Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/323830343a323232633a3a2f33322d3332203d3e20323634353936.roa
File:                     323830343a323232633a3a2f33322d3332203d3e20323634353936.roa (raw, json)
Hash identifier:          WgLPUWbopOZUFs5oQLdKQnBgxB12YPbN0k2ECBWNoVc=
Subject key identifier:   ED:D9:B7:EC:21:66:BA:E6:CC:F1:DC:32:32:A2:32:63:71:2A:61:B6
Certificate issuer:       /CN=D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7
Certificate serial:       6CD859E782225335FA30BDBF34530B2288A71C6C
Authority key identifier: D8:3B:D8:1B:DC:0A:01:D1:AE:F1:AF:D4:0B:C6:A4:E7:2C:94:11:F7
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/323830343a323232633a3a2f33322d3332203d3e20323634353936.roa
Signing time:             Thu 04 Apr 2024 17:33:58 +0000
ROA not before:           Thu 04 Apr 2024 17:28:58 +0000
ROA not after:            Thu 03 Apr 2025 17:33:58 +0000
asID:                     264596
IP address blocks:        2804:222c::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.crl
                          rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 19:11:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:d8:59:e7:82:22:53:35:fa:30:bd:bf:34:53:0b:22:88:a7:1c:6c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7
        Validity
            Not Before: Apr  4 17:28:58 2024 GMT
            Not After : Apr  3 17:33:58 2025 GMT
        Subject: CN=EDD9B7EC2166BAE6CCF1DC3232A23263712A61B6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:d9:b9:49:44:2a:77:05:a9:66:2f:e7:7c:bf:
                    ae:13:e5:a1:37:1e:0a:40:5c:8b:1f:ab:a7:e3:29:
                    9d:bf:f9:6c:25:ca:c5:f5:b3:68:46:10:2d:b2:21:
                    49:f7:b9:f6:d3:28:94:e2:e2:c7:a5:91:6e:26:f1:
                    1b:2b:c2:83:81:7f:40:77:7c:5b:89:00:e4:6c:8d:
                    2b:1b:40:1f:fa:93:78:71:a1:e4:e6:ee:bb:0d:6e:
                    9f:c1:8b:6b:c4:3d:0b:d5:4f:35:01:6c:62:0d:41:
                    01:20:0a:d2:95:d8:2b:d8:ab:68:d0:a1:08:e4:96:
                    6e:c4:70:e3:f5:77:a9:b7:9c:09:9d:e2:52:10:25:
                    3e:5a:07:60:d9:69:84:f6:e7:c6:01:52:04:ff:b3:
                    16:eb:2c:3f:b6:bb:aa:bb:90:ac:63:c4:83:65:b8:
                    3f:83:fa:f7:4e:8b:4e:93:df:b4:01:ad:a0:0d:c9:
                    50:10:39:a5:b3:5a:fe:4d:8f:1b:35:d6:bd:34:e6:
                    4c:cc:b2:17:9b:e9:6e:04:cf:1e:dd:79:cc:e7:d7:
                    43:f7:50:1d:4b:df:ec:73:58:c0:9f:99:93:c9:a5:
                    5e:c8:8b:6a:dd:03:71:03:3a:6d:26:b9:2e:6c:4b:
                    87:de:bc:c7:23:08:07:b9:f5:7a:fb:4b:5f:54:85:
                    57:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:D9:B7:EC:21:66:BA:E6:CC:F1:DC:32:32:A2:32:63:71:2A:61:B6
            X509v3 Authority Key Identifier:
                keyid:D8:3B:D8:1B:DC:0A:01:D1:AE:F1:AF:D4:0B:C6:A4:E7:2C:94:11:F7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D83BD81BDC0A01D1AEF1AFD40BC6A4E72C9411F7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BKmFDnF6bXvEYbLpbnhZEWEkxjGrZRQppXQK4FnUTNVZ/1/323830343a323232633a3a2f33322d3332203d3e20323634353936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:222c::/32

