Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/7d48c231-5123-4237-96c2-e2e3b41b58aa/fbac839a919c4bfa1d1dd87e45de27ba6cd97d33.roa
File:                     fbac839a919c4bfa1d1dd87e45de27ba6cd97d33.roa (raw, json)
Hash identifier:          FZlujDVEKdofmBVLtaEyagukY2i+lYv1qghD4UapT00=
Subject key identifier:   07:B7:90:CC:D1:36:D7:48:F4:05:F7:50:EE:91:3D:68:07:95:A3:BD
Certificate issuer:       /CN=79aa997c3add235597a12ab7bfcd7908569d5f30
Certificate serial:       0D6224
Authority key identifier: 79:57:67:3E:6A:82:19:69:11:89:9E:C0:97:BB:FF:E6:51:A1:02:43
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/79aa997c3add235597a12ab7bfcd7908569d5f30.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/7d48c231-5123-4237-96c2-e2e3b41b58aa/fbac839a919c4bfa1d1dd87e45de27ba6cd97d33.roa
Signing time:             Wed 24 Mar 2021 14:34:09 +0000
ROA not before:           Wed 24 Mar 2021 14:34:07 +0000
ROA not after:            Tue 24 Mar 2026 14:34:07 +0000
asID:                     27901
IP address blocks:        131.221.164.0/22 maxlen: 22
                          138.99.224.0/22 maxlen: 22
                          167.250.52.0/22 maxlen: 22
                          207.248.192.0/19 maxlen: 19

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/7d48c231-5123-4237-96c2-e2e3b41b58aa/79aa997c3add235597a12ab7bfcd7908569d5f30.crl
                          rsync://repository.lacnic.net/rpki/lacnic/7d48c231-5123-4237-96c2-e2e3b41b58aa/79aa997c3add235597a12ab7bfcd7908569d5f30.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/79aa997c3add235597a12ab7bfcd7908569d5f30.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 01:45:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 877092 (0xd6224)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79aa997c3add235597a12ab7bfcd7908569d5f30
        Validity
            Not Before: Mar 24 14:34:07 2021 GMT
            Not After : Mar 24 14:34:07 2026 GMT
        Subject: CN=fbac839a919c4bfa1d1dd87e45de27ba6cd97d33
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:24:2c:55:cc:a2:af:0c:c2:f6:bb:f1:71:33:
                    ca:a5:ea:5e:c3:72:d3:d5:31:19:ba:24:e3:e9:94:
                    6a:d7:d5:69:95:d8:09:1e:27:16:1f:bf:db:fc:3c:
                    f2:f6:20:4b:27:e5:f8:01:a2:a1:df:e7:5f:26:45:
                    a5:33:80:a4:8a:c6:67:43:93:c2:df:b1:a8:85:04:
                    d9:f2:fe:ee:f0:93:ae:79:c2:90:06:f0:3e:0e:71:
                    94:25:16:43:1b:a8:1c:58:5b:34:8c:4c:50:d4:2d:
                    f9:60:25:ec:00:3f:1a:85:9e:60:48:b0:58:df:f3:
                    af:25:d4:e3:02:be:cf:c7:71:b6:ee:a9:28:7a:70:
                    a4:13:8e:74:49:00:62:0a:f2:2e:02:70:30:e7:be:
                    25:a4:53:3c:c6:7d:25:2d:5f:57:67:72:aa:e4:f1:
                    f7:1d:fa:95:de:1d:67:82:e7:e7:d5:a8:07:6e:b5:
                    30:3c:a4:ea:89:81:5d:44:6e:9c:f3:69:35:a8:71:
                    f0:00:91:50:4f:2b:e6:48:17:18:c1:21:bb:39:d5:
                    7b:1a:3c:25:1b:11:6d:34:39:28:63:dd:e0:df:8b:
                    82:81:dc:e3:c9:fd:1a:99:16:06:63:16:b0:aa:7e:
                    c4:20:b6:ef:12:a6:b3:35:db:ae:8c:38:54:38:7f:
                    c9:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:B7:90:CC:D1:36:D7:48:F4:05:F7:50:EE:91:3D:68:07:95:A3:BD
            X509v3 Authority Key Identifier:
                keyid:79:57:67:3E:6A:82:19:69:11:89:9E:C0:97:BB:FF:E6:51:A1:02:43

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/79aa997c3add235597a12ab7bfcd7908569d5f30.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/7d48c231-5123-4237-96c2-e2e3b41b58aa/fbac839a919c4bfa1d1dd87e45de27ba6cd97d33.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/7d48c231-5123-4237-96c2-e2e3b41b58aa/79aa997c3add235597a12ab7bfcd7908569d5f30.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.221.164.0/22
                  138.99.224.0/22
                  167.250.52.0/22
                  207.248.192.0/19

