Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/3yjGaXpjhPnDEXhRq8h8dQT8u3qbvCzjSmTVv3xTLzWi/0/3137302e38302e302e302f32322d3232203d3e20323633363237.roa
File:                     3137302e38302e302e302f32322d3232203d3e20323633363237.roa (raw, json)
Hash identifier:          eqVvfEcSScTQPLINkJq+OaiDzugVs40VCmIb3I3+v7g=
Subject key identifier:   0F:C0:1A:29:CF:C3:20:E6:65:58:54:AB:18:E0:6C:89:83:00:95:58
Certificate issuer:       /CN=11A01506231611C87461442475B1401AD5DE38D2
Certificate serial:       0A170CD17171905CCD312DCED10EDC3E05C85A03
Authority key identifier: 11:A0:15:06:23:16:11:C8:74:61:44:24:75:B1:40:1A:D5:DE:38:D2
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/11A01506231611C87461442475B1401AD5DE38D2.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/3yjGaXpjhPnDEXhRq8h8dQT8u3qbvCzjSmTVv3xTLzWi/0/3137302e38302e302e302f32322d3232203d3e20323633363237.roa
Signing time:             Tue 23 Apr 2024 19:13:40 +0000
ROA not before:           Tue 23 Apr 2024 19:08:40 +0000
ROA not after:            Tue 22 Apr 2025 19:13:40 +0000
asID:                     263627
IP address blocks:        170.80.0.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/3yjGaXpjhPnDEXhRq8h8dQT8u3qbvCzjSmTVv3xTLzWi/0/11A01506231611C87461442475B1401AD5DE38D2.crl
                          rsync://rpki-repo.registro.br/repo/3yjGaXpjhPnDEXhRq8h8dQT8u3qbvCzjSmTVv3xTLzWi/0/11A01506231611C87461442475B1401AD5DE38D2.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/11A01506231611C87461442475B1401AD5DE38D2.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Jun 2024 22:55:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:17:0c:d1:71:71:90:5c:cd:31:2d:ce:d1:0e:dc:3e:05:c8:5a:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=11A01506231611C87461442475B1401AD5DE38D2
        Validity
            Not Before: Apr 23 19:08:40 2024 GMT
            Not After : Apr 22 19:13:40 2025 GMT
        Subject: CN=0FC01A29CFC320E6655854AB18E06C8983009558
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:f5:0a:d2:a5:32:b3:e8:80:ea:bb:dc:70:bb:
                    82:6a:fb:76:d4:9a:43:b6:e5:62:36:b2:4d:00:7d:
                    74:d9:c8:b7:8d:43:40:d6:0d:82:69:77:b0:14:40:
                    cf:30:33:83:08:53:eb:db:b8:ce:b4:d9:8c:c6:bc:
                    1a:1e:06:1c:a9:90:3f:a0:d6:3c:d3:af:79:bd:b3:
                    a4:f1:32:cf:02:b5:a4:e6:5f:d2:a9:1d:01:2e:87:
                    0e:4a:86:a8:ab:d1:e1:02:54:c4:7a:a9:a6:8b:98:
                    0b:81:cd:39:e5:0a:17:5f:5f:4a:f8:64:15:91:96:
                    67:55:53:43:dd:7c:13:7b:44:90:2b:da:4b:00:41:
                    66:bf:33:76:b6:d2:aa:bc:3a:e6:12:2d:d9:b1:1d:
                    ef:b4:bc:e8:bf:7b:35:a5:44:33:86:a9:c2:67:bb:
                    91:0f:c1:63:5c:ba:b3:92:32:78:07:fa:1f:e1:87:
                    0e:57:2f:f0:69:65:14:da:e4:06:4e:14:99:01:e5:
                    c8:70:e0:9d:fe:6b:07:46:8f:aa:af:a8:bd:81:de:
                    76:37:d3:c1:d9:5c:d9:fe:80:16:73:08:44:70:b2:
                    db:a1:c6:aa:78:99:29:f5:72:a6:d3:47:fe:84:7a:
                    0b:60:ce:64:32:28:af:50:42:37:58:9b:b2:4b:ef:
                    42:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:C0:1A:29:CF:C3:20:E6:65:58:54:AB:18:E0:6C:89:83:00:95:58
            X509v3 Authority Key Identifier:
                keyid:11:A0:15:06:23:16:11:C8:74:61:44:24:75:B1:40:1A:D5:DE:38:D2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/3yjGaXpjhPnDEXhRq8h8dQT8u3qbvCzjSmTVv3xTLzWi/0/11A01506231611C87461442475B1401AD5DE38D2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/11A01506231611C87461442475B1401AD5DE38D2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/3yjGaXpjhPnDEXhRq8h8dQT8u3qbvCzjSmTVv3xTLzWi/0/3137302e38302e302e302f32322d3232203d3e20323633363237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.80.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         78:4a:64:56:6f:40:1e:81:5f:e3:fa:c5:da:d0:94:9a:93:eb:
         96:25:1c:76:7e:a3:cc:be:d7:28:a3:63:7b:a3:26:fe:7c:42:
         4d:07:40:a0:87:32:1d:43:0b:2c:db:73:8f:26:7c:0b:b1:a3:
         b3:b4:dd:0e:93:af:5d:a0:42:e4:0d:b2:f0:94:76:0d:71:1a:
         ab:cb:50:cc:69:f7:91:01:1e:04:10:f2:15:cc:7f:31:05:4c:
         7f:68:b4:33:6c:32:10:f9:9e:00:10:8e:83:5e:79:11:cd:f4:
         39:a9:41:a1:65:52:48:b7:76:5b:a5:63:ef:45:6a:a9:75:d9:
         a3:af:a1:4d:71:6d:39:34:4d:41:84:32:ec:e3:7b:28:0a:28:
         39:a2:e3:8f:e1:b0:67:12:8f:98:51:71:37:bb:29:13:fd:e2:
         a5:08:7c:5b:29:86:0c:be:9c:d2:43:9a:a5:0f:e6:6c:da:8c:
         68:3c:08:6a:29:dd:38:c6:a4:53:e4:57:3d:04:89:06:54:85:
         34:7b:5e:58:0d:27:27:10:f2:15:7e:c0:d5:1f:6a:ff:63:c4:
         52:78:52:65:21:78:67:5a:58:59:6d:61:e6:e2:25:78:e0:79:
         3b:a6:08:88:a7:2e:8e:3b:ac:76:37:b0:51:9b:cd:5f:c7:cc:
         f6:7d:29:da
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUChcM0XFxkFzNMS3O0Q7cPgXIWgMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTFBMDE1MDYyMzE2MTFDODc0NjE0NDI0NzVCMTQwMUFE
NURFMzhEMjAeFw0yNDA0MjMxOTA4NDBaFw0yNTA0MjIxOTEzNDBaMDMxMTAvBgNV
BAMTKDBGQzAxQTI5Q0ZDMzIwRTY2NTU4NTRBQjE4RTA2Qzg5ODMwMDk1NTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDW9QrSpTKz6IDqu9xwu4Jq+3bU
mkO25WI2sk0AfXTZyLeNQ0DWDYJpd7AUQM8wM4MIU+vbuM602YzGvBoeBhypkD+g
1jzTr3m9s6TxMs8CtaTmX9KpHQEuhw5Khqir0eECVMR6qaaLmAuBzTnlChdfX0r4
ZBWRlmdVU0PdfBN7RJAr2ksAQWa/M3a20qq8OuYSLdmxHe+0vOi/ezWlRDOGqcJn
u5EPwWNcurOSMngH+h/hhw5XL/BpZRTa5AZOFJkB5chw4J3+awdGj6qvqL2B3nY3
08HZXNn+gBZzCERwstuhxqp4mSn1cqbTR/6EegtgzmQyKK9QQjdYm7JL70J3AgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUD8AaKc/DIOZlWFSrGOBsiYMAlVgwHwYDVR0j
BBgwFoAUEaAVBiMWEch0YUQkdbFAGtXeONIwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vM3lqR2FYcGpoUG5ERVhoUnE4aDhkUVQ4dTNxYnZDempTbVRWdjN4VEx6
V2kvMC8xMUEwMTUwNjIzMTYxMUM4NzQ2MTQ0MjQ3NUIxNDAxQUQ1REUzOEQyLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzExQTAxNTA2MjMxNjExQzg3
NDYxNDQyNDc1QjE0MDFBRDVERTM4RDIuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzN5akdhWHBqaFBuREVYaFJxOGg4ZFFUOHUzcWJ2Q3pqU21UVnYzeFRMeldpLzAv
MzEzNzMwMmUzODMwMmUzMDJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzYzMzM2
MzIzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB
/wQQMA4wDAQCAAEwBgMEAqpQADANBgkqhkiG9w0BAQsFAAOCAQEAeEpkVm9AHoFf
4/rF2tCUmpPrliUcdn6jzL7XKKNje6Mm/nxCTQdAoIcyHUMLLNtzjyZ8C7Gjs7Td
DpOvXaBC5A2y8JR2DXEaq8tQzGn3kQEeBBDyFcx/MQVMf2i0M2wyEPmeABCOg155
Ec30OalBoWVSSLd2W6Vj70VqqXXZo6+hTXFtOTRNQYQy7ON7KAooOaLjj+GwZxKP
mFFxN7spE/3ipQh8WymGDL6c0kOapQ/mbNqMaDwIaindOMakU+RXPQSJBlSFNHte
WA0nJxDyFX7A1R9q/2PEUnhSZSF4Z1pYWW1h5uIleOB5O6YIiKcujjusdjewUZvN
X8fM9n0p2g==
-----END CERTIFICATE-----
Generated at Tue Jun 18 00:26:40 2024 by rpki-client on console-ams.rpki-client.org