Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/3Hj6k2YeCvuLHxX9YyC6Afk5dgHiwP6fyKYwjFxLAtgN/0/3136382e3139362e37322e302f32322d3234203d3e203631393432.roa
File:                     3136382e3139362e37322e302f32322d3234203d3e203631393432.roa (raw, json)
Hash identifier:          q9Mo//O0Zi69d7L655s6bI/UTnQ8VULUVn25uXq5eG0=
Subject key identifier:   E1:A8:64:BF:44:FD:91:D3:9C:20:49:DB:CC:EF:E8:3D:14:11:9B:99
Certificate issuer:       /CN=0EC8EAC7F1F5A216824B37118697748825F314D9
Certificate serial:       3C4FA33FCB9F9FBA86504D7F5E22B1C0285E9418
Authority key identifier: 0E:C8:EA:C7:F1:F5:A2:16:82:4B:37:11:86:97:74:88:25:F3:14:D9
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0EC8EAC7F1F5A216824B37118697748825F314D9.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/3Hj6k2YeCvuLHxX9YyC6Afk5dgHiwP6fyKYwjFxLAtgN/0/3136382e3139362e37322e302f32322d3234203d3e203631393432.roa
Signing time:             Mon 22 Apr 2024 14:25:06 +0000
ROA not before:           Mon 22 Apr 2024 14:20:06 +0000
ROA not after:            Mon 21 Apr 2025 14:25:06 +0000
asID:                     61942
IP address blocks:        168.196.72.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/3Hj6k2YeCvuLHxX9YyC6Afk5dgHiwP6fyKYwjFxLAtgN/0/0EC8EAC7F1F5A216824B37118697748825F314D9.crl
                          rsync://rpki-repo.registro.br/repo/3Hj6k2YeCvuLHxX9YyC6Afk5dgHiwP6fyKYwjFxLAtgN/0/0EC8EAC7F1F5A216824B37118697748825F314D9.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0EC8EAC7F1F5A216824B37118697748825F314D9.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Jun 2024 11:54:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:4f:a3:3f:cb:9f:9f:ba:86:50:4d:7f:5e:22:b1:c0:28:5e:94:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0EC8EAC7F1F5A216824B37118697748825F314D9
        Validity
            Not Before: Apr 22 14:20:06 2024 GMT
            Not After : Apr 21 14:25:06 2025 GMT
        Subject: CN=E1A864BF44FD91D39C2049DBCCEFE83D14119B99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:0d:90:9a:86:b3:f9:b8:c6:f5:20:6f:15:cd:
                    4b:09:b0:91:4d:ea:00:fc:37:10:6d:07:20:cd:d4:
                    5c:fc:07:fc:38:b0:11:7f:fe:ec:39:1f:5a:03:98:
                    3c:dc:09:d9:80:b6:74:43:56:54:e7:cb:27:8e:56:
                    46:ee:77:bd:cf:ab:2e:1e:cc:fe:22:36:e3:75:c9:
                    4f:df:0a:b3:ed:af:83:a4:a7:96:d1:08:80:91:9b:
                    ea:f9:5e:a9:1d:84:8c:f5:9c:98:47:9a:0a:8b:69:
                    b9:33:c1:9a:e7:86:28:87:51:5f:90:e9:64:05:dc:
                    8c:e2:a8:9d:85:5d:5b:fc:72:a1:1f:58:cc:52:d2:
                    2f:69:1b:67:ca:b4:35:ff:fb:a0:35:4d:aa:ad:ba:
                    dc:05:a5:ea:45:2d:ad:cb:ce:93:72:da:2e:64:ba:
                    33:82:8c:6b:6a:9e:dc:f7:47:04:9a:6a:15:ce:03:
                    b9:7d:69:f4:c8:40:5b:a1:76:3d:25:64:1b:8b:cc:
                    29:0f:34:bf:6b:a8:3e:bc:29:94:49:08:20:a4:2d:
                    20:25:49:d1:89:20:4e:a0:75:6a:6d:dc:06:e1:45:
                    1c:18:e7:aa:0f:20:cf:2e:ee:21:e5:a2:98:35:8d:
                    86:83:8a:3c:ef:c6:a4:17:2d:70:e8:5a:50:47:85:
                    70:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:A8:64:BF:44:FD:91:D3:9C:20:49:DB:CC:EF:E8:3D:14:11:9B:99
            X509v3 Authority Key Identifier:
