Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/3UHaLLWT5iSd8N5hAqQmHUnKXJLP2uFSRgkM7sYpv7FX/1/3137372e31312e3130322e302f32342d3234203d3e203631363732.roa
File:                     3137372e31312e3130322e302f32342d3234203d3e203631363732.roa (raw, json)
Hash identifier:          IlJTcPdIEaAXWyIIbOaIfanj377xyVg1vK9bHaEQAJU=
Subject key identifier:   2B:21:44:F7:96:7A:C8:C8:D5:D7:9C:63:9F:FE:27:B7:DD:33:1C:16
Certificate issuer:       /CN=19FA718A7689F718ABB4C46D0D9B0A0C03666281
Certificate serial:       083421AE35312008A4A09F3CA60690BDE0CC38A5
Authority key identifier: 19:FA:71:8A:76:89:F7:18:AB:B4:C4:6D:0D:9B:0A:0C:03:66:62:81
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/19FA718A7689F718ABB4C46D0D9B0A0C03666281.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/3UHaLLWT5iSd8N5hAqQmHUnKXJLP2uFSRgkM7sYpv7FX/1/3137372e31312e3130322e302f32342d3234203d3e203631363732.roa
Signing time:             Thu 04 Apr 2024 18:22:40 +0000
ROA not before:           Thu 04 Apr 2024 18:17:40 +0000
ROA not after:            Thu 03 Apr 2025 18:22:40 +0000
asID:                     61672
IP address blocks:        177.11.102.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/3UHaLLWT5iSd8N5hAqQmHUnKXJLP2uFSRgkM7sYpv7FX/1/19FA718A7689F718ABB4C46D0D9B0A0C03666281.crl
                          rsync://rpki-repo.registro.br/repo/3UHaLLWT5iSd8N5hAqQmHUnKXJLP2uFSRgkM7sYpv7FX/1/19FA718A7689F718ABB4C46D0D9B0A0C03666281.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/19FA718A7689F718ABB4C46D0D9B0A0C03666281.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 14:56:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:34:21:ae:35:31:20:08:a4:a0:9f:3c:a6:06:90:bd:e0:cc:38:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19FA718A7689F718ABB4C46D0D9B0A0C03666281
        Validity
            Not Before: Apr  4 18:17:40 2024 GMT
            Not After : Apr  3 18:22:40 2025 GMT
        Subject: CN=2B2144F7967AC8C8D5D79C639FFE27B7DD331C16
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:cc:2d:ae:a9:d9:67:86:ac:69:e2:be:81:7c:
                    5a:e9:70:5f:35:2c:15:0e:79:b4:f4:c4:00:9a:82:
                    c9:ab:c7:8b:9b:82:23:72:8a:c1:56:19:47:ca:2e:
                    e3:d7:35:1b:14:16:e4:54:6a:ee:13:ef:e6:4d:fb:
                    e9:47:51:e0:80:55:c0:f2:52:86:27:7a:82:4d:a1:
                    6f:6c:ba:e3:72:66:b7:5b:ab:7e:c1:87:b2:24:fc:
                    61:6d:b3:57:9a:ae:63:83:ab:f1:79:92:7f:12:f9:
                    ff:17:00:58:31:79:e5:66:d7:46:49:2e:07:83:c0:
                    13:e5:bd:09:b7:f3:33:e3:f3:87:69:ea:6c:4e:a3:
                    ec:f9:0e:ba:23:60:ec:d8:03:b0:00:dc:ce:a2:96:
                    9f:f5:6a:86:a7:bf:37:fa:cd:25:da:71:0d:9b:bd:
                    9e:92:a3:5c:d1:ed:e9:80:a0:ea:0b:eb:f1:a4:33:
                    38:3e:de:13:71:eb:50:ab:09:6a:ec:e5:51:40:38:
                    11:c6:69:48:35:7f:8d:6b:36:3a:17:49:c3:6f:3a:
                    c5:dd:55:f0:09:fc:15:a5:59:a0:14:64:3b:b7:15:
                    a1:68:f1:ec:0e:21:a0:16:37:04:d7:b3:6f:71:b7:
                    7c:80:b2:ec:2c:8e:02:ed:b2:e0:6a:f7:36:41:3e:
                    c1:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:21:44:F7:96:7A:C8:C8:D5:D7:9C:63:9F:FE:27:B7:DD:33:1C:16
            X509v3 Authority Key Identifier:
                keyid:19:FA:71:8A:76:89:F7:18:AB:B4:C4:6D:0D:9B:0A:0C:03:66:62:81

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/3UHaLLWT5iSd8N5hAqQmHUnKXJLP2uFSRgkM7sYpv7FX/1/19FA718A7689F718ABB4C46D0D9B0A0C03666281.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/19FA718A7689F718ABB4C46D0D9B0A0C03666281.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/3UHaLLWT5iSd8N5hAqQmHUnKXJLP2uFSRgkM7sYpv7FX/1/3137372e31312e3130322e302f32342d3234203d3e203631363732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.11.102.0/24

    Signature Algorithm: sha256WithRSAEncryption
         31:64:ae:f9:c7:27:cb:1c:e7:2b:b5:4d:13:7b:4f:fc:e5:46:
         90:b0:2b:4e:d5:fc:bd:62:f6:99:e8:22:de:cf:f2:99:a5:aa:
         64:03:28:5c:f4:04:d9:b9:2d:5b:2d:e6:c7:18:5b:67:88:45:
         77:9f:49:7e:15:d7:2c:b9:e6:4f:fa:15:63:9b:89:f7:da:71:
         7d:07:ef:d8:c5:26:a8:4a:8e:12:fa:1f:a8:ea:d1:ff:90:61:
         9a:74:4b:1b:08:86:c6:66:46:ef:3a:72:b5:dd:63:78:ce:27:
         45:3d:51:7f:72:59:9c:22:6c:e4:df:69:ba:c4:5e:53:5f:cf:
         28:fb:49:4e:ab:5c:07:89:88:cd:e5:ed:32:d4:99:fa:55:69:
         97:02:7b:cf:8e:22:08:f0:f5:96:97:56:64:dd:ae:5b:39:b3:
         19:3d:2c:a3:f3:fb:04:16:75:09:c7:00:4f:e3:7f:e1:8d:6c:
         17:79:ca:88:1b:ac:cc:d0:3d:82:0c:48:30:e6:41:b0:db:c0:
         12:73:ed:37:5a:77:d8:8e:5c:c7:ce:95:89:5a:f1:da:4e:0f:
         0e:c0:ec:5b:4a:3a:bc:ee:21:25:bf:9e:8b:c9:58:80:46:76:
         e7:55:09:b2:15:80:99:9d:ae:38:7a:af:9a:45:09:5a:ef:5c:
         92:d4:dc:f8
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUCDQhrjUxIAikoJ88pgaQveDMOKUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTlGQTcxOEE3Njg5RjcxOEFCQjRDNDZEMEQ5QjBBMEMw
MzY2NjI4MTAeFw0yNDA0MDQxODE3NDBaFw0yNTA0MDMxODIyNDBaMDMxMTAvBgNV
BAMTKDJCMjE0NEY3OTY3QUM4QzhENUQ3OUM2MzlGRkUyN0I3REQzMzFDMTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnzC2uqdlnhqxp4r6BfFrpcF81
LBUOebT0xACagsmrx4ubgiNyisFWGUfKLuPXNRsUFuRUau4T7+ZN++lHUeCAVcDy
UoYneoJNoW9suuNyZrdbq37Bh7Ik/GFts1earmODq/F5kn8S+f8XAFgxeeVm10ZJ
LgeDwBPlvQm38zPj84dp6mxOo+z5DrojYOzYA7AA3M6ilp/1aoanvzf6zSXacQ2b
vZ6So1zR7emAoOoL6/GkMzg+3hNx61CrCWrs5VFAOBHGaUg1f41rNjoXScNvOsXd
VfAJ/BWlWaAUZDu3FaFo8ewOIaAWNwTXs29xt3yAsuwsjgLtsuBq9zZBPsG/AgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUKyFE95Z6yMjV15xjn/4nt90zHBYwHwYDVR0j
BBgwFoAUGfpxinaJ9xirtMRtDZsKDANmYoEwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vM1VIYUxMV1Q1aVNkOE41aEFxUW1IVW5LWEpMUDJ1RlNSZ2tNN3NZcHY3
RlgvMS8xOUZBNzE4QTc2ODlGNzE4QUJCNEM0NkQwRDlCMEEwQzAzNjY2MjgxLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzE5RkE3MThBNzY4OUY3MThB
QkI0QzQ2RDBEOUIwQTBDMDM2NjYyODEuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzNVSGFMTFdUNWlTZDhONWhBcVFtSFVuS1hKTFAydUZTUmdrTTdzWXB2N0ZYLzEv
MzEzNzM3MmUzMTMxMmUzMTMwMzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMx
MzYzNzMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAsQtmMA0GCSqGSIb3DQEBCwUAA4IBAQAxZK75xyfL
HOcrtU0Te0/85UaQsCtO1fy9YvaZ6CLez/KZpapkAyhc9ATZuS1bLebHGFtniEV3
n0l+FdcsueZP+hVjm4n32nF9B+/YxSaoSo4S+h+o6tH/kGGadEsbCIbGZkbvOnK1
3WN4zidFPVF/clmcImzk32m6xF5TX88o+0lOq1wHiYjN5e0y1Jn6VWmXAnvPjiII
8PWWl1Zk3a5bObMZPSyj8/sEFnUJxwBP43/hjWwXecqIG6zM0D2CDEgw5kGw28AS
c+03WnfYjlzHzpWJWvHaTg8OwOxbSjq87iElv56LyViARnbnVQmyFYCZna44eq+a
RQla71yS1Nz4
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:22:36 2024 by rpki-client on console-fra.rpki-client.org