Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BvGzH6Pqd79p339G3eD22s9RTKUygLoNXNEhvNZqzv93/0/3138372e38362e3139342e302f32342d3234203d3e20323639303733.roa
File:                     3138372e38362e3139342e302f32342d3234203d3e20323639303733.roa (raw, json)
Hash identifier:          BT5iLRbBdNmeV0/hV45haXmR7fZjyrhf1CK1X/0sJM4=
Subject key identifier:   8A:47:E5:94:76:F0:95:24:67:3B:23:25:4B:D1:CD:50:F1:E4:BC:C6
Certificate issuer:       /CN=7C85DCA145843B801E0DE7F701B0084B2991189D
Certificate serial:       75A2ED99F2557994A0A967E574E48756B9CCBC04
Authority key identifier: 7C:85:DC:A1:45:84:3B:80:1E:0D:E7:F7:01:B0:08:4B:29:91:18:9D
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7C85DCA145843B801E0DE7F701B0084B2991189D.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BvGzH6Pqd79p339G3eD22s9RTKUygLoNXNEhvNZqzv93/0/3138372e38362e3139342e302f32342d3234203d3e20323639303733.roa
Signing time:             Fri 19 Apr 2024 20:19:28 +0000
ROA not before:           Fri 19 Apr 2024 20:14:28 +0000
ROA not after:            Fri 18 Apr 2025 20:19:28 +0000
asID:                     269073
IP address blocks:        187.86.194.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BvGzH6Pqd79p339G3eD22s9RTKUygLoNXNEhvNZqzv93/0/7C85DCA145843B801E0DE7F701B0084B2991189D.crl
                          rsync://rpki-repo.registro.br/repo/BvGzH6Pqd79p339G3eD22s9RTKUygLoNXNEhvNZqzv93/0/7C85DCA145843B801E0DE7F701B0084B2991189D.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7C85DCA145843B801E0DE7F701B0084B2991189D.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 16 Jun 2024 19:20:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:a2:ed:99:f2:55:79:94:a0:a9:67:e5:74:e4:87:56:b9:cc:bc:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7C85DCA145843B801E0DE7F701B0084B2991189D
        Validity
            Not Before: Apr 19 20:14:28 2024 GMT
            Not After : Apr 18 20:19:28 2025 GMT
        Subject: CN=8A47E59476F09524673B23254BD1CD50F1E4BCC6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:38:c1:9c:47:86:9a:01:20:e2:e0:07:fa:d0:
                    dd:3a:27:c1:c6:9b:60:27:a2:22:dd:f2:a5:61:d7:
                    bf:be:16:d3:a5:07:db:b8:26:7c:eb:ae:5c:b8:42:
                    55:e8:e5:e5:f9:9d:d8:b7:6f:5f:08:5c:53:30:ec:
                    71:1d:ff:e8:76:f8:d4:cd:e7:df:96:a8:55:ba:44:
                    46:02:68:81:d4:2e:06:c3:10:ee:68:58:87:96:2b:
                    c9:73:b5:83:05:a7:a5:59:f2:e6:39:ec:4e:f1:d4:
                    80:d8:82:d3:3d:92:11:46:bc:4f:66:5b:78:d8:14:
                    44:33:e6:28:f3:e0:48:a1:96:a0:0c:85:bd:72:0a:
                    6c:ad:90:ae:6e:94:8e:84:a1:59:fb:61:41:df:44:
                    e9:99:33:1b:dd:af:6b:5b:4b:35:36:00:55:94:54:
                    41:79:d0:9f:f7:3c:68:a5:7c:9b:2e:88:f0:f7:73:
                    81:14:4b:d7:ed:8e:d8:8a:63:6d:73:69:3c:78:65:
                    2c:8b:f7:64:c6:f8:0d:fd:a8:87:d1:59:ee:74:a7:
                    4b:6b:4f:6b:d3:0d:b1:12:c4:11:ac:36:9f:1a:ea:
                    35:d4:ab:32:d7:e8:4e:a3:f0:e5:47:07:f2:3a:92:
                    0f:96:d2:01:80:28:1f:7e:10:ad:23:d9:bb:f4:b0:
                    5f:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8A:47:E5:94:76:F0:95:24:67:3B:23:25:4B:D1:CD:50:F1:E4:BC:C6
            X509v3 Authority Key Identifier:
