Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/5T3NusHEsX3usPU5hhrq19XbYjSfhytrZa5gMGGpbzMG/1/3137372e3133362e34302e302f32332d3234203d3e203532383731.roa
File:                     3137372e3133362e34302e302f32332d3234203d3e203532383731.roa (raw, json)
Hash identifier:          6WdiY4UX8OAPGZdGCfElc46q2sGxta/6YUa4LH8vZsU=
Subject key identifier:   81:A0:A2:21:A8:88:8E:E0:8F:DF:3E:FE:47:A6:95:41:26:C6:29:F8
Certificate issuer:       /CN=D35AD762F990F266087F46B5C22E9EA9E288BF8E
Certificate serial:       749D888A755AD91A7F4B731340E7960CB3E9EFD2
Authority key identifier: D3:5A:D7:62:F9:90:F2:66:08:7F:46:B5:C2:2E:9E:A9:E2:88:BF:8E
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D35AD762F990F266087F46B5C22E9EA9E288BF8E.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/5T3NusHEsX3usPU5hhrq19XbYjSfhytrZa5gMGGpbzMG/1/3137372e3133362e34302e302f32332d3234203d3e203532383731.roa
Signing time:             Wed 03 Apr 2024 23:12:23 +0000
ROA not before:           Wed 03 Apr 2024 23:07:23 +0000
ROA not after:            Wed 02 Apr 2025 23:12:23 +0000
asID:                     52871
IP address blocks:        177.136.40.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/5T3NusHEsX3usPU5hhrq19XbYjSfhytrZa5gMGGpbzMG/1/D35AD762F990F266087F46B5C22E9EA9E288BF8E.crl
                          rsync://rpki-repo.registro.br/repo/5T3NusHEsX3usPU5hhrq19XbYjSfhytrZa5gMGGpbzMG/1/D35AD762F990F266087F46B5C22E9EA9E288BF8E.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D35AD762F990F266087F46B5C22E9EA9E288BF8E.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 17:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:9d:88:8a:75:5a:d9:1a:7f:4b:73:13:40:e7:96:0c:b3:e9:ef:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D35AD762F990F266087F46B5C22E9EA9E288BF8E
        Validity
            Not Before: Apr  3 23:07:23 2024 GMT
            Not After : Apr  2 23:12:23 2025 GMT
        Subject: CN=81A0A221A8888EE08FDF3EFE47A6954126C629F8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:2c:66:42:6e:09:73:b6:29:4b:fd:02:e4:f5:
                    51:4f:25:6d:54:9d:45:cd:d8:52:4a:9a:aa:b8:1a:
                    df:c4:7b:cf:3c:02:91:fb:6c:12:00:dd:a9:7f:b2:
                    57:14:df:55:0e:ef:5e:75:87:db:75:eb:8a:cf:55:
                    65:c6:31:2d:95:f4:54:e8:f5:3a:21:fe:36:34:2d:
                    43:82:f6:5c:4d:16:04:da:78:6f:33:c6:24:11:61:
                    cc:b9:5b:30:a4:ae:61:66:ef:61:7a:96:72:48:86:
                    a2:26:09:b2:5c:e8:97:cf:f4:ce:a9:55:0c:97:91:
                    a2:b0:2a:33:bf:c1:a4:9f:de:bc:24:bb:03:e9:8f:
                    d7:e5:23:2f:09:2b:ee:a9:be:4f:27:7b:bc:25:ea:
                    70:2f:80:07:41:a5:ab:30:86:7a:f4:ba:9a:7b:22:
                    6d:83:fc:2d:0e:b0:45:13:e1:84:26:2d:2e:da:d9:
                    9f:24:84:c9:25:7b:89:02:a2:af:93:2b:e0:81:b1:
                    40:15:30:87:82:f2:ea:3b:ab:06:43:63:ea:c2:d0:
                    28:db:45:46:50:39:b6:22:96:da:17:8f:0c:81:52:
                    16:03:38:32:33:fb:a5:e6:ec:a4:46:fe:9e:93:98:
                    56:8f:c8:74:a5:80:f8:2b:88:a1:78:21:ba:40:37:
                    b3:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:A0:A2:21:A8:88:8E:E0:8F:DF:3E:FE:47:A6:95:41:26:C6:29:F8
            X509v3 Authority Key Identifier:
                keyid:D3:5A:D7:62:F9:90:F2:66:08:7F:46:B5:C2:2E:9E:A9:E2:88:BF:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/5T3NusHEsX3usPU5hhrq19XbYjSfhytrZa5gMGGpbzMG/1/D35AD762F990F266087F46B5C22E9EA9E288BF8E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D35AD762F990F266087F46B5C22E9EA9E288BF8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/5T3NusHEsX3usPU5hhrq19XbYjSfhytrZa5gMGGpbzMG/1/3137372e3133362e34302e302f32332d3234203d3e203532383731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.136.40.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3d:74:27:43:9e:de:dc:cf:1c:56:54:64:b5:d0:8a:80:26:6c:
         67:4b:80:f5:80:92:ee:50:24:52:f1:65:32:14:76:13:b8:99:
         2d:a3:19:39:2c:2a:9c:2c:e3:89:e4:45:e6:15:5f:4a:4a:a5:
         18:5d:74:38:08:af:05:e4:53:da:27:10:69:fe:88:92:1c:e5:
         32:a5:1f:96:8a:0e:60:7e:ca:ae:28:84:81:aa:3b:f2:f9:e8:
         3d:d9:9c:e0:32:41:b3:6b:93:c2:f0:fd:8f:cd:e1:09:bf:26:
         0c:fd:c5:21:af:ad:57:25:65:56:9f:0d:f1:ec:68:88:b1:65:
         0b:52:6d:93:fc:be:d9:70:ab:e4:e8:83:a0:12:2d:70:b6:8e:
         d0:9e:16:12:68:b0:c9:07:dc:90:ed:eb:8c:30:db:70:dd:d0:
         61:31:0a:06:b8:e9:a4:3d:68:6e:4e:c0:8e:7c:b0:5a:50:f4:
         43:9c:9a:e3:ef:49:c4:d6:8d:24:dc:fd:3a:f1:a2:5b:be:5b:
         dd:1c:11:62:3e:c5:e1:5e:7d:be:f9:14:6a:da:24:93:42:ae:
         70:3d:e8:ae:f2:6c:90:c2:61:95:d9:40:3a:ac:07:01:97:b5:
         20:9f:56:d7:b6:c6:8b:82:1b:d5:dd:f1:79:dd:fb:6a:32:4c:
         cd:87:5c:de
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUdJ2IinVa2Rp/S3MTQOeWDLPp79IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM1QUQ3NjJGOTkwRjI2NjA4N0Y0NkI1QzIyRTlFQTlF
Mjg4QkY4RTAeFw0yNDA0MDMyMzA3MjNaFw0yNTA0MDIyMzEyMjNaMDMxMTAvBgNV
BAMTKDgxQTBBMjIxQTg4ODhFRTA4RkRGM0VGRTQ3QTY5NTQxMjZDNjI5RjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHLGZCbglztilL/QLk9VFPJW1U
nUXN2FJKmqq4Gt/Ee888ApH7bBIA3al/slcU31UO7151h9t164rPVWXGMS2V9FTo
9Toh/jY0LUOC9lxNFgTaeG8zxiQRYcy5WzCkrmFm72F6lnJIhqImCbJc6JfP9M6p
VQyXkaKwKjO/waSf3rwkuwPpj9flIy8JK+6pvk8ne7wl6nAvgAdBpaswhnr0upp7
Im2D/C0OsEUT4YQmLS7a2Z8khMkle4kCoq+TK+CBsUAVMIeC8uo7qwZDY+rC0Cjb
RUZQObYiltoXjwyBUhYDODIz+6Xm7KRG/p6TmFaPyHSlgPgriKF4IbpAN7OHAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUgaCiIaiIjuCP3z7+R6aVQSbGKfgwHwYDVR0j
BBgwFoAU01rXYvmQ8mYIf0a1wi6eqeKIv44wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNVQzTnVzSEVzWDN1c1BVNWhocnExOVhiWWpTZmh5dHJaYTVnTUdHcGJ6
TUcvMS9EMzVBRDc2MkY5OTBGMjY2MDg3RjQ2QjVDMjJFOUVBOUUyODhCRjhFLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0QzNUFENzYyRjk5MEYyNjYw
ODdGNDZCNUMyMkU5RUE5RTI4OEJGOEUuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzVUM051c0hFc1gzdXNQVTVoaHJxMTlYYllqU2ZoeXRyWmE1Z01HR3Biek1HLzEv
MzEzNzM3MmUzMTMzMzYyZTM0MzAyZTMwMmYzMjMzMmQzMjM0MjAzZDNlMjAzNTMy
MzgzNzMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQBsYgoMA0GCSqGSIb3DQEBCwUAA4IBAQA9dCdDnt7c
zxxWVGS10IqAJmxnS4D1gJLuUCRS8WUyFHYTuJktoxk5LCqcLOOJ5EXmFV9KSqUY
XXQ4CK8F5FPaJxBp/oiSHOUypR+Wig5gfsquKISBqjvy+eg92ZzgMkGza5PC8P2P
zeEJvyYM/cUhr61XJWVWnw3x7GiIsWULUm2T/L7ZcKvk6IOgEi1wto7QnhYSaLDJ
B9yQ7euMMNtw3dBhMQoGuOmkPWhuTsCOfLBaUPRDnJrj70nE1o0k3P068aJbvlvd
HBFiPsXhXn2++RRq2iSTQq5wPeiu8myQwmGV2UA6rAcBl7Ugn1bXtsaLghvV3fF5
3ftqMkzNh1ze
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:50:21 2024 by rpki-client on console-fra.rpki-client.org