Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/5T3NusHEsX3usPU5hhrq19XbYjSfhytrZa5gMGGpbzMG/1/3230312e3135372e3232392e302f32342d3234203d3e203532383731.roa
File:                     3230312e3135372e3232392e302f32342d3234203d3e203532383731.roa (raw, json)
Hash identifier:          qLECKp7UWDJpfA4+UDVCV8IVHZfFtsyzw+YKMirR+p0=
Subject key identifier:   D0:DA:2B:82:0D:F2:17:1B:68:FE:48:44:04:4E:9F:68:2C:CE:A2:DE
Certificate issuer:       /CN=D35AD762F990F266087F46B5C22E9EA9E288BF8E
Certificate serial:       50AB595EE68B63E396F64D274A3BCB2365895DEC
Authority key identifier: D3:5A:D7:62:F9:90:F2:66:08:7F:46:B5:C2:2E:9E:A9:E2:88:BF:8E
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D35AD762F990F266087F46B5C22E9EA9E288BF8E.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/5T3NusHEsX3usPU5hhrq19XbYjSfhytrZa5gMGGpbzMG/1/3230312e3135372e3232392e302f32342d3234203d3e203532383731.roa
Signing time:             Wed 03 Apr 2024 23:12:21 +0000
ROA not before:           Wed 03 Apr 2024 23:07:21 +0000
ROA not after:            Wed 02 Apr 2025 23:12:21 +0000
asID:                     52871
IP address blocks:        201.157.229.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/5T3NusHEsX3usPU5hhrq19XbYjSfhytrZa5gMGGpbzMG/1/D35AD762F990F266087F46B5C22E9EA9E288BF8E.crl
                          rsync://rpki-repo.registro.br/repo/5T3NusHEsX3usPU5hhrq19XbYjSfhytrZa5gMGGpbzMG/1/D35AD762F990F266087F46B5C22E9EA9E288BF8E.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D35AD762F990F266087F46B5C22E9EA9E288BF8E.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 17:01:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            50:ab:59:5e:e6:8b:63:e3:96:f6:4d:27:4a:3b:cb:23:65:89:5d:ec
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D35AD762F990F266087F46B5C22E9EA9E288BF8E
        Validity
            Not Before: Apr  3 23:07:21 2024 GMT
            Not After : Apr  2 23:12:21 2025 GMT
        Subject: CN=D0DA2B820DF2171B68FE4844044E9F682CCEA2DE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:90:dd:39:c5:3a:58:26:d3:4f:4e:c6:e9:b9:
                    dc:aa:bd:26:20:21:af:00:dc:c8:17:f6:df:ca:c8:
                    d3:dc:8e:a6:cc:cb:77:44:42:b6:80:fa:22:32:4c:
                    31:7d:af:d7:0d:4b:c0:0f:ba:f5:7c:33:8a:89:c0:
                    12:9e:6f:53:9f:94:6a:8d:e7:f6:b3:5b:0e:33:1d:
                    ba:87:44:d4:19:d2:10:e1:b3:9e:ba:4a:a1:fd:0b:
                    15:ff:0a:82:74:f0:8d:c1:3e:23:a6:83:8b:80:f1:
                    ff:47:05:05:6e:3b:5a:33:45:be:95:8b:9c:62:d9:
                    5d:42:10:0f:4b:0b:06:97:11:22:ed:f7:4a:9e:16:
                    f9:42:9e:39:83:13:e4:d8:58:ba:b3:96:ff:f8:d1:
                    28:8e:2c:23:b8:7d:9c:56:08:35:11:7f:0c:dc:c7:
                    d9:da:95:c2:39:7b:c4:af:45:52:06:03:83:33:ca:
                    9b:90:ce:63:90:47:20:f7:53:d5:16:32:f8:d2:3f:
                    7a:05:df:96:c1:0d:0f:01:b3:88:6d:f9:0d:2f:7c:
                    ee:87:08:53:56:d3:ee:4b:ea:7f:b2:e1:aa:5c:c9:
                    31:a4:20:04:3b:4b:fc:80:ce:88:8f:86:46:64:09:
                    77:cc:06:1d:88:6a:bd:ba:01:19:fd:2d:eb:55:9b:
                    ab:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D0:DA:2B:82:0D:F2:17:1B:68:FE:48:44:04:4E:9F:68:2C:CE:A2:DE
            X509v3 Authority Key Identifier:
                keyid:D3:5A:D7:62:F9:90:F2:66:08:7F:46:B5:C2:2E:9E:A9:E2:88:BF:8E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/5T3NusHEsX3usPU5hhrq19XbYjSfhytrZa5gMGGpbzMG/1/D35AD762F990F266087F46B5C22E9EA9E288BF8E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D35AD762F990F266087F46B5C22E9EA9E288BF8E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/5T3NusHEsX3usPU5hhrq19XbYjSfhytrZa5gMGGpbzMG/1/3230312e3135372e3232392e302f32342d3234203d3e203532383731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.157.229.0/24

    Signature Algorithm: sha256WithRSAEncryption
         40:6e:da:00:e4:53:69:88:be:41:8f:df:c1:59:f2:05:5a:24:
         55:35:99:e7:f9:31:c3:85:30:1b:71:cb:f1:0b:59:f3:2f:06:
         ad:ed:21:6b:1e:a3:8d:22:d8:01:13:d4:73:8c:aa:0f:e0:98:
         ad:10:3f:a8:1f:a7:4c:3d:57:02:bf:7c:b7:14:a7:c0:84:fa:
         0f:da:f4:63:96:88:21:a9:fd:0a:98:69:b1:2e:61:6b:fc:c0:
         9a:24:1c:82:95:36:e8:b9:ad:af:f8:79:28:4b:3c:9d:96:24:
         70:4f:2c:c6:8f:b8:bf:9c:96:65:2a:4e:b7:1a:55:21:5d:36:
         c7:8a:22:71:14:b9:15:3d:a2:5f:e2:82:92:f1:c1:cb:2e:7c:
         d1:86:d2:f0:42:66:62:af:3a:1b:43:a5:19:91:e4:5c:f3:05:
         37:b2:d8:25:42:14:b4:06:1e:69:37:9b:65:ea:04:0e:05:3f:
         aa:20:63:37:0f:7d:2d:de:c9:fc:fb:d2:9f:ee:76:a3:4f:89:
         82:0d:02:a9:be:1d:7d:5d:12:e9:db:ad:03:4d:b4:d3:2b:31:
         f3:12:df:50:79:e2:ea:49:32:83:f4:47:82:63:64:14:18:fb:
         51:5f:cd:5a:01:95:38:6e:25:57:37:04:e7:70:c2:16:c4:d0:
         06:8b:38:63
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUUKtZXuaLY+OW9k0nSjvLI2WJXewwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM1QUQ3NjJGOTkwRjI2NjA4N0Y0NkI1QzIyRTlFQTlF
Mjg4QkY4RTAeFw0yNDA0MDMyMzA3MjFaFw0yNTA0MDIyMzEyMjFaMDMxMTAvBgNV
BAMTKEQwREEyQjgyMERGMjE3MUI2OEZFNDg0NDA0NEU5RjY4MkNDRUEyREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnkN05xTpYJtNPTsbpudyqvSYg
Ia8A3MgX9t/KyNPcjqbMy3dEQraA+iIyTDF9r9cNS8APuvV8M4qJwBKeb1OflGqN
5/azWw4zHbqHRNQZ0hDhs566SqH9CxX/CoJ08I3BPiOmg4uA8f9HBQVuO1ozRb6V
i5xi2V1CEA9LCwaXESLt90qeFvlCnjmDE+TYWLqzlv/40SiOLCO4fZxWCDURfwzc
x9nalcI5e8SvRVIGA4MzypuQzmOQRyD3U9UWMvjSP3oF35bBDQ8Bs4ht+Q0vfO6H
CFNW0+5L6n+y4apcyTGkIAQ7S/yAzoiPhkZkCXfMBh2Iar26ARn9LetVm6ttAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQU0Norgg3yFxto/khEBE6faCzOot4wHwYDVR0j
BBgwFoAU01rXYvmQ8mYIf0a1wi6eqeKIv44wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNVQzTnVzSEVzWDN1c1BVNWhocnExOVhiWWpTZmh5dHJaYTVnTUdHcGJ6
TUcvMS9EMzVBRDc2MkY5OTBGMjY2MDg3RjQ2QjVDMjJFOUVBOUUyODhCRjhFLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0QzNUFENzYyRjk5MEYyNjYw
ODdGNDZCNUMyMkU5RUE5RTI4OEJGOEUuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzVUM051c0hFc1gzdXNQVTVoaHJxMTlYYllqU2ZoeXRyWmE1Z01HR3Biek1HLzEv
MzIzMDMxMmUzMTM1MzcyZTMyMzIzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1
MzIzODM3MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBADJneUwDQYJKoZIhvcNAQELBQADggEBAEBu2gDk
U2mIvkGP38FZ8gVaJFU1mef5McOFMBtxy/ELWfMvBq3tIWseo40i2AET1HOMqg/g
mK0QP6gfp0w9VwK/fLcUp8CE+g/a9GOWiCGp/QqYabEuYWv8wJokHIKVNui5ra/4
eShLPJ2WJHBPLMaPuL+clmUqTrcaVSFdNseKInEUuRU9ol/igpLxwcsufNGG0vBC
ZmKvOhtDpRmR5FzzBTey2CVCFLQGHmk3m2XqBA4FP6ogYzcPfS3eyfz70p/udqNP
iYINAqm+HX1dEunbrQNNtNMrMfMS31B54upJMoP0R4JjZBQY+1FfzVoBlThuJVc3
BOdwwhbE0AaLOGM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:43:57 2024 by rpki-client on console-ams.rpki-client.org