Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/75sVJGL2VZAEqr7LJ3bUwzmjdU9bxyvXPBbCVzkv4Y5m/1/3137372e3132352e3132382e302f32322d3234203d3e20323632333434.roa
File:                     3137372e3132352e3132382e302f32322d3234203d3e20323632333434.roa (raw, json)
Hash identifier:          0xHNs5l37IUPE6YfsAzCzjGS8gUV2zpA/XXd1LUxwsg=
Subject key identifier:   08:46:3F:69:67:18:8B:59:A2:E8:A2:8A:F4:05:A3:96:F8:F9:1F:1C
Certificate issuer:       /CN=5FF2BF31DCBA5771F19C984970FBBF25AF22A672
Certificate serial:       67E4E9775328E17A9A671819A1187237DCD789B1
Authority key identifier: 5F:F2:BF:31:DC:BA:57:71:F1:9C:98:49:70:FB:BF:25:AF:22:A6:72
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5FF2BF31DCBA5771F19C984970FBBF25AF22A672.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/75sVJGL2VZAEqr7LJ3bUwzmjdU9bxyvXPBbCVzkv4Y5m/1/3137372e3132352e3132382e302f32322d3234203d3e20323632333434.roa
Signing time:             Thu 04 Apr 2024 22:43:23 +0000
ROA not before:           Thu 04 Apr 2024 22:38:23 +0000
ROA not after:            Thu 03 Apr 2025 22:43:23 +0000
asID:                     262344
IP address blocks:        177.125.128.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/75sVJGL2VZAEqr7LJ3bUwzmjdU9bxyvXPBbCVzkv4Y5m/1/5FF2BF31DCBA5771F19C984970FBBF25AF22A672.crl
                          rsync://rpki-repo.registro.br/repo/75sVJGL2VZAEqr7LJ3bUwzmjdU9bxyvXPBbCVzkv4Y5m/1/5FF2BF31DCBA5771F19C984970FBBF25AF22A672.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5FF2BF31DCBA5771F19C984970FBBF25AF22A672.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 22:46:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:e4:e9:77:53:28:e1:7a:9a:67:18:19:a1:18:72:37:dc:d7:89:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5FF2BF31DCBA5771F19C984970FBBF25AF22A672
        Validity
            Not Before: Apr  4 22:38:23 2024 GMT
            Not After : Apr  3 22:43:23 2025 GMT
        Subject: CN=08463F6967188B59A2E8A28AF405A396F8F91F1C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:76:74:ee:95:ed:62:0f:f0:ab:a0:be:0f:2e:
                    67:23:39:9b:07:f4:14:ec:31:65:2c:40:d3:03:89:
                    41:72:35:0b:51:2a:a6:d7:28:7f:c1:8a:ed:4b:68:
                    14:18:a1:29:78:fd:44:44:10:76:2f:2b:f4:9e:58:
                    46:ec:c0:5a:5a:53:95:36:20:aa:63:18:56:13:3b:
                    03:fa:95:3f:8a:3c:8e:e1:1f:0d:e8:af:5a:a1:95:
                    36:75:6a:77:13:b6:43:12:c7:98:b4:31:ae:d8:4f:
                    ec:82:e2:b9:cc:83:c5:6c:50:b3:ff:d2:9b:33:ef:
                    fa:e0:93:08:e9:31:77:ca:a4:1a:61:f6:d5:55:46:
                    ee:c4:d0:7f:69:a2:44:32:2b:e7:59:87:c5:2f:21:
                    77:d4:39:89:2f:8e:14:e9:f2:40:26:bc:0c:01:60:
                    7e:dd:c2:f7:77:f4:44:1a:72:44:63:c8:ec:2a:76:
                    52:bc:a4:63:7e:a9:2c:38:a8:8e:2f:1c:df:f5:79:
                    aa:cc:5f:e4:35:9e:9e:f2:15:b8:fc:32:40:2b:d5:
                    72:4e:6b:36:8d:30:83:ba:ae:3b:f2:60:f5:85:0b:
                    e4:b8:92:7f:39:27:70:48:e1:e0:de:e2:9c:c9:b6:
                    af:b4:a4:07:91:20:17:d7:70:2f:4c:cf:be:91:1b:
                    13:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:46:3F:69:67:18:8B:59:A2:E8:A2:8A:F4:05:A3:96:F8:F9:1F:1C
            X509v3 Authority Key Identifier:
