Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/7hBZdoP28xFraUFqPCUTv5TLWFCAAQya9cxPFKpE29w8/1/323830343a363532343a3a2f33322d3332203d3e20323639343731.roa
File:                     323830343a363532343a3a2f33322d3332203d3e20323639343731.roa (raw, json)
Hash identifier:          WGN88xNggvTIKdAGxrWRjalSJtqV2dzrF23CCwgoZ9Q=
Subject key identifier:   C5:23:8D:F2:94:70:5C:E4:A2:4D:7D:97:EC:08:CB:C7:11:9A:EB:AD
Certificate issuer:       /CN=DE3BA4478FDB8E4A375324C044D80C565504F5FA
Certificate serial:       379863B94CE904FA715CAF1C6733ECCF70AE7A4F
Authority key identifier: DE:3B:A4:47:8F:DB:8E:4A:37:53:24:C0:44:D8:0C:56:55:04:F5:FA
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DE3BA4478FDB8E4A375324C044D80C565504F5FA.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/7hBZdoP28xFraUFqPCUTv5TLWFCAAQya9cxPFKpE29w8/1/323830343a363532343a3a2f33322d3332203d3e20323639343731.roa
Signing time:             Wed 03 Apr 2024 18:32:33 +0000
ROA not before:           Wed 03 Apr 2024 18:27:33 +0000
ROA not after:            Wed 02 Apr 2025 18:32:33 +0000
asID:                     269471
IP address blocks:        2804:6524::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/7hBZdoP28xFraUFqPCUTv5TLWFCAAQya9cxPFKpE29w8/1/DE3BA4478FDB8E4A375324C044D80C565504F5FA.crl
                          rsync://rpki-repo.registro.br/repo/7hBZdoP28xFraUFqPCUTv5TLWFCAAQya9cxPFKpE29w8/1/DE3BA4478FDB8E4A375324C044D80C565504F5FA.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DE3BA4478FDB8E4A375324C044D80C565504F5FA.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 12:13:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:98:63:b9:4c:e9:04:fa:71:5c:af:1c:67:33:ec:cf:70:ae:7a:4f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DE3BA4478FDB8E4A375324C044D80C565504F5FA
        Validity
            Not Before: Apr  3 18:27:33 2024 GMT
            Not After : Apr  2 18:32:33 2025 GMT
        Subject: CN=C5238DF294705CE4A24D7D97EC08CBC7119AEBAD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:df:ae:cc:70:b2:5f:1b:f6:30:41:15:4f:29:c7:
                    db:67:d1:ee:f3:57:18:56:dd:ed:6e:dd:72:ed:a0:
                    d0:e9:e2:b5:12:9d:2f:77:88:3a:a7:76:89:d3:6c:
                    e5:64:75:8a:c9:51:bf:6c:eb:22:f1:4b:64:6e:50:
                    c7:58:f8:5f:07:60:53:8d:2d:67:6c:5a:fb:43:5e:
                    fc:7d:4e:0d:91:f3:d7:31:ec:45:f5:92:68:9f:86:
                    44:bb:51:df:8d:78:99:bf:10:fe:59:53:c6:e4:74:
                    52:d6:cf:36:0a:5f:fd:c2:0e:bb:bb:9c:53:08:e8:
                    12:31:48:44:70:3d:03:99:c1:20:aa:26:7d:94:22:
                    dc:78:23:ff:f2:9c:69:fa:0a:2d:88:b0:af:c1:8c:
                    b9:a1:68:c3:3d:00:5a:c6:d6:c1:db:03:25:b7:90:
                    80:c8:c8:d6:3f:c3:c6:3c:e7:b4:5f:46:54:b3:01:
                    6f:7c:f2:a1:7b:bd:db:fb:6a:47:be:4e:75:e8:fa:
                    53:32:99:84:09:4a:23:e4:fa:c4:e8:87:0f:13:20:
                    13:65:59:04:83:8c:97:f2:0c:24:fa:85:c6:29:89:
                    25:29:67:15:0f:b6:25:82:2f:d8:ab:94:49:9f:bd:
                    c2:6f:7f:c7:76:66:ce:c3:1c:91:0e:b6:e7:86:8b:
                    9b:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:23:8D:F2:94:70:5C:E4:A2:4D:7D:97:EC:08:CB:C7:11:9A:EB:AD
            X509v3 Authority Key Identifier:
                keyid:DE:3B:A4:47:8F:DB:8E:4A:37:53:24:C0:44:D8:0C:56:55:04:F5:FA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/7hBZdoP28xFraUFqPCUTv5TLWFCAAQya9cxPFKpE29w8/1/DE3BA4478FDB8E4A375324C044D80C565504F5FA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DE3BA4478FDB8E4A375324C044D80C565504F5FA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/7hBZdoP28xFraUFqPCUTv5TLWFCAAQya9cxPFKpE29w8/1/323830343a363532343a3a2f33322d3332203d3e20323639343731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:6524::/32

    Signature Algorithm: sha256WithRSAEncryption
         7d:4d:57:ca:79:8f:1a:2a:cc:d9:b0:af:13:71:45:2f:22:c2:
         9d:af:4e:fc:a5:20:2f:16:ab:04:f0:1a:c0:99:b9:2a:af:a2:
         5a:6e:0e:95:58:ff:fa:6a:f8:3d:d0:eb:e9:22:05:5f:5f:f2:
         fe:36:22:ef:50:57:16:95:34:f7:b7:8f:e0:c6:f1:3a:9c:d3:
         be:32:f5:59:8b:21:b0:47:7a:e2:3a:19:e7:04:a7:f1:c5:93:
         ea:0c:a2:34:26:a6:6f:0c:6a:0c:5d:47:e1:58:1d:20:18:ea:
         07:e7:71:81:0a:45:7d:73:c8:c0:6b:aa:79:95:01:05:e5:df:
         ce:37:a5:3b:c5:7d:49:57:3c:7e:87:51:45:80:db:ce:0e:99:
         95:e8:86:11:58:85:d9:5d:a8:07:c5:fb:e4:b1:66:e5:03:7d:
         b1:ed:d5:47:be:3d:08:b3:5d:35:a6:ab:d9:b3:18:35:81:b4:
         f2:af:65:77:6c:bf:bb:22:3e:0c:7b:35:0e:08:c4:c4:e4:d7:
         46:59:39:66:d3:2c:1f:21:29:a0:50:9d:df:21:c2:5b:d1:ee:
         c9:48:91:f1:79:c3:b1:1e:a2:3e:d7:d6:c4:99:19:b5:ba:b4:
         24:15:1f:ae:7b:13:8a:44:a4:83:12:23:a1:cb:dd:61:74:2d:
         da:68:ca:0d
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUN5hjuUzpBPpxXK8cZzPsz3Cuek8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREUzQkE0NDc4RkRCOEU0QTM3NTMyNEMwNDREODBDNTY1
NTA0RjVGQTAeFw0yNDA0MDMxODI3MzNaFw0yNTA0MDIxODMyMzNaMDMxMTAvBgNV
BAMTKEM1MjM4REYyOTQ3MDVDRTRBMjREN0Q5N0VDMDhDQkM3MTE5QUVCQUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfrsxwsl8b9jBBFU8px9tn0e7z
VxhW3e1u3XLtoNDp4rUSnS93iDqndonTbOVkdYrJUb9s6yLxS2RuUMdY+F8HYFON
LWdsWvtDXvx9Tg2R89cx7EX1kmifhkS7Ud+NeJm/EP5ZU8bkdFLWzzYKX/3CDru7
nFMI6BIxSERwPQOZwSCqJn2UItx4I//ynGn6Ci2IsK/BjLmhaMM9AFrG1sHbAyW3
kIDIyNY/w8Y857RfRlSzAW988qF7vdv7ake+TnXo+lMymYQJSiPk+sTohw8TIBNl
WQSDjJfyDCT6hcYpiSUpZxUPtiWCL9irlEmfvcJvf8d2Zs7DHJEOtueGi5u1AgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUxSON8pRwXOSiTX2X7AjLxxGa660wHwYDVR0j
BBgwFoAU3jukR4/bjko3UyTARNgMVlUE9fowDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vN2hCWmRvUDI4eEZyYVVGcVBDVVR2NVRMV0ZDQUFReWE5Y3hQRktwRTI5
dzgvMS9ERTNCQTQ0NzhGREI4RTRBMzc1MzI0QzA0NEQ4MEM1NjU1MDRGNUZBLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0RFM0JBNDQ3OEZEQjhFNEEz
NzUzMjRDMDQ0RDgwQzU2NTUwNEY1RkEuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzdoQlpkb1AyOHhGcmFVRnFQQ1VUdjVUTFdGQ0FBUXlhOWN4UEZLcEUyOXc4LzEv
MzIzODMwMzQzYTM2MzUzMjM0M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzNjM5
MzQzNzMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKARlJDANBgkqhkiG9w0BAQsFAAOCAQEAfU1XynmP
GirM2bCvE3FFLyLCna9O/KUgLxarBPAawJm5Kq+iWm4OlVj/+mr4PdDr6SIFX1/y
/jYi71BXFpU097eP4MbxOpzTvjL1WYshsEd64joZ5wSn8cWT6gyiNCambwxqDF1H
4VgdIBjqB+dxgQpFfXPIwGuqeZUBBeXfzjelO8V9SVc8fodRRYDbzg6ZleiGEViF
2V2oB8X75LFm5QN9se3VR749CLNdNaar2bMYNYG08q9ld2y/uyI+DHs1DgjExOTX
Rlk5ZtMsHyEpoFCd3yHCW9HuyUiR8XnDsR6iPtfWxJkZtbq0JBUfrnsTikSkgxIj
ocvdYXQt2mjKDQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:14:46 2024 by rpki-client on console-fra.rpki-client.org