Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/CF416BA52A17B78F7D57F16A98E5D9A0B7DC328D02D2CC14A9D7467235748F04/0/34352e3135322e3231362e302f32322d3234203d3e20323632313939.roa
File:                     34352e3135322e3231362e302f32322d3234203d3e20323632313939.roa (raw, json)
Hash identifier:          ADQfPxreb2OCuR9THfMnhpTQuWBTYEClFY0KZ6/og3k=
Subject key identifier:   18:72:70:85:63:E8:1E:18:9C:10:86:6C:69:30:45:B8:76:F1:D8:B7
Certificate issuer:       /CN=B38BDE76E463241532282B264A16F479CD7D0224
Certificate serial:       4634B2118CDFC72630886918EBF539A333F4B11F
Authority key identifier: B3:8B:DE:76:E4:63:24:15:32:28:2B:26:4A:16:F4:79:CD:7D:02:24
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B38BDE76E463241532282B264A16F479CD7D0224.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/CF416BA52A17B78F7D57F16A98E5D9A0B7DC328D02D2CC14A9D7467235748F04/0/34352e3135322e3231362e302f32322d3234203d3e20323632313939.roa
Signing time:             Tue 01 Jul 2025 15:24:17 +0000
ROA not before:           Tue 01 Jul 2025 15:19:17 +0000
ROA not after:            Tue 30 Jun 2026 15:24:17 +0000
asID:                     262199
IP address blocks:        45.152.216.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/CF416BA52A17B78F7D57F16A98E5D9A0B7DC328D02D2CC14A9D7467235748F04/0/B38BDE76E463241532282B264A16F479CD7D0224.crl
                          rsync://repository.lacnic.net/rpki/lacnic/CF416BA52A17B78F7D57F16A98E5D9A0B7DC328D02D2CC14A9D7467235748F04/0/B38BDE76E463241532282B264A16F479CD7D0224.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B38BDE76E463241532282B264A16F479CD7D0224.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 06 Jul 2025 23:32:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:34:b2:11:8c:df:c7:26:30:88:69:18:eb:f5:39:a3:33:f4:b1:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B38BDE76E463241532282B264A16F479CD7D0224
        Validity
            Not Before: Jul  1 15:19:17 2025 GMT
            Not After : Jun 30 15:24:17 2026 GMT
        Subject: CN=1872708563E81E189C10866C693045B876F1D8B7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:2f:28:c2:2c:c7:7f:03:65:87:99:0d:b8:6b:
                    b9:5f:ca:7c:88:2b:d9:f1:d7:1b:e3:b4:4e:75:09:
                    4b:9f:5f:af:0c:be:68:ca:db:4e:2f:10:43:46:61:
                    33:5c:55:83:63:8e:08:8b:11:5c:0f:45:d7:f9:23:
                    8c:47:47:d0:09:30:1c:46:04:14:3f:2b:85:52:7e:
                    a6:04:47:32:77:61:94:26:0a:ff:25:48:0e:1f:f5:
                    5b:0a:1e:2a:f4:1a:57:b3:82:68:c4:e5:3a:bd:54:
                    68:37:0d:79:ed:21:59:5a:55:2a:40:49:b6:47:5a:
                    70:c3:8f:7a:f4:1e:75:69:d9:6e:e2:d0:8b:7e:7c:
                    83:f9:ec:7e:2c:ca:1a:7f:76:7f:9d:46:52:e3:f2:
                    28:5b:a6:88:fa:92:7e:a1:f6:d1:0e:66:a3:51:93:
                    8a:5e:3e:07:9b:49:cd:52:78:24:6a:51:a4:75:0c:
                    a5:e7:19:08:49:15:30:bb:46:99:e9:fc:ca:0a:4d:
                    74:b3:a2:ac:c6:17:cd:87:b2:7b:f1:dd:a8:6f:7e:
                    b0:f8:35:cf:ab:a2:38:88:2c:c4:b9:ca:29:22:cd:
                    13:be:fd:9d:3d:fb:9c:31:97:08:c8:19:93:45:01:
                    a3:4b:90:d3:a9:76:40:08:26:db:f1:1e:85:54:64:
                    de:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:72:70:85:63:E8:1E:18:9C:10:86:6C:69:30:45:B8:76:F1:D8:B7
            X509v3 Authority Key Identifier:
                keyid:B3:8B:DE:76:E4:63:24:15:32:28:2B:26:4A:16:F4:79:CD:7D:02:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/CF416BA52A17B78F7D57F16A98E5D9A0B7DC328D02D2CC14A9D7467235748F04/0/B38BDE76E463241532282B264A16F479CD7D0224.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/B38BDE76E463241532282B264A16F479CD7D0224.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/CF416BA52A17B78F7D57F16A98E5D9A0B7DC328D02D2CC14A9D7467235748F04/0/34352e3135322e3231362e302f32322d3234203d3e20323632313939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.152.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3a:2f:24:ff:86:43:de:41:c9:2d:28:cb:80:bd:51:1a:64:88:
         1a:ae:03:d5:60:de:24:0b:bc:38:f8:a0:5b:9f:8c:cd:61:5f:
         7c:2f:aa:a6:36:a2:f6:df:6b:01:3e:22:75:a0:ad:d4:66:ab:
         53:c6:a0:bb:89:4c:e3:4b:5e:3a:50:26:4d:10:1e:b7:b1:3d:
         d6:11:e1:dd:40:37:3a:ac:ab:f1:ee:40:c2:76:be:32:ed:4a:
         7a:76:f1:ba:31:a8:0d:02:1f:e2:5f:15:0e:9f:c3:d1:2a:1f:
         56:12:77:94:07:6b:5c:f9:7e:60:96:1a:5e:fe:9e:ef:f7:15:
         c3:4e:0b:3f:26:b1:81:56:fd:ee:3d:78:a1:70:b5:5a:f5:f3:
         67:9d:5f:95:32:fc:b2:ba:ba:fb:cf:26:25:11:fe:3d:4d:e2:
         4a:94:c1:89:2a:f8:32:fa:f5:6a:45:63:23:fa:d7:71:bf:fe:
         c6:7d:dc:e1:9d:f6:65:21:73:58:fd:05:41:2d:41:22:c9:31:
         45:75:e1:65:b7:94:00:39:c4:cf:01:5c:bc:23:1a:bd:30:56:
         b6:a7:7f:47:17:ba:bc:be:2c:d1:2b:55:db:22:8e:ee:cc:18:
         3d:32:f7:d3:c9:ae:69:c3:de:35:83:7f:b5:ac:d7:08:cb:03:
         46:a2:0f:3b
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgIURjSyEYzfxyYwiGkY6/U5ozP0sR8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjM4QkRFNzZFNDYzMjQxNTMyMjgyQjI2NEExNkY0NzlD
RDdEMDIyNDAeFw0yNTA3MDExNTE5MTdaFw0yNjA2MzAxNTI0MTdaMDMxMTAvBgNV
BAMTKDE4NzI3MDg1NjNFODFFMTg5QzEwODY2QzY5MzA0NUI4NzZGMUQ4QjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC5LyjCLMd/A2WHmQ24a7lfynyI
K9nx1xvjtE51CUufX68MvmjK204vEENGYTNcVYNjjgiLEVwPRdf5I4xHR9AJMBxG
BBQ/K4VSfqYERzJ3YZQmCv8lSA4f9VsKHir0GlezgmjE5Tq9VGg3DXntIVlaVSpA
SbZHWnDDj3r0HnVp2W7i0It+fIP57H4syhp/dn+dRlLj8ihbpoj6kn6h9tEOZqNR
k4pePgebSc1SeCRqUaR1DKXnGQhJFTC7Rpnp/MoKTXSzoqzGF82Hsnvx3ahvfrD4
Nc+rojiILMS5yikizRO+/Z09+5wxlwjIGZNFAaNLkNOpdkAIJtvxHoVUZN7JAgMB
AAGjggLKMIICxjAdBgNVHQ4EFgQUGHJwhWPoHhicEIZsaTBFuHbx2LcwHwYDVR0j
BBgwFoAUs4veduRjJBUyKCsmShb0ec19AiQwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy9DRjQxNkJBNTJBMTdCNzhGN0Q1N0YxNkE5OEU1RDlBMEI3
REMzMjhEMDJEMkNDMTRBOUQ3NDY3MjM1NzQ4RjA0LzAvQjM4QkRFNzZFNDYzMjQx
NTMyMjgyQjI2NEExNkY0NzlDRDdEMDIyNC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9CMzhCREU3NkU0NjMyNDE1MzIy
ODJCMjY0QTE2RjQ3OUNEN0QwMjI0LmNlcjCByQYIKwYBBQUHAQsEgbwwgbkwgbYG
CCsGAQUFBzALhoGpcnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvQ0Y0MTZCQTUyQTE3Qjc4RjdENTdGMTZBOThFNUQ5QTBCN0RDMzI4RDAy
RDJDQzE0QTlENzQ2NzIzNTc0OEYwNC8wLzM0MzUyZTMxMzUzMjJlMzIzMTM2MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjMyMzEzOTM5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZjY
MA0GCSqGSIb3DQEBCwUAA4IBAQA6LyT/hkPeQcktKMuAvVEaZIgargPVYN4kC7w4
+KBbn4zNYV98L6qmNqL232sBPiJ1oK3UZqtTxqC7iUzjS146UCZNEB63sT3WEeHd
QDc6rKvx7kDCdr4y7Up6dvG6MagNAh/iXxUOn8PRKh9WEneUB2tc+X5glhpe/p7v
9xXDTgs/JrGBVv3uPXihcLVa9fNnnV+VMvyyurr7zyYlEf49TeJKlMGJKvgy+vVq
RWMj+tdxv/7GfdzhnfZlIXNY/QVBLUEiyTFFdeFlt5QAOcTPAVy8Ixq9MFa2p39H
F7q8vizRK1XbIo7uzBg9MvfTya5pw941g3+1rNcIywNGog87
-----END CERTIFICATE-----
Generated at Thu Jul 3 12:27:16 2025 by rpki-client