                keyid:5F:F2:BF:31:DC:BA:57:71:F1:9C:98:49:70:FB:BF:25:AF:22:A6:72

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/75sVJGL2VZAEqr7LJ3bUwzmjdU9bxyvXPBbCVzkv4Y5m/1/5FF2BF31DCBA5771F19C984970FBBF25AF22A672.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5FF2BF31DCBA5771F19C984970FBBF25AF22A672.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/75sVJGL2VZAEqr7LJ3bUwzmjdU9bxyvXPBbCVzkv4Y5m/1/3137372e3132352e3132382e302f32322d3234203d3e20323632333434.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.125.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         52:61:b4:49:a8:b0:1b:c6:a9:26:b3:84:cd:9e:dd:f2:8f:2d:
         22:43:ad:01:b9:3a:17:f9:a5:46:f2:80:de:f3:55:fd:14:b9:
         f6:c5:50:79:59:b4:86:a7:f3:ad:2d:3b:e0:b4:91:d6:a7:e8:
         ff:7a:9d:dc:02:ae:b8:50:09:d3:f3:8d:42:8a:36:32:f7:f4:
         3e:ea:b0:da:b9:c5:c4:72:8d:6e:de:90:49:0b:3e:0d:4a:a4:
         38:87:2d:6d:a4:37:51:06:24:9f:22:b6:56:cf:95:aa:a3:cb:
         e8:58:d1:bc:9d:bd:35:3f:63:aa:58:ed:27:39:39:27:f4:4b:
         f8:68:a8:12:c8:de:55:db:60:3b:95:43:b5:11:03:1d:e9:8c:
         5d:ef:3e:fc:98:2c:e1:7e:31:16:21:fe:00:cc:9e:5e:56:cf:
         d1:65:fb:60:f7:f5:4c:3f:ac:13:f2:7b:93:bb:10:97:20:51:
         9b:50:99:b3:4f:f4:09:ab:a7:e1:38:5f:c8:94:76:cb:1b:89:
         0b:f2:00:72:00:a0:e2:ab:fe:be:2b:91:1f:14:af:33:8d:4f:
         d0:0a:46:aa:82:94:b9:29:a6:e9:73:c9:13:a9:91:1e:cd:7d:
         0b:bb:fa:19:9c:8c:c2:c2:83:93:49:f0:b0:d4:2c:d8:da:dd:
         93:57:54:4b
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUZ+Tpd1Mo4XqaZxgZoRhyN9zXibEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNUZGMkJGMzFEQ0JBNTc3MUYxOUM5ODQ5NzBGQkJGMjVB
RjIyQTY3MjAeFw0yNDA0MDQyMjM4MjNaFw0yNTA0MDMyMjQzMjNaMDMxMTAvBgNV
BAMTKDA4NDYzRjY5NjcxODhCNTlBMkU4QTI4QUY0MDVBMzk2RjhGOTFGMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4dnTule1iD/CroL4PLmcjOZsH
9BTsMWUsQNMDiUFyNQtRKqbXKH/Biu1LaBQYoSl4/UREEHYvK/SeWEbswFpaU5U2
IKpjGFYTOwP6lT+KPI7hHw3or1qhlTZ1ancTtkMSx5i0Ma7YT+yC4rnMg8VsULP/
0psz7/rgkwjpMXfKpBph9tVVRu7E0H9pokQyK+dZh8UvIXfUOYkvjhTp8kAmvAwB
YH7dwvd39EQackRjyOwqdlK8pGN+qSw4qI4vHN/1earMX+Q1np7yFbj8MkAr1XJO
azaNMIO6rjvyYPWFC+S4kn85J3BI4eDe4pzJtq+0pAeRIBfXcC9Mz76RGxNDAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUCEY/aWcYi1mi6KKK9AWjlvj5HxwwHwYDVR0j
BBgwFoAUX/K/Mdy6V3HxnJhJcPu/Ja8ipnIwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNzVzVkpHTDJWWkFFcXI3TEozYlV3em1qZFU5Ynh5dlhQQmJDVnprdjRZ
NW0vMS81RkYyQkYzMURDQkE1NzcxRjE5Qzk4NDk3MEZCQkYyNUFGMjJBNjcyLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzVGRjJCRjMxRENCQTU3NzFG
MTlDOTg0OTcwRkJCRjI1QUYyMkE2NzIuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
Lzc1c1ZKR0wyVlpBRXFyN0xKM2JVd3ptamRVOWJ4eXZYUEJiQ1Z6a3Y0WTVtLzEv
MzEzNzM3MmUzMTMyMzUyZTMxMzIzODJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMy
MzYzMjMzMzQzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEArF9gDANBgkqhkiG9w0BAQsFAAOCAQEAUmG0
SaiwG8apJrOEzZ7d8o8tIkOtAbk6F/mlRvKA3vNV/RS59sVQeVm0hqfzrS074LSR
1qfo/3qd3AKuuFAJ0/ONQoo2Mvf0Puqw2rnFxHKNbt6QSQs+DUqkOIctbaQ3UQYk
nyK2Vs+VqqPL6FjRvJ29NT9jqljtJzk5J/RL+GioEsjeVdtgO5VDtREDHemMXe8+
/Jgs4X4xFiH+AMyeXlbP0WX7YPf1TD+sE/J7k7sQlyBRm1CZs0/0Caun4ThfyJR2
yxuJC/IAcgCg4qv+viuRHxSvM41P0ApGqoKUuSmm6XPJE6mRHs19C7v6GZyMwsKD
k0nwsNQs2Nrdk1dUSw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:05:38 2024 by rpki-client on console-ams.rpki-client.org