Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/ARyNxJ93JKe7ssb7xKi6NN1cMsFp81FwMoGwRYZB7gxu/2/323830343a323562343a666630303a3a2f34382d3438203d3e20323634323937.roa
File:                     323830343a323562343a666630303a3a2f34382d3438203d3e20323634323937.roa (raw, json)
Hash identifier:          kY1+9V5hiIWKCVLmwDUdv9vcwE25tMBdqycUTOc8ZEQ=
Subject key identifier:   01:7D:5D:71:C3:E8:E5:82:1A:3C:2D:FE:7A:37:37:30:A9:23:1A:38
Certificate issuer:       /CN=576022C32332943F262A8514FECDA1C77D7023B7
Certificate serial:       7FC735682CCCCCFC49E2647E4D004CA59D109AAC
Authority key identifier: 57:60:22:C3:23:32:94:3F:26:2A:85:14:FE:CD:A1:C7:7D:70:23:B7
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/576022C32332943F262A8514FECDA1C77D7023B7.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/ARyNxJ93JKe7ssb7xKi6NN1cMsFp81FwMoGwRYZB7gxu/2/323830343a323562343a666630303a3a2f34382d3438203d3e20323634323937.roa
Signing time:             Wed 03 Apr 2024 19:28:31 +0000
ROA not before:           Wed 03 Apr 2024 19:23:31 +0000
ROA not after:            Wed 02 Apr 2025 19:28:31 +0000
asID:                     264297
IP address blocks:        2804:25b4:ff00::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/ARyNxJ93JKe7ssb7xKi6NN1cMsFp81FwMoGwRYZB7gxu/2/576022C32332943F262A8514FECDA1C77D7023B7.crl
                          rsync://rpki-repo.registro.br/repo/ARyNxJ93JKe7ssb7xKi6NN1cMsFp81FwMoGwRYZB7gxu/2/576022C32332943F262A8514FECDA1C77D7023B7.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/576022C32332943F262A8514FECDA1C77D7023B7.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 19:40:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7f:c7:35:68:2c:cc:cc:fc:49:e2:64:7e:4d:00:4c:a5:9d:10:9a:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=576022C32332943F262A8514FECDA1C77D7023B7
        Validity
            Not Before: Apr  3 19:23:31 2024 GMT
            Not After : Apr  2 19:28:31 2025 GMT
        Subject: CN=017D5D71C3E8E5821A3C2DFE7A373730A9231A38
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:3b:aa:0c:3c:3a:a6:88:c1:15:8a:1d:d7:dd:
                    02:2a:c8:07:21:2b:7c:00:a0:14:bc:86:af:45:a3:
                    37:e5:a9:ad:e5:bf:03:94:25:cc:8b:dd:29:6b:07:
                    a2:63:fe:8a:ed:f1:52:41:a6:25:23:ff:10:fe:68:
                    2e:ec:9c:42:6d:8b:72:d7:1a:32:9a:c5:55:56:4c:
                    59:80:a3:90:3d:67:11:e2:7b:dc:9c:13:be:7e:21:
                    e2:30:31:c2:40:bc:bf:36:75:8e:21:a9:8a:05:a2:
                    fd:e4:69:7a:16:50:a3:ae:5f:0e:37:b6:8e:66:79:
                    e4:89:a3:b4:a6:13:75:1f:da:a6:aa:64:59:71:6d:
                    8a:e4:7c:8d:1e:77:b8:d6:cb:3e:32:8e:ec:f2:32:
                    dd:09:fd:c1:4d:51:e2:28:0a:9a:bd:69:4f:71:1c:
                    7c:b0:61:23:39:cd:6e:72:95:2f:68:fd:30:b4:8f:
                    87:f1:c2:24:20:ac:f6:e2:ca:96:8c:7d:a2:d6:cc:
                    ad:a5:be:9a:b7:11:2f:95:de:65:72:4e:45:3c:ab:
                    08:52:b3:39:05:a9:0b:ef:52:17:58:2b:8a:98:9a:
                    eb:29:75:1b:f0:8b:48:9b:fd:75:14:68:17:0a:ae:
                    28:63:b4:45:c1:69:8c:b7:56:02:c9:09:4f:14:5d:
                    d9:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:7D:5D:71:C3:E8:E5:82:1A:3C:2D:FE:7A:37:37:30:A9:23:1A:38
            X509v3 Authority Key Identifier:
