Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/5ewxmo2DNXG6RxgwRgRAjCNBnhqGTN6E49UJXodA2r58/0/3137302e3233382e3137322e302f32332d3233203d3e20323632343835.roa
File:                     3137302e3233382e3137322e302f32332d3233203d3e20323632343835.roa (raw, json)
Hash identifier:          yefm6R0cdhwR4Ev5HHwtvtsCG4kvJxjIz95G3yHBlqc=
Subject key identifier:   D7:3F:BB:7F:0D:C9:00:B3:C3:5E:9B:0B:12:AD:AB:B5:03:7C:AE:F1
Certificate issuer:       /CN=4774D086E10F29F42B699F993DE4061E0FDF8862
Certificate serial:       1FBCA5B12F10D53623D0C4894969F978D39A87F1
Authority key identifier: 47:74:D0:86:E1:0F:29:F4:2B:69:9F:99:3D:E4:06:1E:0F:DF:88:62
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/4774D086E10F29F42B699F993DE4061E0FDF8862.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/5ewxmo2DNXG6RxgwRgRAjCNBnhqGTN6E49UJXodA2r58/0/3137302e3233382e3137322e302f32332d3233203d3e20323632343835.roa
Signing time:             Sat 27 Jul 2024 21:13:19 +0000
ROA not before:           Sat 27 Jul 2024 21:08:19 +0000
ROA not after:            Sat 26 Jul 2025 21:13:19 +0000
asID:                     262485
IP address blocks:        170.238.172.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/5ewxmo2DNXG6RxgwRgRAjCNBnhqGTN6E49UJXodA2r58/0/4774D086E10F29F42B699F993DE4061E0FDF8862.crl
                          rsync://rpki-repo.registro.br/repo/5ewxmo2DNXG6RxgwRgRAjCNBnhqGTN6E49UJXodA2r58/0/4774D086E10F29F42B699F993DE4061E0FDF8862.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/4774D086E10F29F42B699F993DE4061E0FDF8862.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 01:27:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:bc:a5:b1:2f:10:d5:36:23:d0:c4:89:49:69:f9:78:d3:9a:87:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4774D086E10F29F42B699F993DE4061E0FDF8862
        Validity
            Not Before: Jul 27 21:08:19 2024 GMT
            Not After : Jul 26 21:13:19 2025 GMT
        Subject: CN=D73FBB7F0DC900B3C35E9B0B12ADABB5037CAEF1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:58:88:c5:8a:c2:32:0f:a1:31:29:33:5b:fb:
                    6a:88:33:c9:b1:22:49:a4:4f:49:81:fc:9b:57:81:
                    7e:5e:ed:14:19:11:6c:73:66:e4:f2:26:cd:02:a3:
                    c8:8b:48:4f:04:58:87:03:03:b5:75:fc:18:85:7f:
                    e6:fe:db:9b:6d:b7:30:2e:15:e6:1b:e6:7b:50:1b:
                    88:02:de:b5:53:a1:b3:1e:c3:9f:ef:a5:c8:7e:da:
                    9c:ae:ad:90:a4:61:6b:67:09:06:3e:d9:40:ce:aa:
                    e0:25:d5:10:45:5b:1e:ed:18:0b:4f:af:c1:2d:ca:
                    58:fb:db:a4:b7:61:44:3d:ff:3d:5e:0b:ee:a4:a7:
                    e8:39:e9:98:3c:fc:b3:ca:b2:e4:67:9f:51:f3:fb:
                    77:a5:44:c5:93:9d:30:c9:8d:b8:eb:af:f4:aa:86:
                    da:be:78:3e:03:51:63:66:a3:de:ce:b0:5a:42:f0:
                    2c:95:62:29:3b:27:ac:a2:1c:fd:40:16:4d:db:7c:
                    55:14:ee:9e:08:77:3b:ef:19:6e:39:58:09:71:de:
                    a7:bc:b2:b4:39:6a:77:be:d7:38:8a:c1:5c:30:fe:
                    dd:d8:bb:79:56:b0:64:94:2f:7a:34:7f:27:3e:1b:
                    ac:0c:b3:de:f2:d5:26:55:d2:83:5c:67:e2:59:79:
                    0c:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:3F:BB:7F:0D:C9:00:B3:C3:5E:9B:0B:12:AD:AB:B5:03:7C:AE:F1
            X509v3 Authority Key Identifier:
                keyid:47:74:D0:86:E1:0F:29:F4:2B:69:9F:99:3D:E4:06:1E:0F:DF:88:62

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/5ewxmo2DNXG6RxgwRgRAjCNBnhqGTN6E49UJXodA2r58/0/4774D086E10F29F42B699F993DE4061E0FDF8862.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/4774D086E10F29F42B699F993DE4061E0FDF8862.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/5ewxmo2DNXG6RxgwRgRAjCNBnhqGTN6E49UJXodA2r58/0/3137302e3233382e3137322e302f32332d3233203d3e20323632343835.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.238.172.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7e:41:1d:2b:f7:24:23:af:c1:c4:97:20:e0:c5:59:55:dc:8e:
         39:83:6d:d0:72:ba:97:ba:ed:19:1b:27:a2:11:65:c8:c3:1d:
         06:5d:34:5a:e4:cb:82:56:fa:19:c5:c6:de:86:db:ec:14:fe:
         1d:27:1a:85:87:ef:67:1e:d5:6d:da:45:b3:fd:7a:3e:e4:c1:
         6e:bb:54:ca:e6:28:b6:24:c6:12:88:b9:0e:8b:55:d7:c5:ef:
         ed:c8:55:55:62:7f:09:3f:d9:6f:f0:a7:02:05:d6:6d:f8:f5:
         c3:a3:49:d2:f8:e7:d1:22:11:95:10:1b:f3:f4:51:48:3f:2c:
         93:0c:fe:f2:5e:72:c0:51:11:35:77:33:4d:e3:07:79:01:8a:
         b4:8e:bd:f6:7b:80:9f:8f:18:c8:4e:51:38:7c:ff:5e:73:a5:
         c9:f3:aa:99:57:c7:97:c0:32:fe:fd:20:61:62:fa:c6:96:d9:
         7a:f6:17:e5:60:2e:f4:f3:22:c3:08:ef:30:f6:56:c5:ea:42:
         84:2d:3b:bb:1a:cb:0a:b3:1d:e7:fc:1b:3c:43:cb:35:2e:25:
         33:d3:e3:43:b5:87:02:ab:bd:94:05:f9:a9:de:5c:45:3f:1b:
         2a:a6:b3:00:49:5c:52:1e:d8:1a:16:ef:28:a0:a8:79:99:9b:
         b3:05:6f:2f
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUH7ylsS8Q1TYj0MSJSWn5eNOah/EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDc3NEQwODZFMTBGMjlGNDJCNjk5Rjk5M0RFNDA2MUUw
RkRGODg2MjAeFw0yNDA3MjcyMTA4MTlaFw0yNTA3MjYyMTEzMTlaMDMxMTAvBgNV
BAMTKEQ3M0ZCQjdGMERDOTAwQjNDMzVFOUIwQjEyQURBQkI1MDM3Q0FFRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChWIjFisIyD6ExKTNb+2qIM8mx
IkmkT0mB/JtXgX5e7RQZEWxzZuTyJs0Co8iLSE8EWIcDA7V1/BiFf+b+25tttzAu
FeYb5ntQG4gC3rVTobMew5/vpch+2pyurZCkYWtnCQY+2UDOquAl1RBFWx7tGAtP
r8Etylj726S3YUQ9/z1eC+6kp+g56Zg8/LPKsuRnn1Hz+3elRMWTnTDJjbjrr/Sq
htq+eD4DUWNmo97OsFpC8CyVYik7J6yiHP1AFk3bfFUU7p4IdzvvGW45WAlx3qe8
srQ5ane+1ziKwVww/t3Yu3lWsGSUL3o0fyc+G6wMs97y1SZV0oNcZ+JZeQybAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQU1z+7fw3JALPDXpsLEq2rtQN8rvEwHwYDVR0j
BBgwFoAUR3TQhuEPKfQraZ+ZPeQGHg/fiGIwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNWV3eG1vMkROWEc2Unhnd1JnUkFqQ05CbmhxR1RONkU0OVVKWG9kQTJy
NTgvMC80Nzc0RDA4NkUxMEYyOUY0MkI2OTlGOTkzREU0MDYxRTBGREY4ODYyLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzQ3NzREMDg2RTEwRjI5RjQy
QjY5OUY5OTNERTQwNjFFMEZERjg4NjIuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzVld3htbzJETlhHNlJ4Z3dSZ1JBakNOQm5ocUdUTjZFNDlVSlhvZEEycjU4LzAv
MzEzNzMwMmUzMjMzMzgyZTMxMzczMjJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDMy
MzYzMjM0MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAarurDANBgkqhkiG9w0BAQsFAAOCAQEAfkEd
K/ckI6/BxJcg4MVZVdyOOYNt0HK6l7rtGRsnohFlyMMdBl00WuTLglb6GcXG3obb
7BT+HScahYfvZx7VbdpFs/16PuTBbrtUyuYotiTGEoi5DotV18Xv7chVVWJ/CT/Z
b/CnAgXWbfj1w6NJ0vjn0SIRlRAb8/RRSD8skwz+8l5ywFERNXczTeMHeQGKtI69
9nuAn48YyE5ROHz/XnOlyfOqmVfHl8Ay/v0gYWL6xpbZevYX5WAu9PMiwwjvMPZW
xepChC07uxrLCrMd5/wbPEPLNS4lM9PjQ7WHAqu9lAX5qd5cRT8bKqazAElcUh7Y
GhbvKKCoeZmbswVvLw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:06:04 2024 by rpki-client on console-fra.rpki-client.org