Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/7dGkkyBprDPFgs6zzv3a6wVAssBKUmqX57byAR3DygK/1/3230302e32342e3132302e302f32322d3332203d3e20323731363030.roa
File:                     3230302e32342e3132302e302f32322d3332203d3e20323731363030.roa (raw, json)
Hash identifier:          GGbW4Qy9zqoQlbnqqeOtsHnahJAFLAgLctNPxaaHNQw=
Subject key identifier:   D7:F6:45:77:59:39:B8:EC:C8:1E:87:62:DA:D3:A0:B6:B1:14:B8:DD
Certificate issuer:       /CN=0B7D5851E99113F3832ED12CBE5DB4437990968F
Certificate serial:       5245076DA020F50B2B36E6450A91DBCF7A8EFD1A
Authority key identifier: 0B:7D:58:51:E9:91:13:F3:83:2E:D1:2C:BE:5D:B4:43:79:90:96:8F
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0B7D5851E99113F3832ED12CBE5DB4437990968F.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/7dGkkyBprDPFgs6zzv3a6wVAssBKUmqX57byAR3DygK/1/3230302e32342e3132302e302f32322d3332203d3e20323731363030.roa
Signing time:             Thu 04 Apr 2024 10:12:56 +0000
ROA not before:           Thu 04 Apr 2024 10:07:56 +0000
ROA not after:            Thu 03 Apr 2025 10:12:56 +0000
asID:                     271600
IP address blocks:        200.24.120.0/22 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/7dGkkyBprDPFgs6zzv3a6wVAssBKUmqX57byAR3DygK/1/0B7D5851E99113F3832ED12CBE5DB4437990968F.crl
                          rsync://rpki-repo.registro.br/repo/7dGkkyBprDPFgs6zzv3a6wVAssBKUmqX57byAR3DygK/1/0B7D5851E99113F3832ED12CBE5DB4437990968F.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0B7D5851E99113F3832ED12CBE5DB4437990968F.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 19:23:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:45:07:6d:a0:20:f5:0b:2b:36:e6:45:0a:91:db:cf:7a:8e:fd:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0B7D5851E99113F3832ED12CBE5DB4437990968F
        Validity
            Not Before: Apr  4 10:07:56 2024 GMT
            Not After : Apr  3 10:12:56 2025 GMT
        Subject: CN=D7F645775939B8ECC81E8762DAD3A0B6B114B8DD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:1d:a3:6d:bc:a6:05:73:b0:a8:78:10:2e:12:
                    a8:b2:fc:91:8a:90:5a:17:2a:08:6e:21:77:4a:59:
                    ba:1d:ca:d8:4e:38:1f:a8:30:e7:cd:b4:63:29:33:
                    b3:66:2b:24:8d:c2:73:65:b1:f7:31:ab:b9:06:40:
                    b2:69:24:4b:b1:9f:6b:cd:ea:2b:3d:a5:15:fb:26:
                    d1:5f:78:49:e4:47:85:16:59:f7:12:24:ad:05:be:
                    c3:55:90:da:5f:06:6c:c5:ac:d7:70:5d:87:10:18:
                    24:80:7c:61:10:6c:a4:d5:98:21:66:f9:3c:81:2b:
                    7e:e2:f4:29:ab:21:5c:45:ee:f0:db:bc:fe:12:34:
                    1a:d4:f5:fc:98:8f:72:ab:fc:dd:ed:20:10:df:c8:
                    ee:26:20:b6:41:8f:4d:31:25:53:34:43:1b:18:50:
                    47:c8:f1:33:28:a2:a9:ad:42:61:3f:e4:fb:a0:90:
                    6a:0f:cc:ad:f1:5a:6e:99:13:76:5b:f5:51:68:ac:
                    be:30:0a:4b:93:e0:9f:de:5d:20:64:22:c5:e3:2e:
                    f8:cc:f2:1a:dd:1a:be:6d:c1:ff:65:5d:18:c6:37:
                    55:df:49:5f:6e:48:fd:74:50:9d:fd:c6:49:a2:b4:
                    e1:c5:31:aa:02:ac:51:f6:57:61:25:38:e9:b9:fe:
                    9f:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D7:F6:45:77:59:39:B8:EC:C8:1E:87:62:DA:D3:A0:B6:B1:14:B8:DD
            X509v3 Authority Key Identifier:
                keyid:0B:7D:58:51:E9:91:13:F3:83:2E:D1:2C:BE:5D:B4:43:79:90:96:8F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/7dGkkyBprDPFgs6zzv3a6wVAssBKUmqX57byAR3DygK/1/0B7D5851E99113F3832ED12CBE5DB4437990968F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0B7D5851E99113F3832ED12CBE5DB4437990968F.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/7dGkkyBprDPFgs6zzv3a6wVAssBKUmqX57byAR3DygK/1/3230302e32342e3132302e302f32322d3332203d3e20323731363030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.24.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         38:ca:04:b7:76:f0:76:70:64:7a:65:da:bc:1b:99:61:bf:bb:
         31:f4:bb:a3:fd:29:e1:1b:58:f3:84:ea:73:c3:4f:0e:82:b6:
         0d:f6:24:2f:33:8c:4e:00:78:3d:7b:6d:ca:1f:2b:ea:82:ab:
         0b:f0:80:40:c2:0d:9f:96:a1:e2:38:f7:5c:c6:74:de:2e:18:
         94:52:c2:ca:fe:d7:f0:46:a3:b0:81:49:10:c4:fb:96:d0:30:
         c3:47:92:ae:e3:64:2b:43:83:17:ae:da:72:0f:80:91:3b:f0:
         36:07:70:69:cf:60:1b:85:13:65:32:cc:e1:f8:12:c5:d6:7f:
         90:70:70:9c:f0:b5:67:cf:4a:75:82:d4:b5:82:da:fb:e2:52:
         bf:92:6b:86:c9:4a:87:54:4b:95:ea:03:fc:db:e3:b7:18:34:
         be:78:a8:95:11:83:5e:0c:99:2f:f8:78:bc:43:68:61:4a:77:
         3a:6e:f0:e9:92:0c:64:29:35:aa:b7:67:1f:2d:2f:b7:74:db:
         b4:94:d1:99:87:f0:01:19:02:5b:3d:d2:c1:da:ca:ed:22:ad:
         97:e1:0a:fc:48:6e:92:2e:49:b7:d4:c3:10:1e:a2:60:8a:e1:
         8d:ae:8e:80:ec:bb:e2:68:0f:a2:e4:32:8a:85:6b:ab:29:f9:
         13:6d:99:93
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgIUUkUHbaAg9QsrNuZFCpHbz3qO/RowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMEI3RDU4NTFFOTkxMTNGMzgzMkVEMTJDQkU1REI0NDM3
OTkwOTY4RjAeFw0yNDA0MDQxMDA3NTZaFw0yNTA0MDMxMDEyNTZaMDMxMTAvBgNV
BAMTKEQ3RjY0NTc3NTkzOUI4RUNDODFFODc2MkRBRDNBMEI2QjExNEI4REQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyHaNtvKYFc7CoeBAuEqiy/JGK
kFoXKghuIXdKWbodythOOB+oMOfNtGMpM7NmKySNwnNlsfcxq7kGQLJpJEuxn2vN
6is9pRX7JtFfeEnkR4UWWfcSJK0FvsNVkNpfBmzFrNdwXYcQGCSAfGEQbKTVmCFm
+TyBK37i9CmrIVxF7vDbvP4SNBrU9fyYj3Kr/N3tIBDfyO4mILZBj00xJVM0QxsY
UEfI8TMooqmtQmE/5PugkGoPzK3xWm6ZE3Zb9VForL4wCkuT4J/eXSBkIsXjLvjM
8hrdGr5twf9lXRjGN1XfSV9uSP10UJ39xkmitOHFMaoCrFH2V2ElOOm5/p9VAgMB
AAGjggJOMIICSjAdBgNVHQ4EFgQU1/ZFd1k5uOzIHodi2tOgtrEUuN0wHwYDVR0j
BBgwFoAUC31YUemRE/ODLtEsvl20Q3mQlo8wDgYDVR0PAQH/BAQDAgeAMIGSBgNV
HR8EgYowgYcwgYSggYGgf4Z9cnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIv
cmVwby83ZEdra3lCcHJEUEZnczZ6enYzYTZ3VkFzc0JLVW1xWDU3YnlBUjNEeWdL
LzEvMEI3RDU4NTFFOTkxMTNGMzgzMkVEMTJDQkU1REI0NDM3OTkwOTY4Ri5jcmww
eAYIKwYBBQUHAQEEbDBqMGgGCCsGAQUFBzAChlxyc3luYzovL3Jwa2ktcmVwby5y
ZWdpc3Ryby5ici9yZXBvL25pY2JyX3JlcG8vMS8wQjdENTg1MUU5OTExM0YzODMy
RUQxMkNCRTVEQjQ0Mzc5OTA5NjhGLmNlcjCBrQYIKwYBBQUHAQsEgaAwgZ0wgZoG
CCsGAQUFBzALhoGNcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby83
ZEdra3lCcHJEUEZnczZ6enYzYTZ3VkFzc0JLVW1xWDU3YnlBUjNEeWdLLzEvMzIz
MDMwMmUzMjM0MmUzMTMyMzAyZTMwMmYzMjMyMmQzMzMyMjAzZDNlMjAzMjM3MzEz
NjMwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBALIGHgwDQYJKoZIhvcNAQELBQADggEBADjKBLd28HZw
ZHpl2rwbmWG/uzH0u6P9KeEbWPOE6nPDTw6Ctg32JC8zjE4AeD17bcofK+qCqwvw
gEDCDZ+WoeI491zGdN4uGJRSwsr+1/BGo7CBSRDE+5bQMMNHkq7jZCtDgxeu2nIP
gJE78DYHcGnPYBuFE2UyzOH4EsXWf5BwcJzwtWfPSnWC1LWC2vviUr+Sa4bJSodU
S5XqA/zb47cYNL54qJURg14MmS/4eLxDaGFKdzpu8OmSDGQpNaq3Zx8tL7d027SU
0ZmH8AEZAls90sHayu0irZfhCvxIbpIuSbfUwxAeomCK4Y2ujoDsu+JoD6LkMoqF
a6sp+RNtmZM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:44:19 2024 by rpki-client on console-ams.rpki-client.org