Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BKHFq33EjtUpErGNPXYxZWTXAjyBae6MUTnsi7Un7pa5/0/3134332e3230382e3132382e302f32322d3332203d3e20323634303931.roa
File:                     3134332e3230382e3132382e302f32322d3332203d3e20323634303931.roa (raw, json)
Hash identifier:          rMmQGqZIxjLtxg0DlbrSmDpI9fo650jmhjJccD+hgjg=
Subject key identifier:   47:98:8B:FD:26:F9:92:8E:6F:F1:3E:18:13:F3:EE:A1:61:32:25:35
Certificate issuer:       /CN=8B5FE90FAE214413B901DF889B320926378076E6
Certificate serial:       085259B3F03DA795185A15A39D2797DF3382517C
Authority key identifier: 8B:5F:E9:0F:AE:21:44:13:B9:01:DF:88:9B:32:09:26:37:80:76:E6
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8B5FE90FAE214413B901DF889B320926378076E6.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BKHFq33EjtUpErGNPXYxZWTXAjyBae6MUTnsi7Un7pa5/0/3134332e3230382e3132382e302f32322d3332203d3e20323634303931.roa
Signing time:             Thu 20 Jun 2024 20:03:18 +0000
ROA not before:           Thu 20 Jun 2024 19:58:18 +0000
ROA not after:            Thu 19 Jun 2025 20:03:18 +0000
asID:                     264091
IP address blocks:        143.208.128.0/22 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BKHFq33EjtUpErGNPXYxZWTXAjyBae6MUTnsi7Un7pa5/0/8B5FE90FAE214413B901DF889B320926378076E6.crl
                          rsync://rpki-repo.registro.br/repo/BKHFq33EjtUpErGNPXYxZWTXAjyBae6MUTnsi7Un7pa5/0/8B5FE90FAE214413B901DF889B320926378076E6.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8B5FE90FAE214413B901DF889B320926378076E6.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 26 Jun 2024 22:04:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:52:59:b3:f0:3d:a7:95:18:5a:15:a3:9d:27:97:df:33:82:51:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8B5FE90FAE214413B901DF889B320926378076E6
        Validity
            Not Before: Jun 20 19:58:18 2024 GMT
            Not After : Jun 19 20:03:18 2025 GMT
        Subject: CN=47988BFD26F9928E6FF13E1813F3EEA161322535
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:51:75:f0:68:76:e2:24:df:8e:38:74:81:b6:
                    b1:6e:eb:71:cb:04:b6:08:08:7f:f3:dd:23:6b:81:
                    c6:eb:f4:df:68:b3:02:6b:b0:1c:65:0b:11:f3:a6:
                    12:cd:78:d0:bc:03:42:24:b9:0e:8a:e2:5f:c6:3c:
                    f7:45:4e:64:52:02:43:b0:0b:25:9a:3f:30:c0:b3:
                    f5:fc:f1:cf:35:23:bd:f2:05:f2:55:6f:91:25:ea:
                    1d:3e:eb:ab:2e:6f:7f:07:54:a7:f6:bd:12:21:b8:
                    75:20:a5:15:17:87:43:1c:83:8c:56:50:52:42:ba:
                    34:77:14:cc:25:c9:4c:d9:c7:5c:97:67:ab:9e:99:
                    08:ec:49:8d:f0:fa:ac:ae:7b:4a:35:b5:5a:0a:66:
                    4d:ee:ae:63:48:8b:c5:17:9b:a1:49:fe:af:c0:50:
                    aa:df:ca:e0:5f:98:5e:b1:63:69:f0:12:f0:b8:f5:
                    07:ea:67:b5:60:bb:9a:99:63:e5:55:3f:f3:e3:68:
                    53:68:ef:74:64:68:73:bc:50:e2:13:c6:4d:33:29:
                    aa:6b:7a:e3:9a:c1:e7:49:3e:8f:62:2f:c3:cd:b9:
                    57:c1:81:10:84:48:60:23:41:10:bf:3f:18:53:2d:
                    de:62:34:49:39:16:c7:2c:bd:17:45:46:ef:20:33:
                    a3:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:98:8B:FD:26:F9:92:8E:6F:F1:3E:18:13:F3:EE:A1:61:32:25:35
            X509v3 Authority Key Identifier:
                keyid:8B:5F:E9:0F:AE:21:44:13:B9:01:DF:88:9B:32:09:26:37:80:76:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BKHFq33EjtUpErGNPXYxZWTXAjyBae6MUTnsi7Un7pa5/0/8B5FE90FAE214413B901DF889B320926378076E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8B5FE90FAE214413B901DF889B320926378076E6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BKHFq33EjtUpErGNPXYxZWTXAjyBae6MUTnsi7Un7pa5/0/3134332e3230382e3132382e302f32322d3332203d3e20323634303931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.208.128.0/22

    Signature Algorithm: sha256WithRSAEncryption
         81:fb:b3:ac:16:32:9d:eb:fc:e8:c2:a0:f2:d8:68:f1:95:82:
         a1:d7:bd:c2:3b:79:8f:cf:dc:87:0d:22:52:e2:05:1d:9f:85:
         3e:2f:e5:1b:61:77:98:95:4a:1d:9e:53:e8:00:24:19:97:b5:
         6a:c3:1f:b1:14:c5:9e:0a:56:66:81:1f:d3:48:ae:23:b9:fc:
         08:da:ac:4b:21:c6:c4:a7:0a:ec:3f:3b:b8:a1:e1:71:e7:d6:
         3c:d0:f4:50:41:2d:10:59:73:42:38:78:98:40:ea:01:2e:98:
         a4:57:53:7d:85:e5:24:31:b4:b8:93:3b:8c:b6:a7:cf:64:1a:
         07:31:50:e4:24:3d:e3:1c:13:bb:19:6b:e8:6c:19:d4:5a:8a:
         f5:8e:1f:fa:26:08:c4:4c:2e:a4:af:5b:62:c2:aa:08:53:e9:
         bb:05:65:2f:44:f6:5f:0f:61:01:ee:f0:f5:35:e9:e3:97:2a:
         fb:86:cb:81:b5:c1:9d:76:c0:ab:34:ef:3b:06:63:1f:c2:4c:
         d9:4c:cf:80:29:f4:63:fc:81:51:47:f1:d8:44:5f:46:b1:78:
         85:2b:e1:b9:09:5f:af:3f:28:98:63:2e:05:1a:e5:c7:4b:f5:
         da:44:45:e1:f7:d7:cd:00:94:50:d5:f4:e4:e0:7e:b6:ea:cb:
         d7:11:df:ba
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUCFJZs/A9p5UYWhWjnSeX3zOCUXwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEI1RkU5MEZBRTIxNDQxM0I5MDFERjg4OUIzMjA5MjYz
NzgwNzZFNjAeFw0yNDA2MjAxOTU4MThaFw0yNTA2MTkyMDAzMThaMDMxMTAvBgNV
BAMTKDQ3OTg4QkZEMjZGOTkyOEU2RkYxM0UxODEzRjNFRUExNjEzMjI1MzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdUXXwaHbiJN+OOHSBtrFu63HL
BLYICH/z3SNrgcbr9N9oswJrsBxlCxHzphLNeNC8A0IkuQ6K4l/GPPdFTmRSAkOw
CyWaPzDAs/X88c81I73yBfJVb5El6h0+66sub38HVKf2vRIhuHUgpRUXh0Mcg4xW
UFJCujR3FMwlyUzZx1yXZ6uemQjsSY3w+qyue0o1tVoKZk3urmNIi8UXm6FJ/q/A
UKrfyuBfmF6xY2nwEvC49QfqZ7Vgu5qZY+VVP/PjaFNo73RkaHO8UOITxk0zKapr
euOawedJPo9iL8PNuVfBgRCESGAjQRC/PxhTLd5iNEk5FscsvRdFRu8gM6NtAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUR5iL/Sb5ko5v8T4YE/PuoWEyJTUwHwYDVR0j
BBgwFoAUi1/pD64hRBO5Ad+ImzIJJjeAduYwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQktIRnEzM0VqdFVwRXJHTlBYWXhaV1RYQWp5QmFlNk1VVG5zaTdVbjdw
YTUvMC84QjVGRTkwRkFFMjE0NDEzQjkwMURGODg5QjMyMDkyNjM3ODA3NkU2LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzhCNUZFOTBGQUUyMTQ0MTNC
OTAxREY4ODlCMzIwOTI2Mzc4MDc2RTYuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JLSEZxMzNFanRVcEVyR05QWFl4WldUWEFqeUJhZTZNVVRuc2k3VW43cGE1LzAv
MzEzNDMzMmUzMjMwMzgyZTMxMzIzODJlMzAyZjMyMzIyZDMzMzIyMDNkM2UyMDMy
MzYzNDMwMzkzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAo/QgDANBgkqhkiG9w0BAQsFAAOCAQEAgfuz
rBYynev86MKg8tho8ZWCode9wjt5j8/chw0iUuIFHZ+FPi/lG2F3mJVKHZ5T6AAk
GZe1asMfsRTFngpWZoEf00iuI7n8CNqsSyHGxKcK7D87uKHhcefWPND0UEEtEFlz
Qjh4mEDqAS6YpFdTfYXlJDG0uJM7jLanz2QaBzFQ5CQ94xwTuxlr6GwZ1FqK9Y4f
+iYIxEwupK9bYsKqCFPpuwVlL0T2Xw9hAe7w9TXp45cq+4bLgbXBnXbAqzTvOwZj
H8JM2UzPgCn0Y/yBUUfx2ERfRrF4hSvhuQlfrz8omGMuBRrlx0v12kRF4ffXzQCU
UNX05OB+turL1xHfug==
-----END CERTIFICATE-----
Generated at Tue Jun 25 22:06:07 2024 by rpki-client on console-ams.rpki-client.org