Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/0/3230302e31372e36342e302f32302d3237203d3e2031393136.roa
File:                     3230302e31372e36342e302f32302d3237203d3e2031393136.roa (raw, json)
Hash identifier:          /0t49l673xRV3QkrXVoyBAl2U9LZTKzDSTRdK/7syLY=
Subject key identifier:   04:BD:69:28:99:B3:3B:0F:3A:41:D6:D9:13:26:21:FC:68:1A:2A:C6
Certificate issuer:       /CN=AEE46E32CB1462419CCCB89B5C498495E919B5CF
Certificate serial:       24E0A93D06C28C2C33EEE7215FCE3242F36206B8
Authority key identifier: AE:E4:6E:32:CB:14:62:41:9C:CC:B8:9B:5C:49:84:95:E9:19:B5:CF
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AEE46E32CB1462419CCCB89B5C498495E919B5CF.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/0/3230302e31372e36342e302f32302d3237203d3e2031393136.roa
Signing time:             Fri 16 Aug 2024 19:23:28 +0000
ROA not before:           Fri 16 Aug 2024 19:18:28 +0000
ROA not after:            Fri 15 Aug 2025 19:23:28 +0000
asID:                     1916
IP address blocks:        200.17.64.0/20 maxlen: 27

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/0/AEE46E32CB1462419CCCB89B5C498495E919B5CF.crl
                          rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/0/AEE46E32CB1462419CCCB89B5C498495E919B5CF.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AEE46E32CB1462419CCCB89B5C498495E919B5CF.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 22 Nov 2024 23:34:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:e0:a9:3d:06:c2:8c:2c:33:ee:e7:21:5f:ce:32:42:f3:62:06:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AEE46E32CB1462419CCCB89B5C498495E919B5CF
        Validity
            Not Before: Aug 16 19:18:28 2024 GMT
            Not After : Aug 15 19:23:28 2025 GMT
        Subject: CN=04BD692899B33B0F3A41D6D9132621FC681A2AC6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:1d:5c:55:2e:cb:5d:49:e6:5c:37:8a:4b:c8:
                    9e:36:54:fa:70:34:7e:99:30:b5:29:03:fa:dd:85:
                    79:70:be:ec:f3:a1:1b:c5:c5:20:00:17:a1:22:f8:
                    3d:9a:0e:de:e5:11:e7:4d:14:a9:f8:c4:51:d6:6e:
                    51:43:a9:12:72:dc:2f:37:e6:bf:f6:ba:9d:a5:4c:
                    47:00:fb:de:7d:56:bd:e5:56:7d:87:e6:bf:7f:ad:
                    bc:97:fd:9e:7e:8d:b2:94:07:80:bc:50:76:d3:6d:
                    61:f3:01:47:0d:16:ba:0a:01:0c:a3:8e:dc:e0:d7:
                    e1:6a:9b:e3:73:04:b1:bb:8c:b9:cf:18:78:0d:9e:
                    92:09:3f:b8:30:7a:b6:43:8a:19:6c:27:72:13:90:
                    c3:60:24:b4:80:f7:e9:b2:9b:15:13:76:5c:dc:3f:
                    a6:84:8f:e6:fd:3c:a8:c0:82:87:74:fc:a8:42:4d:
                    ac:d0:23:f1:70:2e:d8:5f:33:02:f8:36:b1:1e:ef:
                    92:e6:b2:5a:ab:0c:1b:d7:d2:ab:67:1f:f9:84:5f:
                    78:83:dc:f3:2f:31:3e:97:18:c0:b9:f3:36:de:58:
                    47:9b:fe:0e:6d:1c:a8:23:11:0e:16:df:1f:2d:27:
                    45:21:44:02:7f:c9:d4:42:b7:e2:49:f8:b6:2d:d0:
                    22:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:BD:69:28:99:B3:3B:0F:3A:41:D6:D9:13:26:21:FC:68:1A:2A:C6
            X509v3 Authority Key Identifier:
                keyid:AE:E4:6E:32:CB:14:62:41:9C:CC:B8:9B:5C:49:84:95:E9:19:B5:CF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/0/AEE46E32CB1462419CCCB89B5C498495E919B5CF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AEE46E32CB1462419CCCB89B5C498495E919B5CF.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/0/3230302e31372e36342e302f32302d3237203d3e2031393136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.17.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         9b:a0:a4:91:b2:bb:cf:61:65:e5:59:fd:63:f0:ab:5c:d6:1e:
         37:f9:1b:af:8d:69:f4:c8:22:99:83:ae:78:4d:ad:ae:f7:51:
         28:0c:3f:6b:83:c9:32:77:cb:de:0e:d0:3a:8f:cc:32:00:39:
         86:26:1a:24:e5:f7:9b:b3:53:82:60:b5:ac:7a:23:78:4d:e4:
         b3:ec:53:1c:3d:60:a7:41:55:d7:e2:56:e8:c0:0b:d6:bd:18:
         bc:5d:ce:92:9a:28:40:80:de:82:cf:ef:2a:42:a1:cd:db:2f:
         d3:04:6f:8f:cb:f4:f6:96:36:09:cf:a6:c7:f3:6b:40:39:7c:
         4e:35:0c:77:93:dc:e3:40:3e:61:64:36:83:73:04:1f:8f:bd:
         f7:36:3e:1a:3a:8b:a3:43:a4:69:2c:dc:34:6a:2e:f7:09:3f:
         d8:2f:20:f6:5c:66:79:62:5f:ff:39:d4:22:87:bc:54:7d:c2:
         56:2c:2c:d1:0a:ba:2d:fe:1a:a3:87:30:07:b6:7c:2b:16:cd:
         83:82:0e:b5:1d:78:0c:b7:70:1f:2f:ec:9e:c1:2e:b5:30:0e:
         2f:dd:0b:4d:34:4c:f8:95:43:c4:a8:fd:89:b1:1a:c6:64:91:
         85:7a:d9:5a:7e:65:ce:a1:16:6b:0c:ea:ab:79:f5:1e:60:27:
         65:b0:1c:a9
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUJOCpPQbCjCwz7uchX84yQvNiBrgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUVFNDZFMzJDQjE0NjI0MTlDQ0NCODlCNUM0OTg0OTVF
OTE5QjVDRjAeFw0yNDA4MTYxOTE4MjhaFw0yNTA4MTUxOTIzMjhaMDMxMTAvBgNV
BAMTKDA0QkQ2OTI4OTlCMzNCMEYzQTQxRDZEOTEzMjYyMUZDNjgxQTJBQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfHVxVLstdSeZcN4pLyJ42VPpw
NH6ZMLUpA/rdhXlwvuzzoRvFxSAAF6Ei+D2aDt7lEedNFKn4xFHWblFDqRJy3C83
5r/2up2lTEcA+959Vr3lVn2H5r9/rbyX/Z5+jbKUB4C8UHbTbWHzAUcNFroKAQyj
jtzg1+Fqm+NzBLG7jLnPGHgNnpIJP7gwerZDihlsJ3ITkMNgJLSA9+mymxUTdlzc
P6aEj+b9PKjAgod0/KhCTazQI/FwLthfMwL4NrEe75LmslqrDBvX0qtnH/mEX3iD
3PMvMT6XGMC58zbeWEeb/g5tHKgjEQ4W3x8tJ0UhRAJ/ydRCt+JJ+LYt0CIjAgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUBL1pKJmzOw86QdbZEyYh/GgaKsYwHwYDVR0j
BBgwFoAUruRuMssUYkGczLibXEmElekZtc8wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMkgyYW00SDNUYUdEcGlUZHdpaDZKeXc3SGZwZ1VwTWl6TDhpOU14Vk1V
dWQvMC9BRUU0NkUzMkNCMTQ2MjQxOUNDQ0I4OUI1QzQ5ODQ5NUU5MTlCNUNGLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FFRTQ2RTMyQ0IxNDYyNDE5
Q0NDQjg5QjVDNDk4NDk1RTkxOUI1Q0YuY2VyMIGoBggrBgEFBQcBCwSBmzCBmDCB
lQYIKwYBBQUHMAuGgYhyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJIMmFtNEgzVGFHRHBpVGR3aWg2Snl3N0hmcGdVcE1pekw4aTlNeFZNVXVkLzAv
MzIzMDMwMmUzMTM3MmUzNjM0MmUzMDJmMzIzMDJkMzIzNzIwM2QzZTIwMzEzOTMx
MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBATIEUAwDQYJKoZIhvcNAQELBQADggEBAJugpJGyu89hZeVZ
/WPwq1zWHjf5G6+NafTIIpmDrnhNra73USgMP2uDyTJ3y94O0DqPzDIAOYYmGiTl
95uzU4Jgtax6I3hN5LPsUxw9YKdBVdfiVujAC9a9GLxdzpKaKECA3oLP7ypCoc3b
L9MEb4/L9PaWNgnPpsfza0A5fE41DHeT3ONAPmFkNoNzBB+Pvfc2Pho6i6NDpGks
3DRqLvcJP9gvIPZcZnliX/851CKHvFR9wlYsLNEKui3+GqOHMAe2fCsWzYOCDrUd
eAy3cB8v7J7BLrUwDi/dC000TPiVQ8So/YmxGsZkkYV62Vp+Zc6hFmsM6qt59R5g
J2WwHKk=
-----END CERTIFICATE-----
Generated at Thu Nov 21 22:33:10 2024 by rpki-client on console-fra.rpki-client.org