Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/7NtsbuNVLC34VsJihSmvZ6QSpYJ2xF1RiCzAdzWQtvr6/0/323830343a316333303a3a2f33322d3438203d3e203238323835.roa
File:                     323830343a316333303a3a2f33322d3438203d3e203238323835.roa (raw, json)
Hash identifier:          AT9OOGQVewrhrDmDDrCBGuMDh6dq+V3BrzQsem+e8jU=
Subject key identifier:   6F:9B:55:29:32:ED:98:82:D8:B6:9D:34:7F:CC:96:99:5A:12:FB:BB
Certificate issuer:       /CN=18304E37E7B30DCE85765ECFC90E798EBF358498
Certificate serial:       187240FD3D74719C06271F63B913E30CBE850362
Authority key identifier: 18:30:4E:37:E7:B3:0D:CE:85:76:5E:CF:C9:0E:79:8E:BF:35:84:98
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/18304E37E7B30DCE85765ECFC90E798EBF358498.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/7NtsbuNVLC34VsJihSmvZ6QSpYJ2xF1RiCzAdzWQtvr6/0/323830343a316333303a3a2f33322d3438203d3e203238323835.roa
Signing time:             Thu 04 Apr 2024 17:46:51 +0000
ROA not before:           Thu 04 Apr 2024 17:41:51 +0000
ROA not after:            Thu 03 Apr 2025 17:46:51 +0000
asID:                     28285
IP address blocks:        2804:1c30::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/7NtsbuNVLC34VsJihSmvZ6QSpYJ2xF1RiCzAdzWQtvr6/0/18304E37E7B30DCE85765ECFC90E798EBF358498.crl
                          rsync://rpki-repo.registro.br/repo/7NtsbuNVLC34VsJihSmvZ6QSpYJ2xF1RiCzAdzWQtvr6/0/18304E37E7B30DCE85765ECFC90E798EBF358498.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/18304E37E7B30DCE85765ECFC90E798EBF358498.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 27 Nov 2024 20:01:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:72:40:fd:3d:74:71:9c:06:27:1f:63:b9:13:e3:0c:be:85:03:62
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18304E37E7B30DCE85765ECFC90E798EBF358498
        Validity
            Not Before: Apr  4 17:41:51 2024 GMT
            Not After : Apr  3 17:46:51 2025 GMT
        Subject: CN=6F9B552932ED9882D8B69D347FCC96995A12FBBB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:99:c0:72:f9:f2:76:47:a3:7c:eb:33:f5:9f:1b:
                    76:0d:3b:fc:c9:c7:36:46:a0:8b:bc:65:28:d2:1e:
                    25:f1:05:5f:06:74:d7:ea:4d:1e:88:ea:27:40:83:
                    c7:f8:6b:37:5b:a6:c8:f3:7a:c0:c7:05:33:ef:8e:
                    dc:96:a9:1b:e5:36:26:0b:a7:c8:7c:c0:c4:c5:28:
                    9f:39:a3:aa:6e:11:3a:68:d6:e0:3d:5e:77:1d:31:
                    08:26:41:f6:2e:fc:39:1c:80:77:67:b9:98:79:31:
                    c2:be:ac:85:32:ce:44:da:77:c8:b0:c3:26:c4:f4:
                    e8:4a:05:4f:32:b6:fe:d4:9d:39:0b:7f:b6:9d:07:
                    25:b7:f9:d4:6d:ea:b7:da:76:53:7c:ce:e9:62:bf:
                    41:d2:72:87:05:f5:31:4f:17:e3:2c:be:8b:13:1a:
                    96:7b:48:2d:91:0d:ee:e1:9d:ed:e7:67:03:13:41:
                    f9:a0:fe:c1:be:8c:b9:b1:40:ec:67:43:58:63:57:
                    ef:e2:84:6d:b5:f9:cd:58:ef:14:9d:59:df:c9:7a:
                    15:d6:0c:a5:20:f9:4e:8b:cf:73:b5:a9:1d:58:c2:
                    89:20:b9:36:19:ea:ce:96:f4:cc:7e:32:62:2a:81:
                    f7:3b:1f:d0:98:69:ae:76:d3:ff:99:c2:d0:62:80:
                    69:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:9B:55:29:32:ED:98:82:D8:B6:9D:34:7F:CC:96:99:5A:12:FB:BB
            X509v3 Authority Key Identifier:
                keyid:18:30:4E:37:E7:B3:0D:CE:85:76:5E:CF:C9:0E:79:8E:BF:35:84:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/7NtsbuNVLC34VsJihSmvZ6QSpYJ2xF1RiCzAdzWQtvr6/0/18304E37E7B30DCE85765ECFC90E798EBF358498.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/18304E37E7B30DCE85765ECFC90E798EBF358498.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/7NtsbuNVLC34VsJihSmvZ6QSpYJ2xF1RiCzAdzWQtvr6/0/323830343a316333303a3a2f33322d3438203d3e203238323835.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:1c30::/32

    Signature Algorithm: sha256WithRSAEncryption
         0e:b3:21:60:fd:2c:50:84:46:9d:3d:d7:e4:90:fd:01:67:7d:
         4d:7b:22:41:76:83:01:a8:f5:44:62:14:1a:1a:52:8f:e6:2e:
         cd:b2:5d:38:0d:43:86:a9:0c:5e:f5:1a:0a:b8:19:be:06:f3:
         41:da:dd:96:df:8f:be:f1:e0:d4:57:70:af:8c:8f:a6:63:7c:
         46:c2:37:03:3d:f2:2d:1a:48:06:dd:61:0b:dd:91:5d:31:c5:
         19:04:49:f9:ee:30:bb:47:f7:06:b2:99:fb:69:6f:24:12:76:
         ed:ba:4e:24:d6:3a:4b:a4:30:e9:95:b4:89:ba:ab:83:90:7e:
         24:01:33:2f:49:ed:43:bb:5d:ef:bb:94:f3:cb:ce:cb:84:81:
         9c:f8:79:13:22:fa:b5:50:3b:2d:00:6a:6c:ec:a8:03:82:a6:
         c9:67:68:ca:53:e8:44:19:97:5b:7a:8a:1f:64:a7:64:36:6a:
         d8:e9:21:04:c8:ae:7c:1f:15:d9:68:2d:22:f2:10:91:e0:fe:
         ba:ec:4a:24:86:68:fb:56:77:ba:a8:61:de:83:3a:73:75:fe:
         9a:38:15:6b:3a:b9:f4:8e:6d:f7:fb:9b:7a:8d:cf:35:a5:4d:
         f6:01:06:ae:40:f8:2a:76:99:d4:d4:1d:88:bc:1a:09:3e:79:
         49:cf:83:eb
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgIUGHJA/T10cZwGJx9juRPjDL6FA2IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTgzMDRFMzdFN0IzMERDRTg1NzY1RUNGQzkwRTc5OEVC
RjM1ODQ5ODAeFw0yNDA0MDQxNzQxNTFaFw0yNTA0MDMxNzQ2NTFaMDMxMTAvBgNV
BAMTKDZGOUI1NTI5MzJFRDk4ODJEOEI2OUQzNDdGQ0M5Njk5NUExMkZCQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZwHL58nZHo3zrM/WfG3YNO/zJ
xzZGoIu8ZSjSHiXxBV8GdNfqTR6I6idAg8f4azdbpsjzesDHBTPvjtyWqRvlNiYL
p8h8wMTFKJ85o6puETpo1uA9XncdMQgmQfYu/DkcgHdnuZh5McK+rIUyzkTad8iw
wybE9OhKBU8ytv7UnTkLf7adByW3+dRt6rfadlN8zuliv0HScocF9TFPF+MsvosT
GpZ7SC2RDe7hne3nZwMTQfmg/sG+jLmxQOxnQ1hjV+/ihG21+c1Y7xSdWd/JehXW
DKUg+U6Lz3O1qR1YwokguTYZ6s6W9Mx+MmIqgfc7H9CYaa520/+ZwtBigGlHAgMB
AAGjggJOMIICSjAdBgNVHQ4EFgQUb5tVKTLtmILYtp00f8yWmVoS+7swHwYDVR0j
BBgwFoAUGDBON+ezDc6Fdl7PyQ55jr81hJgwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vN050c2J1TlZMQzM0VnNKaWhTbXZaNlFTcFlKMnhGMVJpQ3pBZHpXUXR2
cjYvMC8xODMwNEUzN0U3QjMwRENFODU3NjVFQ0ZDOTBFNzk4RUJGMzU4NDk4LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzE4MzA0RTM3RTdCMzBEQ0U4
NTc2NUVDRkM5MEU3OThFQkYzNTg0OTguY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzdOdHNidU5WTEMzNFZzSmloU212WjZRU3BZSjJ4RjFSaUN6QWR6V1F0dnI2LzAv
MzIzODMwMzQzYTMxNjMzMzMwM2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzIzODMy
MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB
/wQRMA8wDQQCAAIwBwMFACgEHDAwDQYJKoZIhvcNAQELBQADggEBAA6zIWD9LFCE
Rp091+SQ/QFnfU17IkF2gwGo9URiFBoaUo/mLs2yXTgNQ4apDF71Ggq4Gb4G80Ha
3Zbfj77x4NRXcK+Mj6ZjfEbCNwM98i0aSAbdYQvdkV0xxRkESfnuMLtH9waymftp
byQSdu26TiTWOkukMOmVtIm6q4OQfiQBMy9J7UO7Xe+7lPPLzsuEgZz4eRMi+rVQ
Oy0AamzsqAOCpslnaMpT6EQZl1t6ih9kp2Q2atjpIQTIrnwfFdloLSLyEJHg/rrs
SiSGaPtWd7qoYd6DOnN1/po4FWs6ufSObff7m3qNzzWlTfYBBq5A+Cp2mdTUHYi8
Ggk+eUnPg+s=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:09:19 2024 by rpki-client on console-ams.rpki-client.org