Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/3133382e35392e34302e302f32322d3232203d3e20323634353936.roa
File:                     3133382e35392e34302e302f32322d3232203d3e20323634353936.roa (raw, json)
Hash identifier:          eiw0eTzymdl+OlfR0nT8nXYGXnOGiiZX42fMdMhzxUY=
Subject key identifier:   93:15:C9:81:F9:0F:61:9F:B1:B7:B0:FD:87:F4:DC:49:9A:CA:8C:B0
Certificate issuer:       /CN=D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7
Certificate serial:       4D6C8D553F4E5357A371DC9D9784AB3229EB5757
Authority key identifier: D8:3B:D8:1B:DC:0A:01:D1:AE:F1:AF:D4:0B:C6:A4:E7:2C:94:11:F7
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/3133382e35392e34302e302f32322d3232203d3e20323634353936.roa
Signing time:             Thu 04 Apr 2024 17:33:58 +0000
ROA not before:           Thu 04 Apr 2024 17:28:58 +0000
ROA not after:            Thu 03 Apr 2025 17:33:58 +0000
asID:                     264596
IP address blocks:        138.59.40.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.crl
                          rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 19:11:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:6c:8d:55:3f:4e:53:57:a3:71:dc:9d:97:84:ab:32:29:eb:57:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7
        Validity
            Not Before: Apr  4 17:28:58 2024 GMT
            Not After : Apr  3 17:33:58 2025 GMT
        Subject: CN=9315C981F90F619FB1B7B0FD87F4DC499ACA8CB0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:66:17:62:5a:59:ec:f1:21:e3:34:1a:f4:0d:
                    f4:cd:12:c0:dc:ca:a8:0a:20:68:e0:f6:02:d6:94:
                    7f:3b:f2:ba:22:d0:30:96:04:8b:bf:da:10:93:91:
                    2a:05:4c:5e:50:7f:27:c6:70:a9:d1:2a:89:12:4e:
                    94:b2:a5:62:f7:0a:a8:1d:6b:7d:14:4c:24:65:45:
                    e3:48:5d:9b:3b:40:48:74:37:11:79:83:a6:8b:1d:
                    fc:70:40:5e:50:56:86:c0:24:b8:82:ef:0f:06:32:
                    6a:46:1f:1d:33:51:d7:bd:cf:4e:62:0d:c3:37:89:
                    2b:5f:b4:bc:72:70:93:8f:51:6c:fa:04:c1:12:44:
                    94:72:39:47:61:7c:9f:6f:0b:19:31:3f:0a:b1:17:
                    91:30:53:34:bb:eb:04:b1:43:71:77:c7:0f:83:e0:
                    2d:36:60:8b:8d:18:17:86:52:01:5e:ef:cf:97:a1:
                    82:a6:39:27:71:65:8f:de:33:9a:3b:22:eb:35:05:
                    28:7f:55:e7:7c:9e:bd:ce:34:67:0a:49:9a:a1:68:
                    0e:da:b3:6c:a9:80:d0:5d:ae:18:ff:c8:bd:50:62:
                    e1:66:c3:55:05:c2:6a:aa:04:c0:11:aa:5f:c9:8b:
                    e7:6d:fa:cb:ed:82:27:92:3c:ea:57:42:c2:62:73:
                    7a:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:15:C9:81:F9:0F:61:9F:B1:B7:B0:FD:87:F4:DC:49:9A:CA:8C:B0
            X509v3 Authority Key Identifier:
                keyid:D8:3B:D8:1B:DC:0A:01:D1:AE:F1:AF:D4:0B:C6:A4:E7:2C:94:11:F7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/3133382e35392e34302e302f32322d3232203d3e20323634353936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.59.40.0/22