                keyid:57:60:22:C3:23:32:94:3F:26:2A:85:14:FE:CD:A1:C7:7D:70:23:B7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/ARyNxJ93JKe7ssb7xKi6NN1cMsFp81FwMoGwRYZB7gxu/2/576022C32332943F262A8514FECDA1C77D7023B7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/576022C32332943F262A8514FECDA1C77D7023B7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/ARyNxJ93JKe7ssb7xKi6NN1cMsFp81FwMoGwRYZB7gxu/2/323830343a323562343a666630303a3a2f34382d3438203d3e20323634323937.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:25b4:ff00::/48

    Signature Algorithm: sha256WithRSAEncryption
         44:49:b0:4f:5c:7b:70:95:76:97:cd:eb:4f:a4:61:f5:80:df:
         ba:56:ba:98:93:54:d9:73:65:21:c1:58:2d:f7:5e:c0:21:b7:
         66:2f:52:b9:38:3e:e0:09:f4:58:f4:c5:e0:5e:69:9e:1b:43:
         11:f1:49:dc:43:95:85:72:0b:d3:a1:ab:c1:24:93:6c:49:4d:
         1b:97:99:ca:2c:1f:9a:09:48:4e:4a:b3:f0:c9:fd:56:82:46:
         6f:96:12:0a:22:6b:75:f2:b6:54:8d:71:b8:9d:b2:92:75:94:
         19:b0:c6:21:d4:59:3f:81:4b:89:27:e9:cd:ed:45:0d:8d:af:
         de:57:f4:4b:f1:38:84:ef:50:64:08:72:b7:b7:1f:7c:80:d4:
         7c:59:31:8a:1e:79:2c:12:e9:56:d9:db:95:08:06:09:89:9c:
         21:26:6a:3b:2f:92:f0:4c:9a:49:dc:b5:df:82:5a:90:11:d0:
         69:5e:01:b9:dd:01:77:a6:9b:de:12:32:74:72:7e:82:7c:64:
         11:3b:d5:44:9d:e8:5b:ad:39:f6:f9:c1:d4:10:96:ee:04:be:
         a9:fc:60:1a:71:a7:d1:09:1e:1a:09:6d:3a:e2:ec:be:56:c5:
         8f:f8:44:c2:a4:a6:a2:66:29:7e:ba:f8:0d:2a:b3:8b:8a:27:
         fd:21:03:73
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIUf8c1aCzMzPxJ4mR+TQBMpZ0QmqwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTc2MDIyQzMyMzMyOTQzRjI2MkE4NTE0RkVDREExQzc3
RDcwMjNCNzAeFw0yNDA0MDMxOTIzMzFaFw0yNTA0MDIxOTI4MzFaMDMxMTAvBgNV
BAMTKDAxN0Q1RDcxQzNFOEU1ODIxQTNDMkRGRTdBMzczNzMwQTkyMzFBMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3O6oMPDqmiMEVih3X3QIqyAch
K3wAoBS8hq9Fozflqa3lvwOUJcyL3SlrB6Jj/ort8VJBpiUj/xD+aC7snEJti3LX
GjKaxVVWTFmAo5A9ZxHie9ycE75+IeIwMcJAvL82dY4hqYoFov3kaXoWUKOuXw43
to5meeSJo7SmE3Uf2qaqZFlxbYrkfI0ed7jWyz4yjuzyMt0J/cFNUeIoCpq9aU9x
HHywYSM5zW5ylS9o/TC0j4fxwiQgrPbiypaMfaLWzK2lvpq3ES+V3mVyTkU8qwhS
szkFqQvvUhdYK4qYmuspdRvwi0ib/XUUaBcKrihjtEXBaYy3VgLJCU8UXdnBAgMB
AAGjggJcMIICWDAdBgNVHQ4EFgQUAX1dccPo5YIaPC3+ejc3MKkjGjgwHwYDVR0j
BBgwFoAUV2AiwyMylD8mKoUU/s2hx31wI7cwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQVJ5TnhKOTNKS2U3c3NiN3hLaTZOTjFjTXNGcDgxRndNb0d3UllaQjdn
eHUvMi81NzYwMjJDMzIzMzI5NDNGMjYyQTg1MTRGRUNEQTFDNzdENzAyM0I3LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzU3NjAyMkMzMjMzMjk0M0Yy
NjJBODUxNEZFQ0RBMUM3N0Q3MDIzQjcuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0FSeU54SjkzSktlN3NzYjd4S2k2Tk4xY01zRnA4MUZ3TW9Hd1JZWkI3Z3h1LzIv
MzIzODMwMzQzYTMyMzU2MjM0M2E2NjY2MzAzMDNhM2EyZjM0MzgyZDM0MzgyMDNk
M2UyMDMyMzYzNDMyMzkzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACgEJbT/ADANBgkqhkiG9w0BAQsF
AAOCAQEAREmwT1x7cJV2l83rT6Rh9YDfula6mJNU2XNlIcFYLfdewCG3Zi9SuTg+
4An0WPTF4F5pnhtDEfFJ3EOVhXIL06GrwSSTbElNG5eZyiwfmglITkqz8Mn9VoJG
b5YSCiJrdfK2VI1xuJ2yknWUGbDGIdRZP4FLiSfpze1FDY2v3lf0S/E4hO9QZAhy
t7cffIDUfFkxih55LBLpVtnblQgGCYmcISZqOy+S8EyaSdy134JakBHQaV4Bud0B
d6ab3hIydHJ+gnxkETvVRJ3oW6059vnB1BCW7gS+qfxgGnGn0QkeGgltOuLsvlbF
j/hEwqSmomYpfrr4DSqzi4on/SEDcw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:44:23 2024 by rpki-client on console-ams.rpki-client.org