Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2GgekmyPqF3YsQwrNkuTfN6xCX8eyVD5X5vMMr7TURHC/0/3137302e3233312e3232342e302f32322d3232203d3e20323731363737.roa
File:                     3137302e3233312e3232342e302f32322d3232203d3e20323731363737.roa (raw, json)
Hash identifier:          J7iFmQhTf7njPlZOlLfZmJxhjkhn/hl3SDw/4Ligmoc=
Subject key identifier:   A1:F9:0E:A1:6D:3D:FC:07:E8:BA:CF:68:B5:1D:F8:75:86:00:BE:C4
Certificate issuer:       /CN=8CA6945320EBC94436672D14C02A85C8DD0ACCB1
Certificate serial:       68A3A1CBA22BED23B6E0C2572DE3034C17DD2CA2
Authority key identifier: 8C:A6:94:53:20:EB:C9:44:36:67:2D:14:C0:2A:85:C8:DD:0A:CC:B1
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8CA6945320EBC94436672D14C02A85C8DD0ACCB1.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2GgekmyPqF3YsQwrNkuTfN6xCX8eyVD5X5vMMr7TURHC/0/3137302e3233312e3232342e302f32322d3232203d3e20323731363737.roa
Signing time:             Tue 07 May 2024 19:23:24 +0000
ROA not before:           Tue 07 May 2024 19:18:24 +0000
ROA not after:            Tue 06 May 2025 19:23:24 +0000
asID:                     271677
IP address blocks:        170.231.224.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/2GgekmyPqF3YsQwrNkuTfN6xCX8eyVD5X5vMMr7TURHC/0/8CA6945320EBC94436672D14C02A85C8DD0ACCB1.crl
                          rsync://rpki-repo.registro.br/repo/2GgekmyPqF3YsQwrNkuTfN6xCX8eyVD5X5vMMr7TURHC/0/8CA6945320EBC94436672D14C02A85C8DD0ACCB1.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8CA6945320EBC94436672D14C02A85C8DD0ACCB1.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 06:07:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:a3:a1:cb:a2:2b:ed:23:b6:e0:c2:57:2d:e3:03:4c:17:dd:2c:a2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8CA6945320EBC94436672D14C02A85C8DD0ACCB1
        Validity
            Not Before: May  7 19:18:24 2024 GMT
            Not After : May  6 19:23:24 2025 GMT
        Subject: CN=A1F90EA16D3DFC07E8BACF68B51DF8758600BEC4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:1b:f3:30:3a:cc:34:da:f2:af:8f:13:d2:3e:
                    64:f4:4f:71:9c:4b:e2:36:87:38:97:9e:7a:c8:50:
                    a9:7f:3f:af:fb:f1:36:98:a9:40:b6:5e:c6:4f:1c:
                    70:51:2d:84:21:a7:5e:e8:da:86:82:2a:1b:bf:d7:
                    ca:4a:72:c5:f1:b6:9c:d9:15:a4:17:a7:d6:94:d0:
                    20:d9:3b:9d:bf:79:1c:68:21:57:26:d4:a2:e9:09:
                    0c:88:17:fa:70:b1:9a:07:a2:af:16:27:21:6a:11:
                    aa:4f:f1:94:86:28:9b:86:6d:79:91:5c:a4:92:f4:
                    81:99:09:b4:57:2e:80:32:65:b5:e1:c8:b9:bc:34:
                    67:ce:7c:b3:8d:32:1d:88:da:2f:9e:aa:05:c4:3e:
                    a9:28:39:b9:94:18:b6:0c:f1:2f:c2:c6:e2:1f:50:
                    5e:9a:a9:90:bf:c4:18:98:93:fc:bd:e4:8c:79:7b:
                    ac:10:9e:dd:34:c3:41:4c:42:07:26:33:e7:e5:fe:
                    de:a3:67:4c:81:9b:5a:35:9a:67:2b:8b:0d:e1:9b:
                    c7:13:48:cc:f4:e6:9f:7c:b1:77:51:2c:43:dc:7b:
                    b4:0d:53:73:de:b1:be:43:ac:cb:c5:29:f0:cd:93:
                    61:bc:fc:86:b3:e5:14:11:99:0f:33:17:fb:bc:e0:
                    78:7b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:F9:0E:A1:6D:3D:FC:07:E8:BA:CF:68:B5:1D:F8:75:86:00:BE:C4
            X509v3 Authority Key Identifier:
                keyid:8C:A6:94:53:20:EB:C9:44:36:67:2D:14:C0:2A:85:C8:DD:0A:CC:B1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2GgekmyPqF3YsQwrNkuTfN6xCX8eyVD5X5vMMr7TURHC/0/8CA6945320EBC94436672D14C02A85C8DD0ACCB1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8CA6945320EBC94436672D14C02A85C8DD0ACCB1.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2GgekmyPqF3YsQwrNkuTfN6xCX8eyVD5X5vMMr7TURHC/0/3137302e3233312e3232342e302f32322d3232203d3e20323731363737.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.231.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         01:13:91:e7:1e:c0:85:ea:c1:26:22:20:53:43:fd:1b:12:7a:
         95:99:16:91:2f:0d:79:ef:bd:2c:d2:32:c2:0d:c8:5d:22:e8:
         c2:43:d0:54:5f:84:26:4d:b9:5b:24:1b:66:fc:02:d0:62:21:
         0a:22:8a:53:a5:48:6f:4c:96:b0:c6:e4:7d:b6:63:d2:a1:71:
         6b:af:11:c1:f0:7a:7e:05:59:42:27:41:f6:ce:6b:3e:41:68:
         b7:67:98:2e:4f:de:0f:ed:f5:48:45:d6:3f:fc:d9:b1:92:8a:
         71:9a:ef:09:3c:f9:1e:8f:de:a0:63:47:11:ad:9f:96:e9:7e:
         2e:fa:83:7f:64:64:9c:37:8e:f3:a1:f3:09:22:e2:d2:34:65:
         0b:27:f5:f1:62:2a:1b:1c:36:5e:5a:c9:b7:2d:20:c2:a3:b4:
         be:63:29:63:54:24:bc:4a:5a:91:d7:09:93:07:eb:b1:95:75:
         e4:87:2c:6d:13:6e:12:70:a0:50:0b:a8:21:81:62:b6:73:96:
         1a:5e:e3:3c:03:6a:bf:48:cc:45:0f:90:64:6a:39:40:f3:b7:
         e0:da:11:ac:97:6b:39:49:75:9e:02:23:d0:a5:37:7c:61:2e:
         45:a3:c0:78:72:7d:e7:2d:3e:30:a9:d6:e8:a4:5b:88:4f:d9:
         38:65:ba:23
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUaKOhy6Ir7SO24MJXLeMDTBfdLKIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOENBNjk0NTMyMEVCQzk0NDM2NjcyRDE0QzAyQTg1QzhE
RDBBQ0NCMTAeFw0yNDA1MDcxOTE4MjRaFw0yNTA1MDYxOTIzMjRaMDMxMTAvBgNV
BAMTKEExRjkwRUExNkQzREZDMDdFOEJBQ0Y2OEI1MURGODc1ODYwMEJFQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjG/MwOsw02vKvjxPSPmT0T3Gc
S+I2hziXnnrIUKl/P6/78TaYqUC2XsZPHHBRLYQhp17o2oaCKhu/18pKcsXxtpzZ
FaQXp9aU0CDZO52/eRxoIVcm1KLpCQyIF/pwsZoHoq8WJyFqEapP8ZSGKJuGbXmR
XKSS9IGZCbRXLoAyZbXhyLm8NGfOfLONMh2I2i+eqgXEPqkoObmUGLYM8S/CxuIf
UF6aqZC/xBiYk/y95Ix5e6wQnt00w0FMQgcmM+fl/t6jZ0yBm1o1mmcriw3hm8cT
SMz05p98sXdRLEPce7QNU3Pesb5DrMvFKfDNk2G8/Iaz5RQRmQ8zF/u84Hh7AgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUofkOoW09/Afous9otR34dYYAvsQwHwYDVR0j
BBgwFoAUjKaUUyDryUQ2Zy0UwCqFyN0KzLEwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMkdnZWtteVBxRjNZc1F3ck5rdVRmTjZ4Q1g4ZXlWRDVYNXZNTXI3VFVS
SEMvMC84Q0E2OTQ1MzIwRUJDOTQ0MzY2NzJEMTRDMDJBODVDOEREMEFDQ0IxLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzhDQTY5NDUzMjBFQkM5NDQz
NjY3MkQxNEMwMkE4NUM4REQwQUNDQjEuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJHZ2VrbXlQcUYzWXNRd3JOa3VUZk42eENYOGV5VkQ1WDV2TU1yN1RVUkhDLzAv
MzEzNzMwMmUzMjMzMzEyZTMyMzIzNDJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMy
MzczMTM2MzczNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAqrn4DANBgkqhkiG9w0BAQsFAAOCAQEAAROR
5x7AherBJiIgU0P9GxJ6lZkWkS8Nee+9LNIywg3IXSLowkPQVF+EJk25WyQbZvwC
0GIhCiKKU6VIb0yWsMbkfbZj0qFxa68RwfB6fgVZQidB9s5rPkFot2eYLk/eD+31
SEXWP/zZsZKKcZrvCTz5Ho/eoGNHEa2flul+LvqDf2RknDeO86HzCSLi0jRlCyf1
8WIqGxw2XlrJty0gwqO0vmMpY1QkvEpakdcJkwfrsZV15IcsbRNuEnCgUAuoIYFi
tnOWGl7jPANqv0jMRQ+QZGo5QPO34NoRrJdrOUl1ngIj0KU3fGEuRaPAeHJ95y0+
MKnW6KRbiE/ZOGW6Iw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:11:06 2024 by rpki-client on console-ams.rpki-client.org