Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BfMwy4Nqwej4UcU8EL3knZ2kytFo19gF6yPT1REi2Mov/1/323830343a346265303a343030303a3a2f33342d3334203d3e20323637333334.roa
File:                     323830343a346265303a343030303a3a2f33342d3334203d3e20323637333334.roa (raw, json)
Hash identifier:          WUOGO1zH7Cas4viz/w5KEBTU5dntK6yboY6koNLPTfw=
Subject key identifier:   9B:01:F5:24:0C:AE:E5:77:A4:7A:53:EA:FD:6D:37:72:73:4C:1D:48
Certificate issuer:       /CN=D2FC8637672F6995F171A261D51674A50FE454A6
Certificate serial:       23616954D29CA3EC794E0BA48A01B99D9A4DD5DC
Authority key identifier: D2:FC:86:37:67:2F:69:95:F1:71:A2:61:D5:16:74:A5:0F:E4:54:A6
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D2FC8637672F6995F171A261D51674A50FE454A6.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BfMwy4Nqwej4UcU8EL3knZ2kytFo19gF6yPT1REi2Mov/1/323830343a346265303a343030303a3a2f33342d3334203d3e20323637333334.roa
Signing time:             Wed 03 Apr 2024 18:30:14 +0000
ROA not before:           Wed 03 Apr 2024 18:25:14 +0000
ROA not after:            Wed 02 Apr 2025 18:30:14 +0000
asID:                     267334
IP address blocks:        2804:4be0:4000::/34 maxlen: 34

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BfMwy4Nqwej4UcU8EL3knZ2kytFo19gF6yPT1REi2Mov/1/D2FC8637672F6995F171A261D51674A50FE454A6.crl
                          rsync://rpki-repo.registro.br/repo/BfMwy4Nqwej4UcU8EL3knZ2kytFo19gF6yPT1REi2Mov/1/D2FC8637672F6995F171A261D51674A50FE454A6.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D2FC8637672F6995F171A261D51674A50FE454A6.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 26 Nov 2024 22:33:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:61:69:54:d2:9c:a3:ec:79:4e:0b:a4:8a:01:b9:9d:9a:4d:d5:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2FC8637672F6995F171A261D51674A50FE454A6
        Validity
            Not Before: Apr  3 18:25:14 2024 GMT
            Not After : Apr  2 18:30:14 2025 GMT
        Subject: CN=9B01F5240CAEE577A47A53EAFD6D3772734C1D48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:81:50:68:66:1b:09:55:39:e2:9f:9d:5a:f7:
                    9f:7e:a0:56:31:ea:c4:8d:91:3a:35:d2:43:d3:c1:
                    80:0c:5f:1d:9b:e0:81:22:e4:2d:22:85:8f:14:fb:
                    da:5e:33:be:a7:c0:83:01:ce:ab:c1:99:7d:d5:ef:
                    82:1c:fe:fb:80:c2:88:e9:7f:c4:67:70:e5:26:9b:
                    66:3d:57:ba:30:2c:8f:d3:bc:94:df:89:70:2a:44:
                    1d:9c:9d:d5:56:08:14:29:27:01:ec:c6:7f:67:7a:
                    f4:70:45:69:73:00:b4:99:98:9b:d5:3e:ca:3c:3e:
                    c0:70:a4:2c:94:c5:fa:c0:16:c2:f3:0c:ba:d3:e1:
                    09:86:26:43:0f:72:13:60:33:a0:73:3d:95:43:d2:
                    05:40:c4:76:6e:31:f7:c4:14:f2:a3:ba:5b:b9:08:
                    66:f5:97:b0:fa:f0:18:c9:13:3a:fb:46:d8:e0:a8:
                    c6:62:70:bf:80:c1:f1:8a:f8:60:51:68:29:17:5d:
                    f4:de:d7:6e:98:a8:3d:58:54:6c:d9:22:da:a2:43:
                    64:59:c1:6c:e0:f9:45:62:11:99:6c:9e:a3:ef:c8:
                    b2:ce:72:23:03:5c:67:66:dd:b7:b2:62:7c:7a:57:
                    7d:e1:53:2a:5e:9d:be:1b:f1:0d:47:05:8e:9e:95:
                    25:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:01:F5:24:0C:AE:E5:77:A4:7A:53:EA:FD:6D:37:72:73:4C:1D:48
            X509v3 Authority Key Identifier:
                keyid:D2:FC:86:37:67:2F:69:95:F1:71:A2:61:D5:16:74:A5:0F:E4:54:A6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BfMwy4Nqwej4UcU8EL3knZ2kytFo19gF6yPT1REi2Mov/1/D2FC8637672F6995F171A261D51674A50FE454A6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D2FC8637672F6995F171A261D51674A50FE454A6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BfMwy4Nqwej4UcU8EL3knZ2kytFo19gF6yPT1REi2Mov/1/323830343a346265303a343030303a3a2f33342d3334203d3e20323637333334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:4be0:4000::/34

    Signature Algorithm: sha256WithRSAEncryption
         73:18:bc:dd:fd:6f:a2:af:f1:e0:93:74:bc:e4:27:95:24:05:
         81:9b:f0:19:00:8c:91:e9:f0:fe:75:58:32:7c:82:25:d1:40:
         6d:d3:5a:64:c7:ae:fe:b6:e0:65:cf:c5:11:cd:cb:79:c2:16:
         05:7e:97:64:85:49:53:b6:c5:77:57:bc:07:c3:5b:da:56:de:
         1b:8d:32:ae:dd:41:28:64:be:eb:ae:24:6c:bc:79:f9:74:ab:
         29:eb:8e:5b:21:b6:71:0c:c2:4e:f4:6c:84:05:0d:1f:af:3f:
         e0:6a:46:38:52:85:8a:81:89:3b:4f:05:51:f4:3c:1a:06:2e:
         25:c2:bc:d8:88:bf:6f:49:60:3f:46:b8:68:db:4c:62:f8:cd:
         7c:63:dc:10:bf:e5:24:c4:aa:66:04:13:eb:8d:1e:a4:ce:c5:
         91:fe:b1:65:4a:60:0e:1a:e8:ee:a0:7f:01:af:4a:22:38:d2:
         9b:45:bf:32:1f:0f:7a:61:41:03:85:24:bd:74:33:f1:21:89:
         b1:ee:50:5e:50:8c:0e:5d:3f:d6:dd:5c:f3:f3:fe:5b:91:80:
         d5:87:ca:0b:79:fa:6b:48:16:90:1c:82:6e:96:93:4a:58:1d:
         b6:df:4c:28:8d:18:b0:a7:97:2d:cc:88:4d:82:86:48:f6:a5:
         c5:69:f2:4a
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUI2FpVNKco+x5TgukigG5nZpN1dwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDJGQzg2Mzc2NzJGNjk5NUYxNzFBMjYxRDUxNjc0QTUw
RkU0NTRBNjAeFw0yNDA0MDMxODI1MTRaFw0yNTA0MDIxODMwMTRaMDMxMTAvBgNV
BAMTKDlCMDFGNTI0MENBRUU1NzdBNDdBNTNFQUZENkQzNzcyNzM0QzFENDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsgVBoZhsJVTnin51a959+oFYx
6sSNkTo10kPTwYAMXx2b4IEi5C0ihY8U+9peM76nwIMBzqvBmX3V74Ic/vuAwojp
f8RncOUmm2Y9V7owLI/TvJTfiXAqRB2cndVWCBQpJwHsxn9nevRwRWlzALSZmJvV
Pso8PsBwpCyUxfrAFsLzDLrT4QmGJkMPchNgM6BzPZVD0gVAxHZuMffEFPKjulu5
CGb1l7D68BjJEzr7RtjgqMZicL+AwfGK+GBRaCkXXfTe126YqD1YVGzZItqiQ2RZ
wWzg+UViEZlsnqPvyLLOciMDXGdm3beyYnx6V33hUypenb4b8Q1HBY6elSVnAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUmwH1JAyu5XekelPq/W03cnNMHUgwHwYDVR0j
BBgwFoAU0vyGN2cvaZXxcaJh1RZ0pQ/kVKYwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQmZNd3k0TnF3ZWo0VWNVOEVMM2tuWjJreXRGbzE5Z0Y2eVBUMVJFaTJN
b3YvMS9EMkZDODYzNzY3MkY2OTk1RjE3MUEyNjFENTE2NzRBNTBGRTQ1NEE2LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0QyRkM4NjM3NjcyRjY5OTVG
MTcxQTI2MUQ1MTY3NEE1MEZFNDU0QTYuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JmTXd5NE5xd2VqNFVjVThFTDNrbloya3l0Rm8xOWdGNnlQVDFSRWkyTW92LzEv
MzIzODMwMzQzYTM0NjI2NTMwM2EzNDMwMzAzMDNhM2EyZjMzMzQyZDMzMzQyMDNk
M2UyMDMyMzYzNzMzMzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBigES+BAMA0GCSqGSIb3DQEBCwUA
A4IBAQBzGLzd/W+ir/Hgk3S85CeVJAWBm/AZAIyR6fD+dVgyfIIl0UBt01pkx67+
tuBlz8URzct5whYFfpdkhUlTtsV3V7wHw1vaVt4bjTKu3UEoZL7rriRsvHn5dKsp
645bIbZxDMJO9GyEBQ0frz/gakY4UoWKgYk7TwVR9DwaBi4lwrzYiL9vSWA/Rrho
20xi+M18Y9wQv+UkxKpmBBPrjR6kzsWR/rFlSmAOGujuoH8Br0oiONKbRb8yHw96
YUEDhSS9dDPxIYmx7lBeUIwOXT/W3Vzz8/5bkYDVh8oLefprSBaQHIJulpNKWB22
30wojRiwp5ctzIhNgoZI9qXFafJK
-----END CERTIFICATE-----
Generated at Mon Nov 25 23:58:56 2024 by rpki-client on console-fra.rpki-client.org