Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/3138372e31372e3234302e302f32302d3234203d3e203238323031.roa
File:                     3138372e31372e3234302e302f32302d3234203d3e203238323031.roa (raw, json)
Hash identifier:          vioyE3yt5S94HexP2xfcuBGy7Fav8xd8CL5zlaLQQDQ=
Subject key identifier:   82:92:03:41:83:12:95:BD:C5:48:BE:12:76:50:DF:D9:AB:D1:15:B5
Certificate issuer:       /CN=AC1FE9387640A777B73D94211D4C8FFA5C669304
Certificate serial:       21B4FF293D3A77ECCD000CAEE12AD3F6885BDF50
Authority key identifier: AC:1F:E9:38:76:40:A7:77:B7:3D:94:21:1D:4C:8F:FA:5C:66:93:04
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC1FE9387640A777B73D94211D4C8FFA5C669304.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/3138372e31372e3234302e302f32302d3234203d3e203238323031.roa
Signing time:             Wed 10 Apr 2024 12:29:28 +0000
ROA not before:           Wed 10 Apr 2024 12:24:28 +0000
ROA not after:            Wed 09 Apr 2025 12:29:28 +0000
asID:                     28201
IP address blocks:        187.17.240.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/AC1FE9387640A777B73D94211D4C8FFA5C669304.crl
                          rsync://rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/AC1FE9387640A777B73D94211D4C8FFA5C669304.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC1FE9387640A777B73D94211D4C8FFA5C669304.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 17:27:24 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:b4:ff:29:3d:3a:77:ec:cd:00:0c:ae:e1:2a:d3:f6:88:5b:df:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC1FE9387640A777B73D94211D4C8FFA5C669304
        Validity
            Not Before: Apr 10 12:24:28 2024 GMT
            Not After : Apr  9 12:29:28 2025 GMT
        Subject: CN=82920341831295BDC548BE127650DFD9ABD115B5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:e9:c5:32:a5:7f:24:80:99:d7:3a:50:ad:0f:
                    43:bf:4e:25:49:96:d6:0a:84:93:d3:ad:7b:6d:c2:
                    5e:24:68:05:01:3b:4b:89:f8:64:0b:d3:6d:21:a7:
                    51:7b:f5:bd:a7:6f:27:94:61:82:60:cd:55:03:40:
                    d0:da:14:af:84:ba:d3:78:7a:d8:40:72:57:e2:6f:
                    19:73:b9:06:f6:22:bd:fd:e5:da:e6:35:80:64:c4:
                    59:d1:4f:89:0f:4a:a1:df:07:74:dd:7c:17:3a:33:
                    4c:69:69:9c:5b:28:41:74:66:a0:7c:78:fb:97:c0:
                    8b:a5:eb:b1:db:01:cc:1a:3e:0e:1a:d3:8a:97:8b:
                    ab:90:29:48:ad:0b:9f:81:46:63:e5:36:33:59:27:
                    e4:c0:0a:9e:cc:41:62:48:44:df:7e:98:f1:1a:f5:
                    1a:fb:a5:5b:7a:37:56:d5:31:16:78:1d:55:62:56:
                    73:d2:53:68:c8:e5:84:c3:79:b0:89:47:c8:68:6b:
                    71:fb:64:bc:76:a4:7e:6c:f7:cb:ea:5e:0d:92:4a:
                    4b:ad:6b:0c:48:d0:f1:ae:b4:03:88:55:e1:b0:83:
                    30:47:25:57:2d:45:e1:10:a8:47:6f:7b:67:76:37:
                    2b:25:7c:e9:b8:1e:0d:d4:50:e1:19:a5:c7:65:b5:
                    f3:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:92:03:41:83:12:95:BD:C5:48:BE:12:76:50:DF:D9:AB:D1:15:B5
            X509v3 Authority Key Identifier:
                keyid:AC:1F:E9:38:76:40:A7:77:B7:3D:94:21:1D:4C:8F:FA:5C:66:93:04

