Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/9Vy71tGVhujiVvFSt7rZBihdkDRAwowUPNJLww2AhvpT/0/323830343a3365383a3a2f33322d3438203d3e203238363633.roa
File:                     323830343a3365383a3a2f33322d3438203d3e203238363633.roa (raw, json)
Hash identifier:          L4E39ZvgimbwtcF9SrMeTQCR1vv2wwbuP9hUkX16VAQ=
Subject key identifier:   E4:E8:32:4E:65:3E:E3:F1:39:22:C5:1A:92:24:4D:40:20:05:21:DC
Certificate issuer:       /CN=7ABE3EFE655479E079EDDCB6B0CAB5297A4F38E2
Certificate serial:       3AAF686AC8B1A12816C3091A0449C553AF9CBFA1
Authority key identifier: 7A:BE:3E:FE:65:54:79:E0:79:ED:DC:B6:B0:CA:B5:29:7A:4F:38:E2
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7ABE3EFE655479E079EDDCB6B0CAB5297A4F38E2.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/9Vy71tGVhujiVvFSt7rZBihdkDRAwowUPNJLww2AhvpT/0/323830343a3365383a3a2f33322d3438203d3e203238363633.roa
Signing time:             Fri 17 May 2024 13:53:46 +0000
ROA not before:           Fri 17 May 2024 13:48:46 +0000
ROA not after:            Fri 16 May 2025 13:53:46 +0000
asID:                     28663
IP address blocks:        2804:3e8::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/9Vy71tGVhujiVvFSt7rZBihdkDRAwowUPNJLww2AhvpT/0/7ABE3EFE655479E079EDDCB6B0CAB5297A4F38E2.crl
                          rsync://rpki-repo.registro.br/repo/9Vy71tGVhujiVvFSt7rZBihdkDRAwowUPNJLww2AhvpT/0/7ABE3EFE655479E079EDDCB6B0CAB5297A4F38E2.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7ABE3EFE655479E079EDDCB6B0CAB5297A4F38E2.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Jun 2024 23:44:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:af:68:6a:c8:b1:a1:28:16:c3:09:1a:04:49:c5:53:af:9c:bf:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7ABE3EFE655479E079EDDCB6B0CAB5297A4F38E2
        Validity
            Not Before: May 17 13:48:46 2024 GMT
            Not After : May 16 13:53:46 2025 GMT
        Subject: CN=E4E8324E653EE3F13922C51A92244D40200521DC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:a4:cf:10:69:d8:e3:9f:21:f1:9f:ca:4c:b5:
                    7d:15:1f:cd:ab:61:e7:52:8e:d7:43:a0:12:6e:11:
                    6e:e3:dc:86:ff:67:ae:c1:38:08:e2:c9:be:ad:d5:
                    0e:0f:a1:2a:ef:a8:c1:69:98:84:28:f8:7d:e6:6e:
                    90:62:73:fd:9a:eb:8c:e9:72:8c:24:45:3c:51:e1:
                    3f:cf:2f:42:92:19:07:4c:6b:1f:23:f3:13:42:0b:
                    23:21:2c:85:9e:05:82:8c:6a:9a:f6:7e:63:ac:be:
                    52:d9:9a:63:47:8b:1b:24:de:98:41:d1:f3:01:45:
                    a3:cd:db:39:29:ca:1f:8a:35:f9:a3:d1:9d:94:1d:
                    e3:c5:57:54:fc:a8:7a:9e:ee:fa:e7:fb:ca:0e:39:
                    a4:bd:85:e7:e8:d7:8f:93:93:65:11:a7:c6:ab:08:
                    57:39:66:f4:d0:d2:bf:39:87:77:82:e6:5c:9e:f4:
                    5a:9d:a8:72:58:09:63:48:9d:1c:ba:50:20:ce:dc:
                    f2:e9:71:50:34:20:96:6f:86:23:21:cd:65:b0:ee:
                    f7:ac:74:41:7c:3e:ec:f4:9f:b5:03:2e:17:d7:7a:
                    e6:c7:d1:69:98:f5:f1:c3:66:ea:70:2b:09:10:8f:
                    87:19:73:a9:ff:cb:b5:14:38:84:e7:81:c4:89:1d:
                    34:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E4:E8:32:4E:65:3E:E3:F1:39:22:C5:1A:92:24:4D:40:20:05:21:DC
            X509v3 Authority Key Identifier:
