Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/323830343a323232633a3130303a3a2f34302d3434203d3e20323634353936.roa
File:                     323830343a323232633a3130303a3a2f34302d3434203d3e20323634353936.roa (raw, json)
Hash identifier:          dccJ0RTJgBkmoLXWoYtC/9gsEbtGwKwahHhDApG7+xY=
Subject key identifier:   7A:8D:DB:29:42:5A:B4:92:DC:58:33:81:4D:87:AE:08:FC:F5:4B:AA
Certificate issuer:       /CN=D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7
Certificate serial:       2D03CF58973F65768ECAC53A1B75EBA560980DDA
Authority key identifier: D8:3B:D8:1B:DC:0A:01:D1:AE:F1:AF:D4:0B:C6:A4:E7:2C:94:11:F7
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/323830343a323232633a3130303a3a2f34302d3434203d3e20323634353936.roa
Signing time:             Thu 04 Apr 2024 17:33:58 +0000
ROA not before:           Thu 04 Apr 2024 17:28:58 +0000
ROA not after:            Thu 03 Apr 2025 17:33:58 +0000
asID:                     264596
IP address blocks:        2804:222c:100::/40 maxlen: 44

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.crl
                          rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 18:27:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2d:03:cf:58:97:3f:65:76:8e:ca:c5:3a:1b:75:eb:a5:60:98:0d:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7
        Validity
            Not Before: Apr  4 17:28:58 2024 GMT
            Not After : Apr  3 17:33:58 2025 GMT
        Subject: CN=7A8DDB29425AB492DC5833814D87AE08FCF54BAA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:2b:6a:64:e1:b0:31:e5:9c:ed:2a:7a:1a:78:
                    ec:5e:b7:7d:9a:b2:64:a9:df:4d:c2:5a:cf:df:6b:
                    55:6d:65:8b:75:ae:6d:c1:33:2e:c1:4e:3f:5f:24:
                    00:c9:6e:9f:64:1e:e0:ff:0f:47:ef:07:ac:40:d5:
                    0a:bc:a8:da:d5:ed:44:a1:1d:d9:e1:d2:88:0d:ec:
                    0f:dd:81:d3:f5:2b:1b:8f:74:01:c4:dc:3d:89:93:
                    17:50:45:5d:58:de:45:97:29:b2:a7:fd:36:e9:dc:
                    29:9e:2c:7e:cf:23:e7:68:b6:45:f9:a2:70:ab:c6:
                    50:30:28:a8:65:53:db:1a:15:4b:d9:8d:0f:ef:01:
                    71:f5:30:3a:87:b5:34:d0:f1:82:75:11:7a:31:1c:
                    da:72:c9:b6:cc:42:12:36:58:43:52:03:78:5f:a1:
                    bc:6b:4f:11:df:ef:95:1c:9e:15:a3:d5:a0:17:3f:
                    48:08:35:f1:e8:c5:04:6a:23:5a:3c:60:3a:f1:d0:
                    cb:b1:57:db:12:27:70:71:3d:a4:6c:e0:b5:bb:76:
                    f8:d0:6a:22:f9:39:93:7a:47:92:c1:74:bd:14:73:
                    da:bc:94:40:b5:c5:74:bc:b8:59:8f:48:dd:cb:04:
                    91:d3:6a:5e:80:57:df:10:7d:60:84:1f:4c:29:87:
                    e5:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:8D:DB:29:42:5A:B4:92:DC:58:33:81:4D:87:AE:08:FC:F5:4B:AA
            X509v3 Authority Key Identifier:
                keyid:D8:3B:D8:1B:DC:0A:01:D1:AE:F1:AF:D4:0B:C6:A4:E7:2C:94:11:F7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/323830343a323232633a3130303a3a2f34302d3434203d3e20323634353936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:222c:100::/40

