Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/772b8fe2-5046-4a2a-bc7c-79a2f449b696/fafb8311afd0ba0b3fb92ef05649412529d7d0dd.roa
File:                     fafb8311afd0ba0b3fb92ef05649412529d7d0dd.roa (raw, json)
Hash identifier:          ROw2C6frcu6tzHbbOiEYOBYJPKiWH9nHthK8kk3qrOY=
Subject key identifier:   21:B1:0C:A4:97:32:EA:B9:F2:CE:A0:2A:53:51:46:AD:42:B1:9D:9E
Certificate issuer:       /CN=faba226494c1bd7cbd91007cecff2afa9c4283ff
Certificate serial:       0D743A
Authority key identifier: DF:EC:B7:B6:3A:18:C7:F2:43:DA:76:97:49:30:44:5E:DB:51:EB:85
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/faba226494c1bd7cbd91007cecff2afa9c4283ff.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/772b8fe2-5046-4a2a-bc7c-79a2f449b696/fafb8311afd0ba0b3fb92ef05649412529d7d0dd.roa
Signing time:             Wed 24 Mar 2021 14:45:35 +0000
ROA not before:           Wed 24 Mar 2021 14:45:35 +0000
ROA not after:            Tue 24 Mar 2026 14:45:35 +0000
asID:                     263692
IP address blocks:        132.255.0.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/772b8fe2-5046-4a2a-bc7c-79a2f449b696/faba226494c1bd7cbd91007cecff2afa9c4283ff.crl
                          rsync://repository.lacnic.net/rpki/lacnic/772b8fe2-5046-4a2a-bc7c-79a2f449b696/faba226494c1bd7cbd91007cecff2afa9c4283ff.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/faba226494c1bd7cbd91007cecff2afa9c4283ff.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 19:38:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 881722 (0xd743a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=faba226494c1bd7cbd91007cecff2afa9c4283ff
        Validity
            Not Before: Mar 24 14:45:35 2021 GMT
            Not After : Mar 24 14:45:35 2026 GMT
        Subject: CN=fafb8311afd0ba0b3fb92ef05649412529d7d0dd
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:15:3c:9b:a2:5a:95:db:0b:32:4f:ba:cd:9f:
                    dc:21:6a:76:a6:e1:a8:23:a8:c8:aa:dd:57:99:04:
                    6a:7c:fb:5a:1f:39:4a:d2:e5:0c:47:62:e9:d5:2e:
                    8f:30:7e:31:3a:00:f0:59:1c:36:63:b8:b2:7c:41:
                    c1:db:c7:4e:c7:16:4a:2a:db:b8:16:af:de:68:cb:
                    78:71:2b:2f:dd:b7:94:8c:9a:f4:43:29:e3:47:c4:
                    08:d2:c7:4e:72:c0:de:6f:e0:f9:df:9b:ad:02:30:
                    0b:51:2a:8c:d3:b7:c2:25:61:6e:e7:30:fc:18:4d:
                    3d:64:49:52:28:9e:8d:d2:be:ca:e8:e4:61:63:b8:
                    48:83:97:18:d5:aa:de:a1:09:51:8e:17:e3:74:ee:
                    b1:c0:91:f4:37:3a:37:1f:e3:b3:a8:96:d3:7e:70:
                    f6:02:45:d2:0e:4f:17:d4:63:3c:de:db:35:9b:d9:
                    a6:cd:71:64:9c:89:c3:76:ac:6d:e8:6b:73:b7:2a:
                    c9:22:c4:e6:0e:e9:95:d5:1d:7f:88:af:3f:98:38:
                    7a:64:dc:b1:5a:b5:bb:e2:53:cd:3a:85:12:e9:7c:
                    50:d4:ab:fd:0b:7f:fb:08:53:7f:48:61:13:7e:87:
                    84:57:c9:1d:80:0f:2e:37:c6:ec:7e:60:8e:bf:32:
                    87:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:B1:0C:A4:97:32:EA:B9:F2:CE:A0:2A:53:51:46:AD:42:B1:9D:9E
            X509v3 Authority Key Identifier:
                keyid:DF:EC:B7:B6:3A:18:C7:F2:43:DA:76:97:49:30:44:5E:DB:51:EB:85

