Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/64TWQ84Swgi5q85Jt7XdESE16VPzvbpNtujHV6yzzKwA/1/3133382e3235352e3139382e302f32332d3233203d3e20323632383638.roa
File:                     3133382e3235352e3139382e302f32332d3233203d3e20323632383638.roa (raw, json)
Hash identifier:          L9budDcPsjPwLiP3eGxVfIRFxwkqxqbJPVroBr8SX3o=
Subject key identifier:   5E:95:1B:05:5E:0C:05:96:FD:10:76:0B:FB:0A:00:0C:78:CB:3E:2E
Certificate issuer:       /CN=BAE2D54D6C1793B7DCD774699216D316E8C75351
Certificate serial:       0D579DC66949CA8F25DE88812627FD008488B7E3
Authority key identifier: BA:E2:D5:4D:6C:17:93:B7:DC:D7:74:69:92:16:D3:16:E8:C7:53:51
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BAE2D54D6C1793B7DCD774699216D316E8C75351.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/64TWQ84Swgi5q85Jt7XdESE16VPzvbpNtujHV6yzzKwA/1/3133382e3235352e3139382e302f32332d3233203d3e20323632383638.roa
Signing time:             Thu 04 Apr 2024 11:06:55 +0000
ROA not before:           Thu 04 Apr 2024 11:01:55 +0000
ROA not after:            Thu 03 Apr 2025 11:06:55 +0000
asID:                     262868
IP address blocks:        138.255.198.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/64TWQ84Swgi5q85Jt7XdESE16VPzvbpNtujHV6yzzKwA/1/BAE2D54D6C1793B7DCD774699216D316E8C75351.crl
                          rsync://rpki-repo.registro.br/repo/64TWQ84Swgi5q85Jt7XdESE16VPzvbpNtujHV6yzzKwA/1/BAE2D54D6C1793B7DCD774699216D316E8C75351.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BAE2D54D6C1793B7DCD774699216D316E8C75351.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 07:45:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:57:9d:c6:69:49:ca:8f:25:de:88:81:26:27:fd:00:84:88:b7:e3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BAE2D54D6C1793B7DCD774699216D316E8C75351
        Validity
            Not Before: Apr  4 11:01:55 2024 GMT
            Not After : Apr  3 11:06:55 2025 GMT
        Subject: CN=5E951B055E0C0596FD10760BFB0A000C78CB3E2E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:3a:9d:92:49:99:af:18:19:15:ea:42:af:f3:
                    23:21:ae:2e:4e:a7:3d:f4:f9:c7:d4:3b:0a:e1:8e:
                    8f:a1:f8:e2:a0:ff:ce:1d:82:e3:fe:76:58:bf:34:
                    33:ae:21:36:d4:d0:14:a8:81:3a:e9:72:e6:f7:c5:
                    29:5d:1b:f7:3e:79:ed:80:b6:3f:23:34:7d:99:78:
                    0c:2b:31:44:41:64:3f:06:32:e2:62:84:e3:06:06:
                    c6:ad:4d:b3:33:c1:40:ff:44:6d:43:85:1c:76:3c:
                    c3:8c:ab:df:80:43:57:d2:87:39:a1:e1:90:4b:95:
                    25:da:ac:2c:41:4d:73:86:d1:57:c2:19:d2:61:cf:
                    11:ec:96:19:15:be:d7:e3:5d:ce:74:3e:6a:a0:5c:
                    92:55:d2:1b:b7:02:22:dc:d2:79:8e:c1:85:0f:c4:
                    61:99:3a:6f:c9:3d:05:53:e0:94:20:e9:72:70:a0:
                    8b:50:20:7f:5e:01:c0:82:ed:95:8d:1d:66:0b:97:
                    cf:80:7f:4f:2d:12:ec:d3:9f:cd:42:42:d4:3a:88:
                    0d:04:57:0d:b3:b2:2f:f7:4c:91:27:04:88:9b:04:
                    2b:dd:43:c9:7b:e0:56:f7:79:2d:7d:71:84:44:81:
                    07:5b:77:a3:db:4a:c7:bf:84:c9:c3:48:f3:2d:a5:
                    5e:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:95:1B:05:5E:0C:05:96:FD:10:76:0B:FB:0A:00:0C:78:CB:3E:2E
            X509v3 Authority Key Identifier:
                keyid:BA:E2:D5:4D:6C:17:93:B7:DC:D7:74:69:92:16:D3:16:E8:C7:53:51

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/64TWQ84Swgi5q85Jt7XdESE16VPzvbpNtujHV6yzzKwA/1/BAE2D54D6C1793B7DCD774699216D316E8C75351.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BAE2D54D6C1793B7DCD774699216D316E8C75351.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/64TWQ84Swgi5q85Jt7XdESE16VPzvbpNtujHV6yzzKwA/1/3133382e3235352e3139382e302f32332d3233203d3e20323632383638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.255.198.0/23

    Signature Algorithm: sha256WithRSAEncryption
         46:5e:f2:27:72:d3:81:07:c9:8d:03:b8:00:67:cf:1e:5d:de:
         e0:66:4e:64:3b:6b:d1:e6:ae:cf:67:4a:16:2f:eb:dc:0e:53:
         ff:00:da:06:30:4a:e3:79:02:b7:47:b5:76:20:14:d3:7e:08:
         b2:99:79:5d:9c:6c:5f:e0:0c:f4:07:12:c7:8f:0a:44:00:e7:
         d2:ac:24:4f:fe:9e:f0:67:09:b8:8e:ea:58:f3:70:c6:1b:0b:
         84:16:91:90:66:f4:88:43:aa:ce:13:cb:4e:60:fd:4c:3b:95:
         f0:50:31:93:34:a8:d4:e4:e0:c0:19:71:63:74:03:81:32:49:
         5d:00:84:6a:fc:e0:44:a4:29:06:53:2e:5c:a9:7e:87:fd:77:
         5d:1d:31:05:22:2b:60:a7:ae:0c:d9:8e:bf:9b:e7:b5:8b:ae:
         3d:d6:55:0b:b1:0e:02:2f:b6:ee:31:88:a8:f2:8f:b3:c6:d5:
         17:05:44:36:37:cb:f1:fd:3c:70:9c:fb:be:b6:ce:cd:c3:f7:
         9e:ec:e9:7a:07:f1:e6:a0:93:f5:dc:ec:06:e6:a5:8d:9f:4c:
         01:7e:a0:5b:bb:45:86:d5:9e:43:f3:e5:73:45:be:58:67:8e:
         85:ed:ca:7f:65:89:78:07:6b:02:94:44:d8:39:04:6f:96:2e:
         61:c1:62:37
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUDVedxmlJyo8l3oiBJif9AISIt+MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkFFMkQ1NEQ2QzE3OTNCN0RDRDc3NDY5OTIxNkQzMTZF
OEM3NTM1MTAeFw0yNDA0MDQxMTAxNTVaFw0yNTA0MDMxMTA2NTVaMDMxMTAvBgNV
BAMTKDVFOTUxQjA1NUUwQzA1OTZGRDEwNzYwQkZCMEEwMDBDNzhDQjNFMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEOp2SSZmvGBkV6kKv8yMhri5O
pz30+cfUOwrhjo+h+OKg/84dguP+dli/NDOuITbU0BSogTrpcub3xSldG/c+ee2A
tj8jNH2ZeAwrMURBZD8GMuJihOMGBsatTbMzwUD/RG1DhRx2PMOMq9+AQ1fShzmh
4ZBLlSXarCxBTXOG0VfCGdJhzxHslhkVvtfjXc50PmqgXJJV0hu3AiLc0nmOwYUP
xGGZOm/JPQVT4JQg6XJwoItQIH9eAcCC7ZWNHWYLl8+Af08tEuzTn81CQtQ6iA0E
Vw2zsi/3TJEnBIibBCvdQ8l74Fb3eS19cYREgQdbd6PbSse/hMnDSPMtpV5dAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUXpUbBV4MBZb9EHYL+woADHjLPi4wHwYDVR0j
BBgwFoAUuuLVTWwXk7fc13RpkhbTFujHU1EwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNjRUV1E4NFN3Z2k1cTg1SnQ3WGRFU0UxNlZQenZicE50dWpIVjZ5enpL
d0EvMS9CQUUyRDU0RDZDMTc5M0I3RENENzc0Njk5MjE2RDMxNkU4Qzc1MzUxLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0JBRTJENTRENkMxNzkzQjdE
Q0Q3NzQ2OTkyMTZEMzE2RThDNzUzNTEuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzY0VFdRODRTd2dpNXE4NUp0N1hkRVNFMTZWUHp2YnBOdHVqSFY2eXp6S3dBLzEv
MzEzMzM4MmUzMjM1MzUyZTMxMzkzODJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDMy
MzYzMjM4MzYzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAYr/xjANBgkqhkiG9w0BAQsFAAOCAQEARl7y
J3LTgQfJjQO4AGfPHl3e4GZOZDtr0eauz2dKFi/r3A5T/wDaBjBK43kCt0e1diAU
034Ispl5XZxsX+AM9AcSx48KRADn0qwkT/6e8GcJuI7qWPNwxhsLhBaRkGb0iEOq
zhPLTmD9TDuV8FAxkzSo1OTgwBlxY3QDgTJJXQCEavzgRKQpBlMuXKl+h/13XR0x
BSIrYKeuDNmOv5vntYuuPdZVC7EOAi+27jGIqPKPs8bVFwVENjfL8f08cJz7vrbO
zcP3nuzpegfx5qCT9dzsBualjZ9MAX6gW7tFhtWeQ/Plc0W+WGeOhe3Kf2WJeAdr
ApRE2DkEb5YuYcFiNw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:22:34 2024 by rpki-client on console-fra.rpki-client.org