    Signature Algorithm: sha256WithRSAEncryption
         1d:93:23:eb:24:c9:72:61:3f:ea:70:d5:34:a2:7c:c2:94:bd:
         5b:ba:cf:45:ca:78:81:3d:39:e3:8b:8e:1d:7e:42:c5:a1:81:
         12:82:a8:0d:c2:1d:44:b1:ec:64:16:31:86:4a:d4:19:eb:90:
         38:fa:ff:f7:95:f7:cb:3e:86:36:00:7c:89:80:48:40:70:d6:
         74:ea:6b:8c:07:ec:55:37:50:8c:b7:f2:1c:f3:db:17:8d:27:
         4c:cd:b9:74:c0:10:21:52:61:90:e0:e0:86:4c:21:aa:d6:69:
         88:28:3b:84:34:a5:71:19:57:fc:9a:87:41:3e:f3:1e:88:55:
         b5:ef:d4:5a:91:cb:89:64:37:63:4b:43:0d:af:b6:d3:c1:7b:
         ec:ed:60:de:86:42:83:f8:f3:d3:b8:00:5c:76:66:ef:fb:47:
         4d:6d:36:79:fa:1b:3a:74:d8:6d:08:e4:a3:b3:12:99:97:5d:
         32:0d:a9:7d:04:f3:88:f8:d7:d7:68:db:01:8f:27:c1:3f:2a:
         c2:8d:f9:e4:f9:b4:36:cc:58:12:11:58:e6:43:8e:88:64:40:
         93:65:0d:c5:92:a3:9f:1b:19:b6:d0:f6:12:22:7d:db:a9:3f:
         08:90:72:ff:e8:da:a2:7c:45:e8:4a:b3:50:e4:a6:d7:e1:2c:
         8f:b3:91:46
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUbNhZ54IiUzX6ML2/NFMLIoinHGwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDgzQkQ4MUJEQzBBMDFEMUFFRjFBRkQ0MEJDNkE0RTcy
Qzk0MTFGNzAeFw0yNDA0MDQxNzI4NThaFw0yNTA0MDMxNzMzNThaMDMxMTAvBgNV
BAMTKEVERDlCN0VDMjE2NkJBRTZDQ0YxREMzMjMyQTIzMjYzNzEyQTYxQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDL2blJRCp3BalmL+d8v64T5aE3
HgpAXIsfq6fjKZ2/+WwlysX1s2hGEC2yIUn3ufbTKJTi4selkW4m8RsrwoOBf0B3
fFuJAORsjSsbQB/6k3hxoeTm7rsNbp/Bi2vEPQvVTzUBbGINQQEgCtKV2CvYq2jQ
oQjklm7EcOP1d6m3nAmd4lIQJT5aB2DZaYT258YBUgT/sxbrLD+2u6q7kKxjxINl
uD+D+vdOi06T37QBraANyVAQOaWzWv5Njxs11r005kzMsheb6W4Ezx7deczn10P3
UB1L3+xzWMCfmZPJpV7Ii2rdA3EDOm0muS5sS4fevMcjCAe59Xr7S19UhVcrAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQU7dm37CFmuubM8dwyMqIyY3EqYbYwHwYDVR0j
BBgwFoAU2DvYG9wKAdGu8a/UC8ak5yyUEfcwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQkttRkRuRjZiWHZFWWJMcGJuaFpFV0VreGpHclpSUXBwWFFLNEZuVVRO
VlovMS9EODNCRDgxQkRDMEEwMUQxQUVGMUFGRDQwQkM2QTRFNzJDOTQxMUY3LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0Q4M0JEODFCREMwQTAxRDFB
RUYxQUZENDBCQzZBNEU3MkM5NDExRjcuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JLbUZEbkY2Ylh2RVliTHBibmhaRVdFa3hqR3JaUlFwcFhRSzRGblVUTlZaLzEv
MzIzODMwMzQzYTMyMzIzMjYzM2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzNjM0
MzUzOTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKAQiLDANBgkqhkiG9w0BAQsFAAOCAQEAHZMj6yTJ
cmE/6nDVNKJ8wpS9W7rPRcp4gT0544uOHX5CxaGBEoKoDcIdRLHsZBYxhkrUGeuQ
OPr/95X3yz6GNgB8iYBIQHDWdOprjAfsVTdQjLfyHPPbF40nTM25dMAQIVJhkODg
hkwhqtZpiCg7hDSlcRlX/JqHQT7zHohVte/UWpHLiWQ3Y0tDDa+208F77O1g3oZC
g/jz07gAXHZm7/tHTW02efobOnTYbQjko7MSmZddMg2pfQTziPjX12jbAY8nwT8q
wo355Pm0NsxYEhFY5kOOiGRAk2UNxZKjnxsZttD2EiJ926k/CJBy/+jaonxF6Eqz
UOSm1+Esj7ORRg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:44:23 2024 by rpki-client on console-ams.rpki-client.org