                keyid:7A:BE:3E:FE:65:54:79:E0:79:ED:DC:B6:B0:CA:B5:29:7A:4F:38:E2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/9Vy71tGVhujiVvFSt7rZBihdkDRAwowUPNJLww2AhvpT/0/7ABE3EFE655479E079EDDCB6B0CAB5297A4F38E2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7ABE3EFE655479E079EDDCB6B0CAB5297A4F38E2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/9Vy71tGVhujiVvFSt7rZBihdkDRAwowUPNJLww2AhvpT/0/323830343a3365383a3a2f33322d3438203d3e203238363633.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:3e8::/32

    Signature Algorithm: sha256WithRSAEncryption
         54:8d:db:5b:6f:ae:7c:76:b8:cf:59:a6:78:be:ad:32:32:7e:
         7f:41:40:ad:97:28:2d:84:01:c6:fc:5f:1d:cd:dd:77:85:bb:
         7e:26:db:38:2f:f6:3c:63:60:fd:08:83:3b:72:4a:bf:80:70:
         c5:4a:99:8b:9f:9b:6b:6b:cd:86:00:90:38:c6:ec:ed:0a:06:
         63:cd:a7:14:50:0d:08:75:00:88:7d:83:89:ce:ac:6d:38:f6:
         d0:88:e8:6c:e5:72:1b:54:5e:59:d0:cc:10:f1:20:42:2d:a2:
         0c:97:a1:30:7b:97:dc:57:d6:9e:5d:26:58:f9:89:1b:01:b3:
         b8:21:44:58:87:54:e4:c6:3e:2c:7d:1a:f0:92:85:13:24:1c:
         4d:eb:52:d8:ee:3d:3f:28:e3:a7:24:2e:24:e3:e0:1a:82:a7:
         70:9c:52:b1:50:76:97:3b:fd:7c:55:20:18:f1:7d:8b:6f:0e:
         58:44:6a:dc:cd:ee:c9:a9:d4:37:a5:1e:bb:9b:be:33:17:ce:
         b1:f4:c4:48:1d:21:86:85:38:35:32:93:d9:d2:0f:25:f9:6b:
         2f:d5:a9:75:48:a5:82:78:94:b4:d1:86:70:79:57:3d:82:58:
         3c:08:e0:af:9d:a9:f6:cf:68:6a:9c:6c:5e:94:f7:37:2c:39:
         44:cd:8a:da
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUOq9oasixoSgWwwkaBEnFU6+cv6EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0FCRTNFRkU2NTU0NzlFMDc5RUREQ0I2QjBDQUI1Mjk3
QTRGMzhFMjAeFw0yNDA1MTcxMzQ4NDZaFw0yNTA1MTYxMzUzNDZaMDMxMTAvBgNV
BAMTKEU0RTgzMjRFNjUzRUUzRjEzOTIyQzUxQTkyMjQ0RDQwMjAwNTIxREMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVpM8QadjjnyHxn8pMtX0VH82r
YedSjtdDoBJuEW7j3Ib/Z67BOAjiyb6t1Q4PoSrvqMFpmIQo+H3mbpBic/2a64zp
cowkRTxR4T/PL0KSGQdMax8j8xNCCyMhLIWeBYKMapr2fmOsvlLZmmNHixsk3phB
0fMBRaPN2zkpyh+KNfmj0Z2UHePFV1T8qHqe7vrn+8oOOaS9hefo14+Tk2URp8ar
CFc5ZvTQ0r85h3eC5lye9FqdqHJYCWNInRy6UCDO3PLpcVA0IJZvhiMhzWWw7ves
dEF8Puz0n7UDLhfXeubH0WmY9fHDZupwKwkQj4cZc6n/y7UUOITngcSJHTRpAgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQU5OgyTmU+4/E5IsUakiRNQCAFIdwwHwYDVR0j
BBgwFoAUer4+/mVUeeB57dy2sMq1KXpPOOIwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOVZ5NzF0R1ZodWppVnZGU3Q3clpCaWhka0RSQXdvd1VQTkpMd3cyQWh2
cFQvMC83QUJFM0VGRTY1NTQ3OUUwNzlFRERDQjZCMENBQjUyOTdBNEYzOEUyLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzdBQkUzRUZFNjU1NDc5RTA3
OUVERENCNkIwQ0FCNTI5N0E0RjM4RTIuY2VyMIGoBggrBgEFBQcBCwSBmzCBmDCB
lQYIKwYBBQUHMAuGgYhyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzlWeTcxdEdWaHVqaVZ2RlN0N3JaQmloZGtEUkF3b3dVUE5KTHd3MkFodnBULzAv
MzIzODMwMzQzYTMzNjUzODNhM2EyZjMzMzIyZDM0MzgyMDNkM2UyMDMyMzgzNjM2
MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAoBAPoMA0GCSqGSIb3DQEBCwUAA4IBAQBUjdtbb658drjP
WaZ4vq0yMn5/QUCtlygthAHG/F8dzd13hbt+Jts4L/Y8Y2D9CIM7ckq/gHDFSpmL
n5tra82GAJA4xuztCgZjzacUUA0IdQCIfYOJzqxtOPbQiOhs5XIbVF5Z0MwQ8SBC
LaIMl6Ewe5fcV9aeXSZY+YkbAbO4IURYh1Tkxj4sfRrwkoUTJBxN61LY7j0/KOOn
JC4k4+AagqdwnFKxUHaXO/18VSAY8X2Lbw5YRGrcze7JqdQ3pR67m74zF86x9MRI
HSGGhTg1MpPZ0g8l+Wsv1al1SKWCeJS00YZweVc9glg8COCvnan2z2hqnGxelPc3
LDlEzYra
-----END CERTIFICATE-----
Generated at Mon Jun 17 22:40:31 2024 by rpki-client on console-fra.rpki-client.org