Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/42kEQt8GWGYZkZJrKDdZC6gPzkN9E8FtcTbD93gzmPDX/1/3136372e3234392e3131322e302f32322d3234203d3e203238313331.roa
File:                     3136372e3234392e3131322e302f32322d3234203d3e203238313331.roa (raw, json)
Hash identifier:          CFFc1zRUNW7SPmJTCDw1iUiKOKLBtEyfmGi11IjADTg=
Subject key identifier:   E2:C8:1A:17:CC:5B:4C:56:D6:A8:F9:38:4E:ED:D0:27:5A:56:4E:D5
Certificate issuer:       /CN=03981ED1B457034CCBAC00F384454B3A021E294E
Certificate serial:       71D15192CC1AE151949B43F1C39A73CEEBBBB8A9
Authority key identifier: 03:98:1E:D1:B4:57:03:4C:CB:AC:00:F3:84:45:4B:3A:02:1E:29:4E
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/03981ED1B457034CCBAC00F384454B3A021E294E.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/42kEQt8GWGYZkZJrKDdZC6gPzkN9E8FtcTbD93gzmPDX/1/3136372e3234392e3131322e302f32322d3234203d3e203238313331.roa
Signing time:             Thu 04 Apr 2024 03:10:28 +0000
ROA not before:           Thu 04 Apr 2024 03:05:28 +0000
ROA not after:            Thu 03 Apr 2025 03:10:28 +0000
asID:                     28131
IP address blocks:        167.249.112.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/42kEQt8GWGYZkZJrKDdZC6gPzkN9E8FtcTbD93gzmPDX/1/03981ED1B457034CCBAC00F384454B3A021E294E.crl
                          rsync://rpki-repo.registro.br/repo/42kEQt8GWGYZkZJrKDdZC6gPzkN9E8FtcTbD93gzmPDX/1/03981ED1B457034CCBAC00F384454B3A021E294E.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/03981ED1B457034CCBAC00F384454B3A021E294E.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 15:44:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:d1:51:92:cc:1a:e1:51:94:9b:43:f1:c3:9a:73:ce:eb:bb:b8:a9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=03981ED1B457034CCBAC00F384454B3A021E294E
        Validity
            Not Before: Apr  4 03:05:28 2024 GMT
            Not After : Apr  3 03:10:28 2025 GMT
        Subject: CN=E2C81A17CC5B4C56D6A8F9384EEDD0275A564ED5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:2b:4f:0a:72:a7:8a:64:8a:8b:fc:25:68:41:
                    6c:8b:c8:bb:8b:df:a6:b5:c7:6c:d0:80:77:88:1f:
                    24:49:6b:05:5b:43:78:48:18:ff:08:0a:37:0d:5f:
                    21:a6:44:6d:f9:b2:96:b7:f5:b4:06:f8:7f:01:de:
                    ea:b1:6f:c0:03:d2:f0:30:e5:d6:a9:9e:bb:9f:48:
                    d6:2e:da:08:78:a6:8d:26:f9:0c:ca:7b:89:32:1a:
                    23:6e:88:89:1a:6c:73:b4:31:29:35:1b:85:26:5d:
                    ac:cb:c9:dc:40:0e:f6:80:b4:92:2a:4e:24:7b:86:
                    64:3e:8e:91:bf:2b:2b:bd:99:bc:96:f9:28:59:ed:
                    93:16:e2:94:84:44:1c:b7:18:32:4e:1b:e4:51:00:
                    52:fe:75:50:1a:07:dc:9c:ca:d1:e7:fa:61:e5:3d:
                    5d:19:d3:00:78:56:6f:43:c5:15:97:26:a7:1f:06:
                    ef:eb:72:d1:5f:53:8b:4e:73:72:27:52:37:f6:4a:
                    12:09:86:10:ea:a6:26:6f:22:9d:9a:21:de:5b:08:
                    63:70:65:7b:af:54:41:ed:3a:ba:04:90:1a:3d:5f:
                    3b:48:bb:7d:4c:0e:89:1d:b0:0d:58:83:88:2a:2e:
                    51:8d:a3:4a:af:87:fa:e8:14:72:50:3d:d9:46:db:
                    95:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:C8:1A:17:CC:5B:4C:56:D6:A8:F9:38:4E:ED:D0:27:5A:56:4E:D5
            X509v3 Authority Key Identifier:
