Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/F799DAC8FA9400E3C99DE217D3AD6DD339A4CA0412769AF70ABCA56EE5CEC2E9/0/34352e3233342e3135372e302f32342d3234203d3e20323636373839.roa
File:                     34352e3233342e3135372e302f32342d3234203d3e20323636373839.roa (raw, json)
Hash identifier:          w88WfkbT5FimkoNmMHxilprM2TdDjFz1WtAUedRxMlM=
Subject key identifier:   BE:46:74:61:25:B7:84:FF:44:43:7C:96:40:2A:E4:B5:35:25:6C:25
Certificate issuer:       /CN=E884A6788F567FA5F2EF3E8C0BA4B2B5E3DF37AB
Certificate serial:       1DEABB3C023BD3502B846BEE0AD832A2F0EA7552
Authority key identifier: E8:84:A6:78:8F:56:7F:A5:F2:EF:3E:8C:0B:A4:B2:B5:E3:DF:37:AB
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E884A6788F567FA5F2EF3E8C0BA4B2B5E3DF37AB.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/F799DAC8FA9400E3C99DE217D3AD6DD339A4CA0412769AF70ABCA56EE5CEC2E9/0/34352e3233342e3135372e302f32342d3234203d3e20323636373839.roa
Signing time:             Tue 05 Mar 2024 17:44:43 +0000
ROA not before:           Tue 05 Mar 2024 17:39:43 +0000
ROA not after:            Tue 04 Mar 2025 17:44:43 +0000
asID:                     266789
IP address blocks:        45.234.157.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/F799DAC8FA9400E3C99DE217D3AD6DD339A4CA0412769AF70ABCA56EE5CEC2E9/0/E884A6788F567FA5F2EF3E8C0BA4B2B5E3DF37AB.crl
                          rsync://repository.lacnic.net/rpki/lacnic/F799DAC8FA9400E3C99DE217D3AD6DD339A4CA0412769AF70ABCA56EE5CEC2E9/0/E884A6788F567FA5F2EF3E8C0BA4B2B5E3DF37AB.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E884A6788F567FA5F2EF3E8C0BA4B2B5E3DF37AB.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 16:28:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:ea:bb:3c:02:3b:d3:50:2b:84:6b:ee:0a:d8:32:a2:f0:ea:75:52
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E884A6788F567FA5F2EF3E8C0BA4B2B5E3DF37AB
        Validity
            Not Before: Mar  5 17:39:43 2024 GMT
            Not After : Mar  4 17:44:43 2025 GMT
        Subject: CN=BE46746125B784FF44437C96402AE4B535256C25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:62:94:0d:f1:2c:fd:03:a1:8e:61:11:3c:a2:
                    26:c7:f4:f3:74:94:9d:7a:39:55:a3:93:6c:35:3e:
                    cb:77:dd:d4:9d:5c:ba:b7:23:be:b7:a9:ec:bc:34:
                    69:4c:a8:99:d4:5b:a7:6e:3d:d8:1d:8a:56:97:85:
                    00:bd:74:78:de:40:d2:a4:20:c8:8b:4b:96:cf:4d:
                    8d:d4:52:71:ca:d7:4e:84:c1:d9:2f:b9:bb:4a:46:
                    f2:d2:2c:2e:74:ea:ff:75:67:d2:7f:4c:f9:5f:ac:
                    12:21:66:6c:35:66:95:c9:1c:4b:b3:a8:e3:61:43:
                    ba:7c:6b:92:43:a4:29:a4:c5:29:e4:22:93:83:f5:
                    cf:6b:6e:e2:51:39:2d:d1:0a:f8:28:3d:5d:47:24:
                    90:7e:66:41:86:9c:47:2f:21:e5:63:b5:41:26:d4:
                    66:2f:e9:ff:f4:4a:38:c9:3c:b6:0a:df:ca:a3:62:
                    b0:ba:82:bf:aa:65:45:05:9c:e0:90:b3:2c:8f:ee:
                    a6:9a:5b:f7:a3:65:a9:cc:c4:98:07:89:62:80:2c:
                    5c:5c:50:3f:27:e7:a3:a3:4a:d6:c2:1e:88:3c:8f:
                    f9:09:6c:f4:25:6a:1d:5e:7b:ee:11:81:0f:92:05:
                    ec:85:58:17:ed:bc:1f:e3:d5:5c:66:27:38:78:7a:
                    d0:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:46:74:61:25:B7:84:FF:44:43:7C:96:40:2A:E4:B5:35:25:6C:25
            X509v3 Authority Key Identifier:
                keyid:E8:84:A6:78:8F:56:7F:A5:F2:EF:3E:8C:0B:A4:B2:B5:E3:DF:37:AB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/F799DAC8FA9400E3C99DE217D3AD6DD339A4CA0412769AF70ABCA56EE5CEC2E9/0/E884A6788F567FA5F2EF3E8C0BA4B2B5E3DF37AB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/E884A6788F567FA5F2EF3E8C0BA4B2B5E3DF37AB.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/F799DAC8FA9400E3C99DE217D3AD6DD339A4CA0412769AF70ABCA56EE5CEC2E9/0/34352e3233342e3135372e302f32342d3234203d3e20323636373839.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.234.157.0/24

    Signature Algorithm: sha256WithRSAEncryption
         28:77:d7:20:78:f0:f0:28:91:61:c1:89:f4:46:e6:ae:0e:b9:
         36:4f:e1:03:96:a3:fe:07:6b:3f:42:86:67:60:42:cf:2c:e7:
         64:0a:45:71:f7:fe:d7:41:a8:72:5d:ae:82:17:09:b6:3c:18:
         57:7c:90:9b:88:e2:87:bb:47:64:81:ee:e8:ca:e1:97:0e:dd:
         e3:44:ff:da:67:80:00:2f:6c:0e:a8:13:fa:70:83:ca:a0:02:
         60:3a:9e:2c:2c:a3:5f:b6:92:94:f3:b0:6d:5b:b3:db:8a:ab:
         74:d0:42:1d:e0:a2:fb:db:a8:57:0f:53:06:03:03:9c:ad:5c:
         cc:b6:0c:8a:73:dd:65:68:22:18:7f:04:81:82:91:ee:48:27:
         7f:86:ad:bf:22:22:4d:36:33:61:92:a3:ec:41:1b:29:80:7d:
         a3:a1:af:af:68:fb:cd:d0:3c:a2:04:08:c8:3e:4f:be:54:cc:
         60:d3:12:c2:9e:e7:26:19:fe:68:d6:6c:99:73:e7:f4:cf:4f:
         35:e2:b0:1a:a8:bd:11:40:ad:8b:a6:63:56:7a:3f:0b:1c:18:
         b9:b6:07:b7:47:6a:2e:65:e8:18:93:d0:d3:5d:e6:d3:98:ca:
         22:58:84:59:e2:8d:df:de:de:30:9b:f7:b3:7b:5c:e1:1f:49:
         1a:3d:f0:08
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIUHeq7PAI701ArhGvuCtgyovDqdVIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTg4NEE2Nzg4RjU2N0ZBNUYyRUYzRThDMEJBNEIyQjVF
M0RGMzdBQjAeFw0yNDAzMDUxNzM5NDNaFw0yNTAzMDQxNzQ0NDNaMDMxMTAvBgNV
BAMTKEJFNDY3NDYxMjVCNzg0RkY0NDQzN0M5NjQwMkFFNEI1MzUyNTZDMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSYpQN8Sz9A6GOYRE8oibH9PN0
lJ16OVWjk2w1Pst33dSdXLq3I763qey8NGlMqJnUW6duPdgdilaXhQC9dHjeQNKk
IMiLS5bPTY3UUnHK106EwdkvubtKRvLSLC506v91Z9J/TPlfrBIhZmw1ZpXJHEuz
qONhQ7p8a5JDpCmkxSnkIpOD9c9rbuJROS3RCvgoPV1HJJB+ZkGGnEcvIeVjtUEm
1GYv6f/0SjjJPLYK38qjYrC6gr+qZUUFnOCQsyyP7qaaW/ejZanMxJgHiWKALFxc
UD8n56OjStbCHog8j/kJbPQlah1ee+4RgQ+SBeyFWBftvB/j1VxmJzh4etCNAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUvkZ0YSW3hP9EQ3yWQCrktTUlbCUwHwYDVR0j
BBgwFoAU6ISmeI9Wf6Xy7z6MC6SytePfN6swDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GNzk5REFDOEZBOTQwMEUzQzk5REUyMTdEM0FENkREMzM5
QTRDQTA0MTI3NjlBRjcwQUJDQTU2RUU1Q0VDMkU5LzAvRTg4NEE2Nzg4RjU2N0ZB
NUYyRUYzRThDMEJBNEIyQjVFM0RGMzdBQi5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9FODg0QTY3ODhGNTY3RkE1RjJF
RjNFOEMwQkE0QjJCNUUzREYzN0FCLmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRjc5OURBQzhGQTk0MDBFM0M5OURFMjE3RDNBRDZERDMzOUE0Q0EwNDEy
NzY5QUY3MEFCQ0E1NkVFNUNFQzJFOS8wLzM0MzUyZTMyMzMzNDJlMzEzNTM3MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM2MzczODM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALeqd
MA0GCSqGSIb3DQEBCwUAA4IBAQAod9cgePDwKJFhwYn0RuauDrk2T+EDlqP+B2s/
QoZnYELPLOdkCkVx9/7XQahyXa6CFwm2PBhXfJCbiOKHu0dkge7oyuGXDt3jRP/a
Z4AAL2wOqBP6cIPKoAJgOp4sLKNftpKU87BtW7Pbiqt00EId4KL726hXD1MGAwOc
rVzMtgyKc91laCIYfwSBgpHuSCd/hq2/IiJNNjNhkqPsQRspgH2joa+vaPvN0Dyi
BAjIPk++VMxg0xLCnucmGf5o1myZc+f0z0814rAaqL0RQK2LpmNWej8LHBi5tge3
R2ouZegYk9DTXebTmMoiWIRZ4o3f3t4wm/eze1zhH0kaPfAI
-----END CERTIFICATE-----
Generated at Sat Jun 15 23:25:58 2024 by rpki-client on console-ams.rpki-client.org