Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BfgwUDQt9odgQzmaAbdMSnFWjeZw3KCBnX8Ee9f2pXdt/1/3137372e3232332e35372e302f32342d3234203d3e20323633353030.roa
File:                     3137372e3232332e35372e302f32342d3234203d3e20323633353030.roa (raw, json)
Hash identifier:          X3gvStv6su86qLWjVp67pR8hpnTIDRxHreslQF99Sao=
Subject key identifier:   E1:36:B2:77:A9:B8:C8:D6:F7:0F:4E:25:6F:82:BC:1D:0C:19:02:45
Certificate issuer:       /CN=688CFC6ED295D85CCEC2EEE0687D7F1077721DC1
Certificate serial:       54F38B8E9CD8A8DCBEED7838E0660FAF3B966965
Authority key identifier: 68:8C:FC:6E:D2:95:D8:5C:CE:C2:EE:E0:68:7D:7F:10:77:72:1D:C1
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/688CFC6ED295D85CCEC2EEE0687D7F1077721DC1.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BfgwUDQt9odgQzmaAbdMSnFWjeZw3KCBnX8Ee9f2pXdt/1/3137372e3232332e35372e302f32342d3234203d3e20323633353030.roa
Signing time:             Thu 04 Apr 2024 10:58:32 +0000
ROA not before:           Thu 04 Apr 2024 10:53:32 +0000
ROA not after:            Thu 03 Apr 2025 10:58:32 +0000
asID:                     263500
IP address blocks:        177.223.57.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BfgwUDQt9odgQzmaAbdMSnFWjeZw3KCBnX8Ee9f2pXdt/1/688CFC6ED295D85CCEC2EEE0687D7F1077721DC1.crl
                          rsync://rpki-repo.registro.br/repo/BfgwUDQt9odgQzmaAbdMSnFWjeZw3KCBnX8Ee9f2pXdt/1/688CFC6ED295D85CCEC2EEE0687D7F1077721DC1.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/688CFC6ED295D85CCEC2EEE0687D7F1077721DC1.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 14:46:33 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:f3:8b:8e:9c:d8:a8:dc:be:ed:78:38:e0:66:0f:af:3b:96:69:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=688CFC6ED295D85CCEC2EEE0687D7F1077721DC1
        Validity
            Not Before: Apr  4 10:53:32 2024 GMT
            Not After : Apr  3 10:58:32 2025 GMT
        Subject: CN=E136B277A9B8C8D6F70F4E256F82BC1D0C190245
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:c3:74:15:69:61:3e:5e:bc:ed:10:5d:6b:8e:
                    e4:62:8a:84:b2:20:df:14:27:f4:67:b4:aa:97:73:
                    27:57:81:6c:d1:85:f6:cc:92:23:77:e3:75:3b:9b:
                    8c:b0:9d:9b:d7:1c:ee:25:84:bb:8b:e4:53:91:79:
                    05:b8:4f:18:da:66:89:00:a9:73:0f:4f:fd:79:12:
                    cb:44:15:f1:9a:4d:ee:f0:23:2a:49:5b:82:e4:fb:
                    09:84:b5:77:4f:68:c7:59:0b:9e:1c:08:ae:b3:60:
                    76:be:63:5c:12:53:78:dc:2b:9c:9e:4a:5e:82:79:
                    ea:d3:ed:e9:63:7a:82:54:19:6b:38:17:4d:0f:eb:
                    26:48:c9:63:a9:3a:84:0d:33:c7:cb:a6:9d:af:5b:
                    bd:b6:2a:57:9a:0b:b7:ee:37:c8:42:cc:05:c9:74:
                    21:a7:eb:4e:07:ce:1f:16:c0:4f:69:6a:d7:25:5f:
                    91:d9:46:ee:2a:ed:dc:95:64:99:27:d5:e3:01:48:
                    3f:d4:90:d8:b8:1f:e0:22:86:6a:cc:3a:db:c8:ab:
                    b9:14:11:41:b4:f4:e6:29:c1:0e:92:d3:18:e6:92:
                    91:97:de:ca:51:4c:51:15:58:59:a5:5e:60:9a:ee:
                    bf:db:8e:de:8a:76:f2:4d:57:51:1b:b8:d9:d6:e4:
                    61:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E1:36:B2:77:A9:B8:C8:D6:F7:0F:4E:25:6F:82:BC:1D:0C:19:02:45
            X509v3 Authority Key Identifier:
