Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/4cmTS1HcuYRBcdviJbx7YaDrDqDA8UAPFjwPK5FuUu6Z/0/323830343a386232303a3a2f33322d3332203d3e20323733373133.roa
File:                     323830343a386232303a3a2f33322d3332203d3e20323733373133.roa (raw, json)
Hash identifier:          S9ifZ5CXQDqkutWeDLSoFA/gJiT5l2GHbPKGwHP4Fl8=
Subject key identifier:   BE:54:54:A9:50:D7:A9:94:09:8A:96:D8:45:42:1C:2C:D8:C4:BA:71
Certificate issuer:       /CN=14EAF97776E5931F0794C486B6DAF583EDD66681
Certificate serial:       66FBBDAC96270E279E0C3DBE88C6FB5B19366FAE
Authority key identifier: 14:EA:F9:77:76:E5:93:1F:07:94:C4:86:B6:DA:F5:83:ED:D6:66:81
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/14EAF97776E5931F0794C486B6DAF583EDD66681.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/4cmTS1HcuYRBcdviJbx7YaDrDqDA8UAPFjwPK5FuUu6Z/0/323830343a386232303a3a2f33322d3332203d3e20323733373133.roa
Signing time:             Wed 08 May 2024 15:41:56 +0000
ROA not before:           Wed 08 May 2024 15:36:56 +0000
ROA not after:            Wed 07 May 2025 15:41:56 +0000
asID:                     273713
IP address blocks:        2804:8b20::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/4cmTS1HcuYRBcdviJbx7YaDrDqDA8UAPFjwPK5FuUu6Z/0/14EAF97776E5931F0794C486B6DAF583EDD66681.crl
                          rsync://rpki-repo.registro.br/repo/4cmTS1HcuYRBcdviJbx7YaDrDqDA8UAPFjwPK5FuUu6Z/0/14EAF97776E5931F0794C486B6DAF583EDD66681.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/14EAF97776E5931F0794C486B6DAF583EDD66681.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 16 Jun 2024 19:20:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:fb:bd:ac:96:27:0e:27:9e:0c:3d:be:88:c6:fb:5b:19:36:6f:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=14EAF97776E5931F0794C486B6DAF583EDD66681
        Validity
            Not Before: May  8 15:36:56 2024 GMT
            Not After : May  7 15:41:56 2025 GMT
        Subject: CN=BE5454A950D7A994098A96D845421C2CD8C4BA71
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:e0:03:7c:df:47:75:e2:aa:d6:5c:4c:c2:64:
                    1a:02:fb:69:07:ee:8e:a6:9f:74:d0:d3:41:21:6a:
                    6a:6b:e1:96:6e:bc:36:ef:95:09:b9:0e:2c:37:14:
                    16:d9:42:f4:98:7b:7c:6a:97:fb:d8:3d:6e:33:da:
                    cc:36:56:8c:4e:6e:8f:2d:78:27:11:15:06:7f:f3:
                    86:a2:07:ca:7a:f5:95:8c:a6:e1:2e:5b:dd:86:26:
                    b4:5e:a8:ce:82:bf:87:ca:ab:3f:67:f8:f4:aa:9c:
                    e3:a6:e9:25:a6:13:ee:3e:89:32:f7:dc:aa:98:c1:
                    4c:a7:93:d4:00:d4:fc:87:71:10:a7:aa:be:c2:a9:
                    0f:d8:7b:15:d0:4c:8c:ff:a5:80:12:bd:03:5b:aa:
                    41:2b:29:85:7d:0f:57:54:56:b3:15:c8:9b:f7:ce:
                    f3:0a:7a:6c:8f:43:04:34:49:4d:6d:90:b3:c9:a5:
                    c2:b4:36:35:08:ae:6a:c8:46:46:9a:34:bb:29:7e:
                    40:a7:0b:e5:d0:1d:cf:62:e4:7b:75:fd:09:6f:f0:
                    a8:1c:4a:fd:28:9f:58:a4:2e:1b:46:7b:a3:06:0a:
                    6b:76:30:32:a7:ab:07:9d:2c:e8:19:78:26:55:a5:
                    2e:a8:3a:3b:11:b7:d1:95:a7:d8:52:78:69:09:60:
                    2b:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:54:54:A9:50:D7:A9:94:09:8A:96:D8:45:42:1C:2C:D8:C4:BA:71
            X509v3 Authority Key Identifier:
                keyid:14:EA:F9:77:76:E5:93:1F:07:94:C4:86:B6:DA:F5:83:ED:D6:66:81

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/4cmTS1HcuYRBcdviJbx7YaDrDqDA8UAPFjwPK5FuUu6Z/0/14EAF97776E5931F0794C486B6DAF583EDD66681.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/14EAF97776E5931F0794C486B6DAF583EDD66681.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/4cmTS1HcuYRBcdviJbx7YaDrDqDA8UAPFjwPK5FuUu6Z/0/323830343a386232303a3a2f33322d3332203d3e20323733373133.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:8b20::/32

    Signature Algorithm: sha256WithRSAEncryption
         4f:6e:3f:3d:3e:ae:c5:59:b8:b6:60:f3:ae:37:34:13:7e:50:
         4e:0e:d6:2d:60:d9:a3:bc:5f:4f:7d:9e:4e:fa:7f:31:4d:19:
         5e:b6:05:00:93:3e:a0:e7:25:30:af:6a:85:df:62:1e:47:8b:
         99:77:d6:fc:c5:17:df:7c:1e:12:28:ec:3e:ff:ff:3e:0d:84:
         da:e6:42:17:85:ed:67:86:80:50:ea:aa:08:1d:11:9e:4b:87:
         29:d2:51:4b:16:03:ab:b3:ac:f9:72:68:7b:31:d0:94:3b:f1:
         7b:4a:c0:d9:98:e8:34:3d:44:90:9e:7b:2a:8f:f0:65:36:93:
         1e:78:7f:fd:6c:67:5d:9b:93:dd:3f:3b:09:79:c6:4c:50:bc:
         86:e4:98:58:72:d5:5f:30:b1:08:60:68:23:c4:a1:cc:ed:f4:
         a8:b7:38:03:87:4a:63:a3:84:3f:12:7f:2e:5a:c2:aa:90:0c:
         62:56:71:1d:15:74:67:15:a6:95:cb:2a:29:43:89:66:36:f9:
         af:77:4b:e1:9d:5c:01:86:c2:26:40:ee:2e:10:d7:14:86:c5:
         53:e2:c3:64:51:33:ad:c7:33:8f:0f:c8:9c:10:7a:7c:f1:e1:
         28:03:35:e5:6e:bc:5a:7c:fd:f2:16:67:da:34:da:4d:aa:ee:
         ab:75:b9:76
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUZvu9rJYnDieeDD2+iMb7Wxk2b64wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTRFQUY5Nzc3NkU1OTMxRjA3OTRDNDg2QjZEQUY1ODNF
REQ2NjY4MTAeFw0yNDA1MDgxNTM2NTZaFw0yNTA1MDcxNTQxNTZaMDMxMTAvBgNV
BAMTKEJFNTQ1NEE5NTBEN0E5OTQwOThBOTZEODQ1NDIxQzJDRDhDNEJBNzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm4AN830d14qrWXEzCZBoC+2kH
7o6mn3TQ00Ehampr4ZZuvDbvlQm5Diw3FBbZQvSYe3xql/vYPW4z2sw2VoxObo8t
eCcRFQZ/84aiB8p69ZWMpuEuW92GJrReqM6Cv4fKqz9n+PSqnOOm6SWmE+4+iTL3
3KqYwUynk9QA1PyHcRCnqr7CqQ/YexXQTIz/pYASvQNbqkErKYV9D1dUVrMVyJv3
zvMKemyPQwQ0SU1tkLPJpcK0NjUIrmrIRkaaNLspfkCnC+XQHc9i5Ht1/Qlv8Kgc
Sv0on1ikLhtGe6MGCmt2MDKnqwedLOgZeCZVpS6oOjsRt9GVp9hSeGkJYCtHAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUvlRUqVDXqZQJipbYRUIcLNjEunEwHwYDVR0j
BBgwFoAUFOr5d3blkx8HlMSGttr1g+3WZoEwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNGNtVFMxSGN1WVJCY2R2aUpieDdZYURyRHFEQThVQVBGandQSzVGdVV1
NlovMC8xNEVBRjk3Nzc2RTU5MzFGMDc5NEM0ODZCNkRBRjU4M0VERDY2NjgxLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzE0RUFGOTc3NzZFNTkzMUYw
Nzk0QzQ4NkI2REFGNTgzRURENjY2ODEuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzRjbVRTMUhjdVlSQmNkdmlKYng3WWFEckRxREE4VUFQRmp3UEs1RnVVdTZaLzAv
MzIzODMwMzQzYTM4NjIzMjMwM2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzNzMz
MzczMTMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKASLIDANBgkqhkiG9w0BAQsFAAOCAQEAT24/PT6u
xVm4tmDzrjc0E35QTg7WLWDZo7xfT32eTvp/MU0ZXrYFAJM+oOclMK9qhd9iHkeL
mXfW/MUX33weEijsPv//Pg2E2uZCF4XtZ4aAUOqqCB0RnkuHKdJRSxYDq7Os+XJo
ezHQlDvxe0rA2ZjoND1EkJ57Ko/wZTaTHnh//WxnXZuT3T87CXnGTFC8huSYWHLV
XzCxCGBoI8ShzO30qLc4A4dKY6OEPxJ/LlrCqpAMYlZxHRV0ZxWmlcsqKUOJZjb5
r3dL4Z1cAYbCJkDuLhDXFIbFU+LDZFEzrcczjw/InBB6fPHhKAM15W68Wnz98hZn
2jTaTaruq3W5dg==
-----END CERTIFICATE-----
Generated at Sun Jun 16 07:43:49 2024 by rpki-client on console-ams.rpki-client.org