Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2t3bGZXz8mJDrDdmZ6NDc2xZDsbjfgErhrjWe7Hv8oQM/1/3139302e38392e3134382e302f32342d3234203d3e20323730333730.roa
File:                     3139302e38392e3134382e302f32342d3234203d3e20323730333730.roa (raw, json)
Hash identifier:          Y46pdg3mCn/z/wK5gSiSO9P4TD3fs6HfcFc9VzkGGdI=
Subject key identifier:   AE:4E:C2:52:04:44:2F:9E:74:EC:54:2A:D7:C9:D5:AA:D2:F3:8E:9B
Certificate issuer:       /CN=C53FFF72C11B3649D5A047FD42D3DD312B1842CF
Certificate serial:       5C08E1344A460D7116AC9E5B4E0DC9276FBCE33B
Authority key identifier: C5:3F:FF:72:C1:1B:36:49:D5:A0:47:FD:42:D3:DD:31:2B:18:42:CF
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C53FFF72C11B3649D5A047FD42D3DD312B1842CF.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2t3bGZXz8mJDrDdmZ6NDc2xZDsbjfgErhrjWe7Hv8oQM/1/3139302e38392e3134382e302f32342d3234203d3e20323730333730.roa
Signing time:             Thu 04 Apr 2024 09:31:52 +0000
ROA not before:           Thu 04 Apr 2024 09:26:52 +0000
ROA not after:            Thu 03 Apr 2025 09:31:52 +0000
asID:                     270370
IP address blocks:        190.89.148.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/2t3bGZXz8mJDrDdmZ6NDc2xZDsbjfgErhrjWe7Hv8oQM/1/C53FFF72C11B3649D5A047FD42D3DD312B1842CF.crl
                          rsync://rpki-repo.registro.br/repo/2t3bGZXz8mJDrDdmZ6NDc2xZDsbjfgErhrjWe7Hv8oQM/1/C53FFF72C11B3649D5A047FD42D3DD312B1842CF.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C53FFF72C11B3649D5A047FD42D3DD312B1842CF.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 18:27:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:08:e1:34:4a:46:0d:71:16:ac:9e:5b:4e:0d:c9:27:6f:bc:e3:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C53FFF72C11B3649D5A047FD42D3DD312B1842CF
        Validity
            Not Before: Apr  4 09:26:52 2024 GMT
            Not After : Apr  3 09:31:52 2025 GMT
        Subject: CN=AE4EC25204442F9E74EC542AD7C9D5AAD2F38E9B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:8b:94:eb:e3:c0:41:cd:ad:df:b5:ca:5a:46:
                    7e:23:ba:0a:99:4c:2c:32:8f:c4:c7:0f:4e:34:2d:
                    2f:55:46:26:22:70:67:af:db:85:93:00:71:be:0b:
                    63:6e:b4:09:4d:e7:99:0a:93:44:ff:70:ca:f8:7f:
                    77:a3:8a:13:16:c5:65:67:fb:8c:ce:d1:bb:cb:bc:
                    d4:1d:16:40:b3:a8:40:f7:35:31:60:0a:ff:b0:18:
                    21:54:88:90:39:dd:08:48:53:40:5d:53:52:31:38:
                    e9:5e:83:af:1d:d8:78:4b:3b:33:a5:93:5b:0a:5d:
                    ed:ed:ea:1e:7c:fa:b3:45:a3:6b:38:97:62:b3:7b:
                    d8:f8:69:51:d6:ae:44:6f:90:12:e6:1e:f6:63:14:
                    b6:8c:74:d7:3b:f3:eb:00:1d:21:3f:85:e6:1a:fe:
                    b7:75:58:ea:ad:e4:ad:2c:ec:67:ef:6e:c1:28:e4:
                    c7:1d:14:76:89:1b:75:84:4e:72:0f:55:d5:8b:98:
                    f4:99:88:69:91:b1:8e:ba:db:82:3a:b0:e1:06:d8:
                    03:6a:28:35:0f:ed:4a:7e:c9:2d:56:9a:4c:be:92:
                    fc:7c:d3:0a:c2:2b:df:9e:a5:77:71:20:f8:09:9d:
                    de:4f:7b:bc:24:7b:a5:bd:0f:18:ff:02:c1:13:bc:
                    f7:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:4E:C2:52:04:44:2F:9E:74:EC:54:2A:D7:C9:D5:AA:D2:F3:8E:9B
            X509v3 Authority Key Identifier:
                keyid:C5:3F:FF:72:C1:1B:36:49:D5:A0:47:FD:42:D3:DD:31:2B:18:42:CF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2t3bGZXz8mJDrDdmZ6NDc2xZDsbjfgErhrjWe7Hv8oQM/1/C53FFF72C11B3649D5A047FD42D3DD312B1842CF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C53FFF72C11B3649D5A047FD42D3DD312B1842CF.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2t3bGZXz8mJDrDdmZ6NDc2xZDsbjfgErhrjWe7Hv8oQM/1/3139302e38392e3134382e302f32342d3234203d3e20323730333730.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.89.148.0/24

    Signature Algorithm: sha256WithRSAEncryption
         82:f1:c2:8a:55:a3:5c:fb:de:d6:fd:4b:04:c5:e1:bf:2e:1b:
         0c:b4:e3:2d:de:c9:87:0a:41:d5:ba:ad:4d:db:7e:b7:86:f8:
         d1:f2:fa:8c:fe:96:3b:bc:a7:d7:50:b5:c7:e9:41:c6:5d:a4:
         84:47:da:d3:05:9a:d6:49:57:24:01:25:c1:03:43:ad:25:f4:
         f9:05:e4:e8:5f:a5:f5:fc:f8:70:37:d8:42:2e:9a:b1:1d:5a:
         45:8c:1a:3c:1b:d6:26:68:93:16:1a:f6:30:7a:a2:98:e5:fa:
         34:31:b9:4e:31:d2:9a:47:ac:4c:63:66:0b:0e:07:63:67:82:
         e8:78:ee:f6:26:b5:b1:be:af:4d:7b:4f:d1:e9:46:da:c3:0d:
         26:66:10:cd:bd:d1:04:7c:36:c1:3a:cd:74:70:55:31:f1:97:
         09:2a:5a:84:e7:eb:47:0f:6d:5b:b8:f3:de:c3:8d:30:6b:33:
         ce:19:b3:81:a0:7a:05:04:d8:a8:4d:c2:54:ce:ee:e7:99:4e:
         46:4f:de:8b:9b:3f:8f:2f:a9:40:6e:16:49:da:24:6d:70:91:
         d2:62:68:36:b0:21:9e:d3:27:77:9b:90:39:6d:f4:27:ac:ab:
         57:d2:a2:a9:9e:60:de:eb:2c:32:45:0d:88:ae:c5:86:d6:df:
         4f:46:d8:0d
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUXAjhNEpGDXEWrJ5bTg3JJ2+84zswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzUzRkZGNzJDMTFCMzY0OUQ1QTA0N0ZENDJEM0REMzEy
QjE4NDJDRjAeFw0yNDA0MDQwOTI2NTJaFw0yNTA0MDMwOTMxNTJaMDMxMTAvBgNV
BAMTKEFFNEVDMjUyMDQ0NDJGOUU3NEVDNTQyQUQ3QzlENUFBRDJGMzhFOUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpi5Tr48BBza3ftcpaRn4jugqZ
TCwyj8THD040LS9VRiYicGev24WTAHG+C2NutAlN55kKk0T/cMr4f3ejihMWxWVn
+4zO0bvLvNQdFkCzqED3NTFgCv+wGCFUiJA53QhIU0BdU1IxOOleg68d2HhLOzOl
k1sKXe3t6h58+rNFo2s4l2Kze9j4aVHWrkRvkBLmHvZjFLaMdNc78+sAHSE/heYa
/rd1WOqt5K0s7GfvbsEo5McdFHaJG3WETnIPVdWLmPSZiGmRsY6624I6sOEG2ANq
KDUP7Up+yS1Wmky+kvx80wrCK9+epXdxIPgJnd5Pe7wke6W9Dxj/AsETvPefAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUrk7CUgREL5507FQq18nVqtLzjpswHwYDVR0j
BBgwFoAUxT//csEbNknVoEf9QtPdMSsYQs8wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMnQzYkdaWHo4bUpEckRkbVo2TkRjMnhaRHNiamZnRXJocmpXZTdIdjhv
UU0vMS9DNTNGRkY3MkMxMUIzNjQ5RDVBMDQ3RkQ0MkQzREQzMTJCMTg0MkNGLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0M1M0ZGRjcyQzExQjM2NDlE
NUEwNDdGRDQyRDNERDMxMkIxODQyQ0YuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJ0M2JHWlh6OG1KRHJEZG1aNk5EYzJ4WkRzYmpmZ0VyaHJqV2U3SHY4b1FNLzEv
MzEzOTMwMmUzODM5MmUzMTM0MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3
MzAzMzM3MzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAC+WZQwDQYJKoZIhvcNAQELBQADggEBAILxwopV
o1z73tb9SwTF4b8uGwy04y3eyYcKQdW6rU3bfreG+NHy+oz+lju8p9dQtcfpQcZd
pIRH2tMFmtZJVyQBJcEDQ60l9PkF5OhfpfX8+HA32EIumrEdWkWMGjwb1iZokxYa
9jB6opjl+jQxuU4x0ppHrExjZgsOB2Nnguh47vYmtbG+r017T9HpRtrDDSZmEM29
0QR8NsE6zXRwVTHxlwkqWoTn60cPbVu4897DjTBrM84Zs4GgegUE2KhNwlTO7ueZ
TkZP3oubP48vqUBuFknaJG1wkdJiaDawIZ7TJ3ebkDlt9Cesq1fSoqmeYN7rLDJF
DYiuxYbW309G2A0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:50:18 2024 by rpki-client on console-fra.rpki-client.org