Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/64TWQ84Swgi5q85Jt7XdESE16VPzvbpNtujHV6yzzKwA/1/3136382e3139372e3231342e302f32332d3233203d3e20323632383638.roa
File:                     3136382e3139372e3231342e302f32332d3233203d3e20323632383638.roa (raw, json)
Hash identifier:          na4ekPMD06s1o22f48NjxmcAxtD7NtAfeRIfKEQcKkE=
Subject key identifier:   E0:F8:E9:1C:82:54:90:E6:5A:B9:6D:1A:F1:5C:C0:78:F7:CC:77:47
Certificate issuer:       /CN=BAE2D54D6C1793B7DCD774699216D316E8C75351
Certificate serial:       0C2366864EC4256487E74292884DEC23493694E0
Authority key identifier: BA:E2:D5:4D:6C:17:93:B7:DC:D7:74:69:92:16:D3:16:E8:C7:53:51
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BAE2D54D6C1793B7DCD774699216D316E8C75351.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/64TWQ84Swgi5q85Jt7XdESE16VPzvbpNtujHV6yzzKwA/1/3136382e3139372e3231342e302f32332d3233203d3e20323632383638.roa
Signing time:             Thu 04 Apr 2024 11:06:51 +0000
ROA not before:           Thu 04 Apr 2024 11:01:51 +0000
ROA not after:            Thu 03 Apr 2025 11:06:51 +0000
asID:                     262868
IP address blocks:        168.197.214.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/64TWQ84Swgi5q85Jt7XdESE16VPzvbpNtujHV6yzzKwA/1/BAE2D54D6C1793B7DCD774699216D316E8C75351.crl
                          rsync://rpki-repo.registro.br/repo/64TWQ84Swgi5q85Jt7XdESE16VPzvbpNtujHV6yzzKwA/1/BAE2D54D6C1793B7DCD774699216D316E8C75351.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BAE2D54D6C1793B7DCD774699216D316E8C75351.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 07:45:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:23:66:86:4e:c4:25:64:87:e7:42:92:88:4d:ec:23:49:36:94:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BAE2D54D6C1793B7DCD774699216D316E8C75351
        Validity
            Not Before: Apr  4 11:01:51 2024 GMT
            Not After : Apr  3 11:06:51 2025 GMT
        Subject: CN=E0F8E91C825490E65AB96D1AF15CC078F7CC7747
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:8b:50:7d:8b:04:ae:e9:36:fd:8f:ac:29:68:
                    8e:a7:93:77:f1:4b:8e:53:51:48:21:cb:c9:91:ae:
                    06:9b:cb:c0:e1:ae:ec:51:d3:1b:a8:6d:cf:14:3e:
                    5c:6c:f3:03:bf:07:c8:e4:61:5b:f6:a1:f8:b8:53:
                    21:a1:f2:37:c2:25:5f:88:38:55:4a:88:a3:6e:e8:
                    d2:2b:11:13:cf:4b:59:0f:08:1c:4c:ae:1d:de:fb:
                    91:22:b1:a5:c0:33:6d:32:31:58:d3:c0:ed:37:f5:
                    a4:a0:5a:a3:d4:31:5a:cb:9d:c8:e3:f7:dc:80:3e:
                    f6:d7:40:e4:47:ea:8c:96:cb:71:83:cf:6f:c1:0a:
                    dd:a4:0b:42:15:1d:ed:77:d0:84:28:55:5a:00:b4:
                    30:27:6e:61:81:a7:f1:59:82:bb:f4:2c:64:e5:73:
                    f1:b4:d6:97:9c:3d:84:25:09:fa:96:6d:12:af:1f:
                    ec:a4:7a:6d:5e:c2:59:79:7c:58:83:e5:ef:c2:ff:
                    52:94:78:7f:07:61:62:91:fe:cc:4f:50:43:c1:92:
                    f2:57:17:39:c4:42:2f:0c:89:9d:5b:ed:88:01:30:
                    a6:f8:c7:5a:20:08:84:11:c2:12:b8:53:85:80:2e:
                    67:66:45:72:ce:a2:72:de:0e:ac:c8:32:88:d8:bf:
                    b1:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:F8:E9:1C:82:54:90:E6:5A:B9:6D:1A:F1:5C:C0:78:F7:CC:77:47
            X509v3 Authority Key Identifier:
                keyid:BA:E2:D5:4D:6C:17:93:B7:DC:D7:74:69:92:16:D3:16:E8:C7:53:51

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/64TWQ84Swgi5q85Jt7XdESE16VPzvbpNtujHV6yzzKwA/1/BAE2D54D6C1793B7DCD774699216D316E8C75351.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BAE2D54D6C1793B7DCD774699216D316E8C75351.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/64TWQ84Swgi5q85Jt7XdESE16VPzvbpNtujHV6yzzKwA/1/3136382e3139372e3231342e302f32332d3233203d3e20323632383638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.197.214.0/23

    Signature Algorithm: sha256WithRSAEncryption
         68:c9:ff:73:f3:4c:10:75:17:f3:7a:ae:24:30:70:a0:a3:c0:
         67:89:c4:45:b2:66:c3:5a:ab:97:f2:c4:86:44:a4:a4:79:18:
         78:5b:e2:64:e2:4c:5b:e8:cd:64:f2:89:5d:27:dd:b3:2e:9c:
         11:d2:e8:13:37:cd:82:f5:4e:e2:82:42:70:9e:f6:e5:ca:67:
         d7:c0:0d:e1:ea:5c:1b:2e:c6:7b:30:1a:f8:4d:91:99:f8:f8:
         2f:fa:f1:73:43:8e:20:17:9a:8e:c0:6b:22:ab:f0:78:cd:b2:
         b5:bc:cb:cf:38:ff:97:5f:5d:a2:da:51:ac:c1:8e:dd:79:0b:
         68:9f:2c:d8:13:84:5a:57:20:de:c0:5c:12:5b:f9:b8:cf:5d:
         13:56:28:6d:25:07:ac:96:ca:a9:70:b3:1a:6f:0f:03:a3:a7:
         8c:43:34:76:0a:d5:57:0a:32:21:8e:a0:97:b1:81:83:6c:9c:
         6c:15:d8:dc:d9:ef:67:82:a1:40:52:ed:49:3d:2a:44:2c:86:
         12:ea:c3:71:41:04:15:43:f6:b5:77:07:4f:fa:64:fd:c6:ed:
         07:09:18:27:da:30:71:cf:33:95:cd:24:28:65:7a:8f:3e:41:
         39:bc:fc:f3:46:b4:24:65:40:03:c0:19:87:03:dd:8e:55:fa:
         fd:16:f4:38
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUDCNmhk7EJWSH50KSiE3sI0k2lOAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkFFMkQ1NEQ2QzE3OTNCN0RDRDc3NDY5OTIxNkQzMTZF
OEM3NTM1MTAeFw0yNDA0MDQxMTAxNTFaFw0yNTA0MDMxMTA2NTFaMDMxMTAvBgNV
BAMTKEUwRjhFOTFDODI1NDkwRTY1QUI5NkQxQUYxNUNDMDc4RjdDQzc3NDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLi1B9iwSu6Tb9j6wpaI6nk3fx
S45TUUghy8mRrgaby8DhruxR0xuobc8UPlxs8wO/B8jkYVv2ofi4UyGh8jfCJV+I
OFVKiKNu6NIrERPPS1kPCBxMrh3e+5EisaXAM20yMVjTwO039aSgWqPUMVrLncjj
99yAPvbXQORH6oyWy3GDz2/BCt2kC0IVHe130IQoVVoAtDAnbmGBp/FZgrv0LGTl
c/G01pecPYQlCfqWbRKvH+ykem1ewll5fFiD5e/C/1KUeH8HYWKR/sxPUEPBkvJX
FznEQi8MiZ1b7YgBMKb4x1ogCIQRwhK4U4WALmdmRXLOonLeDqzIMojYv7G9AgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQU4PjpHIJUkOZauW0a8VzAePfMd0cwHwYDVR0j
BBgwFoAUuuLVTWwXk7fc13RpkhbTFujHU1EwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNjRUV1E4NFN3Z2k1cTg1SnQ3WGRFU0UxNlZQenZicE50dWpIVjZ5enpL
d0EvMS9CQUUyRDU0RDZDMTc5M0I3RENENzc0Njk5MjE2RDMxNkU4Qzc1MzUxLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0JBRTJENTRENkMxNzkzQjdE
Q0Q3NzQ2OTkyMTZEMzE2RThDNzUzNTEuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzY0VFdRODRTd2dpNXE4NUp0N1hkRVNFMTZWUHp2YnBOdHVqSFY2eXp6S3dBLzEv
MzEzNjM4MmUzMTM5MzcyZTMyMzEzNDJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDMy
MzYzMjM4MzYzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAajF1jANBgkqhkiG9w0BAQsFAAOCAQEAaMn/
c/NMEHUX83quJDBwoKPAZ4nERbJmw1qrl/LEhkSkpHkYeFviZOJMW+jNZPKJXSfd
sy6cEdLoEzfNgvVO4oJCcJ725cpn18AN4epcGy7GezAa+E2Rmfj4L/rxc0OOIBea
jsBrIqvweM2ytbzLzzj/l19dotpRrMGO3XkLaJ8s2BOEWlcg3sBcElv5uM9dE1Yo
bSUHrJbKqXCzGm8PA6OnjEM0dgrVVwoyIY6gl7GBg2ycbBXY3NnvZ4KhQFLtST0q
RCyGEurDcUEEFUP2tXcHT/pk/cbtBwkYJ9owcc8zlc0kKGV6jz5BObz880a0JGVA
A8AZhwPdjlX6/Rb0OA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:44:53 2024 by rpki-client on console-ams.rpki-client.org