c2:7c:ab:b0:f1:2e:75:16:e4:b0:5c:21:b5:6e:15:73:1e:27:
         9c:d5:07:2e:0a:ed:7c:b9:9c:68:8e:f0:a6:f4:b8:f8:80:1d:
         61:d6:6d:d5:d2:dd:12:34:a8:70:3b:e2:ec:10:8d:2b:d4:59:
         dc:09:1d:d6:27:be:26:54:7a:a5:6f:cf:63:d6:8f:c2:04:4b:
         3b:d0:76:3f:9f:c1:ec:ad:2f:a1:57:ac:4c:a8:fc:3c:57:1a:
         9d:a3:43:d3:3e:e9:74:48:11:69:b1:92:27:65:17:48:cb:2d:
         41:18:15:d2:5b:73:7c:2f:62:ad:79:df:d0:5d:2f:9f:f8:b7:
         48:10:d7:eb:57:ad:28:3e:26:a1:eb:04:53:5f:53:69:53:f6:
         55:3a:a9:53:e2:e6:f3:0a:08:2b:8a:71:cf:35:c4:37:39:d7:
         b3:fb:a9:18:d8:02:61:db:02:ea:67:09:b4:64:fe:ea:f7:30:
         43:0a:06:85:51:43:4d:fa:27:82:f3:c9:9a:1f:85:2d:97:a0:
         6d:15:5e:82:6b:0d:bc:c7:7e:2a:75:86:43:9f:4c:5c:06:7f:
         17:75:70:b8:f4:14:cd:a7:a5:4b:af:c4:74:3a:af:bd:d1:2b:
         ca:73:ae:bf
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUNYx7rU2lQpot7AyHnK2ZBQkhRLMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM0RjY2ODM2Rjg2MjFENUNFODAxNUVFN0E3ODFGNEMw
OTdBN0YxNTAeFw0yNDAzMDUxNzQ1NDhaFw0yNTAzMDQxNzUwNDhaMDMxMTAvBgNV
BAMTKENCMjdBQjM5OUVGM0VBMjU0QzlCQTMzMjA1ODU0MUZEODQ2RkMyMEIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr0E9e2ldW4dn8ohai68PVPSEt
eUT2nXyLPWqFpRsKkuJr1fXVHmxbbOOLmJ08/lGsCoDTq+AYih7notJXyRAXMy/A
Qr+Zc34bEMgUkB+t5pjw6tXXcU6q9lvDv+OtASLFDX5W/oEK8qeaysZumfGRRSmw
NL03MuMmmptUfhKv2lfow/Ll8qIDl0/cOZ8ZBqRQ7AHaq/kJb4KOnlAOcCQIluXE
WSzb/0MZ8doHmJq01B3CiIvuYw1IVufOVqToXnOw9ROM7NS2pBxNrHHC8vLe0uJW
lgtYtkfmnA0A3M4qz/TlRTxAwYRxTI/HT3lM519FtLP4aT1A2MKGHXPAsB+DAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUyyerOZ7z6iVMm6MyBYVB/YRvwgswHwYDVR0j
BBgwFoAUrE9mg2+GIdXOgBXuengfTAl6fxUwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GMzc3RUU3OTI4MDhBQ0I3Qjg4QTRFNjAyOUZCMDNGNjBG
Mzg4NTYwQjgyNDI0QzFBMzY1MEJFNjc2NzJBOEU1LzAvQUM0RjY2ODM2Rjg2MjFE
NUNFODAxNUVFN0E3ODFGNEMwOTdBN0YxNS5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BQzRGNjY4MzZGODYyMUQ1Q0U4
MDE1RUU3QTc4MUY0QzA5N0E3RjE1LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjM3N0VFNzkyODA4QUNCN0I4OEE0RTYwMjlGQjAzRjYwRjM4ODU2MEI4
MjQyNEMxQTM2NTBCRTY3NjcyQThFNS8wLzM0MzUyZTMyMzIzNDJlMzEzNTMyMmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM0MzYzNjM4LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLeCY
MA0GCSqGSIb3DQEBCwUAA4IBAQCpmKcy2bxNRlz/b2WkKBxL+czCfKuw8S51FuSw
XCG1bhVzHiec1QcuCu18uZxojvCm9Lj4gB1h1m3V0t0SNKhwO+LsEI0r1FncCR3W
J74mVHqlb89j1o/CBEs70HY/n8HsrS+hV6xMqPw8Vxqdo0PTPul0SBFpsZInZRdI
yy1BGBXSW3N8L2Kted/QXS+f+LdIENfrV60oPiah6wRTX1NpU/ZVOqlT4ubzCggr
inHPNcQ3Odez+6kY2AJh2wLqZwm0ZP7q9zBDCgaFUUNN+ieC88maH4Utl6BtFV6C
aw28x34qdYZDn0xcBn8XdXC49BTNp6VLr8R0Oq+90SvKc66/
-----END CERTIFICATE-----
Generated at Sun Jun 16 00:43:35 2024 by rpki-client on console-ams.rpki-client.org