Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/3133382e35392e34322e302f32332d3234203d3e20323634353936.roa
File:                     3133382e35392e34322e302f32332d3234203d3e20323634353936.roa (raw, json)
Hash identifier:          aKY141EfAaA37XN03Q6CpU0qCMrX758xZHivfrKvhUA=
Subject key identifier:   2C:54:E7:61:29:D9:E2:4F:2C:A8:F1:6E:DE:60:D8:5C:19:69:0A:A7
Certificate issuer:       /CN=D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7
Certificate serial:       657EE0C821F287CEA6F319F313C81A3C07848C65
Authority key identifier: D8:3B:D8:1B:DC:0A:01:D1:AE:F1:AF:D4:0B:C6:A4:E7:2C:94:11:F7
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/3133382e35392e34322e302f32332d3234203d3e20323634353936.roa
Signing time:             Thu 04 Apr 2024 17:33:58 +0000
ROA not before:           Thu 04 Apr 2024 17:28:58 +0000
ROA not after:            Thu 03 Apr 2025 17:33:58 +0000
asID:                     264596
IP address blocks:        138.59.42.0/23 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.crl
                          rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 18:27:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:7e:e0:c8:21:f2:87:ce:a6:f3:19:f3:13:c8:1a:3c:07:84:8c:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7
        Validity
            Not Before: Apr  4 17:28:58 2024 GMT
            Not After : Apr  3 17:33:58 2025 GMT
        Subject: CN=2C54E76129D9E24F2CA8F16EDE60D85C19690AA7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:b5:d3:e6:45:c4:9e:47:a0:11:02:94:80:28:
                    57:9c:98:c4:b5:76:a8:33:28:17:1e:10:8c:fa:d3:
                    38:df:4c:c6:85:95:d0:20:c8:95:20:04:ca:5c:29:
                    cd:2e:47:bf:cd:cb:90:f0:bb:e9:97:00:da:00:b6:
                    1a:ea:cc:99:9e:00:26:80:a6:a9:5e:c6:44:99:04:
                    52:29:34:cd:78:d5:19:21:e0:31:de:2b:82:a6:8b:
                    4a:c2:30:5b:48:12:f1:5e:06:4a:af:04:7e:98:79:
                    c0:27:8b:0e:b1:ef:b9:49:01:62:d5:0a:e2:aa:d8:
                    2e:49:fe:08:8f:99:34:27:83:3d:a7:8a:40:03:e4:
                    af:05:93:c9:bc:7e:dd:33:e6:8e:41:7d:67:70:b2:
                    8c:5c:58:54:c9:86:69:25:58:f6:1a:49:ee:cc:8a:
                    89:14:ea:c9:eb:ec:86:d8:dd:c0:e3:d7:94:ba:c4:
                    d1:d9:c0:a0:0a:a1:e0:3f:73:5f:53:c1:91:c0:55:
                    97:69:b9:48:c3:01:08:ab:16:75:6b:1e:73:29:19:
                    fd:0e:e5:11:eb:28:ac:9c:a7:40:ae:bc:99:77:78:
                    1f:5f:65:5a:90:28:c3:49:f7:c4:6b:00:2d:ff:0b:
                    cb:31:3b:bd:94:04:36:4e:c5:5d:ee:c8:c4:ed:98:
                    49:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2C:54:E7:61:29:D9:E2:4F:2C:A8:F1:6E:DE:60:D8:5C:19:69:0A:A7
            X509v3 Authority Key Identifier:
                keyid:D8:3B:D8:1B:DC:0A:01:D1:AE:F1:AF:D4:0B:C6:A4:E7:2C:94:11:F7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/3133382e35392e34322e302f32332d3234203d3e20323634353936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.59.42.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8c:7e:17:a2:d6:4f:78:fd:95:c1:20:26:fa:2c:f1:ec:d8:12:
         26:77:26:3a:ec:e7:81:ed:c5:3f:ad:5b:39:fe:14:95:aa:8f:
         b9:d6:37:14:f9:98:b6:93:9c:9a:ee:b7:ba:62:ea:a3:1e:c6:
         0f:16:43:27:47:79:10:ab:8f:e4:e9:67:8f:02:ae:91:d2:9d:
         54:eb:fe:ab:42:40:8d:5e:c6:c6:7d:b5:25:a5:e8:77:7e:35:
         db:45:0b:60:31:f3:3b:b2:ac:d0:1b:cb:d7:c6:f6:aa:e1:87:
         9c:f2:e3:a1:e6:d6:3c:ef:50:28:22:93:f3:0a:7c:9a:b4:08:
         5a:d7:23:e4:bc:2a:ba:20:da:a4:93:7f:a0:29:d8:1c:84:f0:
         bb:10:ed:79:b8:f4:d0:80:a5:bb:82:b1:87:e0:14:55:51:1b:
         92:b2:f0:96:94:20:0d:c6:94:d1:60:78:fd:7c:52:6d:23:4c:
         f2:45:bb:a8:87:f5:07:e9:bf:27:da:b2:6d:18:13:4c:a1:5a:
         f1:b2:1f:58:9d:3d:2c:a6:d7:9c:cd:12:5f:8c:54:e8:9f:1b:
         aa:b8:10:4f:23:c0:53:4c:fb:35:2c:8c:c6:ef:e5:c4:b3:d9:
         99:9b:3e:58:79:67:b8:48:e8:1b:0c:b3:fa:70:86:62:24:a2:
         90:bb:bc:6c
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUZX7gyCHyh86m8xnzE8gaPAeEjGUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDgzQkQ4MUJEQzBBMDFEMUFFRjFBRkQ0MEJDNkE0RTcy
Qzk0MTFGNzAeFw0yNDA0MDQxNzI4NThaFw0yNTA0MDMxNzMzNThaMDMxMTAvBgNV
BAMTKDJDNTRFNzYxMjlEOUUyNEYyQ0E4RjE2RURFNjBEODVDMTk2OTBBQTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9tdPmRcSeR6ARApSAKFecmMS1
dqgzKBceEIz60zjfTMaFldAgyJUgBMpcKc0uR7/Ny5Dwu+mXANoAthrqzJmeACaA
pqlexkSZBFIpNM141Rkh4DHeK4Kmi0rCMFtIEvFeBkqvBH6YecAniw6x77lJAWLV
CuKq2C5J/giPmTQngz2nikAD5K8Fk8m8ft0z5o5BfWdwsoxcWFTJhmklWPYaSe7M
iokU6snr7IbY3cDj15S6xNHZwKAKoeA/c19TwZHAVZdpuUjDAQirFnVrHnMpGf0O
5RHrKKycp0CuvJl3eB9fZVqQKMNJ98RrAC3/C8sxO72UBDZOxV3uyMTtmElxAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQULFTnYSnZ4k8sqPFu3mDYXBlpCqcwHwYDVR0j
BBgwFoAU2DvYG9wKAdGu8a/UC8ak5yyUEfcwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQkttRkRuRjZiWHZFWWJMcGJuaFpFV0VreGpHclpSUXBwWFFLNEZuVVRO
VlovMS9EODNCRDgxQkRDMEEwMUQxQUVGMUFGRDQwQkM2QTRFNzJDOTQxMUY3LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0Q4M0JEODFCREMwQTAxRDFB
RUYxQUZENDBCQzZBNEU3MkM5NDExRjcuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JLbUZEbkY2Ylh2RVliTHBibmhaRVdFa3hqR3JaUlFwcFhRSzRGblVUTlZaLzEv
MzEzMzM4MmUzNTM5MmUzNDMyMmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIwMzIzNjM0
MzUzOTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQBijsqMA0GCSqGSIb3DQEBCwUAA4IBAQCMfhei1k94
/ZXBICb6LPHs2BImdyY67OeB7cU/rVs5/hSVqo+51jcU+Zi2k5ya7re6YuqjHsYP
FkMnR3kQq4/k6WePAq6R0p1U6/6rQkCNXsbGfbUlpeh3fjXbRQtgMfM7sqzQG8vX
xvaq4Yec8uOh5tY871AoIpPzCnyatAha1yPkvCq6INqkk3+gKdgchPC7EO15uPTQ
gKW7grGH4BRVURuSsvCWlCANxpTRYHj9fFJtI0zyRbuoh/UH6b8n2rJtGBNMoVrx
sh9YnT0spteczRJfjFTonxuquBBPI8BTTPs1LIzG7+XEs9mZmz5YeWe4SOgbDLP6
cIZiJKKQu7xs
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:50:28 2024 by rpki-client on console-fra.rpki-client.org