Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/4xWck6Bo4mQ1BuxBFbGbAmQUY2xUn2ahdum5M2zdzPGd/0/323830343a323862303a383030303a3a2f33342d3334203d3e203532393332.roa
File:                     323830343a323862303a383030303a3a2f33342d3334203d3e203532393332.roa (raw, json)
Hash identifier:          2fvgs4y9b49I4go1yQk4IihdvZvKk6iY9tyNf7/DEAI=
Subject key identifier:   7E:C9:E3:FD:7E:27:D8:6E:A5:E4:6E:BA:6C:C0:6F:C0:8C:07:41:1D
Certificate issuer:       /CN=EA6AD2F5F5BCE7E9DCFF7F3C3EEC4BE0120E1C4C
Certificate serial:       58E5D39A5AFB071A55A6942A3B67412E47452A83
Authority key identifier: EA:6A:D2:F5:F5:BC:E7:E9:DC:FF:7F:3C:3E:EC:4B:E0:12:0E:1C:4C
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/EA6AD2F5F5BCE7E9DCFF7F3C3EEC4BE0120E1C4C.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/4xWck6Bo4mQ1BuxBFbGbAmQUY2xUn2ahdum5M2zdzPGd/0/323830343a323862303a383030303a3a2f33342d3334203d3e203532393332.roa
Signing time:             Wed 08 May 2024 18:21:00 +0000
ROA not before:           Wed 08 May 2024 18:16:00 +0000
ROA not after:            Wed 07 May 2025 18:21:00 +0000
asID:                     52932
IP address blocks:        2804:28b0:8000::/34 maxlen: 34

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/4xWck6Bo4mQ1BuxBFbGbAmQUY2xUn2ahdum5M2zdzPGd/0/EA6AD2F5F5BCE7E9DCFF7F3C3EEC4BE0120E1C4C.crl
                          rsync://rpki-repo.registro.br/repo/4xWck6Bo4mQ1BuxBFbGbAmQUY2xUn2ahdum5M2zdzPGd/0/EA6AD2F5F5BCE7E9DCFF7F3C3EEC4BE0120E1C4C.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/EA6AD2F5F5BCE7E9DCFF7F3C3EEC4BE0120E1C4C.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 16 Jun 2024 11:14:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:e5:d3:9a:5a:fb:07:1a:55:a6:94:2a:3b:67:41:2e:47:45:2a:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EA6AD2F5F5BCE7E9DCFF7F3C3EEC4BE0120E1C4C
        Validity
            Not Before: May  8 18:16:00 2024 GMT
            Not After : May  7 18:21:00 2025 GMT
        Subject: CN=7EC9E3FD7E27D86EA5E46EBA6CC06FC08C07411D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:7d:61:31:fb:2e:c5:e7:87:c7:fa:0f:49:4e:
                    79:f9:5b:b4:6d:8f:12:bd:5c:8a:a7:aa:67:29:ef:
                    f1:9d:63:ec:01:a5:43:b3:15:b8:50:b9:cf:a5:04:
                    3d:3c:4b:f5:92:90:a9:9f:7e:cb:a4:91:dc:b2:9d:
                    b1:43:a1:a0:1b:df:77:db:ea:30:c0:e4:9e:bf:b4:
                    6c:5b:98:ef:33:59:ce:ef:c5:17:84:a4:a9:41:74:
                    7c:18:b1:a3:ef:7b:25:a9:44:d3:ca:6d:31:ae:b6:
                    67:a6:62:5a:b1:fa:b6:ff:55:4f:be:38:77:2d:f5:
                    d5:45:33:48:00:0f:b8:9f:94:44:f4:1a:33:a0:aa:
                    b7:11:a7:65:27:29:f4:7a:eb:a6:b9:92:f2:7a:a6:
                    f3:9b:b3:99:7a:67:00:9e:df:b9:ad:be:f0:c0:19:
                    a8:49:b5:9a:14:f9:e2:42:1e:4f:2a:ac:98:06:4c:
                    da:69:88:fd:a6:2c:e6:54:04:c2:74:58:c5:f3:d3:
                    1a:27:ba:3f:0e:70:00:6e:35:ea:e9:4d:fa:da:93:
                    a8:8c:09:68:b2:c6:96:70:67:82:2c:9f:34:52:56:
                    65:a5:11:68:60:f1:e2:4c:5e:23:5a:fa:8a:f2:ce:
                    35:c7:c6:12:ce:7f:72:88:3c:8c:bc:ee:1f:e3:03:
                    5d:75
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7E:C9:E3:FD:7E:27:D8:6E:A5:E4:6E:BA:6C:C0:6F:C0:8C:07:41:1D
            X509v3 Authority Key Identifier:
                keyid:EA:6A:D2:F5:F5:BC:E7:E9:DC:FF:7F:3C:3E:EC:4B:E0:12:0E:1C:4C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/4xWck6Bo4mQ1BuxBFbGbAmQUY2xUn2ahdum5M2zdzPGd/0/EA6AD2F5F5BCE7E9DCFF7F3C3EEC4BE0120E1C4C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/EA6AD2F5F5BCE7E9DCFF7F3C3EEC4BE0120E1C4C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/4xWck6Bo4mQ1BuxBFbGbAmQUY2xUn2ahdum5M2zdzPGd/0/323830343a323862303a383030303a3a2f33342d3334203d3e203532393332.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:28b0:8000::/34

    Signature Algorithm: sha256WithRSAEncryption
         54:6c:94:8a:22:77:e0:9c:a4:58:e8:b1:db:d4:bc:f4:5f:de:
         ea:26:bb:f1:7c:47:91:84:6b:e6:95:b1:cc:88:c6:f3:c0:3b:
         48:c2:7e:23:d1:42:05:31:34:65:6b:f8:81:f3:27:ee:78:be:
         5c:e7:d7:a0:bf:8a:d1:4d:dc:ab:6b:c3:08:76:d7:8e:9e:4a:
         06:85:49:dc:b5:dd:14:70:22:24:4f:c6:2e:cd:ed:38:e7:0f:
         38:1c:d1:0a:a5:19:e6:5c:cb:98:15:3d:72:1d:71:9b:6a:36:
         51:c3:94:aa:e1:12:94:c0:bf:2e:8f:14:6f:61:09:09:73:b7:
         80:2e:d3:f7:07:a1:99:cf:5e:09:81:51:1d:f9:eb:f4:96:8f:
         bd:88:35:16:7b:ad:95:68:87:9f:1a:80:ab:69:e4:15:f7:57:
         94:86:11:a8:12:ba:05:27:00:3c:c7:d4:4e:e8:83:2b:a9:ee:
         1c:60:8a:1c:d4:20:53:2f:7b:d1:11:41:cb:0f:c7:1a:e9:0b:
         58:6a:60:d9:07:2a:69:21:0c:f8:89:ee:6a:cf:3c:2b:7d:75:
         e1:69:cd:c3:29:48:9b:8f:c8:11:2c:c6:72:ea:03:b8:3b:25:
         ac:03:7e:ee:a8:59:34:fc:e8:47:e7:4e:76:8a:aa:95:7e:7c:
         2a:0a:67:cb
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIUWOXTmlr7BxpVppQqO2dBLkdFKoMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUE2QUQyRjVGNUJDRTdFOURDRkY3RjNDM0VFQzRCRTAx
MjBFMUM0QzAeFw0yNDA1MDgxODE2MDBaFw0yNTA1MDcxODIxMDBaMDMxMTAvBgNV
BAMTKDdFQzlFM0ZEN0UyN0Q4NkVBNUU0NkVCQTZDQzA2RkMwOEMwNzQxMUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDifWEx+y7F54fH+g9JTnn5W7Rt
jxK9XIqnqmcp7/GdY+wBpUOzFbhQuc+lBD08S/WSkKmffsukkdyynbFDoaAb33fb
6jDA5J6/tGxbmO8zWc7vxReEpKlBdHwYsaPveyWpRNPKbTGutmemYlqx+rb/VU++
OHct9dVFM0gAD7iflET0GjOgqrcRp2UnKfR666a5kvJ6pvObs5l6ZwCe37mtvvDA
GahJtZoU+eJCHk8qrJgGTNppiP2mLOZUBMJ0WMXz0xonuj8OcABuNerpTfrak6iM
CWiyxpZwZ4IsnzRSVmWlEWhg8eJMXiNa+oryzjXHxhLOf3KIPIy87h/jA111AgMB
AAGjggJZMIICVTAdBgNVHQ4EFgQUfsnj/X4n2G6l5G66bMBvwIwHQR0wHwYDVR0j
BBgwFoAU6mrS9fW85+nc/388PuxL4BIOHEwwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNHhXY2s2Qm80bVExQnV4QkZiR2JBbVFVWTJ4VW4yYWhkdW01TTJ6ZHpQ
R2QvMC9FQTZBRDJGNUY1QkNFN0U5RENGRjdGM0MzRUVDNEJFMDEyMEUxQzRDLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0VBNkFEMkY1RjVCQ0U3RTlE
Q0ZGN0YzQzNFRUM0QkUwMTIwRTFDNEMuY2VyMIG0BggrBgEFBQcBCwSBpzCBpDCB
oQYIKwYBBQUHMAuGgZRyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzR4V2NrNkJvNG1RMUJ1eEJGYkdiQW1RVVkyeFVuMmFoZHVtNU0yemR6UEdkLzAv
MzIzODMwMzQzYTMyMzg2MjMwM2EzODMwMzAzMDNhM2EyZjMzMzQyZDMzMzQyMDNk
M2UyMDM1MzIzOTMzMzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYI
KwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgYoBCiwgDANBgkqhkiG9w0BAQsFAAOC
AQEAVGyUiiJ34JykWOix29S89F/e6ia78XxHkYRr5pWxzIjG88A7SMJ+I9FCBTE0
ZWv4gfMn7ni+XOfXoL+K0U3cq2vDCHbXjp5KBoVJ3LXdFHAiJE/GLs3tOOcPOBzR
CqUZ5lzLmBU9ch1xm2o2UcOUquESlMC/Lo8Ub2EJCXO3gC7T9wehmc9eCYFRHfnr
9JaPvYg1FnutlWiHnxqAq2nkFfdXlIYRqBK6BScAPMfUTuiDK6nuHGCKHNQgUy97
0RFByw/HGukLWGpg2QcqaSEM+Inuas88K3114WnNwylIm4/IESzGcuoDuDslrAN+
7qhZNPzoR+dOdoqqlX58Kgpnyw==
-----END CERTIFICATE-----
Generated at Sat Jun 15 13:30:48 2024 by rpki-client on console-ams.rpki-client.org