                keyid:7C:85:DC:A1:45:84:3B:80:1E:0D:E7:F7:01:B0:08:4B:29:91:18:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BvGzH6Pqd79p339G3eD22s9RTKUygLoNXNEhvNZqzv93/0/7C85DCA145843B801E0DE7F701B0084B2991189D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7C85DCA145843B801E0DE7F701B0084B2991189D.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BvGzH6Pqd79p339G3eD22s9RTKUygLoNXNEhvNZqzv93/0/3138372e38362e3139342e302f32342d3234203d3e20323639303733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  187.86.194.0/24

    Signature Algorithm: sha256WithRSAEncryption
         aa:be:50:cd:e7:ce:ae:3f:74:af:fe:9b:d7:14:03:7e:43:ee:
         ab:a2:3e:ce:a8:e1:a0:e1:87:f0:af:58:b8:65:df:59:3c:6d:
         f2:cc:4f:d6:2f:98:e0:66:83:bc:5d:d0:6f:b8:da:32:10:5c:
         64:af:ef:04:7f:12:ed:d3:d5:09:8e:10:30:ee:0a:53:3c:fe:
         96:41:2b:02:3b:77:7c:c2:cb:47:2a:4c:1b:37:ae:97:55:8c:
         e3:f9:bf:00:49:1e:70:53:00:a9:ab:92:1a:ed:bc:f0:c2:b8:
         8e:8f:49:ef:6c:7c:16:98:b5:3d:cc:01:79:cf:de:0b:17:7e:
         49:ea:52:21:0e:fd:b3:82:55:b6:34:94:38:45:fe:cb:e2:dc:
         5d:98:74:4a:76:d6:c2:57:eb:a2:64:bb:6b:ab:bc:a7:32:10:
         e1:6d:a9:f6:94:6c:95:05:ff:a6:86:d8:9f:94:72:bc:a9:e1:
         22:fb:bc:73:d3:38:fc:f9:8e:15:f2:05:ab:96:b5:e1:12:10:
         76:a1:7a:0a:1d:f5:5f:52:30:0b:93:db:d2:39:44:af:5e:ed:
         b9:27:34:f4:66:7e:3d:92:27:ff:f8:8f:18:25:3e:db:13:51:
         64:f6:6b:f6:91:88:19:c7:5c:f2:52:ab:7b:b8:80:75:cb:0a:
         bd:ec:6c:cb
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUdaLtmfJVeZSgqWfldOSHVrnMvAQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0M4NURDQTE0NTg0M0I4MDFFMERFN0Y3MDFCMDA4NEIy
OTkxMTg5RDAeFw0yNDA0MTkyMDE0MjhaFw0yNTA0MTgyMDE5MjhaMDMxMTAvBgNV
BAMTKDhBNDdFNTk0NzZGMDk1MjQ2NzNCMjMyNTRCRDFDRDUwRjFFNEJDQzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpOMGcR4aaASDi4Af60N06J8HG
m2AnoiLd8qVh17++FtOlB9u4Jnzrrly4QlXo5eX5ndi3b18IXFMw7HEd/+h2+NTN
59+WqFW6REYCaIHULgbDEO5oWIeWK8lztYMFp6VZ8uY57E7x1IDYgtM9khFGvE9m
W3jYFEQz5ijz4EihlqAMhb1yCmytkK5ulI6EoVn7YUHfROmZMxvdr2tbSzU2AFWU
VEF50J/3PGilfJsuiPD3c4EUS9ftjtiKY21zaTx4ZSyL92TG+A39qIfRWe50p0tr
T2vTDbESxBGsNp8a6jXUqzLX6E6j8OVHB/I6kg+W0gGAKB9+EK0j2bv0sF8vAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUikfllHbwlSRnOyMlS9HNUPHkvMYwHwYDVR0j
BBgwFoAUfIXcoUWEO4AeDef3AbAISymRGJ0wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQnZHekg2UHFkNzlwMzM5RzNlRDIyczlSVEtVeWdMb05YTkVodk5acXp2
OTMvMC83Qzg1RENBMTQ1ODQzQjgwMUUwREU3RjcwMUIwMDg0QjI5OTExODlELmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzdDODVEQ0ExNDU4NDNCODAx
RTBERTdGNzAxQjAwODRCMjk5MTE4OUQuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0J2R3pINlBxZDc5cDMzOUczZUQyMnM5UlRLVXlnTG9OWE5FaHZOWnF6djkzLzAv
MzEzODM3MmUzODM2MmUzMTM5MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2
MzkzMDM3MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAC7VsIwDQYJKoZIhvcNAQELBQADggEBAKq+UM3n
zq4/dK/+m9cUA35D7quiPs6o4aDhh/CvWLhl31k8bfLMT9YvmOBmg7xd0G+42jIQ
XGSv7wR/Eu3T1QmOEDDuClM8/pZBKwI7d3zCy0cqTBs3rpdVjOP5vwBJHnBTAKmr
khrtvPDCuI6PSe9sfBaYtT3MAXnP3gsXfknqUiEO/bOCVbY0lDhF/svi3F2YdEp2
1sJX66Jku2urvKcyEOFtqfaUbJUF/6aG2J+Ucryp4SL7vHPTOPz5jhXyBauWteES
EHahegod9V9SMAuT29I5RK9e7bknNPRmfj2SJ//4jxglPtsTUWT2a/aRiBnHXPJS
q3u4gHXLCr3sbMs=
-----END CERTIFICATE-----
Generated at Sat Jun 15 23:26:07 2024 by rpki-client on console-ams.rpki-client.org