    Signature Algorithm: sha256WithRSAEncryption
         7e:33:a7:9d:3c:59:11:41:f6:36:0c:59:29:c6:96:df:58:20:
         a9:56:0c:c5:7f:7e:e4:01:8c:16:9a:b1:df:89:11:c1:68:33:
         65:c4:f9:07:52:09:0c:0d:07:22:8b:bb:53:16:79:27:63:b1:
         b6:a3:1d:e8:4e:2a:19:86:9d:33:4c:ea:4e:da:98:80:15:ea:
         52:80:0c:64:2e:6b:e9:4f:e8:d0:b3:69:ff:a0:36:a1:17:02:
         3a:46:bd:8e:c3:94:6e:58:78:a2:44:55:e1:a0:2c:22:f4:46:
         f6:d0:32:53:e9:f8:26:28:a7:37:d8:ea:3c:27:54:4c:b1:45:
         a0:6f:00:7a:15:a9:47:dc:f3:71:05:b2:09:31:ac:fb:68:d1:
         15:e4:52:47:e9:68:e0:45:25:3a:f4:40:4c:3d:97:0a:be:7c:
         98:31:45:41:57:aa:ad:c4:a0:42:c5:2f:b7:d9:59:bd:6f:17:
         d3:2a:f1:00:a4:e0:6e:79:c3:6d:1e:54:6c:46:bd:e4:f5:c5:
         5c:6f:c9:1c:a9:65:f7:4a:10:c7:40:08:e9:88:3f:bb:54:ac:
         40:a5:78:6b:47:04:a0:27:a0:06:c1:f4:25:7f:0c:51:ae:6f:
         98:11:b8:21:ad:1e:9d:ac:c7:20:a4:70:bc:af:10:26:22:41:
         a0:99:22:f4
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIDDWIkMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDc5
YWE5OTdjM2FkZDIzNTU5N2ExMmFiN2JmY2Q3OTA4NTY5ZDVmMzAwHhcNMjEwMzI0
MTQzNDA3WhcNMjYwMzI0MTQzNDA3WjAzMTEwLwYDVQQDEyhmYmFjODM5YTkxOWM0
YmZhMWQxZGQ4N2U0NWRlMjdiYTZjZDk3ZDMzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmCQsVcyirwzC9rvxcTPKpepew3LT1TEZuiTj6ZRq19VpldgJ
HicWH7/b/Dzy9iBLJ+X4AaKh3+dfJkWlM4CkisZnQ5PC37GohQTZ8v7u8JOuecKQ
BvA+DnGUJRZDG6gcWFs0jExQ1C35YCXsAD8ahZ5gSLBY3/OvJdTjAr7Px3G27qko
enCkE450SQBiCvIuAnAw574lpFM8xn0lLV9XZ3Kq5PH3HfqV3h1ngufn1agHbrUw
PKTqiYFdRG6c82k1qHHwAJFQTyvmSBcYwSG7OdV7GjwlGxFtNDkoY93g34uCgdzj
yf0amRYGYxawqn7EILbvEqazNduujDhUOH/J/wIDAQABo4ICbTCCAmkwHQYDVR0O
BBYEFAe3kMzRNtdI9AX3UO6RPWgHlaO9MB8GA1UdIwQYMBaAFHlXZz5qghlpEYme
wJe7/+ZRoQJDMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvNzlhYTk5
N2MzYWRkMjM1NTk3YTEyYWI3YmZjZDc5MDg1NjlkNWYzMC5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvN2Q0OGMyMzEtNTEyMy00MjM3LTk2YzItZTJlM2I0
MWI1OGFhL2ZiYWM4MzlhOTE5YzRiZmExZDFkZDg3ZTQ1ZGUyN2JhNmNkOTdkMzMu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy83ZDQ4YzIzMS01MTIzLTQyMzctOTZjMi1lMmUz
YjQxYjU4YWEvNzlhYTk5N2MzYWRkMjM1NTk3YTEyYWI3YmZjZDc5MDg1NjlkNWYz
MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQi
MCAwHgQCAAEwGAMEAoPdpAMEAopj4AMEAqf6NAMEBc/4wDANBgkqhkiG9w0BAQsF
AAOCAQEAfjOnnTxZEUH2NgxZKcaW31ggqVYMxX9+5AGMFpqx34kRwWgzZcT5B1IJ
DA0HIou7UxZ5J2OxtqMd6E4qGYadM0zqTtqYgBXqUoAMZC5r6U/o0LNp/6A2oRcC
Oka9jsOUblh4okRV4aAsIvRG9tAyU+n4JiinN9jqPCdUTLFFoG8AehWpR9zzcQWy
CTGs+2jRFeRSR+lo4EUlOvRATD2XCr58mDFFQVeqrcSgQsUvt9lZvW8X0yrxAKTg
bnnDbR5UbEa95PXFXG/JHKll90oQx0AI6Yg/u1SsQKV4a0cEoCegBsH0JX8MUa5v
mBG4Ia0enazHIKRwvK8QJiJBoJki9A==
-----END CERTIFICATE-----
Generated at Thu Mar 28 02:04:21 2024 by rpki-client on console-ams.rpki-client.org