Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/8wEjAwUf9KPnX4ERy1BXEBUsecd3uY3jH5B2Cq3WxVoe/0/3134332e3133372e3232302e302f32332d3233203d3e20323634303437.roa
File:                     3134332e3133372e3232302e302f32332d3233203d3e20323634303437.roa (raw, json)
Hash identifier:          Ome+LOoZ1oImmSvhdc/0yS30uFqJAWNIgKIeWLEK3ro=
Subject key identifier:   72:BB:A3:D1:D4:18:0A:76:D6:0C:EC:4F:1D:08:04:92:5C:F3:9C:99
Certificate issuer:       /CN=132DCDB6019382C752C71B103893EAC01BCC5512
Certificate serial:       0E2F6729CC4C686F113B9EA8C28903BC536B9975
Authority key identifier: 13:2D:CD:B6:01:93:82:C7:52:C7:1B:10:38:93:EA:C0:1B:CC:55:12
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/132DCDB6019382C752C71B103893EAC01BCC5512.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/8wEjAwUf9KPnX4ERy1BXEBUsecd3uY3jH5B2Cq3WxVoe/0/3134332e3133372e3232302e302f32332d3233203d3e20323634303437.roa
Signing time:             Tue 12 Nov 2024 18:14:18 +0000
ROA not before:           Tue 12 Nov 2024 18:09:18 +0000
ROA not after:            Tue 11 Nov 2025 18:14:18 +0000
asID:                     264047
IP address blocks:        143.137.220.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/8wEjAwUf9KPnX4ERy1BXEBUsecd3uY3jH5B2Cq3WxVoe/0/132DCDB6019382C752C71B103893EAC01BCC5512.crl
                          rsync://rpki-repo.registro.br/repo/8wEjAwUf9KPnX4ERy1BXEBUsecd3uY3jH5B2Cq3WxVoe/0/132DCDB6019382C752C71B103893EAC01BCC5512.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/132DCDB6019382C752C71B103893EAC01BCC5512.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 30 Nov 2024 08:04:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:2f:67:29:cc:4c:68:6f:11:3b:9e:a8:c2:89:03:bc:53:6b:99:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=132DCDB6019382C752C71B103893EAC01BCC5512
        Validity
            Not Before: Nov 12 18:09:18 2024 GMT
            Not After : Nov 11 18:14:18 2025 GMT
        Subject: CN=72BBA3D1D4180A76D60CEC4F1D0804925CF39C99
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:65:10:7b:5a:d6:c0:b2:b6:8a:b5:43:8d:65:
                    5d:ee:ad:31:71:4f:ba:7f:cc:c5:69:90:67:56:1a:
                    39:b7:4f:c7:4d:39:47:79:68:c7:d6:ee:0f:16:8b:
                    93:f8:f4:74:5a:6b:1e:dd:02:8b:8f:f1:65:b0:da:
                    4a:e2:6c:af:83:ca:ec:74:e7:b1:01:de:d1:3f:87:
                    58:04:f1:99:d2:cb:75:35:6b:62:82:ee:98:2e:e7:
                    a3:cb:e8:a5:c7:fa:0e:15:b1:55:6c:b1:ec:77:2c:
                    5d:53:3c:65:4b:0e:0b:9d:05:91:89:dd:05:e9:c2:
                    78:c0:82:51:17:2c:4a:96:67:e2:d5:64:f8:66:bd:
                    10:08:39:18:bd:65:ec:b1:7a:98:5d:a4:da:c1:05:
                    21:8f:a8:77:bf:b7:bd:e7:c7:2d:df:6f:81:60:f1:
                    05:ec:27:af:d5:e8:ee:b9:6e:4b:f2:31:b8:0e:30:
                    91:57:d6:98:46:ea:21:32:5d:86:f4:40:76:93:fb:
                    12:0c:3c:21:d7:cc:3e:35:2b:3a:26:b2:34:d2:e6:
                    5c:11:c4:0b:00:28:8a:23:62:fe:de:cc:9b:16:7c:
                    73:5d:17:ba:05:62:e9:90:e0:29:58:5f:66:8f:a2:
                    12:cc:40:9b:ea:39:b7:cd:93:03:d5:fc:7d:68:c1:
                    73:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:BB:A3:D1:D4:18:0A:76:D6:0C:EC:4F:1D:08:04:92:5C:F3:9C:99
            X509v3 Authority Key Identifier:
                keyid:13:2D:CD:B6:01:93:82:C7:52:C7:1B:10:38:93:EA:C0:1B:CC:55:12

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/8wEjAwUf9KPnX4ERy1BXEBUsecd3uY3jH5B2Cq3WxVoe/0/132DCDB6019382C752C71B103893EAC01BCC5512.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/132DCDB6019382C752C71B103893EAC01BCC5512.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/8wEjAwUf9KPnX4ERy1BXEBUsecd3uY3jH5B2Cq3WxVoe/0/3134332e3133372e3232302e302f32332d3233203d3e20323634303437.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.137.220.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8c:e6:a1:83:56:a7:82:fc:ce:c5:a0:f3:ce:da:27:cd:b1:72:
         bb:c6:dc:db:c3:5d:38:67:e1:45:65:a8:f5:2c:7c:3f:ed:9d:
         6c:25:6c:6a:cd:0e:95:c3:ca:f3:b8:44:f4:f8:b7:68:7b:57:
         c8:36:4c:4a:a9:1c:dd:2e:a2:05:74:91:56:4b:7e:ba:be:1a:
         7a:b4:40:a8:35:81:c0:ae:a5:1f:76:81:bb:3e:3e:91:97:6f:
         12:b6:f3:10:ff:c0:a1:4e:3d:a6:c5:bd:90:62:99:92:91:ba:
         ef:d1:dc:89:a9:e8:ca:54:fb:7e:1a:6e:cf:c0:fe:a0:74:e1:
         41:75:55:47:c5:00:bf:45:2e:dd:15:cb:48:f3:44:95:e3:4d:
         1d:26:b2:ea:66:3d:67:89:e6:73:c4:71:78:57:33:27:3e:a2:
         70:71:27:ad:71:e7:f5:68:d2:12:9b:32:a2:93:fd:63:41:c7:
         a7:01:d8:1e:bd:0a:cc:c7:21:48:50:0e:d4:33:e8:48:44:d4:
         16:cb:59:64:4f:89:5b:11:2b:d0:ba:ae:9e:aa:0b:4f:b9:ed:
         3b:0a:02:b5:00:55:56:d4:a2:61:62:15:46:5c:51:e4:46:01:
         07:0a:d5:36:08:18:0e:3d:d1:0f:26:35:e6:da:9b:8a:d9:53:
         d1:63:82:19
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUDi9nKcxMaG8RO56owokDvFNrmXUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTMyRENEQjYwMTkzODJDNzUyQzcxQjEwMzg5M0VBQzAx
QkNDNTUxMjAeFw0yNDExMTIxODA5MThaFw0yNTExMTExODE0MThaMDMxMTAvBgNV
BAMTKDcyQkJBM0QxRDQxODBBNzZENjBDRUM0RjFEMDgwNDkyNUNGMzlDOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0ZRB7WtbAsraKtUONZV3urTFx
T7p/zMVpkGdWGjm3T8dNOUd5aMfW7g8Wi5P49HRaax7dAouP8WWw2kribK+Dyux0
57EB3tE/h1gE8ZnSy3U1a2KC7pgu56PL6KXH+g4VsVVssex3LF1TPGVLDgudBZGJ
3QXpwnjAglEXLEqWZ+LVZPhmvRAIORi9ZeyxephdpNrBBSGPqHe/t73nxy3fb4Fg
8QXsJ6/V6O65bkvyMbgOMJFX1phG6iEyXYb0QHaT+xIMPCHXzD41KzomsjTS5lwR
xAsAKIojYv7ezJsWfHNdF7oFYumQ4ClYX2aPohLMQJvqObfNkwPV/H1owXN3AgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUcruj0dQYCnbWDOxPHQgEklzznJkwHwYDVR0j
BBgwFoAUEy3NtgGTgsdSxxsQOJPqwBvMVRIwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOHdFakF3VWY5S1BuWDRFUnkxQlhFQlVzZWNkM3VZM2pINUIyQ3EzV3hW
b2UvMC8xMzJEQ0RCNjAxOTM4MkM3NTJDNzFCMTAzODkzRUFDMDFCQ0M1NTEyLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzEzMkRDREI2MDE5MzgyQzc1
MkM3MUIxMDM4OTNFQUMwMUJDQzU1MTIuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
Lzh3RWpBd1VmOUtQblg0RVJ5MUJYRUJVc2VjZDN1WTNqSDVCMkNxM1d4Vm9lLzAv
MzEzNDMzMmUzMTMzMzcyZTMyMzIzMDJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDMy
MzYzNDMwMzQzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAY+J3DANBgkqhkiG9w0BAQsFAAOCAQEAjOah
g1angvzOxaDzztonzbFyu8bc28NdOGfhRWWo9Sx8P+2dbCVsas0OlcPK87hE9Pi3
aHtXyDZMSqkc3S6iBXSRVkt+ur4aerRAqDWBwK6lH3aBuz4+kZdvErbzEP/AoU49
psW9kGKZkpG679HcianoylT7fhpuz8D+oHThQXVVR8UAv0Uu3RXLSPNEleNNHSay
6mY9Z4nmc8RxeFczJz6icHEnrXHn9WjSEpsyopP9Y0HHpwHYHr0KzMchSFAO1DPo
SETUFstZZE+JWxEr0LqunqoLT7ntOwoCtQBVVtSiYWIVRlxR5EYBBwrVNggYDj3R
DyY15tqbitlT0WOCGQ==
-----END CERTIFICATE-----
Generated at Fri Nov 29 08:52:03 2024 by rpki-client on console-fra.rpki-client.org