Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/3Hj6k2YeCvuLHxX9YyC6Afk5dgHiwP6fyKYwjFxLAtgN/0/3137302e3233332e3136342e302f32322d3234203d3e203631393432.roa
File:                     3137302e3233332e3136342e302f32322d3234203d3e203631393432.roa (raw, json)
Hash identifier:          4ngFWnhFQOpX89n3WMiwDce22p9Y3H0PedPIL27KCCk=
Subject key identifier:   4A:53:75:91:89:DC:CB:31:16:BD:4D:03:BC:DA:25:4F:FF:CB:16:B4
Certificate issuer:       /CN=0EC8EAC7F1F5A216824B37118697748825F314D9
Certificate serial:       1D53436EBD4A832BCA22FB47C38373F17926FC42
Authority key identifier: 0E:C8:EA:C7:F1:F5:A2:16:82:4B:37:11:86:97:74:88:25:F3:14:D9
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0EC8EAC7F1F5A216824B37118697748825F314D9.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/3Hj6k2YeCvuLHxX9YyC6Afk5dgHiwP6fyKYwjFxLAtgN/0/3137302e3233332e3136342e302f32322d3234203d3e203631393432.roa
Signing time:             Mon 22 Apr 2024 14:25:15 +0000
ROA not before:           Mon 22 Apr 2024 14:20:15 +0000
ROA not after:            Mon 21 Apr 2025 14:25:15 +0000
asID:                     61942
IP address blocks:        170.233.164.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/3Hj6k2YeCvuLHxX9YyC6Afk5dgHiwP6fyKYwjFxLAtgN/0/0EC8EAC7F1F5A216824B37118697748825F314D9.crl
                          rsync://rpki-repo.registro.br/repo/3Hj6k2YeCvuLHxX9YyC6Afk5dgHiwP6fyKYwjFxLAtgN/0/0EC8EAC7F1F5A216824B37118697748825F314D9.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0EC8EAC7F1F5A216824B37118697748825F314D9.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 26 Nov 2024 14:16:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:53:43:6e:bd:4a:83:2b:ca:22:fb:47:c3:83:73:f1:79:26:fc:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0EC8EAC7F1F5A216824B37118697748825F314D9
        Validity
            Not Before: Apr 22 14:20:15 2024 GMT
            Not After : Apr 21 14:25:15 2025 GMT
        Subject: CN=4A53759189DCCB3116BD4D03BCDA254FFFCB16B4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:84:aa:9d:0d:99:7d:09:ba:df:de:19:2e:2f:
                    e7:59:58:dd:9d:a6:d9:eb:8c:c3:09:c1:72:16:b3:
                    f3:83:00:58:58:77:40:74:07:41:79:f0:f5:a6:ba:
                    21:a7:4c:76:f1:3c:4e:33:76:3e:e5:24:4b:8c:12:
                    89:7f:e0:72:b1:c3:72:37:f9:23:bb:64:90:ab:4a:
                    9c:09:19:80:c8:ed:35:0b:92:be:e7:ca:e3:2d:8d:
                    fe:62:15:dc:3a:90:35:a1:4b:0e:74:7e:fa:8a:fc:
                    bf:b0:ee:97:13:57:4a:ec:df:78:2b:32:8c:c6:15:
                    ab:3c:4c:85:ed:dc:11:24:78:cd:84:b1:84:64:db:
                    1f:af:74:30:00:7d:01:25:b9:9b:b0:dc:66:e0:a9:
                    34:d5:65:0c:99:6d:fe:30:53:5c:7e:a9:ab:8b:04:
                    61:dd:4f:64:da:9f:5a:e5:4a:e6:c4:7f:d2:a0:68:
                    8c:17:59:3b:c9:83:37:4f:9d:38:99:95:c9:eb:58:
                    90:dc:52:b2:b1:c0:a8:66:29:32:9b:82:ff:bd:16:
                    22:38:73:42:a0:89:88:3f:39:27:a8:0e:39:61:da:
                    2a:ef:db:d8:77:26:82:c6:c6:5a:05:72:58:cf:e1:
                    ec:32:a9:8c:4d:2e:e5:79:c0:17:d9:73:95:a1:f7:
                    81:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:53:75:91:89:DC:CB:31:16:BD:4D:03:BC:DA:25:4F:FF:CB:16:B4
            X509v3 Authority Key Identifier:
                keyid:0E:C8:EA:C7:F1:F5:A2:16:82:4B:37:11:86:97:74:88:25:F3:14:D9

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/3Hj6k2YeCvuLHxX9YyC6Afk5dgHiwP6fyKYwjFxLAtgN/0/0EC8EAC7F1F5A216824B37118697748825F314D9.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0EC8EAC7F1F5A216824B37118697748825F314D9.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/3Hj6k2YeCvuLHxX9YyC6Afk5dgHiwP6fyKYwjFxLAtgN/0/3137302e3233332e3136342e302f32322d3234203d3e203631393432.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.233.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         54:4f:2f:33:a1:00:39:16:50:a5:bf:ce:32:e7:36:f4:6f:76:
         52:ab:06:63:3b:94:a3:c6:cf:78:0a:6c:b2:8e:ee:01:5f:83:
         5c:9e:a7:47:87:d9:a9:8f:14:a4:7e:b4:a8:72:02:a0:ce:3b:
         b7:d7:f8:c6:cc:d0:3c:be:a7:17:8f:f0:2b:4e:e5:83:8d:26:
         15:5a:4e:7c:e9:07:e2:9b:1f:44:66:52:2d:fc:eb:51:1c:90:
         18:43:08:08:a1:49:99:ea:d2:4e:ca:22:b3:f9:fb:cf:38:17:
         a4:9f:52:32:82:bf:6e:93:ec:cf:98:60:f8:59:3c:4b:a0:35:
         59:7b:7d:05:f5:22:dd:3d:74:6f:7b:9e:e2:23:95:ca:e2:ab:
         02:6c:c7:04:3e:7f:4c:76:63:15:db:44:7c:16:a1:3f:65:8e:
         56:6d:0c:fc:c4:51:e2:99:bc:28:3c:3a:86:16:89:41:d1:91:
         5a:af:20:b7:77:cd:ef:4d:d0:33:2b:48:07:57:88:9d:ac:c6:
         c6:38:b0:4d:72:39:ca:64:aa:44:c8:85:39:e3:c9:fa:8e:9e:
         23:f5:e0:cc:a2:db:ce:b7:2c:49:a7:69:72:58:86:4a:a5:ec:
         75:5e:df:51:ff:15:09:a3:f3:dc:88:ce:40:b9:9f:2d:be:7a:
         a0:db:95:9c
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUHVNDbr1KgyvKIvtHw4Nz8Xkm/EIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEVDOEVBQzdGMUY1QTIxNjgyNEIzNzExODY5Nzc0ODgy
NUYzMTREOTAeFw0yNDA0MjIxNDIwMTVaFw0yNTA0MjExNDI1MTVaMDMxMTAvBgNV
BAMTKDRBNTM3NTkxODlEQ0NCMzExNkJENEQwM0JDREEyNTRGRkZDQjE2QjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWhKqdDZl9Cbrf3hkuL+dZWN2d
ptnrjMMJwXIWs/ODAFhYd0B0B0F58PWmuiGnTHbxPE4zdj7lJEuMEol/4HKxw3I3
+SO7ZJCrSpwJGYDI7TULkr7nyuMtjf5iFdw6kDWhSw50fvqK/L+w7pcTV0rs33gr
MozGFas8TIXt3BEkeM2EsYRk2x+vdDAAfQEluZuw3GbgqTTVZQyZbf4wU1x+qauL
BGHdT2Tan1rlSubEf9KgaIwXWTvJgzdPnTiZlcnrWJDcUrKxwKhmKTKbgv+9FiI4
c0KgiYg/OSeoDjlh2irv29h3JoLGxloFcljP4ewyqYxNLuV5wBfZc5Wh94FVAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUSlN1kYncyzEWvU0DvNolT//LFrQwHwYDVR0j
BBgwFoAUDsjqx/H1ohaCSzcRhpd0iCXzFNkwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vM0hqNmsyWWVDdnVMSHhYOVl5QzZBZms1ZGdIaXdQNmZ5S1l3akZ4TEF0
Z04vMC8wRUM4RUFDN0YxRjVBMjE2ODI0QjM3MTE4Njk3NzQ4ODI1RjMxNEQ5LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzBFQzhFQUM3RjFGNUEyMTY4
MjRCMzcxMTg2OTc3NDg4MjVGMzE0RDkuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzNIajZrMlllQ3Z1TEh4WDlZeUM2QWZrNWRnSGl3UDZmeUtZd2pGeExBdGdOLzAv
MzEzNzMwMmUzMjMzMzMyZTMxMzYzNDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM2
MzEzOTM0MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAKq6aQwDQYJKoZIhvcNAQELBQADggEBAFRPLzOh
ADkWUKW/zjLnNvRvdlKrBmM7lKPGz3gKbLKO7gFfg1yep0eH2amPFKR+tKhyAqDO
O7fX+MbM0Dy+pxeP8CtO5YONJhVaTnzpB+KbH0RmUi3861EckBhDCAihSZnq0k7K
IrP5+884F6SfUjKCv26T7M+YYPhZPEugNVl7fQX1It09dG97nuIjlcriqwJsxwQ+
f0x2YxXbRHwWoT9ljlZtDPzEUeKZvCg8OoYWiUHRkVqvILd3ze9N0DMrSAdXiJ2s
xsY4sE1yOcpkqkTIhTnjyfqOniP14Myi2863LEmnaXJYhkql7HVe31H/FQmj89yI
zkC5ny2+eqDblZw=
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:02:08 2024 by rpki-client on console-fra.rpki-client.org