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/AC1FE9387640A777B73D94211D4C8FFA5C669304.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC1FE9387640A777B73D94211D4C8FFA5C669304.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/9tgHFrYqotknrzGNHA22qPXArbT22UspTGcZriDN6fgU/0/3138372e31372e3234302e302f32302d3234203d3e203238323031.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  187.17.240.0/20

    Signature Algorithm: sha256WithRSAEncryption
         79:da:39:b9:52:4d:da:6c:b1:a6:7e:3f:dc:dc:ee:3e:fe:69:
         fc:6f:f9:14:89:8d:db:3b:cb:88:d3:37:cf:69:84:ce:49:e5:
         bd:a6:99:0d:61:5c:e4:67:c9:a0:f5:4b:2f:e7:9f:b2:5d:c0:
         a0:06:f5:bf:f2:08:7d:ca:16:f2:b2:29:58:8e:74:e4:93:99:
         dc:db:ec:7a:80:39:6d:8c:d4:28:57:85:c3:64:ee:f7:42:5e:
         4e:61:a0:63:72:e8:0a:4d:89:47:95:b2:b1:42:45:c2:43:07:
         40:7b:bd:5a:86:da:93:c3:2e:cb:2c:d0:bd:6d:04:be:73:38:
         55:eb:12:44:6c:67:c5:b3:3e:9b:05:4b:23:f2:58:ca:e9:d4:
         d7:7b:18:ca:84:9c:25:37:a7:84:49:29:50:58:ab:a6:e0:ae:
         0b:b9:c2:f2:ff:ce:e9:34:87:3e:f9:e0:0b:48:71:dd:c2:af:
         dd:fe:ba:4d:cc:5b:3d:d5:3c:8a:90:ab:99:a6:af:39:c3:02:
         47:ab:b9:6b:cf:d9:56:ee:8f:bb:bd:7d:3c:dd:67:02:03:86:
         90:93:12:50:90:ba:5f:9e:f7:1b:7b:10:50:9a:6b:35:de:80:
         24:a7:ac:40:75:10:d5:d9:df:19:e9:42:88:56:f2:0a:9a:18:
         0c:24:7a:ca
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUIbT/KT06d+zNAAyu4SrT9ohb31AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUMxRkU5Mzg3NjQwQTc3N0I3M0Q5NDIxMUQ0QzhGRkE1
QzY2OTMwNDAeFw0yNDA0MTAxMjI0MjhaFw0yNTA0MDkxMjI5MjhaMDMxMTAvBgNV
BAMTKDgyOTIwMzQxODMxMjk1QkRDNTQ4QkUxMjc2NTBERkQ5QUJEMTE1QjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh6cUypX8kgJnXOlCtD0O/TiVJ
ltYKhJPTrXttwl4kaAUBO0uJ+GQL020hp1F79b2nbyeUYYJgzVUDQNDaFK+EutN4
ethAclfibxlzuQb2Ir395drmNYBkxFnRT4kPSqHfB3TdfBc6M0xpaZxbKEF0ZqB8
ePuXwIul67HbAcwaPg4a04qXi6uQKUitC5+BRmPlNjNZJ+TACp7MQWJIRN9+mPEa
9Rr7pVt6N1bVMRZ4HVViVnPSU2jI5YTDebCJR8hoa3H7ZLx2pH5s98vqXg2SSkut
awxI0PGutAOIVeGwgzBHJVctReEQqEdve2d2NyslfOm4Hg3UUOEZpcdltfN9AgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUgpIDQYMSlb3FSL4SdlDf2avRFbUwHwYDVR0j
BBgwFoAUrB/pOHZAp3e3PZQhHUyP+lxmkwQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOXRnSEZyWXFvdGtucnpHTkhBMjJxUFhBcmJUMjJVc3BUR2NacmlETjZm
Z1UvMC9BQzFGRTkzODc2NDBBNzc3QjczRDk0MjExRDRDOEZGQTVDNjY5MzA0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FDMUZFOTM4NzY0MEE3NzdC
NzNEOTQyMTFENEM4RkZBNUM2NjkzMDQuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
Lzl0Z0hGcllxb3RrbnJ6R05IQTIycVBYQXJiVDIyVXNwVEdjWnJpRE42ZmdVLzAv
MzEzODM3MmUzMTM3MmUzMjM0MzAyZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMjM4
MzIzMDMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQEuxHwMA0GCSqGSIb3DQEBCwUAA4IBAQB52jm5Uk3a
bLGmfj/c3O4+/mn8b/kUiY3bO8uI0zfPaYTOSeW9ppkNYVzkZ8mg9Usv55+yXcCg
BvW/8gh9yhbysilYjnTkk5nc2+x6gDltjNQoV4XDZO73Ql5OYaBjcugKTYlHlbKx
QkXCQwdAe71ahtqTwy7LLNC9bQS+czhV6xJEbGfFsz6bBUsj8ljK6dTXexjKhJwl
N6eESSlQWKum4K4LucLy/87pNIc++eALSHHdwq/d/rpNzFs91TyKkKuZpq85wwJH
q7lrz9lW7o+7vX083WcCA4aQkxJQkLpfnvcbexBQmms13oAkp6xAdRDV2d8Z6UKI
VvIKmhgMJHrK
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:44:01 2024 by rpki-client on console-ams.rpki-client.org