    Signature Algorithm: sha256WithRSAEncryption
         21:5f:a5:89:89:d1:7a:4d:5f:a8:d6:8d:f1:a3:ab:25:84:a4:
         82:50:03:df:8c:3c:a3:f3:97:92:3a:69:d0:12:c8:fe:1a:9f:
         34:d8:91:52:cc:82:3b:49:bd:e5:8f:b0:e6:3b:cb:88:e2:94:
         e5:09:82:f5:ff:96:73:de:ac:25:cc:eb:1c:25:92:8b:83:e9:
         1b:2a:60:a0:31:0d:79:e4:d9:76:11:a6:a6:3e:4c:31:4b:0d:
         ed:b4:13:ed:68:b9:29:6b:a6:29:be:24:18:8d:9e:63:71:7d:
         9a:9e:e2:65:72:57:13:9d:e8:8c:96:46:48:f6:e0:d3:76:46:
         c5:ca:07:ff:03:be:18:b6:24:f7:0c:a6:52:6e:b4:d9:13:89:
         95:24:82:37:d7:f9:03:81:b9:5f:34:2f:99:bc:ad:85:b8:5d:
         9c:40:fc:6f:88:2a:75:de:48:82:54:c2:84:cf:48:9c:52:6c:
         6e:63:49:fc:97:6d:ad:56:09:7c:8a:1b:8b:04:c7:cc:32:00:
         46:ab:68:c9:52:6e:8d:f3:73:bc:d3:e7:af:58:8e:87:b4:66:
         68:aa:94:43:5a:d4:e7:04:ef:f6:b9:e6:9b:d3:a5:86:76:a9:
         e7:d7:d7:a9:b3:68:a8:19:71:19:9e:df:26:34:31:6e:49:8f:
         25:9a:71:67
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUTWyNVT9OU1ejcdydl4SrMinrV1cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDgzQkQ4MUJEQzBBMDFEMUFFRjFBRkQ0MEJDNkE0RTcy
Qzk0MTFGNzAeFw0yNDA0MDQxNzI4NThaFw0yNTA0MDMxNzMzNThaMDMxMTAvBgNV
BAMTKDkzMTVDOTgxRjkwRjYxOUZCMUI3QjBGRDg3RjREQzQ5OUFDQThDQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBZhdiWlns8SHjNBr0DfTNEsDc
yqgKIGjg9gLWlH878roi0DCWBIu/2hCTkSoFTF5QfyfGcKnRKokSTpSypWL3Cqgd
a30UTCRlReNIXZs7QEh0NxF5g6aLHfxwQF5QVobAJLiC7w8GMmpGHx0zUde9z05i
DcM3iStftLxycJOPUWz6BMESRJRyOUdhfJ9vCxkxPwqxF5EwUzS76wSxQ3F3xw+D
4C02YIuNGBeGUgFe78+XoYKmOSdxZY/eM5o7Ius1BSh/Ved8nr3ONGcKSZqhaA7a
s2ypgNBdrhj/yL1QYuFmw1UFwmqqBMARql/Ji+dt+svtgieSPOpXQsJic3pLAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUkxXJgfkPYZ+xt7D9h/TcSZrKjLAwHwYDVR0j
BBgwFoAU2DvYG9wKAdGu8a/UC8ak5yyUEfcwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQkttRkRuRjZiWHZFWWJMcGJuaFpFV0VreGpHclpSUXBwWFFLNEZuVVRO
VlovMS9EODNCRDgxQkRDMEEwMUQxQUVGMUFGRDQwQkM2QTRFNzJDOTQxMUY3LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0Q4M0JEODFCREMwQTAxRDFB
RUYxQUZENDBCQzZBNEU3MkM5NDExRjcuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JLbUZEbkY2Ylh2RVliTHBibmhaRVdFa3hqR3JaUlFwcFhRSzRGblVUTlZaLzEv
MzEzMzM4MmUzNTM5MmUzNDMwMmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzNjM0
MzUzOTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCijsoMA0GCSqGSIb3DQEBCwUAA4IBAQAhX6WJidF6
TV+o1o3xo6slhKSCUAPfjDyj85eSOmnQEsj+Gp802JFSzII7Sb3lj7DmO8uI4pTl
CYL1/5Zz3qwlzOscJZKLg+kbKmCgMQ155Nl2EaamPkwxSw3ttBPtaLkpa6YpviQY
jZ5jcX2anuJlclcTneiMlkZI9uDTdkbFygf/A74YtiT3DKZSbrTZE4mVJII31/kD
gblfNC+ZvK2FuF2cQPxviCp13kiCVMKEz0icUmxuY0n8l22tVgl8ihuLBMfMMgBG
q2jJUm6N83O80+evWI6HtGZoqpRDWtTnBO/2ueab06WGdqnn19eps2ioGXEZnt8m
NDFuSY8lmnFn
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:44:23 2024 by rpki-client on console-ams.rpki-client.org