Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/3YV9GyQg2aAEp3fbGkQu3VdDvMPyty1zzVR6bmPHKCpu/2/3137372e31322e3132382e302f32322d3234203d3e20323634313230.roa
File:                     3137372e31322e3132382e302f32322d3234203d3e20323634313230.roa (raw, json)
Hash identifier:          ycgL1dwG1J2tBj9XoJHCvGI6sToktte3AWFZbU3hZeM=
Subject key identifier:   68:18:3B:EA:A1:77:E7:F5:A9:01:6B:29:4D:0F:04:CF:02:6B:F4:CC
Certificate issuer:       /CN=1A73FAF8D867B634EAC5E7386DE57083033A1C96
Certificate serial:       7E3C993586837BD226E7F03336A62E0AB881F26E
Authority key identifier: 1A:73:FA:F8:D8:67:B6:34:EA:C5:E7:38:6D:E5:70:83:03:3A:1C:96
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/1A73FAF8D867B634EAC5E7386DE57083033A1C96.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/3YV9GyQg2aAEp3fbGkQu3VdDvMPyty1zzVR6bmPHKCpu/2/3137372e31322e3132382e302f32322d3234203d3e20323634313230.roa
Signing time:             Thu 04 Apr 2024 11:35:21 +0000
ROA not before:           Thu 04 Apr 2024 11:30:21 +0000
ROA not after:            Thu 03 Apr 2025 11:35:21 +0000
asID:                     264120
IP address blocks:        177.12.128.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/3YV9GyQg2aAEp3fbGkQu3VdDvMPyty1zzVR6bmPHKCpu/2/1A73FAF8D867B634EAC5E7386DE57083033A1C96.crl
                          rsync://rpki-repo.registro.br/repo/3YV9GyQg2aAEp3fbGkQu3VdDvMPyty1zzVR6bmPHKCpu/2/1A73FAF8D867B634EAC5E7386DE57083033A1C96.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/1A73FAF8D867B634EAC5E7386DE57083033A1C96.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 19:40:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:3c:99:35:86:83:7b:d2:26:e7:f0:33:36:a6:2e:0a:b8:81:f2:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1A73FAF8D867B634EAC5E7386DE57083033A1C96
        Validity
            Not Before: Apr  4 11:30:21 2024 GMT
            Not After : Apr  3 11:35:21 2025 GMT
        Subject: CN=68183BEAA177E7F5A9016B294D0F04CF026BF4CC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e2:ae:8b:f1:bf:1f:57:fc:d0:ff:b1:02:79:ff:
                    29:6a:a9:73:c1:2e:77:0e:0c:25:06:8c:71:d7:fc:
                    3e:d4:45:1d:e8:c5:eb:77:f4:f2:fe:4b:63:70:0f:
                    a3:c5:aa:d1:3b:b3:94:ea:34:03:98:fe:f5:41:0f:
                    c7:b4:f3:75:08:37:18:18:a2:f3:ff:fd:8e:3f:0c:
                    11:5b:2e:67:c7:01:7f:b7:b9:32:93:bf:60:79:88:
                    8e:9f:c8:60:2e:22:54:29:db:d3:a9:05:d2:fb:8c:
                    a7:19:de:0e:34:b0:3f:e7:a1:72:db:a3:5c:27:0e:
                    c2:6a:e5:6a:b8:a4:6b:f2:d7:8e:cb:9d:a2:f2:0a:
                    c9:43:cb:04:dc:14:9d:41:6c:b2:6d:2f:01:03:5d:
                    7c:86:54:c8:f1:29:26:7b:3b:19:68:1a:c6:bc:0a:
                    39:5d:4f:db:b9:57:a6:2c:79:32:36:fc:87:cd:b5:
                    eb:ce:11:0c:6e:c0:2c:dc:e2:b6:cb:78:f0:19:fb:
                    c4:8f:d2:dd:9a:91:1e:fa:35:6b:ba:2b:fa:55:e3:
                    78:18:f8:8e:ba:f1:0a:78:e3:68:22:47:da:fe:94:
                    10:f6:6e:8c:8f:aa:2f:ff:44:fb:c9:78:b7:38:8a:
                    28:20:a9:bd:68:7c:d9:b6:30:12:17:1a:93:e5:e1:
                    4c:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                68:18:3B:EA:A1:77:E7:F5:A9:01:6B:29:4D:0F:04:CF:02:6B:F4:CC
            X509v3 Authority Key Identifier:
                keyid:1A:73:FA:F8:D8:67:B6:34:EA:C5:E7:38:6D:E5:70:83:03:3A:1C:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/3YV9GyQg2aAEp3fbGkQu3VdDvMPyty1zzVR6bmPHKCpu/2/1A73FAF8D867B634EAC5E7386DE57083033A1C96.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/1A73FAF8D867B634EAC5E7386DE57083033A1C96.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/3YV9GyQg2aAEp3fbGkQu3VdDvMPyty1zzVR6bmPHKCpu/2/3137372e31322e3132382e302f32322d3234203d3e20323634313230.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.12.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         71:1d:8e:3e:3b:f8:6d:5c:a4:14:78:3e:dc:5a:aa:28:9c:67:
         58:4c:6f:67:4f:c2:1a:d1:98:13:89:26:77:c2:bc:fd:54:ac:
         4a:02:0e:2a:df:e6:d8:cd:61:83:46:4c:19:dd:d3:ae:19:b1:
         70:51:1d:12:00:b7:90:cf:13:e6:8c:74:68:e2:60:0b:53:11:
         e0:6c:99:fb:80:3f:b5:61:88:c9:5d:a2:32:5d:af:4c:d5:80:
         d3:b3:bf:21:52:be:71:6a:97:07:cf:99:c7:a7:d5:87:b6:cd:
         5d:b7:a0:c9:91:d6:44:0c:58:e5:50:9a:5c:90:8c:a7:f4:bb:
         86:cf:d8:e7:cd:cd:d0:50:e5:6e:11:ef:50:64:da:cc:17:67:
         7e:86:52:65:31:b4:c1:fc:5d:ae:f9:16:af:8b:2b:ad:9c:2e:
         5a:26:8b:32:a7:43:d0:3c:6c:8c:ca:c0:05:ae:ab:76:c7:f0:
         67:2c:e3:7e:09:89:52:0b:a9:16:a1:ec:16:f5:82:a3:f1:3c:
         1b:fc:54:3c:a9:2c:60:f6:98:54:6a:ba:0a:52:2d:e5:17:f1:
         59:31:d9:bd:7b:59:e3:02:43:c7:00:00:38:a0:99:73:6b:8b:
         54:db:b0:dc:ff:f9:45:61:b6:b5:cb:5a:78:2c:10:bf:95:df:
         b5:ab:f5:5e
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUfjyZNYaDe9Im5/AzNqYuCriB8m4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUE3M0ZBRjhEODY3QjYzNEVBQzVFNzM4NkRFNTcwODMw
MzNBMUM5NjAeFw0yNDA0MDQxMTMwMjFaFw0yNTA0MDMxMTM1MjFaMDMxMTAvBgNV
BAMTKDY4MTgzQkVBQTE3N0U3RjVBOTAxNkIyOTREMEYwNENGMDI2QkY0Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDirovxvx9X/ND/sQJ5/ylqqXPB
LncODCUGjHHX/D7URR3oxet39PL+S2NwD6PFqtE7s5TqNAOY/vVBD8e083UINxgY
ovP//Y4/DBFbLmfHAX+3uTKTv2B5iI6fyGAuIlQp29OpBdL7jKcZ3g40sD/noXLb
o1wnDsJq5Wq4pGvy147LnaLyCslDywTcFJ1BbLJtLwEDXXyGVMjxKSZ7OxloGsa8
CjldT9u5V6YseTI2/IfNtevOEQxuwCzc4rbLePAZ+8SP0t2akR76NWu6K/pV43gY
+I668Qp442giR9r+lBD2boyPqi//RPvJeLc4iiggqb1ofNm2MBIXGpPl4UxvAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUaBg76qF35/WpAWspTQ8EzwJr9MwwHwYDVR0j
BBgwFoAUGnP6+NhntjTqxec4beVwgwM6HJYwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vM1lWOUd5UWcyYUFFcDNmYkdrUXUzVmREdk1QeXR5MXp6VlI2Ym1QSEtD
cHUvMi8xQTczRkFGOEQ4NjdCNjM0RUFDNUU3Mzg2REU1NzA4MzAzM0ExQzk2LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzFBNzNGQUY4RDg2N0I2MzRF
QUM1RTczODZERTU3MDgzMDMzQTFDOTYuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzNZVjlHeVFnMmFBRXAzZmJHa1F1M1ZkRHZNUHl0eTF6elZSNmJtUEhLQ3B1LzIv
MzEzNzM3MmUzMTMyMmUzMTMyMzgyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2
MzQzMTMyMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAKxDIAwDQYJKoZIhvcNAQELBQADggEBAHEdjj47
+G1cpBR4PtxaqiicZ1hMb2dPwhrRmBOJJnfCvP1UrEoCDirf5tjNYYNGTBnd064Z
sXBRHRIAt5DPE+aMdGjiYAtTEeBsmfuAP7VhiMldojJdr0zVgNOzvyFSvnFqlwfP
mcen1Ye2zV23oMmR1kQMWOVQmlyQjKf0u4bP2OfNzdBQ5W4R71Bk2swXZ36GUmUx
tMH8Xa75Fq+LK62cLlomizKnQ9A8bIzKwAWuq3bH8Gcs434JiVILqRah7Bb1gqPx
PBv8VDypLGD2mFRqugpSLeUX8Vkx2b17WeMCQ8cAADigmXNri1TbsNz/+UVhtrXL
WngsEL+V37Wr9V4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:44:14 2024 by rpki-client on console-ams.rpki-client.org