Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/5iyHo83SNkaQB1PsieTQuPTjFwoGo5hrh9JUi5w1MD5n/0/3137302e3135302e36382e302f32322d3234203d3e203238363336.roa
File:                     3137302e3135302e36382e302f32322d3234203d3e203238363336.roa (raw, json)
Hash identifier:          hXTMvAs5UGaET20ZJHm+ieQDVs2MqzrXm93PJItWsvI=
Subject key identifier:   A8:2D:34:E9:CD:B6:C2:F6:52:48:86:39:64:7B:13:8C:38:41:34:F7
Certificate issuer:       /CN=8F43BF9E79677F282BF953C8E1F71757E25A9063
Certificate serial:       78C9642FCF369D6365111C210E98784234D5B871
Authority key identifier: 8F:43:BF:9E:79:67:7F:28:2B:F9:53:C8:E1:F7:17:57:E2:5A:90:63
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8F43BF9E79677F282BF953C8E1F71757E25A9063.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/5iyHo83SNkaQB1PsieTQuPTjFwoGo5hrh9JUi5w1MD5n/0/3137302e3135302e36382e302f32322d3234203d3e203238363336.roa
Signing time:             Tue 07 May 2024 16:20:18 +0000
ROA not before:           Tue 07 May 2024 16:15:18 +0000
ROA not after:            Tue 06 May 2025 16:20:18 +0000
asID:                     28636
IP address blocks:        170.150.68.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/5iyHo83SNkaQB1PsieTQuPTjFwoGo5hrh9JUi5w1MD5n/0/8F43BF9E79677F282BF953C8E1F71757E25A9063.crl
                          rsync://rpki-repo.registro.br/repo/5iyHo83SNkaQB1PsieTQuPTjFwoGo5hrh9JUi5w1MD5n/0/8F43BF9E79677F282BF953C8E1F71757E25A9063.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8F43BF9E79677F282BF953C8E1F71757E25A9063.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 01:48:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:c9:64:2f:cf:36:9d:63:65:11:1c:21:0e:98:78:42:34:d5:b8:71
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8F43BF9E79677F282BF953C8E1F71757E25A9063
        Validity
            Not Before: May  7 16:15:18 2024 GMT
            Not After : May  6 16:20:18 2025 GMT
        Subject: CN=A82D34E9CDB6C2F652488639647B138C384134F7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:91:77:e3:df:22:6b:40:c9:99:68:50:ba:81:
                    f9:92:b3:0a:a0:b2:65:8d:a7:c0:d5:06:44:14:0c:
                    3b:14:ca:24:9e:af:d6:58:86:57:b8:20:b2:53:65:
                    bc:08:78:0d:22:f0:06:f4:92:63:55:40:42:7a:b8:
                    ca:70:39:fb:7d:e7:d8:a3:ed:34:53:c7:1a:8c:b3:
                    02:87:97:e6:f7:63:52:ef:dd:20:8e:2c:c0:a6:2d:
                    ef:41:5b:c4:52:cf:3b:bd:3e:78:9e:c0:bd:94:87:
                    b1:9e:03:26:90:41:3c:a7:1f:18:d6:c5:47:4d:37:
                    4f:4b:62:f1:7f:5e:36:82:06:68:07:44:90:0d:93:
                    e3:98:25:f0:4f:b1:bf:9f:96:b0:d5:c8:0a:d4:41:
                    82:ed:03:41:cd:fc:69:dd:d3:62:4a:0a:d0:ba:cd:
                    9a:37:82:e5:07:70:02:36:43:2c:97:6e:74:ca:a1:
                    a1:85:02:5b:c8:20:86:f4:51:10:ee:52:69:33:5c:
                    75:b0:f8:34:a2:40:ca:bf:2e:19:f8:c7:57:b6:6e:
                    25:32:c9:64:36:e8:a0:c7:5c:6d:cc:65:a5:92:0b:
                    ba:1e:69:3b:54:1e:d5:ad:53:5c:3c:18:3f:5b:db:
                    c3:0e:be:8b:8e:87:83:ac:66:71:63:72:f4:17:ea:
                    eb:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:2D:34:E9:CD:B6:C2:F6:52:48:86:39:64:7B:13:8C:38:41:34:F7
            X509v3 Authority Key Identifier:
                keyid:8F:43:BF:9E:79:67:7F:28:2B:F9:53:C8:E1:F7:17:57:E2:5A:90:63

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/5iyHo83SNkaQB1PsieTQuPTjFwoGo5hrh9JUi5w1MD5n/0/8F43BF9E79677F282BF953C8E1F71757E25A9063.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8F43BF9E79677F282BF953C8E1F71757E25A9063.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/5iyHo83SNkaQB1PsieTQuPTjFwoGo5hrh9JUi5w1MD5n/0/3137302e3135302e36382e302f32322d3234203d3e203238363336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.150.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a3:e6:87:c5:93:c3:46:2d:0e:2b:21:b3:f1:b2:b4:9f:64:bc:
         b0:aa:d9:f0:c2:68:3b:12:97:16:5a:5b:1c:56:8d:5c:32:c3:
         83:ac:24:c4:fa:ed:00:96:0c:4e:b1:9e:cd:ed:f2:7a:6d:3f:
         70:d9:74:1b:9a:b8:24:9e:a5:50:85:ed:49:ae:d2:b3:a0:ac:
         52:a9:33:52:2c:d9:67:a0:0f:b0:75:95:23:a1:36:f6:82:48:
         c9:70:ff:cb:49:56:a8:18:ac:40:94:c5:fd:18:0f:84:51:4e:
         f3:50:a7:63:a2:a6:75:a3:9a:3d:b1:da:c8:cf:dd:63:23:07:
         5f:63:b7:fa:12:0a:32:ba:3d:58:ee:6a:d2:95:3e:b0:78:6c:
         08:df:42:a6:81:28:8e:eb:73:f7:09:a4:81:34:27:96:fb:b6:
         02:58:1e:cf:90:ae:fd:76:4a:30:74:41:c0:dc:f2:50:a4:b8:
         7e:09:cd:f4:e8:7b:3f:1b:ce:0a:0d:a2:26:34:66:e8:7c:94:
         52:e5:5e:fb:e1:84:87:8e:34:9c:b6:cb:b7:b1:c2:c1:b6:e1:
         62:8d:f6:cf:07:c2:d1:7b:fd:8d:e2:f2:49:71:40:f7:90:5c:
         f7:d2:6e:a0:7d:4f:49:e7:58:05:ba:41:3f:2d:86:bc:57:70:
         a2:dc:49:29
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUeMlkL882nWNlERwhDph4QjTVuHEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEY0M0JGOUU3OTY3N0YyODJCRjk1M0M4RTFGNzE3NTdF
MjVBOTA2MzAeFw0yNDA1MDcxNjE1MThaFw0yNTA1MDYxNjIwMThaMDMxMTAvBgNV
BAMTKEE4MkQzNEU5Q0RCNkMyRjY1MjQ4ODYzOTY0N0IxMzhDMzg0MTM0RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbkXfj3yJrQMmZaFC6gfmSswqg
smWNp8DVBkQUDDsUyiSer9ZYhle4ILJTZbwIeA0i8Ab0kmNVQEJ6uMpwOft959ij
7TRTxxqMswKHl+b3Y1Lv3SCOLMCmLe9BW8RSzzu9PniewL2Uh7GeAyaQQTynHxjW
xUdNN09LYvF/XjaCBmgHRJANk+OYJfBPsb+flrDVyArUQYLtA0HN/Gnd02JKCtC6
zZo3guUHcAI2QyyXbnTKoaGFAlvIIIb0URDuUmkzXHWw+DSiQMq/Lhn4x1e2biUy
yWQ26KDHXG3MZaWSC7oeaTtUHtWtU1w8GD9b28MOvouOh4OsZnFjcvQX6usbAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUqC006c22wvZSSIY5ZHsTjDhBNPcwHwYDVR0j
BBgwFoAUj0O/nnlnfygr+VPI4fcXV+JakGMwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNWl5SG84M1NOa2FRQjFQc2llVFF1UFRqRndvR281aHJoOUpVaTV3MU1E
NW4vMC84RjQzQkY5RTc5Njc3RjI4MkJGOTUzQzhFMUY3MTc1N0UyNUE5MDYzLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzhGNDNCRjlFNzk2NzdGMjgy
QkY5NTNDOEUxRjcxNzU3RTI1QTkwNjMuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzVpeUhvODNTTmthUUIxUHNpZVRRdVBUakZ3b0dvNWhyaDlKVWk1dzFNRDVuLzAv
MzEzNzMwMmUzMTM1MzAyZTM2MzgyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM4
MzYzMzM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCqpZEMA0GCSqGSIb3DQEBCwUAA4IBAQCj5ofFk8NG
LQ4rIbPxsrSfZLywqtnwwmg7EpcWWlscVo1cMsODrCTE+u0AlgxOsZ7N7fJ6bT9w
2XQbmrgknqVQhe1JrtKzoKxSqTNSLNlnoA+wdZUjoTb2gkjJcP/LSVaoGKxAlMX9
GA+EUU7zUKdjoqZ1o5o9sdrIz91jIwdfY7f6Egoyuj1Y7mrSlT6weGwI30KmgSiO
63P3CaSBNCeW+7YCWB7PkK79dkowdEHA3PJQpLh+Cc306Hs/G84KDaImNGbofJRS
5V774YSHjjSctsu3scLBtuFijfbPB8LRe/2N4vJJcUD3kFz30m6gfU9J51gFukE/
LYa8V3Ci3Ekp
-----END CERTIFICATE-----
Generated at Tue Jun 18 02:56:07 2024 by rpki-client on console-fra.rpki-client.org