                keyid:03:98:1E:D1:B4:57:03:4C:CB:AC:00:F3:84:45:4B:3A:02:1E:29:4E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/42kEQt8GWGYZkZJrKDdZC6gPzkN9E8FtcTbD93gzmPDX/1/03981ED1B457034CCBAC00F384454B3A021E294E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/03981ED1B457034CCBAC00F384454B3A021E294E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/42kEQt8GWGYZkZJrKDdZC6gPzkN9E8FtcTbD93gzmPDX/1/3136372e3234392e3131322e302f32322d3234203d3e203238313331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.249.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         84:39:2d:2b:88:33:bf:03:e2:9b:71:40:85:f4:2a:24:c7:37:
         a8:20:31:79:d0:48:5c:13:a8:20:d5:58:cc:af:d8:99:d2:c6:
         1e:bf:e7:f9:87:16:ad:b5:30:ca:1e:5f:3d:0c:bf:3b:22:7f:
         b7:e8:8d:b4:20:a7:8b:ad:f8:84:09:4d:15:6b:4b:1f:ea:34:
         0b:46:c1:7b:ea:84:ed:c3:e4:a4:c4:05:37:cc:5b:f5:27:07:
         47:29:83:8d:cd:61:0f:c2:7a:af:fc:30:1d:53:a9:e7:6e:a9:
         cf:94:ac:ee:00:06:e4:97:4c:2d:65:4d:ab:fe:ab:28:00:7d:
         6f:f2:35:a6:ac:6c:64:e7:83:48:88:0e:6b:96:b3:f5:9d:bf:
         6d:f4:cd:09:e1:e2:30:72:e8:93:16:0b:3e:d1:b8:44:cc:06:
         50:52:54:60:c0:7a:53:57:5b:e1:29:2b:8e:aa:19:61:ed:fe:
         84:71:fb:41:7e:da:da:3e:9b:3d:2c:e0:12:ef:49:12:d3:ee:
         6c:fa:4d:c4:0d:28:b5:d4:72:c0:ce:51:83:20:2c:4d:5d:24:
         9b:85:55:55:0d:16:94:62:c9:a7:b9:41:1d:4e:de:86:fc:5a:
         b9:a8:ef:ae:27:03:3e:ef:6e:a0:2e:c1:38:eb:fa:52:24:8e:
         30:ba:79:3e
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUcdFRkswa4VGUm0Pxw5pzzuu7uKkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDM5ODFFRDFCNDU3MDM0Q0NCQUMwMEYzODQ0NTRCM0Ew
MjFFMjk0RTAeFw0yNDA0MDQwMzA1MjhaFw0yNTA0MDMwMzEwMjhaMDMxMTAvBgNV
BAMTKEUyQzgxQTE3Q0M1QjRDNTZENkE4RjkzODRFRUREMDI3NUE1NjRFRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDkK08KcqeKZIqL/CVoQWyLyLuL
36a1x2zQgHeIHyRJawVbQ3hIGP8ICjcNXyGmRG35spa39bQG+H8B3uqxb8AD0vAw
5dapnrufSNYu2gh4po0m+QzKe4kyGiNuiIkabHO0MSk1G4UmXazLydxADvaAtJIq
TiR7hmQ+jpG/Kyu9mbyW+ShZ7ZMW4pSERBy3GDJOG+RRAFL+dVAaB9ycytHn+mHl
PV0Z0wB4Vm9DxRWXJqcfBu/rctFfU4tOc3InUjf2ShIJhhDqpiZvIp2aId5bCGNw
ZXuvVEHtOroEkBo9XztIu31MDokdsA1Yg4gqLlGNo0qvh/roFHJQPdlG25XVAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQU4sgaF8xbTFbWqPk4Tu3QJ1pWTtUwHwYDVR0j
BBgwFoAUA5ge0bRXA0zLrADzhEVLOgIeKU4wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNDJrRVF0OEdXR1laa1pKcktEZFpDNmdQemtOOUU4RnRjVGJEOTNnem1Q
RFgvMS8wMzk4MUVEMUI0NTcwMzRDQ0JBQzAwRjM4NDQ1NEIzQTAyMUUyOTRFLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzAzOTgxRUQxQjQ1NzAzNEND
QkFDMDBGMzg0NDU0QjNBMDIxRTI5NEUuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzQya0VRdDhHV0dZWmtaSnJLRGRaQzZnUHprTjlFOEZ0Y1RiRDkzZ3ptUERYLzEv
MzEzNjM3MmUzMjM0MzkyZTMxMzEzMjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMy
MzgzMTMzMzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAKn+XAwDQYJKoZIhvcNAQELBQADggEBAIQ5LSuI
M78D4ptxQIX0KiTHN6ggMXnQSFwTqCDVWMyv2JnSxh6/5/mHFq21MMoeXz0Mvzsi
f7fojbQgp4ut+IQJTRVrSx/qNAtGwXvqhO3D5KTEBTfMW/UnB0cpg43NYQ/Ceq/8
MB1Tqeduqc+UrO4ABuSXTC1lTav+qygAfW/yNaasbGTng0iIDmuWs/Wdv230zQnh
4jBy6JMWCz7RuETMBlBSVGDAelNXW+EpK46qGWHt/oRx+0F+2to+mz0s4BLvSRLT
7mz6TcQNKLXUcsDOUYMgLE1dJJuFVVUNFpRiyae5QR1O3ob8Wrmo764nAz7vbqAu
wTjr+lIkjjC6eT4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:50:19 2024 by rpki-client on console-fra.rpki-client.org