Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/AFhTpGBpoWALdpFyJVqtSMoukEA9tq9HYiWwHPEjCUHS/0/3133382e3235352e3232382e302f32342d3234203d3e20323633393935.roa
File:                     3133382e3235352e3232382e302f32342d3234203d3e20323633393935.roa (raw, json)
Hash identifier:          QFUh9HP/+sMoSpVYJKz5oOZsSAxK+xMLVZOZDmpQuQQ=
Subject key identifier:   67:E2:76:E6:2A:6F:AD:A1:F3:E3:07:DF:53:A1:ED:66:A6:C7:7A:D2
Certificate issuer:       /CN=D3CB0519647F9D3C145E31E81E779EA9C3D2C274
Certificate serial:       189A3C41100D5F36F19ED775020215136F3DD46C
Authority key identifier: D3:CB:05:19:64:7F:9D:3C:14:5E:31:E8:1E:77:9E:A9:C3:D2:C2:74
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D3CB0519647F9D3C145E31E81E779EA9C3D2C274.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/AFhTpGBpoWALdpFyJVqtSMoukEA9tq9HYiWwHPEjCUHS/0/3133382e3235352e3232382e302f32342d3234203d3e20323633393935.roa
Signing time:             Tue 23 Apr 2024 19:32:35 +0000
ROA not before:           Tue 23 Apr 2024 19:27:35 +0000
ROA not after:            Tue 22 Apr 2025 19:32:35 +0000
asID:                     263995
IP address blocks:        138.255.228.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/AFhTpGBpoWALdpFyJVqtSMoukEA9tq9HYiWwHPEjCUHS/0/D3CB0519647F9D3C145E31E81E779EA9C3D2C274.crl
                          rsync://rpki-repo.registro.br/repo/AFhTpGBpoWALdpFyJVqtSMoukEA9tq9HYiWwHPEjCUHS/0/D3CB0519647F9D3C145E31E81E779EA9C3D2C274.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D3CB0519647F9D3C145E31E81E779EA9C3D2C274.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 05:06:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:9a:3c:41:10:0d:5f:36:f1:9e:d7:75:02:02:15:13:6f:3d:d4:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D3CB0519647F9D3C145E31E81E779EA9C3D2C274
        Validity
            Not Before: Apr 23 19:27:35 2024 GMT
            Not After : Apr 22 19:32:35 2025 GMT
        Subject: CN=67E276E62A6FADA1F3E307DF53A1ED66A6C77AD2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:73:f5:ab:91:bb:68:01:c5:24:32:1d:da:c7:
                    55:16:ce:c4:86:9b:17:c4:0e:0f:04:5a:c4:5b:25:
                    22:75:f3:cd:c8:fa:fc:42:f8:1c:97:e3:df:fc:ed:
                    d8:14:b1:85:ab:76:b4:da:06:ce:63:36:4c:70:b9:
                    10:16:36:e0:17:0f:11:da:45:7b:4a:70:0e:04:49:
                    c8:f8:ff:84:07:00:f9:e8:6c:21:fd:66:8b:08:9c:
                    04:5c:37:01:ca:bf:d1:fd:33:62:d7:dc:fc:51:ca:
                    fc:ca:ae:b6:fd:e5:c6:96:de:6d:eb:3b:c1:58:e1:
                    48:8a:27:4a:48:49:7d:5b:c6:35:fe:31:ed:58:84:
                    ea:76:0e:6c:23:2c:8b:04:8c:75:91:59:a6:c7:e2:
                    b3:12:1a:dc:1d:94:48:4c:5c:13:c1:24:73:18:0c:
                    17:ee:39:20:61:bd:d2:1f:16:52:31:a1:95:1e:7d:
                    2e:0f:a5:88:80:73:cf:5c:0a:c5:41:47:1b:dd:10:
                    71:70:e7:cc:6a:3c:58:40:c7:1d:9e:91:4f:77:19:
                    54:10:ac:f9:55:2c:df:67:a1:97:22:bb:5a:c4:e6:
                    0d:87:30:68:29:06:e0:7d:79:36:bd:7e:f8:4b:4e:
                    17:84:b0:c9:9c:f1:4b:b1:d7:6e:63:33:86:77:45:
                    cd:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:E2:76:E6:2A:6F:AD:A1:F3:E3:07:DF:53:A1:ED:66:A6:C7:7A:D2
            X509v3 Authority Key Identifier:
                keyid:D3:CB:05:19:64:7F:9D:3C:14:5E:31:E8:1E:77:9E:A9:C3:D2:C2:74

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/AFhTpGBpoWALdpFyJVqtSMoukEA9tq9HYiWwHPEjCUHS/0/D3CB0519647F9D3C145E31E81E779EA9C3D2C274.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D3CB0519647F9D3C145E31E81E779EA9C3D2C274.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/AFhTpGBpoWALdpFyJVqtSMoukEA9tq9HYiWwHPEjCUHS/0/3133382e3235352e3232382e302f32342d3234203d3e20323633393935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.255.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3b:22:a7:08:2c:88:ce:a7:d5:e5:57:94:49:38:98:8a:a1:ae:
         69:7b:e1:1e:1d:ff:bc:5c:0c:1f:49:f8:de:a3:fe:89:89:28:
         02:4c:12:6c:ce:f8:ab:0f:16:a9:53:91:48:0e:76:63:e4:a9:
         86:27:ef:2b:1a:87:f9:80:52:66:1a:0e:34:65:e1:ea:a4:24:
         4d:f2:a9:9f:6a:ed:2d:a2:1b:09:70:ff:62:c9:b8:cf:93:2d:
         70:81:07:c9:1b:da:a5:04:99:7b:1b:e9:86:9d:93:f6:23:aa:
         69:de:85:de:49:a8:53:28:05:6c:ed:2a:fd:4a:4b:a6:cc:d8:
         be:61:80:07:b0:db:17:ba:ed:33:08:d1:ad:fc:87:3d:66:ae:
         6b:c0:02:ab:19:89:27:2d:64:3b:b6:33:35:52:25:3a:1e:ac:
         59:12:d4:a6:21:9a:63:de:c1:b0:71:db:c9:4d:19:ef:0a:27:
         5e:ef:d0:9e:e2:b0:b4:14:11:6c:25:b5:e2:3c:e9:5a:fe:98:
         9e:50:39:60:af:95:53:95:60:c3:7f:9d:f1:2b:4d:85:b1:32:
         b2:c0:9d:f2:fa:9b:41:d0:66:9c:34:fe:4d:da:ad:b0:30:40:
         48:36:28:47:a6:00:38:97:13:10:fe:79:48:87:0c:b2:48:cf:
         d4:e4:57:14
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUGJo8QRANXzbxntd1AgIVE2891GwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDNDQjA1MTk2NDdGOUQzQzE0NUUzMUU4MUU3NzlFQTlD
M0QyQzI3NDAeFw0yNDA0MjMxOTI3MzVaFw0yNTA0MjIxOTMyMzVaMDMxMTAvBgNV
BAMTKDY3RTI3NkU2MkE2RkFEQTFGM0UzMDdERjUzQTFFRDY2QTZDNzdBRDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnc/WrkbtoAcUkMh3ax1UWzsSG
mxfEDg8EWsRbJSJ1883I+vxC+ByX49/87dgUsYWrdrTaBs5jNkxwuRAWNuAXDxHa
RXtKcA4EScj4/4QHAPnobCH9ZosInARcNwHKv9H9M2LX3PxRyvzKrrb95caW3m3r
O8FY4UiKJ0pISX1bxjX+Me1YhOp2DmwjLIsEjHWRWabH4rMSGtwdlEhMXBPBJHMY
DBfuOSBhvdIfFlIxoZUefS4PpYiAc89cCsVBRxvdEHFw58xqPFhAxx2ekU93GVQQ
rPlVLN9noZciu1rE5g2HMGgpBuB9eTa9fvhLTheEsMmc8Uux125jM4Z3Rc13AgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUZ+J25ipvraHz4wffU6HtZqbHetIwHwYDVR0j
BBgwFoAU08sFGWR/nTwUXjHoHneeqcPSwnQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQUZoVHBHQnBvV0FMZHBGeUpWcXRTTW91a0VBOXRxOUhZaVd3SFBFakNV
SFMvMC9EM0NCMDUxOTY0N0Y5RDNDMTQ1RTMxRTgxRTc3OUVBOUMzRDJDMjc0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0QzQ0IwNTE5NjQ3RjlEM0Mx
NDVFMzFFODFFNzc5RUE5QzNEMkMyNzQuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0FGaFRwR0Jwb1dBTGRwRnlKVnF0U01vdWtFQTl0cTlIWWlXd0hQRWpDVUhTLzAv
MzEzMzM4MmUzMjM1MzUyZTMyMzIzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMy
MzYzMzM5MzkzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAIr/5DANBgkqhkiG9w0BAQsFAAOCAQEAOyKn
CCyIzqfV5VeUSTiYiqGuaXvhHh3/vFwMH0n43qP+iYkoAkwSbM74qw8WqVORSA52
Y+SphifvKxqH+YBSZhoONGXh6qQkTfKpn2rtLaIbCXD/Ysm4z5MtcIEHyRvapQSZ
exvphp2T9iOqad6F3kmoUygFbO0q/UpLpszYvmGAB7DbF7rtMwjRrfyHPWaua8AC
qxmJJy1kO7YzNVIlOh6sWRLUpiGaY97BsHHbyU0Z7wonXu/QnuKwtBQRbCW14jzp
Wv6YnlA5YK+VU5Vgw3+d8StNhbEyssCd8vqbQdBmnDT+TdqtsDBASDYoR6YAOJcT
EP55SIcMskjP1ORXFA==
-----END CERTIFICATE-----
Generated at Tue Jun 18 11:40:53 2024 by rpki-client on console-fra.rpki-client.org