Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/3133382e35392e34302e302f32332d3234203d3e20323634353936.roa
File:                     3133382e35392e34302e302f32332d3234203d3e20323634353936.roa (raw, json)
Hash identifier:          2dRMWOgdkymGvJa0sOGjGRDSeDaBqxH3lWLSDJ6J2kI=
Subject key identifier:   1B:92:F2:70:BA:CC:4E:CA:56:35:62:CC:F4:8C:6C:4C:64:7D:94:51
Certificate issuer:       /CN=D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7
Certificate serial:       798A852A67E7B0EDAF44E2865282C044FC4F82A7
Authority key identifier: D8:3B:D8:1B:DC:0A:01:D1:AE:F1:AF:D4:0B:C6:A4:E7:2C:94:11:F7
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/3133382e35392e34302e302f32332d3234203d3e20323634353936.roa
Signing time:             Thu 04 Apr 2024 17:33:58 +0000
ROA not before:           Thu 04 Apr 2024 17:28:58 +0000
ROA not after:            Thu 03 Apr 2025 17:33:58 +0000
asID:                     264596
IP address blocks:        138.59.40.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.crl
                          rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 18:27:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            79:8a:85:2a:67:e7:b0:ed:af:44:e2:86:52:82:c0:44:fc:4f:82:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7
        Validity
            Not Before: Apr  4 17:28:58 2024 GMT
            Not After : Apr  3 17:33:58 2025 GMT
        Subject: CN=1B92F270BACC4ECA563562CCF48C6C4C647D9451
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:1d:38:7c:d8:26:4c:ac:0e:be:cd:c4:e3:af:
                    ff:44:36:13:ec:ef:b6:ac:31:89:ad:75:3a:6a:56:
                    68:e6:bb:1f:0a:47:f2:a3:a8:95:ab:cd:7e:f1:93:
                    e6:88:b7:08:23:ca:63:6d:3a:02:b1:2e:fc:69:a0:
                    59:e3:9c:12:6b:1c:36:31:09:17:e9:7b:3c:a8:e1:
                    19:86:fb:33:99:53:cf:aa:17:02:ca:af:2a:98:fc:
                    db:a6:61:33:b4:6b:eb:98:41:c0:e3:02:d2:26:e7:
                    e0:9f:34:a0:81:93:2e:16:70:db:8e:2a:50:43:a3:
                    d0:73:dd:94:d8:52:5b:c9:50:5e:86:16:c9:30:39:
                    ad:a8:0d:17:d9:ae:2c:34:45:b8:e6:85:0c:fd:f4:
                    91:30:d5:5f:65:30:8a:9b:20:06:5c:95:fa:c0:78:
                    7e:d1:97:33:9f:e3:31:99:38:2b:66:28:00:e8:ec:
                    3a:30:58:2b:50:b8:f0:3b:62:7a:ea:23:4e:f7:f4:
                    ae:e8:e3:4f:02:c6:67:0f:bf:ff:24:8b:35:5d:ce:
                    ff:4c:cd:17:0c:d6:bb:a3:b0:5f:35:8d:5b:d2:34:
                    0e:29:f1:da:06:8f:00:23:23:f3:84:30:0f:5f:1d:
                    c9:76:58:b7:ae:5a:42:d0:de:44:c9:97:1a:8a:ad:
                    c6:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:92:F2:70:BA:CC:4E:CA:56:35:62:CC:F4:8C:6C:4C:64:7D:94:51
            X509v3 Authority Key Identifier:
                keyid:D8:3B:D8:1B:DC:0A:01:D1:AE:F1:AF:D4:0B:C6:A4:E7:2C:94:11:F7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/3133382e35392e34302e302f32332d3234203d3e20323634353936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.59.40.0/23

