Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/3ChQj54LqRrDzJ8dSgTHBuWvWJGgBZJEQiuvJoJgVuRw/0/3137302e38342e3130332e302f32342d3234203d3e20323635303130.roa
File:                     3137302e38342e3130332e302f32342d3234203d3e20323635303130.roa (raw, json)
Hash identifier:          eim7GNwIPHQhyIPbLVXbZZTZUygI2eTA0Q7nvucooYU=
Subject key identifier:   CE:4B:4C:9C:47:99:81:45:8B:98:51:CD:BF:A3:5F:31:E4:37:C3:87
Certificate issuer:       /CN=D3D9C9247C2CAC692E0C681ADCFA692669CBCFD7
Certificate serial:       201AD00A984973310298C6E238B1790B4C21EAEA
Authority key identifier: D3:D9:C9:24:7C:2C:AC:69:2E:0C:68:1A:DC:FA:69:26:69:CB:CF:D7
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D3D9C9247C2CAC692E0C681ADCFA692669CBCFD7.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/3ChQj54LqRrDzJ8dSgTHBuWvWJGgBZJEQiuvJoJgVuRw/0/3137302e38342e3130332e302f32342d3234203d3e20323635303130.roa
Signing time:             Mon 27 May 2024 21:51:16 +0000
ROA not before:           Mon 27 May 2024 21:46:16 +0000
ROA not after:            Mon 26 May 2025 21:51:16 +0000
asID:                     265010
IP address blocks:        170.84.103.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/3ChQj54LqRrDzJ8dSgTHBuWvWJGgBZJEQiuvJoJgVuRw/0/D3D9C9247C2CAC692E0C681ADCFA692669CBCFD7.crl
                          rsync://rpki-repo.registro.br/repo/3ChQj54LqRrDzJ8dSgTHBuWvWJGgBZJEQiuvJoJgVuRw/0/D3D9C9247C2CAC692E0C681ADCFA692669CBCFD7.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D3D9C9247C2CAC692E0C681ADCFA692669CBCFD7.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 16 Jun 2024 19:20:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:1a:d0:0a:98:49:73:31:02:98:c6:e2:38:b1:79:0b:4c:21:ea:ea
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D3D9C9247C2CAC692E0C681ADCFA692669CBCFD7
        Validity
            Not Before: May 27 21:46:16 2024 GMT
            Not After : May 26 21:51:16 2025 GMT
        Subject: CN=CE4B4C9C479981458B9851CDBFA35F31E437C387
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:96:f2:4a:90:03:05:48:14:93:bd:7b:82:29:
                    34:e8:f2:4f:99:e3:81:3f:62:b7:6c:8a:98:57:90:
                    5e:d8:ce:3a:96:7d:db:b7:e0:9f:d1:3d:b2:ab:14:
                    0e:34:22:99:52:08:a3:73:7f:81:18:2d:28:90:ed:
                    6e:54:2c:27:df:6b:ab:a8:a9:e1:fb:bf:bd:68:2a:
                    af:1a:29:de:01:e7:c6:5a:59:79:9a:e5:be:22:73:
                    df:3c:aa:51:75:38:ce:20:1f:66:d4:2c:98:a3:38:
                    15:9f:b5:b0:c8:18:b8:5a:98:f7:a3:58:ba:ce:fb:
                    fd:ef:7f:52:e6:9c:d0:1d:89:ed:d8:ea:d0:7d:ac:
                    92:d0:8f:28:c3:e6:f7:8a:94:33:a7:63:58:3a:6c:
                    0b:1d:8c:e0:f9:86:00:1a:66:55:60:60:62:29:13:
                    e8:23:6a:2b:74:22:69:b8:a0:76:2b:65:39:ca:6d:
                    44:ec:c8:b1:de:5d:03:4d:4f:ab:ef:f9:26:ff:16:
                    6e:77:21:87:ab:38:e3:bf:ff:5a:0e:89:e5:71:35:
                    26:59:9f:13:1c:e4:9b:7e:4e:50:68:2f:d0:f6:51:
                    26:7c:42:c9:fe:b5:b8:fd:fe:3a:d4:2a:52:32:c4:
                    fa:19:72:06:7f:32:88:b0:62:c8:37:cf:c4:71:8b:
                    29:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:4B:4C:9C:47:99:81:45:8B:98:51:CD:BF:A3:5F:31:E4:37:C3:87
            X509v3 Authority Key Identifier:
                keyid:D3:D9:C9:24:7C:2C:AC:69:2E:0C:68:1A:DC:FA:69:26:69:CB:CF:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/3ChQj54LqRrDzJ8dSgTHBuWvWJGgBZJEQiuvJoJgVuRw/0/D3D9C9247C2CAC692E0C681ADCFA692669CBCFD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D3D9C9247C2CAC692E0C681ADCFA692669CBCFD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/3ChQj54LqRrDzJ8dSgTHBuWvWJGgBZJEQiuvJoJgVuRw/0/3137302e38342e3130332e302f32342d3234203d3e20323635303130.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.84.103.0/24

    Signature Algorithm: sha256WithRSAEncryption
         92:04:a9:82:23:4a:cf:83:3e:49:c6:4d:6c:ce:9b:96:4e:85:
         ef:66:bd:28:f6:ae:81:37:37:b1:43:a0:41:ae:6e:8e:9a:9e:
         8d:af:48:a1:59:67:33:74:42:c7:23:bc:3e:ca:a1:f3:2b:21:
         eb:8e:11:dd:f5:47:72:da:4c:8d:28:5d:74:f1:a1:47:a5:4d:
         7f:a4:15:0d:4c:ed:aa:f7:76:d2:8f:74:ba:7d:91:6f:2e:64:
         60:26:76:0b:06:fd:9d:24:6a:3d:9b:8b:b8:e3:e8:bc:61:92:
         79:88:ff:98:1c:82:e1:b4:83:6c:23:8e:71:ce:32:38:5a:7c:
         0f:2a:8c:3f:15:09:ae:ad:bc:39:dc:1a:07:0b:84:87:2a:a6:
         b8:95:df:b2:23:a8:c7:94:ed:f3:cc:5f:bc:69:ab:20:9f:4c:
         1e:2d:11:39:c9:63:1c:5b:ad:63:64:34:58:8f:ec:4b:da:22:
         4e:36:43:c2:3e:27:e8:a9:3a:3a:07:54:29:e5:16:96:b5:51:
         4c:49:5f:56:f3:38:10:9e:58:99:cb:87:28:bc:64:af:5d:50:
         13:c4:19:77:1f:79:65:f9:f9:71:be:5b:0b:cf:46:d2:8b:2e:
         85:8e:74:97:88:14:02:10:ea:ef:59:3b:2f:10:dd:f1:58:ca:
         89:93:d1:21
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUIBrQCphJczECmMbiOLF5C0wh6uowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDNEOUM5MjQ3QzJDQUM2OTJFMEM2ODFBRENGQTY5MjY2
OUNCQ0ZENzAeFw0yNDA1MjcyMTQ2MTZaFw0yNTA1MjYyMTUxMTZaMDMxMTAvBgNV
BAMTKENFNEI0QzlDNDc5OTgxNDU4Qjk4NTFDREJGQTM1RjMxRTQzN0MzODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDlvJKkAMFSBSTvXuCKTTo8k+Z
44E/YrdsiphXkF7YzjqWfdu34J/RPbKrFA40IplSCKNzf4EYLSiQ7W5ULCffa6uo
qeH7v71oKq8aKd4B58ZaWXma5b4ic988qlF1OM4gH2bULJijOBWftbDIGLhamPej
WLrO+/3vf1LmnNAdie3Y6tB9rJLQjyjD5veKlDOnY1g6bAsdjOD5hgAaZlVgYGIp
E+gjait0Imm4oHYrZTnKbUTsyLHeXQNNT6vv+Sb/Fm53IYerOOO//1oOieVxNSZZ
nxMc5Jt+TlBoL9D2USZ8Qsn+tbj9/jrUKlIyxPoZcgZ/MoiwYsg3z8RxiymBAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUzktMnEeZgUWLmFHNv6NfMeQ3w4cwHwYDVR0j
BBgwFoAU09nJJHwsrGkuDGga3PppJmnLz9cwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vM0NoUWo1NExxUnJEeko4ZFNnVEhCdVd2V0pHZ0JaSkVRaXV2Sm9KZ1Z1
UncvMC9EM0Q5QzkyNDdDMkNBQzY5MkUwQzY4MUFEQ0ZBNjkyNjY5Q0JDRkQ3LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0QzRDlDOTI0N0MyQ0FDNjky
RTBDNjgxQURDRkE2OTI2NjlDQkNGRDcuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzNDaFFqNTRMcVJyRHpKOGRTZ1RIQnVXdldKR2dCWkpFUWl1dkpvSmdWdVJ3LzAv
MzEzNzMwMmUzODM0MmUzMTMwMzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2
MzUzMDMxMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBACqVGcwDQYJKoZIhvcNAQELBQADggEBAJIEqYIj
Ss+DPknGTWzOm5ZOhe9mvSj2roE3N7FDoEGubo6ano2vSKFZZzN0QscjvD7KofMr
IeuOEd31R3LaTI0oXXTxoUelTX+kFQ1M7ar3dtKPdLp9kW8uZGAmdgsG/Z0kaj2b
i7jj6LxhknmI/5gcguG0g2wjjnHOMjhafA8qjD8VCa6tvDncGgcLhIcqpriV37Ij
qMeU7fPMX7xpqyCfTB4tETnJYxxbrWNkNFiP7EvaIk42Q8I+J+ipOjoHVCnlFpa1
UUxJX1bzOBCeWJnLhyi8ZK9dUBPEGXcfeWX5+XG+WwvPRtKLLoWOdJeIFAIQ6u9Z
Oy8Q3fFYyomT0SE=
-----END CERTIFICATE-----
Generated at Sun Jun 16 00:16:48 2024 by rpki-client on console-fra.rpki-client.org