                keyid:0E:C8:EA:C7:F1:F5:A2:16:82:4B:37:11:86:97:74:88:25:F3:14:D9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/3Hj6k2YeCvuLHxX9YyC6Afk5dgHiwP6fyKYwjFxLAtgN/0/0EC8EAC7F1F5A216824B37118697748825F314D9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0EC8EAC7F1F5A216824B37118697748825F314D9.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/3Hj6k2YeCvuLHxX9YyC6Afk5dgHiwP6fyKYwjFxLAtgN/0/3136382e3139362e37322e302f32322d3234203d3e203631393432.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.196.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4e:bb:ce:24:9d:be:04:8f:04:0d:a1:87:4b:3c:5c:db:da:05:
         f2:43:4d:1a:6e:7a:84:92:e8:6e:b3:ec:23:02:00:da:6a:66:
         40:94:f8:46:7e:32:3d:c7:e5:f8:4a:e2:fd:f6:66:32:d8:06:
         40:bb:e5:df:41:21:be:22:89:3b:d7:39:3b:55:c3:c3:e2:3a:
         73:32:fe:90:39:5b:94:12:9c:11:0e:0c:e5:0d:0c:84:fa:81:
         91:52:d2:6a:2b:27:0f:ad:65:7e:8e:9c:a4:98:33:ca:c4:2e:
         ae:b9:10:4a:b4:79:a8:84:65:5d:2f:fb:38:88:78:7f:bd:ea:
         7c:fc:20:89:62:b5:a6:9e:b0:a3:82:32:50:0d:fe:3e:8d:0e:
         57:3d:cd:12:cf:8b:e3:d1:a6:bc:93:c0:d0:5d:27:11:a3:83:
         ca:6a:66:4e:c4:21:37:2a:8c:da:9b:51:1b:af:1c:2d:e8:05:
         56:4d:db:ae:af:23:72:56:e5:c3:eb:7e:fc:c6:47:a6:aa:bb:
         63:f7:40:e0:c6:ec:18:20:e1:cd:f0:f1:5d:c9:2e:17:46:d8:
         88:39:32:8b:64:65:da:0f:42:0d:e7:b4:f6:60:46:65:db:0f:
         75:9b:bc:3c:bb:28:95:5f:5f:a3:84:ce:1e:78:82:c7:2c:41:
         61:cf:3f:20
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUPE+jP8ufn7qGUE1/XiKxwChelBgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEVDOEVBQzdGMUY1QTIxNjgyNEIzNzExODY5Nzc0ODgy
NUYzMTREOTAeFw0yNDA0MjIxNDIwMDZaFw0yNTA0MjExNDI1MDZaMDMxMTAvBgNV
BAMTKEUxQTg2NEJGNDRGRDkxRDM5QzIwNDlEQkNDRUZFODNEMTQxMTlCOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBDZCahrP5uMb1IG8VzUsJsJFN
6gD8NxBtByDN1Fz8B/w4sBF//uw5H1oDmDzcCdmAtnRDVlTnyyeOVkbud73Pqy4e
zP4iNuN1yU/fCrPtr4Okp5bRCICRm+r5XqkdhIz1nJhHmgqLabkzwZrnhiiHUV+Q
6WQF3IziqJ2FXVv8cqEfWMxS0i9pG2fKtDX/+6A1TaqtutwFpepFLa3LzpNy2i5k
ujOCjGtqntz3RwSaahXOA7l9afTIQFuhdj0lZBuLzCkPNL9rqD68KZRJCCCkLSAl
SdGJIE6gdWpt3AbhRRwY56oPIM8u7iHlopg1jYaDijzvxqQXLXDoWlBHhXARAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQU4ahkv0T9kdOcIEnbzO/oPRQRm5kwHwYDVR0j
BBgwFoAUDsjqx/H1ohaCSzcRhpd0iCXzFNkwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vM0hqNmsyWWVDdnVMSHhYOVl5QzZBZms1ZGdIaXdQNmZ5S1l3akZ4TEF0
Z04vMC8wRUM4RUFDN0YxRjVBMjE2ODI0QjM3MTE4Njk3NzQ4ODI1RjMxNEQ5LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzBFQzhFQUM3RjFGNUEyMTY4
MjRCMzcxMTg2OTc3NDg4MjVGMzE0RDkuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzNIajZrMlllQ3Z1TEh4WDlZeUM2QWZrNWRnSGl3UDZmeUtZd2pGeExBdGdOLzAv
MzEzNjM4MmUzMTM5MzYyZTM3MzIyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNjMx
MzkzNDMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCqMRIMA0GCSqGSIb3DQEBCwUAA4IBAQBOu84knb4E
jwQNoYdLPFzb2gXyQ00abnqEkuhus+wjAgDaamZAlPhGfjI9x+X4SuL99mYy2AZA
u+XfQSG+Iok71zk7VcPD4jpzMv6QOVuUEpwRDgzlDQyE+oGRUtJqKycPrWV+jpyk
mDPKxC6uuRBKtHmohGVdL/s4iHh/vep8/CCJYrWmnrCjgjJQDf4+jQ5XPc0Sz4vj
0aa8k8DQXScRo4PKamZOxCE3Kozam1Ebrxwt6AVWTduuryNyVuXD6378xkemqrtj
90DgxuwYIOHN8PFdyS4XRtiIOTKLZGXaD0IN57T2YEZl2w91m7w8uyiVX1+jhM4e
eILHLEFhzz8g
-----END CERTIFICATE-----
Generated at Mon Jun 17 02:10:06 2024 by rpki-client on console-ams.rpki-client.org