Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/64WS8z56SodyNVrBR5XqVCGH4WWhGhwvYGgTB9EfDi5r/1/323830343a343631383a333330303a3a2f34302d3430203d3e20323636393638.roa
File:                     323830343a343631383a333330303a3a2f34302d3430203d3e20323636393638.roa (raw, json)
Hash identifier:          0xSLqUTfv4viopsKIUemItEnC9k9UbYoGfDbuk+yeaY=
Subject key identifier:   8F:AF:67:27:C1:3E:78:8C:84:EC:25:FD:81:B0:43:95:8A:9D:14:03
Certificate issuer:       /CN=A65312DFE93DF2E9A1109A17CDE8A7C07F71F2B4
Certificate serial:       2D2FC485AD203C25802C1298912C741B7F797A18
Authority key identifier: A6:53:12:DF:E9:3D:F2:E9:A1:10:9A:17:CD:E8:A7:C0:7F:71:F2:B4
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A65312DFE93DF2E9A1109A17CDE8A7C07F71F2B4.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/64WS8z56SodyNVrBR5XqVCGH4WWhGhwvYGgTB9EfDi5r/1/323830343a343631383a333330303a3a2f34302d3430203d3e20323636393638.roa
Signing time:             Thu 04 Apr 2024 04:17:49 +0000
ROA not before:           Thu 04 Apr 2024 04:12:49 +0000
ROA not after:            Thu 03 Apr 2025 04:17:49 +0000
asID:                     266968
IP address blocks:        2804:4618:3300::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/64WS8z56SodyNVrBR5XqVCGH4WWhGhwvYGgTB9EfDi5r/1/A65312DFE93DF2E9A1109A17CDE8A7C07F71F2B4.crl
                          rsync://rpki-repo.registro.br/repo/64WS8z56SodyNVrBR5XqVCGH4WWhGhwvYGgTB9EfDi5r/1/A65312DFE93DF2E9A1109A17CDE8A7C07F71F2B4.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A65312DFE93DF2E9A1109A17CDE8A7C07F71F2B4.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 13:16:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:2f:c4:85:ad:20:3c:25:80:2c:12:98:91:2c:74:1b:7f:79:7a:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A65312DFE93DF2E9A1109A17CDE8A7C07F71F2B4
        Validity
            Not Before: Apr  4 04:12:49 2024 GMT
            Not After : Apr  3 04:17:49 2025 GMT
        Subject: CN=8FAF6727C13E788C84EC25FD81B043958A9D1403
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e7:c4:7d:2d:6f:c6:69:9b:1b:60:65:eb:f5:64:
                    56:65:70:e4:e7:16:4d:bc:87:02:ae:cd:ae:8b:c2:
                    e5:03:4d:3a:43:1f:64:a0:07:4b:59:d4:da:3b:28:
                    7e:37:7a:92:56:2b:ac:68:43:1e:7f:f4:b2:89:89:
                    70:1e:e0:a4:63:7a:07:de:fa:d3:72:5a:8d:f7:bc:
                    fa:76:c0:7f:49:26:ea:80:e8:8c:8b:87:a4:76:c2:
                    ea:8a:3e:69:78:66:65:3b:5a:3c:1f:2c:46:c2:2c:
                    ca:37:f9:99:b1:d1:26:0f:be:a9:5e:21:cc:90:96:
                    2e:45:c0:ae:2c:29:1d:38:8b:65:00:c8:77:f9:9d:
                    fb:6d:5e:35:0b:f5:6e:20:51:7b:60:1d:d8:1c:95:
                    cf:48:5e:18:f5:d7:d8:5e:72:28:84:51:c3:8e:b3:
                    3c:90:9e:a0:c4:29:fc:65:4c:dd:3e:a3:0e:67:20:
                    f2:49:72:15:df:84:c1:d9:89:1f:77:c6:90:c3:dc:
                    c3:c5:11:4c:34:a2:db:d1:d7:ea:88:df:65:e6:07:
                    86:e0:31:16:b7:29:52:00:89:4d:5d:d8:2d:69:89:
                    4e:1e:b9:78:c1:b9:50:d3:bc:cd:0b:7d:4b:9a:05:
                    83:3f:2f:bb:fa:00:6e:59:93:63:3e:af:c0:11:17:
                    11:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:AF:67:27:C1:3E:78:8C:84:EC:25:FD:81:B0:43:95:8A:9D:14:03
            X509v3 Authority Key Identifier:
                keyid:A6:53:12:DF:E9:3D:F2:E9:A1:10:9A:17:CD:E8:A7:C0:7F:71:F2:B4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/64WS8z56SodyNVrBR5XqVCGH4WWhGhwvYGgTB9EfDi5r/1/A65312DFE93DF2E9A1109A17CDE8A7C07F71F2B4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A65312DFE93DF2E9A1109A17CDE8A7C07F71F2B4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/64WS8z56SodyNVrBR5XqVCGH4WWhGhwvYGgTB9EfDi5r/1/323830343a343631383a333330303a3a2f34302d3430203d3e20323636393638.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:4618:3300::/40

    Signature Algorithm: sha256WithRSAEncryption
         19:ea:c3:be:c4:8a:52:a8:7a:02:a4:c4:cf:21:48:cf:5c:dd:
         0c:a5:7e:c5:8f:ae:de:79:cd:a7:e0:3d:84:c7:1b:28:1e:30:
         56:b9:cd:85:25:a9:8e:01:0a:69:4d:d0:5c:65:5e:bc:39:07:
         ad:4d:b6:68:97:c8:61:68:4d:a7:7b:f9:bc:2c:1d:2c:c3:13:
         2d:c6:5b:59:33:95:a0:7e:c5:7b:e9:b5:a8:5f:37:6d:bd:31:
         54:75:93:e6:c4:26:bf:d3:4c:e2:c8:a7:cb:cf:50:12:ac:b7:
         0b:b9:87:59:f3:7b:2f:04:9e:ed:a3:ea:b2:1b:0f:6d:52:36:
         77:b5:f4:49:43:25:25:da:70:7d:58:fb:a2:66:0f:3c:82:96:
         39:e3:4c:cb:93:a5:66:f1:8e:53:b4:f9:a2:bf:8d:c6:4e:40:
         b5:1f:dc:22:a5:1c:2c:c5:20:db:3c:e1:d4:b6:cf:64:ba:bf:
         da:93:4c:f0:7d:bd:9e:f4:d6:47:4f:88:7a:37:91:5d:e7:ff:
         b5:4a:17:00:ec:f7:19:b2:b5:91:db:a2:83:4e:5e:26:87:cb:
         e8:a3:0d:5f:50:b9:d6:b3:9a:12:7c:a5:a8:67:e3:50:bd:8d:
         7b:1d:13:9c:d7:e1:64:0b:2e:c7:ec:ee:78:01:1f:9e:9f:34:
         0b:04:e9:1c
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIULS/Eha0gPCWALBKYkSx0G395ehgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTY1MzEyREZFOTNERjJFOUExMTA5QTE3Q0RFOEE3QzA3
RjcxRjJCNDAeFw0yNDA0MDQwNDEyNDlaFw0yNTA0MDMwNDE3NDlaMDMxMTAvBgNV
BAMTKDhGQUY2NzI3QzEzRTc4OEM4NEVDMjVGRDgxQjA0Mzk1OEE5RDE0MDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDnxH0tb8ZpmxtgZev1ZFZlcOTn
Fk28hwKuza6LwuUDTTpDH2SgB0tZ1No7KH43epJWK6xoQx5/9LKJiXAe4KRjegfe
+tNyWo33vPp2wH9JJuqA6IyLh6R2wuqKPml4ZmU7WjwfLEbCLMo3+Zmx0SYPvqle
IcyQli5FwK4sKR04i2UAyHf5nfttXjUL9W4gUXtgHdgclc9IXhj119heciiEUcOO
szyQnqDEKfxlTN0+ow5nIPJJchXfhMHZiR93xpDD3MPFEUw0otvR1+qI32XmB4bg
MRa3KVIAiU1d2C1piU4euXjBuVDTvM0LfUuaBYM/L7v6AG5Zk2M+r8ARFxHzAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUj69nJ8E+eIyE7CX9gbBDlYqdFAMwHwYDVR0j
BBgwFoAUplMS3+k98umhEJoXzeinwH9x8rQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNjRXUzh6NTZTb2R5TlZyQlI1WHFWQ0dINFdXaEdod3ZZR2dUQjlFZkRp
NXIvMS9BNjUzMTJERkU5M0RGMkU5QTExMDlBMTdDREU4QTdDMDdGNzFGMkI0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0E2NTMxMkRGRTkzREYyRTlB
MTEwOUExN0NERThBN0MwN0Y3MUYyQjQuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzY0V1M4ejU2U29keU5WckJSNVhxVkNHSDRXV2hHaHd2WUdnVEI5RWZEaTVyLzEv
MzIzODMwMzQzYTM0MzYzMTM4M2EzMzMzMzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNk
M2UyMDMyMzYzNjM5MzYzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACgERhgzMA0GCSqGSIb3DQEBCwUA
A4IBAQAZ6sO+xIpSqHoCpMTPIUjPXN0MpX7Fj67eec2n4D2ExxsoHjBWuc2FJamO
AQppTdBcZV68OQetTbZol8hhaE2ne/m8LB0swxMtxltZM5WgfsV76bWoXzdtvTFU
dZPmxCa/00ziyKfLz1ASrLcLuYdZ83svBJ7to+qyGw9tUjZ3tfRJQyUl2nB9WPui
Zg88gpY540zLk6Vm8Y5TtPmiv43GTkC1H9wipRwsxSDbPOHUts9kur/ak0zwfb2e
9NZHT4h6N5Fd5/+1ShcA7PcZsrWR26KDTl4mh8voow1fULnWs5oSfKWoZ+NQvY17
HROc1+FkCy7H7O54AR+enzQLBOkc
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:14:44 2024 by rpki-client on console-fra.rpki-client.org