    Signature Algorithm: sha256WithRSAEncryption
         24:be:b2:45:f5:f8:ab:c5:55:c4:60:6b:eb:76:03:ca:34:24:
         a0:f7:4f:bd:a5:93:1a:54:52:12:08:53:e2:c5:ae:1e:90:04:
         46:eb:dd:d4:df:a9:59:56:a2:46:ec:57:fa:3e:60:38:83:37:
         f1:89:7e:06:a4:3a:61:39:18:ae:0c:1a:28:eb:94:74:be:7f:
         eb:c1:46:5c:db:b6:e5:81:9a:11:e5:41:fd:3c:0c:49:0b:cc:
         5c:6a:a9:3b:76:56:31:10:1b:87:b9:a9:0d:1c:2c:19:43:9f:
         66:cf:80:a3:1a:58:07:3c:7c:53:3a:dd:61:9c:b0:39:f1:2f:
         2c:6d:ba:df:c5:73:a4:7a:7f:53:88:5b:51:8f:2f:9a:0b:39:
         91:5c:5e:47:30:24:f3:ce:ca:c3:f8:d1:c2:59:33:18:45:ec:
         eb:92:87:46:3d:2c:6e:09:ea:ca:89:70:8c:c8:92:86:ba:37:
         85:b8:e2:b8:34:8d:2b:b7:ff:ba:26:87:cc:e3:c6:84:69:63:
         a9:65:7e:2c:e4:31:25:d6:65:76:34:79:8e:bc:5e:f0:63:5c:
         0c:55:7f:e9:8e:ed:8f:33:ff:13:f0:eb:ec:99:d1:35:0f:48:
         9a:b5:a9:29:a9:7e:dd:35:7f:14:f0:0c:4d:92:3f:70:b3:61:
         ad:1a:c3:b0
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIULQPPWJc/ZXaOysU6G3XrpWCYDdowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDgzQkQ4MUJEQzBBMDFEMUFFRjFBRkQ0MEJDNkE0RTcy
Qzk0MTFGNzAeFw0yNDA0MDQxNzI4NThaFw0yNTA0MDMxNzMzNThaMDMxMTAvBgNV
BAMTKDdBOEREQjI5NDI1QUI0OTJEQzU4MzM4MTREODdBRTA4RkNGNTRCQUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZK2pk4bAx5ZztKnoaeOxet32a
smSp303CWs/fa1VtZYt1rm3BMy7BTj9fJADJbp9kHuD/D0fvB6xA1Qq8qNrV7USh
Hdnh0ogN7A/dgdP1KxuPdAHE3D2JkxdQRV1Y3kWXKbKn/Tbp3CmeLH7PI+dotkX5
onCrxlAwKKhlU9saFUvZjQ/vAXH1MDqHtTTQ8YJ1EXoxHNpyybbMQhI2WENSA3hf
obxrTxHf75UcnhWj1aAXP0gINfHoxQRqI1o8YDrx0MuxV9sSJ3BxPaRs4LW7dvjQ
aiL5OZN6R5LBdL0Uc9q8lEC1xXS8uFmPSN3LBJHTal6AV98QfWCEH0wph+VpAgMB
AAGjggJZMIICVTAdBgNVHQ4EFgQUeo3bKUJatJLcWDOBTYeuCPz1S6owHwYDVR0j
BBgwFoAU2DvYG9wKAdGu8a/UC8ak5yyUEfcwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQkttRkRuRjZiWHZFWWJMcGJuaFpFV0VreGpHclpSUXBwWFFLNEZuVVRO
VlovMS9EODNCRDgxQkRDMEEwMUQxQUVGMUFGRDQwQkM2QTRFNzJDOTQxMUY3LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0Q4M0JEODFCREMwQTAxRDFB
RUYxQUZENDBCQzZBNEU3MkM5NDExRjcuY2VyMIG0BggrBgEFBQcBCwSBpzCBpDCB
oQYIKwYBBQUHMAuGgZRyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JLbUZEbkY2Ylh2RVliTHBibmhaRVdFa3hqR3JaUlFwcFhRSzRGblVUTlZaLzEv
MzIzODMwMzQzYTMyMzIzMjYzM2EzMTMwMzAzYTNhMmYzNDMwMmQzNDM0MjAzZDNl
MjAzMjM2MzQzNTM5MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYI
KwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAoBCIsATANBgkqhkiG9w0BAQsFAAOC
AQEAJL6yRfX4q8VVxGBr63YDyjQkoPdPvaWTGlRSEghT4sWuHpAERuvd1N+pWVai
RuxX+j5gOIM38Yl+BqQ6YTkYrgwaKOuUdL5/68FGXNu25YGaEeVB/TwMSQvMXGqp
O3ZWMRAbh7mpDRwsGUOfZs+AoxpYBzx8UzrdYZywOfEvLG2638VzpHp/U4hbUY8v
mgs5kVxeRzAk887Kw/jRwlkzGEXs65KHRj0sbgnqyolwjMiShro3hbjiuDSNK7f/
uiaHzOPGhGljqWV+LOQxJdZldjR5jrxe8GNcDFV/6Y7tjzP/E/Dr7JnRNQ9ImrWp
Kal+3TV/FPAMTZI/cLNhrRrDsA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:50:28 2024 by rpki-client on console-fra.rpki-client.org