Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BfMwy4Nqwej4UcU8EL3knZ2kytFo19gF6yPT1REi2Mov/1/323830343a346265303a383030303a3a2f33342d3334203d3e20323637333334.roa
File:                     323830343a346265303a383030303a3a2f33342d3334203d3e20323637333334.roa (raw, json)
Hash identifier:          xy3SgijExkk09MgR4xB3uOD+S9LNKp01NUnmcQsBJZw=
Subject key identifier:   C2:36:60:B8:B1:7C:15:80:6B:58:87:B7:05:C8:9E:BD:9E:B9:9C:64
Certificate issuer:       /CN=D2FC8637672F6995F171A261D51674A50FE454A6
Certificate serial:       666E8E655017EF0FA0FDF8C56F76298F2A42C632
Authority key identifier: D2:FC:86:37:67:2F:69:95:F1:71:A2:61:D5:16:74:A5:0F:E4:54:A6
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D2FC8637672F6995F171A261D51674A50FE454A6.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BfMwy4Nqwej4UcU8EL3knZ2kytFo19gF6yPT1REi2Mov/1/323830343a346265303a383030303a3a2f33342d3334203d3e20323637333334.roa
Signing time:             Wed 03 Apr 2024 18:30:15 +0000
ROA not before:           Wed 03 Apr 2024 18:25:15 +0000
ROA not after:            Wed 02 Apr 2025 18:30:15 +0000
asID:                     267334
IP address blocks:        2804:4be0:8000::/34 maxlen: 34

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BfMwy4Nqwej4UcU8EL3knZ2kytFo19gF6yPT1REi2Mov/1/D2FC8637672F6995F171A261D51674A50FE454A6.crl
                          rsync://rpki-repo.registro.br/repo/BfMwy4Nqwej4UcU8EL3knZ2kytFo19gF6yPT1REi2Mov/1/D2FC8637672F6995F171A261D51674A50FE454A6.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D2FC8637672F6995F171A261D51674A50FE454A6.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 19:40:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:6e:8e:65:50:17:ef:0f:a0:fd:f8:c5:6f:76:29:8f:2a:42:c6:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2FC8637672F6995F171A261D51674A50FE454A6
        Validity
            Not Before: Apr  3 18:25:15 2024 GMT
            Not After : Apr  2 18:30:15 2025 GMT
        Subject: CN=C23660B8B17C15806B5887B705C89EBD9EB99C64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:fc:6e:30:eb:ec:9a:de:95:a1:bf:10:8b:68:
                    93:0f:18:1f:3c:cc:80:c9:3a:a5:53:0d:2e:a5:d8:
                    d4:50:52:56:f6:4a:f3:4b:55:7c:b8:ec:6c:8d:87:
                    0a:bc:8b:d3:9b:09:63:b5:86:87:10:a8:89:5d:4e:
                    9d:4e:fc:fd:2c:cb:a4:77:4a:9f:5e:74:50:e6:d4:
                    b2:c9:22:04:1d:36:50:c1:a4:bc:d1:b8:3b:88:30:
                    41:0d:c7:7d:bb:ca:69:07:e2:ac:f7:1d:f5:df:51:
                    b8:e8:14:ed:d6:c6:43:93:6a:fe:eb:6d:ae:91:fa:
                    92:5a:bc:6a:7f:a7:cb:d2:bb:e2:42:66:52:ca:8e:
                    43:e7:b3:e5:b0:0b:6c:a9:bc:e5:f6:e8:4f:12:1f:
                    ab:38:86:3e:ee:4d:7a:7b:3c:53:a9:f9:10:72:7f:
                    0d:a6:d1:d6:5a:07:98:37:22:75:83:b3:3e:da:da:
                    10:fc:1b:7c:8b:1b:d6:18:87:37:09:b8:cf:5b:95:
                    7a:90:9f:2f:74:08:6a:33:45:70:f2:cb:cf:a6:73:
                    bf:30:68:1e:58:bc:e0:da:7c:76:94:cd:6c:a0:31:
                    89:8d:e6:1c:62:4a:4d:1e:f3:94:fc:ba:28:ea:9d:
                    50:ca:74:e6:fe:21:f6:d7:4b:4d:6c:3d:c7:55:40:
                    d8:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C2:36:60:B8:B1:7C:15:80:6B:58:87:B7:05:C8:9E:BD:9E:B9:9C:64
            X509v3 Authority Key Identifier:
                keyid:D2:FC:86:37:67:2F:69:95:F1:71:A2:61:D5:16:74:A5:0F:E4:54:A6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BfMwy4Nqwej4UcU8EL3knZ2kytFo19gF6yPT1REi2Mov/1/D2FC8637672F6995F171A261D51674A50FE454A6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D2FC8637672F6995F171A261D51674A50FE454A6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BfMwy4Nqwej4UcU8EL3knZ2kytFo19gF6yPT1REi2Mov/1/323830343a346265303a383030303a3a2f33342d3334203d3e20323637333334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:4be0:8000::/34

    Signature Algorithm: sha256WithRSAEncryption
         70:5e:92:df:3a:7a:f1:9f:b8:9d:2c:28:6f:a5:eb:ec:3e:db:
         1a:13:b2:d6:46:31:4a:2b:b1:3a:c6:c7:df:ef:6b:ab:bb:3a:
         0f:87:9a:85:48:bf:9d:eb:c0:0e:07:33:30:9a:f3:83:5e:ea:
         37:37:a4:6d:a0:f0:dc:7e:b3:4e:7d:e6:9c:89:61:24:06:7d:
         3b:6d:36:d6:bb:8f:42:f2:1b:03:db:12:34:4e:1f:9f:bb:c5:
         f3:ee:f2:ca:82:cb:60:ef:7d:16:32:cf:17:fb:64:36:01:77:
         56:37:62:2c:c6:dd:c5:c6:e2:0f:49:03:b7:ac:44:1d:6a:c7:
         af:1b:5a:a8:d8:68:e8:b9:84:7e:c9:9b:10:c3:f2:f0:16:1c:
         1c:61:c9:8c:37:3d:c7:25:d4:54:02:03:74:7b:84:40:84:e5:
         16:af:44:bf:df:77:d7:d9:41:2b:98:7d:79:ef:ec:bf:77:48:
         2c:42:f8:5e:af:0a:17:e0:be:5c:31:32:99:98:ef:01:c3:ff:
         45:55:46:44:3d:7f:22:86:69:cd:12:d0:5a:16:e6:ff:d7:da:
         79:a9:05:89:28:6a:fb:b9:78:2d:57:3d:0b:5f:50:86:2f:e6:
         d6:6e:68:00:81:90:05:b4:db:d6:42:16:b9:bb:d8:f7:60:f2:
         74:0c:c8:15
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUZm6OZVAX7w+g/fjFb3YpjypCxjIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDJGQzg2Mzc2NzJGNjk5NUYxNzFBMjYxRDUxNjc0QTUw
RkU0NTRBNjAeFw0yNDA0MDMxODI1MTVaFw0yNTA0MDIxODMwMTVaMDMxMTAvBgNV
BAMTKEMyMzY2MEI4QjE3QzE1ODA2QjU4ODdCNzA1Qzg5RUJEOUVCOTlDNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU/G4w6+ya3pWhvxCLaJMPGB88
zIDJOqVTDS6l2NRQUlb2SvNLVXy47GyNhwq8i9ObCWO1hocQqIldTp1O/P0sy6R3
Sp9edFDm1LLJIgQdNlDBpLzRuDuIMEENx327ymkH4qz3HfXfUbjoFO3WxkOTav7r
ba6R+pJavGp/p8vSu+JCZlLKjkPns+WwC2ypvOX26E8SH6s4hj7uTXp7PFOp+RBy
fw2m0dZaB5g3InWDsz7a2hD8G3yLG9YYhzcJuM9blXqQny90CGozRXDyy8+mc78w
aB5YvODafHaUzWygMYmN5hxiSk0e85T8uijqnVDKdOb+IfbXS01sPcdVQNidAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUwjZguLF8FYBrWIe3BcievZ65nGQwHwYDVR0j
BBgwFoAU0vyGN2cvaZXxcaJh1RZ0pQ/kVKYwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQmZNd3k0TnF3ZWo0VWNVOEVMM2tuWjJreXRGbzE5Z0Y2eVBUMVJFaTJN
b3YvMS9EMkZDODYzNzY3MkY2OTk1RjE3MUEyNjFENTE2NzRBNTBGRTQ1NEE2LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0QyRkM4NjM3NjcyRjY5OTVG
MTcxQTI2MUQ1MTY3NEE1MEZFNDU0QTYuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JmTXd5NE5xd2VqNFVjVThFTDNrbloya3l0Rm8xOWdGNnlQVDFSRWkyTW92LzEv
MzIzODMwMzQzYTM0NjI2NTMwM2EzODMwMzAzMDNhM2EyZjMzMzQyZDMzMzQyMDNk
M2UyMDMyMzYzNzMzMzMzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBigES+CAMA0GCSqGSIb3DQEBCwUA
A4IBAQBwXpLfOnrxn7idLChvpevsPtsaE7LWRjFKK7E6xsff72uruzoPh5qFSL+d
68AOBzMwmvODXuo3N6RtoPDcfrNOfeaciWEkBn07bTbWu49C8hsD2xI0Th+fu8Xz
7vLKgstg730WMs8X+2Q2AXdWN2Isxt3FxuIPSQO3rEQdasevG1qo2GjouYR+yZsQ
w/LwFhwcYcmMNz3HJdRUAgN0e4RAhOUWr0S/33fX2UErmH157+y/d0gsQvherwoX
4L5cMTKZmO8Bw/9FVUZEPX8ihmnNEtBaFub/19p5qQWJKGr7uXgtVz0LX1CGL+bW
bmgAgZAFtNvWQha5u9j3YPJ0DMgV
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:42:19 2024 by rpki-client on console-fra.rpki-client.org