    Signature Algorithm: sha256WithRSAEncryption
         61:ad:3d:88:fb:aa:f2:d8:3b:ed:fb:dc:ce:b6:84:b4:1f:54:
         df:53:95:d3:08:94:6e:95:8f:07:f6:e0:84:19:da:da:03:8c:
         6c:da:47:03:48:95:bc:cd:22:60:82:c9:e4:c6:70:a2:70:e5:
         22:ec:9d:73:3c:f3:21:e2:8a:17:36:79:e4:8c:e7:fb:4e:1c:
         16:a6:c1:f1:13:c8:87:7e:3e:a3:2a:10:bf:88:50:db:0e:b1:
         a5:30:f5:7b:61:52:0f:c9:70:37:33:0a:85:63:15:19:a2:d1:
         a8:4e:e4:0d:4e:b6:1b:0c:c9:b6:6c:9e:40:4b:43:5c:5a:3a:
         58:27:5b:43:e7:be:42:2a:c3:a4:b8:a1:18:b1:d2:ab:7c:b8:
         55:2a:91:59:9a:11:4c:fb:73:ba:05:ac:01:05:ed:ee:4c:6f:
         f8:b7:b6:39:73:e4:ac:49:99:62:2f:e0:f1:46:0d:a0:52:78:
         b0:0d:36:e0:2f:9a:36:cc:d7:29:9f:7e:73:16:0e:48:ef:a5:
         94:68:a0:25:b6:a9:85:72:f4:1c:3d:ae:17:fa:dc:ed:c9:88:
         1f:5b:92:53:70:5e:41:d9:d7:b6:5f:75:e0:b2:c1:3f:ca:cc:
         7a:78:47:d0:3b:bf:bc:b1:72:b1:be:ae:2b:45:25:b6:5f:0d:
         6a:da:e7:6f
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUeYqFKmfnsO2vROKGUoLARPxPgqcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDgzQkQ4MUJEQzBBMDFEMUFFRjFBRkQ0MEJDNkE0RTcy
Qzk0MTFGNzAeFw0yNDA0MDQxNzI4NThaFw0yNTA0MDMxNzMzNThaMDMxMTAvBgNV
BAMTKDFCOTJGMjcwQkFDQzRFQ0E1NjM1NjJDQ0Y0OEM2QzRDNjQ3RDk0NTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzHTh82CZMrA6+zcTjr/9ENhPs
77asMYmtdTpqVmjmux8KR/KjqJWrzX7xk+aItwgjymNtOgKxLvxpoFnjnBJrHDYx
CRfpezyo4RmG+zOZU8+qFwLKryqY/NumYTO0a+uYQcDjAtIm5+CfNKCBky4WcNuO
KlBDo9Bz3ZTYUlvJUF6GFskwOa2oDRfZriw0RbjmhQz99JEw1V9lMIqbIAZclfrA
eH7RlzOf4zGZOCtmKADo7DowWCtQuPA7YnrqI0739K7o408CxmcPv/8kizVdzv9M
zRcM1rujsF81jVvSNA4p8doGjwAjI/OEMA9fHcl2WLeuWkLQ3kTJlxqKrcbnAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUG5LycLrMTspWNWLM9IxsTGR9lFEwHwYDVR0j
BBgwFoAU2DvYG9wKAdGu8a/UC8ak5yyUEfcwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQkttRkRuRjZiWHZFWWJMcGJuaFpFV0VreGpHclpSUXBwWFFLNEZuVVRO
VlovMS9EODNCRDgxQkRDMEEwMUQxQUVGMUFGRDQwQkM2QTRFNzJDOTQxMUY3LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0Q4M0JEODFCREMwQTAxRDFB
RUYxQUZENDBCQzZBNEU3MkM5NDExRjcuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JLbUZEbkY2Ylh2RVliTHBibmhaRVdFa3hqR3JaUlFwcFhRSzRGblVUTlZaLzEv
MzEzMzM4MmUzNTM5MmUzNDMwMmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzNjM0
MzUzOTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQBijsoMA0GCSqGSIb3DQEBCwUAA4IBAQBhrT2I+6ry
2Dvt+9zOtoS0H1TfU5XTCJRulY8H9uCEGdraA4xs2kcDSJW8zSJggsnkxnCicOUi
7J1zPPMh4ooXNnnkjOf7ThwWpsHxE8iHfj6jKhC/iFDbDrGlMPV7YVIPyXA3MwqF
YxUZotGoTuQNTrYbDMm2bJ5AS0NcWjpYJ1tD575CKsOkuKEYsdKrfLhVKpFZmhFM
+3O6BawBBe3uTG/4t7Y5c+SsSZliL+DxRg2gUniwDTbgL5o2zNcpn35zFg5I76WU
aKAltqmFcvQcPa4X+tztyYgfW5JTcF5B2de2X3XgssE/ysx6eEfQO7+8sXKxvq4r
RSW2Xw1q2udv
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:50:28 2024 by rpki-client on console-fra.rpki-client.org