                keyid:68:8C:FC:6E:D2:95:D8:5C:CE:C2:EE:E0:68:7D:7F:10:77:72:1D:C1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BfgwUDQt9odgQzmaAbdMSnFWjeZw3KCBnX8Ee9f2pXdt/1/688CFC6ED295D85CCEC2EEE0687D7F1077721DC1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/688CFC6ED295D85CCEC2EEE0687D7F1077721DC1.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BfgwUDQt9odgQzmaAbdMSnFWjeZw3KCBnX8Ee9f2pXdt/1/3137372e3232332e35372e302f32342d3234203d3e20323633353030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.223.57.0/24

    Signature Algorithm: sha256WithRSAEncryption
         6e:a5:14:73:8e:fb:49:9e:e3:9b:9a:55:a4:93:fa:7f:35:d3:
         92:ec:1b:36:74:42:15:38:b0:db:49:dd:38:14:15:51:24:87:
         44:df:f9:71:20:e8:d7:66:6d:a8:62:c2:88:49:e6:4e:ff:d7:
         54:ab:5f:e2:66:6b:9c:b2:52:93:49:2f:fb:6f:5b:7d:22:67:
         73:b3:3f:c4:6d:85:16:3e:6e:e8:17:90:56:32:69:7c:2b:3e:
         46:70:b1:86:c4:10:19:7a:f1:ca:b3:f6:f1:89:be:0e:3a:d7:
         26:9a:51:ae:08:c8:e2:7e:82:3f:44:b3:8a:7e:63:94:7b:82:
         f8:0d:13:6c:ed:8e:d8:49:2c:be:bf:93:2a:36:21:22:a2:96:
         55:be:be:bf:b7:29:43:ca:ae:87:39:05:a0:3d:c0:02:51:fc:
         bb:cd:d3:17:a1:fb:ef:59:b1:54:9c:d0:99:ae:c2:0b:fb:52:
         ab:84:09:90:34:a1:0b:f2:4f:0d:6d:ff:cd:36:6e:59:ab:7f:
         67:f0:85:a9:05:41:60:cb:7a:0a:4d:16:73:76:ba:5a:8e:2a:
         4c:07:25:0e:bb:5e:08:8f:ea:e8:55:67:fa:23:04:f2:50:29:
         7f:0f:de:5f:52:68:80:b0:2c:59:39:06:c6:02:1f:87:cc:77:
         33:bf:96:b5
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUVPOLjpzYqNy+7Xg44GYPrzuWaWUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjg4Q0ZDNkVEMjk1RDg1Q0NFQzJFRUUwNjg3RDdGMTA3
NzcyMURDMTAeFw0yNDA0MDQxMDUzMzJaFw0yNTA0MDMxMDU4MzJaMDMxMTAvBgNV
BAMTKEUxMzZCMjc3QTlCOEM4RDZGNzBGNEUyNTZGODJCQzFEMEMxOTAyNDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTw3QVaWE+XrztEF1rjuRiioSy
IN8UJ/RntKqXcydXgWzRhfbMkiN343U7m4ywnZvXHO4lhLuL5FOReQW4TxjaZokA
qXMPT/15EstEFfGaTe7wIypJW4Lk+wmEtXdPaMdZC54cCK6zYHa+Y1wSU3jcK5ye
Sl6CeerT7eljeoJUGWs4F00P6yZIyWOpOoQNM8fLpp2vW722KleaC7fuN8hCzAXJ
dCGn604Hzh8WwE9patclX5HZRu4q7dyVZJkn1eMBSD/UkNi4H+AihmrMOtvIq7kU
EUG09OYpwQ6S0xjmkpGX3spRTFEVWFmlXmCa7r/bjt6KdvJNV1EbuNnW5GGdAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQU4Tayd6m4yNb3D04lb4K8HQwZAkUwHwYDVR0j
BBgwFoAUaIz8btKV2FzOwu7gaH1/EHdyHcEwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQmZnd1VEUXQ5b2RnUXptYUFiZE1TbkZXamVadzNLQ0JuWDhFZTlmMnBY
ZHQvMS82ODhDRkM2RUQyOTVEODVDQ0VDMkVFRTA2ODdEN0YxMDc3NzIxREMxLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzY4OENGQzZFRDI5NUQ4NUND
RUMyRUVFMDY4N0Q3RjEwNzc3MjFEQzEuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JmZ3dVRFF0OW9kZ1F6bWFBYmRNU25GV2plWnczS0NCblg4RWU5ZjJwWGR0LzEv
MzEzNzM3MmUzMjMyMzMyZTM1MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2
MzMzNTMwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBACx3zkwDQYJKoZIhvcNAQELBQADggEBAG6lFHOO
+0me45uaVaST+n8105LsGzZ0QhU4sNtJ3TgUFVEkh0Tf+XEg6NdmbahiwohJ5k7/
11SrX+Jma5yyUpNJL/tvW30iZ3OzP8RthRY+bugXkFYyaXwrPkZwsYbEEBl68cqz
9vGJvg461yaaUa4IyOJ+gj9Es4p+Y5R7gvgNE2ztjthJLL6/kyo2ISKillW+vr+3
KUPKroc5BaA9wAJR/LvN0xeh++9ZsVSc0Jmuwgv7UquECZA0oQvyTw1t/802blmr
f2fwhakFQWDLegpNFnN2ulqOKkwHJQ67XgiP6uhVZ/ojBPJQKX8P3l9SaICwLFk5
BsYCH4fMdzO/lrU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:31:58 2024 by rpki-client on console-fra.rpki-client.org