Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/3Hj6k2YeCvuLHxX9YyC6Afk5dgHiwP6fyKYwjFxLAtgN/0/3133312e3235352e36382e302f32322d3234203d3e203631393432.roa
File:                     3133312e3235352e36382e302f32322d3234203d3e203631393432.roa (raw, json)
Hash identifier:          1uIzHqauUm4COtrdFZybUTq+nsQ5vG+wYDhzK1be368=
Subject key identifier:   D3:82:53:E4:63:D7:0B:21:68:51:D9:E2:67:F1:C8:8A:3B:38:92:E9
Certificate issuer:       /CN=0EC8EAC7F1F5A216824B37118697748825F314D9
Certificate serial:       4F39103E3C3306021964EB32757C660D743D0900
Authority key identifier: 0E:C8:EA:C7:F1:F5:A2:16:82:4B:37:11:86:97:74:88:25:F3:14:D9
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0EC8EAC7F1F5A216824B37118697748825F314D9.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/3Hj6k2YeCvuLHxX9YyC6Afk5dgHiwP6fyKYwjFxLAtgN/0/3133312e3235352e36382e302f32322d3234203d3e203631393432.roa
Signing time:             Mon 22 Apr 2024 14:25:02 +0000
ROA not before:           Mon 22 Apr 2024 14:20:02 +0000
ROA not after:            Mon 21 Apr 2025 14:25:02 +0000
asID:                     61942
IP address blocks:        131.255.68.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/3Hj6k2YeCvuLHxX9YyC6Afk5dgHiwP6fyKYwjFxLAtgN/0/0EC8EAC7F1F5A216824B37118697748825F314D9.crl
                          rsync://rpki-repo.registro.br/repo/3Hj6k2YeCvuLHxX9YyC6Afk5dgHiwP6fyKYwjFxLAtgN/0/0EC8EAC7F1F5A216824B37118697748825F314D9.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0EC8EAC7F1F5A216824B37118697748825F314D9.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Jun 2024 11:54:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:39:10:3e:3c:33:06:02:19:64:eb:32:75:7c:66:0d:74:3d:09:00
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0EC8EAC7F1F5A216824B37118697748825F314D9
        Validity
            Not Before: Apr 22 14:20:02 2024 GMT
            Not After : Apr 21 14:25:02 2025 GMT
        Subject: CN=D38253E463D70B216851D9E267F1C88A3B3892E9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:f6:e8:56:9d:f7:a4:c1:42:3f:17:c2:78:bf:
                    cd:1f:f0:3e:f3:8d:af:b7:d9:e0:4f:ef:84:09:d7:
                    60:2b:2b:06:f5:a7:ad:18:5f:16:fb:92:2e:4e:21:
                    f8:6f:bc:be:64:0c:7b:d4:e5:81:79:2d:8e:40:ed:
                    7e:8b:d1:ab:3e:bf:b9:13:d0:96:4a:41:40:b3:50:
                    b5:ec:fe:bc:5c:1d:a1:22:83:ef:97:ff:7c:75:67:
                    ee:2a:2d:ff:9f:db:22:c9:d4:3b:83:7c:d7:a5:f3:
                    17:9c:ca:ad:0b:ac:0b:e7:21:72:51:79:94:3c:8f:
                    78:bc:f4:43:f5:d5:16:cf:c8:56:46:08:00:13:a6:
                    87:10:00:39:b2:04:57:6f:57:95:ba:e6:24:8f:a5:
                    d1:fd:8b:aa:96:ab:3e:0a:ea:0a:3d:d6:bb:c7:c5:
                    c5:b8:a9:c2:08:72:b4:5e:4d:24:79:f5:1c:d5:e9:
                    82:ee:d7:ed:31:1b:0b:87:f4:f2:33:ae:15:df:55:
                    2f:21:cf:59:3e:cd:6b:e0:24:0e:68:fe:55:f0:90:
                    27:6f:a7:89:30:bd:84:03:6c:67:14:ca:72:85:e4:
                    e9:48:c4:7c:86:44:d4:d1:4e:a8:23:e3:30:33:8d:
                    81:77:42:6b:9b:c4:c2:77:94:7f:42:0c:fd:47:40:
                    ae:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:82:53:E4:63:D7:0B:21:68:51:D9:E2:67:F1:C8:8A:3B:38:92:E9
            X509v3 Authority Key Identifier:
                keyid:0E:C8:EA:C7:F1:F5:A2:16:82:4B:37:11:86:97:74:88:25:F3:14:D9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/3Hj6k2YeCvuLHxX9YyC6Afk5dgHiwP6fyKYwjFxLAtgN/0/0EC8EAC7F1F5A216824B37118697748825F314D9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0EC8EAC7F1F5A216824B37118697748825F314D9.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/3Hj6k2YeCvuLHxX9YyC6Afk5dgHiwP6fyKYwjFxLAtgN/0/3133312e3235352e36382e302f32322d3234203d3e203631393432.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.255.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a0:8a:60:a5:7a:4b:61:73:16:58:dc:a4:c7:4c:61:28:be:f2:
         32:02:cd:f0:b5:63:ee:70:98:8d:57:c8:4e:26:99:e0:43:72:
         1f:a5:9b:44:73:c6:62:12:f9:50:cb:29:d8:dd:53:63:f7:7b:
         48:a7:50:15:4f:57:ea:02:63:a3:f5:11:57:0a:fe:21:f4:42:
         95:dd:1b:d6:26:fe:82:f2:18:b9:75:f7:38:e0:6d:41:3b:9b:
         17:28:67:12:65:2d:d2:c2:5b:34:4d:c9:a7:85:bc:00:75:d8:
         16:4e:23:a8:6b:e1:e3:6e:86:92:e4:21:00:4b:61:0c:c8:59:
         21:ac:16:57:dd:d9:f3:56:11:b1:1e:5c:4f:bf:92:d2:92:61:
         3e:28:92:be:d1:7a:3a:75:a6:fe:dd:f1:ea:2c:49:c3:ce:5b:
         95:83:a8:8c:60:47:0a:da:1f:27:cf:fc:1f:2f:95:30:bc:28:
         a0:b0:7b:a7:67:b4:2e:b8:df:eb:07:4f:9a:b3:76:8b:df:d7:
         6e:18:f9:63:5e:1f:3a:b3:88:98:68:5b:44:b3:fb:03:e3:4d:
         ce:a8:6d:69:3e:09:47:04:90:ad:af:97:bd:fa:0a:22:10:2b:
         88:74:92:c6:d1:59:08:2f:61:85:ab:50:19:f9:38:74:5a:89:
         b9:7d:23:2b
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUTzkQPjwzBgIZZOsydXxmDXQ9CQAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEVDOEVBQzdGMUY1QTIxNjgyNEIzNzExODY5Nzc0ODgy
NUYzMTREOTAeFw0yNDA0MjIxNDIwMDJaFw0yNTA0MjExNDI1MDJaMDMxMTAvBgNV
BAMTKEQzODI1M0U0NjNENzBCMjE2ODUxRDlFMjY3RjFDODhBM0IzODkyRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY9uhWnfekwUI/F8J4v80f8D7z
ja+32eBP74QJ12ArKwb1p60YXxb7ki5OIfhvvL5kDHvU5YF5LY5A7X6L0as+v7kT
0JZKQUCzULXs/rxcHaEig++X/3x1Z+4qLf+f2yLJ1DuDfNel8xecyq0LrAvnIXJR
eZQ8j3i89EP11RbPyFZGCAATpocQADmyBFdvV5W65iSPpdH9i6qWqz4K6go91rvH
xcW4qcIIcrReTSR59RzV6YLu1+0xGwuH9PIzrhXfVS8hz1k+zWvgJA5o/lXwkCdv
p4kwvYQDbGcUynKF5OlIxHyGRNTRTqgj4zAzjYF3QmubxMJ3lH9CDP1HQK5fAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQU04JT5GPXCyFoUdniZ/HIijs4kukwHwYDVR0j
BBgwFoAUDsjqx/H1ohaCSzcRhpd0iCXzFNkwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vM0hqNmsyWWVDdnVMSHhYOVl5QzZBZms1ZGdIaXdQNmZ5S1l3akZ4TEF0
Z04vMC8wRUM4RUFDN0YxRjVBMjE2ODI0QjM3MTE4Njk3NzQ4ODI1RjMxNEQ5LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzBFQzhFQUM3RjFGNUEyMTY4
MjRCMzcxMTg2OTc3NDg4MjVGMzE0RDkuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzNIajZrMlllQ3Z1TEh4WDlZeUM2QWZrNWRnSGl3UDZmeUtZd2pGeExBdGdOLzAv
MzEzMzMxMmUzMjM1MzUyZTM2MzgyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNjMx
MzkzNDMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCg/9EMA0GCSqGSIb3DQEBCwUAA4IBAQCgimClekth
cxZY3KTHTGEovvIyAs3wtWPucJiNV8hOJpngQ3IfpZtEc8ZiEvlQyynY3VNj93tI
p1AVT1fqAmOj9RFXCv4h9EKV3RvWJv6C8hi5dfc44G1BO5sXKGcSZS3Swls0Tcmn
hbwAddgWTiOoa+HjboaS5CEAS2EMyFkhrBZX3dnzVhGxHlxPv5LSkmE+KJK+0Xo6
dab+3fHqLEnDzluVg6iMYEcK2h8nz/wfL5UwvCigsHunZ7QuuN/rB0+as3aL39du
GPljXh86s4iYaFtEs/sD403OqG1pPglHBJCtr5e9+goiECuIdJLG0VkIL2GFq1AZ
+Th0Wom5fSMr
-----END CERTIFICATE-----
Generated at Mon Jun 17 00:18:54 2024 by rpki-client on console-fra.rpki-client.org