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/faba226494c1bd7cbd91007cecff2afa9c4283ff.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/772b8fe2-5046-4a2a-bc7c-79a2f449b696/fafb8311afd0ba0b3fb92ef05649412529d7d0dd.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/772b8fe2-5046-4a2a-bc7c-79a2f449b696/faba226494c1bd7cbd91007cecff2afa9c4283ff.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  132.255.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4b:2c:c1:aa:a9:c2:d9:02:27:d1:80:08:af:37:b4:cb:eb:40:
         4c:17:49:83:3a:3c:be:2c:59:35:08:62:d1:d2:e4:a0:a8:3e:
         a0:12:c3:f1:ea:0e:93:d6:f3:4a:a8:2e:f9:b8:92:61:f7:1b:
         09:81:09:c6:8b:aa:d2:ee:2f:73:41:bc:f2:82:84:86:8f:97:
         8a:5b:ba:38:57:ba:01:7e:4d:b0:ca:39:82:8c:fb:75:1b:55:
         11:bf:d4:70:b0:16:34:35:63:93:7b:d7:44:1f:64:c9:f0:af:
         82:c9:01:8b:f3:3c:fa:ac:09:45:4c:98:ce:b0:3e:b3:15:18:
         0a:2c:2e:b8:e4:8d:7e:7a:c3:dd:97:40:12:f1:b6:62:0a:33:
         d2:f3:b7:dc:fb:a3:c5:ec:f4:b3:80:00:27:95:84:6c:a0:63:
         19:de:5d:39:e4:11:b5:cc:ab:20:b8:8a:6c:d4:e0:60:94:fa:
         e6:e5:45:d8:04:81:7e:01:c4:14:12:af:4a:ef:e3:2d:f9:da:
         1a:d9:57:3d:da:93:7c:1e:21:6b:af:06:83:bd:a9:f4:fa:e5:
         af:55:c4:ba:63:6b:9d:51:a9:e7:81:1c:a5:06:65:04:c7:ec:
         a9:39:0c:d4:43:59:5f:aa:2e:e9:cd:b0:ca:be:f4:2a:cd:8c:
         8a:95:62:73
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIDDXQ6MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGZh
YmEyMjY0OTRjMWJkN2NiZDkxMDA3Y2VjZmYyYWZhOWM0MjgzZmYwHhcNMjEwMzI0
MTQ0NTM1WhcNMjYwMzI0MTQ0NTM1WjAzMTEwLwYDVQQDEyhmYWZiODMxMWFmZDBi
YTBiM2ZiOTJlZjA1NjQ5NDEyNTI5ZDdkMGRkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAgBU8m6JaldsLMk+6zZ/cIWp2puGoI6jIqt1XmQRqfPtaHzlK
0uUMR2Lp1S6PMH4xOgDwWRw2Y7iyfEHB28dOxxZKKtu4Fq/eaMt4cSsv3beUjJr0
QynjR8QI0sdOcsDeb+D535utAjALUSqM07fCJWFu5zD8GE09ZElSKJ6N0r7K6ORh
Y7hIg5cY1areoQlRjhfjdO6xwJH0Nzo3H+OzqJbTfnD2AkXSDk8X1GM83ts1m9mm
zXFknInDdqxt6GtztyrJIsTmDumV1R1/iK8/mDh6ZNyxWrW74lPNOoUS6XxQ1Kv9
C3/7CFN/SGETfoeEV8kdgA8uN8bsfmCOvzKHhQIDAQABo4ICWzCCAlcwHQYDVR0O
BBYEFCGxDKSXMuq58s6gKlNRRq1CsZ2eMB8GA1UdIwQYMBaAFN/st7Y6GMfyQ9p2
l0kwRF7bUeuFMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvZmFiYTIy
NjQ5NGMxYmQ3Y2JkOTEwMDdjZWNmZjJhZmE5YzQyODNmZi5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvNzcyYjhmZTItNTA0Ni00YTJhLWJjN2MtNzlhMmY0
NDliNjk2L2ZhZmI4MzExYWZkMGJhMGIzZmI5MmVmMDU2NDk0MTI1MjlkN2QwZGQu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83NzJiOGZlMi01MDQ2LTRhMmEtYmM3Yy03OWEy
ZjQ0OWI2OTYvZmFiYTIyNjQ5NGMxYmQ3Y2JkOTEwMDdjZWNmZjJhZmE5YzQyODNm
Zi5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQ
MA4wDAQCAAEwBgMEAoT/ADANBgkqhkiG9w0BAQsFAAOCAQEASyzBqqnC2QIn0YAI
rze0y+tATBdJgzo8vixZNQhi0dLkoKg+oBLD8eoOk9bzSqgu+biSYfcbCYEJxouq
0u4vc0G88oKEho+Xilu6OFe6AX5NsMo5goz7dRtVEb/UcLAWNDVjk3vXRB9kyfCv
gskBi/M8+qwJRUyYzrA+sxUYCiwuuOSNfnrD3ZdAEvG2Ygoz0vO33Pujxez0s4AA
J5WEbKBjGd5dOeQRtcyrILiKbNTgYJT65uVF2ASBfgHEFBKvSu/jLfnaGtlXPdqT
fB4ha68Gg72p9Prlr1XEumNrnVGp54EcpQZlBMfsqTkM1ENZX6ou6c2wyr70Ks2M
ipVicw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 22:20:16 2024 by rpki-client on console-fra.rpki-client.org