Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/FDC6AE4F20474937934AF5EF48EF8B2C64555FFEE9848645B1B86B757928F738/0/34352e3233362e33332e302f32342d3234203d3e20323636373931.roa
File:                     34352e3233362e33332e302f32342d3234203d3e20323636373931.roa (raw, json)
Hash identifier:          EzrlTsNk15NXfMYi5U3pqEkX45maKeEEzkduIGKVZWs=
Subject key identifier:   E7:1D:7A:61:02:9A:CE:0E:27:81:3A:04:93:A9:C0:3D:2D:A0:34:6E
Certificate issuer:       /CN=F381BE6CF64000AB9FF5B43AFF78F2623199F153
Certificate serial:       747BBFB5C033EBB3474ADB386A85ADE293A5A2B1
Authority key identifier: F3:81:BE:6C:F6:40:00:AB:9F:F5:B4:3A:FF:78:F2:62:31:99:F1:53
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F381BE6CF64000AB9FF5B43AFF78F2623199F153.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/FDC6AE4F20474937934AF5EF48EF8B2C64555FFEE9848645B1B86B757928F738/0/34352e3233362e33332e302f32342d3234203d3e20323636373931.roa
Signing time:             Fri 26 Apr 2024 16:25:00 +0000
ROA not before:           Fri 26 Apr 2024 16:20:00 +0000
ROA not after:            Fri 25 Apr 2025 16:25:00 +0000
asID:                     266791
IP address blocks:        45.236.33.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/FDC6AE4F20474937934AF5EF48EF8B2C64555FFEE9848645B1B86B757928F738/0/F381BE6CF64000AB9FF5B43AFF78F2623199F153.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC6AE4F20474937934AF5EF48EF8B2C64555FFEE9848645B1B86B757928F738/0/F381BE6CF64000AB9FF5B43AFF78F2623199F153.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F381BE6CF64000AB9FF5B43AFF78F2623199F153.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 23:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:7b:bf:b5:c0:33:eb:b3:47:4a:db:38:6a:85:ad:e2:93:a5:a2:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F381BE6CF64000AB9FF5B43AFF78F2623199F153
        Validity
            Not Before: Apr 26 16:20:00 2024 GMT
            Not After : Apr 25 16:25:00 2025 GMT
        Subject: CN=E71D7A61029ACE0E27813A0493A9C03D2DA0346E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:2e:ac:9b:ca:7f:f7:e9:14:de:36:0a:eb:ac:
                    ba:4e:bf:62:0d:a9:de:47:4d:7c:cb:1f:34:2f:96:
                    66:ae:7f:65:21:8a:35:66:64:dd:d1:ac:8e:9a:26:
                    ca:de:06:98:27:09:ac:50:a3:7d:2d:39:a5:7c:c5:
                    58:39:5a:be:c6:1e:60:f6:36:58:95:64:f0:29:e0:
                    08:15:be:46:21:e2:98:02:73:e1:d0:19:de:6b:07:
                    d9:20:8f:2e:33:2e:1a:81:72:c4:13:07:dd:ec:2a:
                    af:c3:d8:bf:d5:57:89:4c:b0:2a:35:ee:f6:28:73:
                    f3:33:c8:fd:e7:d3:17:30:93:ac:f5:11:8a:b9:ae:
                    f3:d3:83:21:86:b5:fa:25:1e:b2:e4:e8:98:9c:03:
                    7f:b1:59:5b:34:9b:f7:7a:1d:d8:a2:49:ea:58:f2:
                    e1:63:17:b7:65:16:03:c9:b3:dc:8f:f0:0e:ae:38:
                    3c:7a:1a:37:9a:b5:3f:67:20:3d:ae:16:f0:34:cd:
                    c4:be:06:17:e7:3e:a9:75:56:1e:d4:91:71:86:f8:
                    20:19:06:a2:6c:37:ac:88:dd:26:38:37:a4:f0:74:
                    5f:37:cd:83:d7:f0:34:7c:3a:c6:88:89:d4:7a:cc:
                    a2:c7:16:45:8b:5f:52:0d:31:f3:7c:0f:07:64:3f:
                    4f:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:1D:7A:61:02:9A:CE:0E:27:81:3A:04:93:A9:C0:3D:2D:A0:34:6E
            X509v3 Authority Key Identifier:
                keyid:F3:81:BE:6C:F6:40:00:AB:9F:F5:B4:3A:FF:78:F2:62:31:99:F1:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/FDC6AE4F20474937934AF5EF48EF8B2C64555FFEE9848645B1B86B757928F738/0/F381BE6CF64000AB9FF5B43AFF78F2623199F153.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/F381BE6CF64000AB9FF5B43AFF78F2623199F153.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC6AE4F20474937934AF5EF48EF8B2C64555FFEE9848645B1B86B757928F738/0/34352e3233362e33332e302f32342d3234203d3e20323636373931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.236.33.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:46:61:0c:b3:d7:bd:13:29:da:f9:fe:ea:70:16:78:0c:36:
         40:82:12:40:47:22:7c:40:98:54:9a:5e:c1:0a:84:e7:14:45:
         2e:64:fe:f5:e9:7d:03:d5:e4:59:ef:c4:f1:04:d0:de:85:75:
         44:1c:c8:53:19:1e:c1:b3:09:29:0a:ed:9a:63:07:dc:66:88:
         3d:0f:f5:9e:43:f8:73:68:ed:b2:b3:64:34:32:82:b8:5a:19:
         95:6e:7f:d8:da:0e:49:22:bd:ac:64:c5:13:eb:6e:18:d9:a3:
         58:81:e3:da:82:eb:1c:81:98:bd:7e:2f:86:46:4f:11:78:31:
         a8:60:84:7a:6d:71:03:fb:05:87:d7:b1:b8:c4:94:28:5e:47:
         a2:92:71:2c:75:33:31:89:d1:6f:1e:8a:da:c1:16:97:43:48:
         66:dc:54:25:85:a4:56:73:43:8a:37:14:8b:b9:38:ac:88:e2:
         6f:47:5a:c5:33:a4:44:78:bd:68:f2:46:a8:67:c4:f5:52:73:
         62:32:7d:14:1e:5f:5d:17:b4:c8:f7:84:ca:8a:f0:de:00:41:
         b5:d9:24:d6:d5:66:1f:c5:ea:8c:3a:f3:12:b7:66:ea:bd:d4:
         97:9d:2c:6c:62:ca:8a:da:1c:f9:59:50:30:cd:9d:11:a6:9c:
         21:67:c8:5e
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUdHu/tcAz67NHSts4aoWt4pOlorEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjM4MUJFNkNGNjQwMDBBQjlGRjVCNDNBRkY3OEYyNjIz
MTk5RjE1MzAeFw0yNDA0MjYxNjIwMDBaFw0yNTA0MjUxNjI1MDBaMDMxMTAvBgNV
BAMTKEU3MUQ3QTYxMDI5QUNFMEUyNzgxM0EwNDkzQTlDMDNEMkRBMDM0NkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxLqybyn/36RTeNgrrrLpOv2IN
qd5HTXzLHzQvlmauf2UhijVmZN3RrI6aJsreBpgnCaxQo30tOaV8xVg5Wr7GHmD2
NliVZPAp4AgVvkYh4pgCc+HQGd5rB9kgjy4zLhqBcsQTB93sKq/D2L/VV4lMsCo1
7vYoc/MzyP3n0xcwk6z1EYq5rvPTgyGGtfolHrLk6JicA3+xWVs0m/d6HdiiSepY
8uFjF7dlFgPJs9yP8A6uODx6GjeatT9nID2uFvA0zcS+BhfnPql1Vh7UkXGG+CAZ
BqJsN6yI3SY4N6TwdF83zYPX8DR8OsaIidR6zKLHFkWLX1INMfN8DwdkP0/jAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQU5x16YQKazg4ngToEk6nAPS2gNG4wHwYDVR0j
BBgwFoAU84G+bPZAAKuf9bQ6/3jyYjGZ8VMwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9GREM2QUU0RjIwNDc0OTM3OTM0QUY1RUY0OEVGOEIyQzY0
NTU1RkZFRTk4NDg2NDVCMUI4NkI3NTc5MjhGNzM4LzAvRjM4MUJFNkNGNjQwMDBB
QjlGRjVCNDNBRkY3OEYyNjIzMTk5RjE1My5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9GMzgxQkU2Q0Y2NDAwMEFCOUZG
NUI0M0FGRjc4RjI2MjMxOTlGMTUzLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvRkRDNkFFNEYyMDQ3NDkzNzkzNEFGNUVGNDhFRjhCMkM2NDU1NUZGRUU5
ODQ4NjQ1QjFCODZCNzU3OTI4RjczOC8wLzM0MzUyZTMyMzMzNjJlMzMzMzJlMzAy
ZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzNjM3MzkzMS5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC3sITAN
BgkqhkiG9w0BAQsFAAOCAQEAaUZhDLPXvRMp2vn+6nAWeAw2QIISQEcifECYVJpe
wQqE5xRFLmT+9el9A9XkWe/E8QTQ3oV1RBzIUxkewbMJKQrtmmMH3GaIPQ/1nkP4
c2jtsrNkNDKCuFoZlW5/2NoOSSK9rGTFE+tuGNmjWIHj2oLrHIGYvX4vhkZPEXgx
qGCEem1xA/sFh9exuMSUKF5HopJxLHUzMYnRbx6K2sEWl0NIZtxUJYWkVnNDijcU
i7k4rIjib0daxTOkRHi9aPJGqGfE9VJzYjJ9FB5fXRe0yPeEyorw3gBBtdkk1tVm
H8XqjDrzErdm6r3Ul50sbGLKitoc+VlQMM2dEaacIWfIXg==
-----END CERTIFICATE-----
Generated at Wed Nov 20 23:52:24 2024 by rpki-client on console-ams.rpki-client.org