Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/CHoxjdgzo9miFakW8wP8uvcZ1FnpG85pUNhyNoQGHn2U/1/3133382e35392e3131322e302f32322d3234203d3e203238363036.roa
File:                     3133382e35392e3131322e302f32322d3234203d3e203238363036.roa (raw, json)
Hash identifier:          PD3w4WnjFbM/fdsrpbeC54QTxA2zTd5rahKKxoLLpdQ=
Subject key identifier:   FF:47:76:AD:9D:AB:77:45:69:20:6C:50:5F:18:02:25:61:19:5B:63
Certificate issuer:       /CN=AAC916B9D4E8FD376A0B242F7B7DC7C5E4E9BDD1
Certificate serial:       2593E5B5C453B75BFD48EA61DCCC0AFCBE5077D4
Authority key identifier: AA:C9:16:B9:D4:E8:FD:37:6A:0B:24:2F:7B:7D:C7:C5:E4:E9:BD:D1
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AAC916B9D4E8FD376A0B242F7B7DC7C5E4E9BDD1.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/CHoxjdgzo9miFakW8wP8uvcZ1FnpG85pUNhyNoQGHn2U/1/3133382e35392e3131322e302f32322d3234203d3e203238363036.roa
Signing time:             Wed 11 Sep 2024 22:15:26 +0000
ROA not before:           Wed 11 Sep 2024 22:10:26 +0000
ROA not after:            Wed 10 Sep 2025 22:15:26 +0000
asID:                     28606
IP address blocks:        138.59.112.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/CHoxjdgzo9miFakW8wP8uvcZ1FnpG85pUNhyNoQGHn2U/1/AAC916B9D4E8FD376A0B242F7B7DC7C5E4E9BDD1.crl
                          rsync://rpki-repo.registro.br/repo/CHoxjdgzo9miFakW8wP8uvcZ1FnpG85pUNhyNoQGHn2U/1/AAC916B9D4E8FD376A0B242F7B7DC7C5E4E9BDD1.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AAC916B9D4E8FD376A0B242F7B7DC7C5E4E9BDD1.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 06:14:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:93:e5:b5:c4:53:b7:5b:fd:48:ea:61:dc:cc:0a:fc:be:50:77:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AAC916B9D4E8FD376A0B242F7B7DC7C5E4E9BDD1
        Validity
            Not Before: Sep 11 22:10:26 2024 GMT
            Not After : Sep 10 22:15:26 2025 GMT
        Subject: CN=FF4776AD9DAB774569206C505F18022561195B63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:58:35:56:5c:d2:5c:8b:68:fd:25:ac:ad:53:
                    4c:10:a8:fb:99:f3:3a:de:6e:4c:7c:80:46:82:2c:
                    2b:bf:76:2d:56:30:78:04:97:7a:10:57:02:94:ce:
                    ee:94:63:27:fd:7b:26:51:e2:9c:fc:5a:80:33:49:
                    9f:06:a9:a4:58:d8:d6:a4:b8:b2:49:87:18:9f:3d:
                    83:78:18:2c:72:d5:e0:84:d8:b7:5a:ee:bf:3c:e7:
                    3e:d6:91:03:62:ef:c8:83:3e:ea:31:8e:b5:31:5e:
                    3c:f8:7d:d8:a6:cd:cc:82:96:1b:4c:b8:b5:e0:e7:
                    f2:70:88:dd:cd:c5:7e:aa:ec:66:10:5c:13:36:b0:
                    36:8d:4e:80:2f:a8:99:08:28:76:b7:c5:65:cf:43:
                    02:f5:d5:af:38:16:80:6f:b6:43:1f:cf:9b:c2:9b:
                    2a:fe:85:92:86:ba:d1:d8:90:c3:ad:76:67:05:10:
                    b5:ae:e8:ef:b1:23:3b:17:63:e9:4d:1b:8c:94:07:
                    5a:e6:38:31:21:0c:62:ea:07:23:8d:92:0a:88:5c:
                    ef:7d:b9:31:dc:5a:fd:5e:06:82:92:7b:c3:0c:ac:
                    51:40:9a:45:3f:5c:3d:58:80:1f:bc:c3:e3:fd:4e:
                    07:5e:05:b1:76:1a:ed:5d:a1:da:9d:b7:d2:65:85:
                    82:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:47:76:AD:9D:AB:77:45:69:20:6C:50:5F:18:02:25:61:19:5B:63
            X509v3 Authority Key Identifier:
                keyid:AA:C9:16:B9:D4:E8:FD:37:6A:0B:24:2F:7B:7D:C7:C5:E4:E9:BD:D1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/CHoxjdgzo9miFakW8wP8uvcZ1FnpG85pUNhyNoQGHn2U/1/AAC916B9D4E8FD376A0B242F7B7DC7C5E4E9BDD1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AAC916B9D4E8FD376A0B242F7B7DC7C5E4E9BDD1.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/CHoxjdgzo9miFakW8wP8uvcZ1FnpG85pUNhyNoQGHn2U/1/3133382e35392e3131322e302f32322d3234203d3e203238363036.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.59.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         8c:4a:98:c7:31:5d:45:2a:67:a4:11:d3:72:6b:48:97:db:d5:
         84:78:cc:0b:be:f8:c7:e9:ad:18:d4:5d:05:66:52:7c:55:fe:
         7d:50:67:ef:72:d6:0c:e1:b5:ab:7d:04:cc:1f:c7:11:3b:fb:
         7f:d6:a2:66:2a:6f:dc:de:1b:0a:34:1e:49:0c:fe:8b:fa:7e:
         22:c7:c6:41:a7:eb:92:cd:76:02:eb:5b:5c:5e:0e:4f:a5:b0:
         19:54:6a:88:d3:aa:65:0a:98:76:32:06:48:73:47:3b:2a:a4:
         58:ae:82:95:aa:f5:ee:59:60:b7:99:4b:2d:0f:72:ed:a5:36:
         b5:1e:ea:24:3e:b0:c6:d6:b6:4b:b8:ac:e7:41:15:69:46:73:
         21:d3:0d:bd:ee:cb:c8:05:07:2b:bb:88:a2:ca:03:f0:bb:02:
         87:3d:95:0c:f3:9d:7a:ad:98:ff:31:c6:be:fc:5f:e8:26:d9:
         8c:6f:6f:2b:c7:e8:fd:f2:67:c0:ea:ad:fb:2d:b6:c9:88:ee:
         27:a4:06:0a:25:54:b6:16:09:ed:55:23:86:d4:fe:b9:47:9c:
         84:99:0a:25:73:d8:e7:e1:c1:6e:32:4b:fe:f5:b9:f2:ce:54:
         df:3b:9d:61:ca:7f:da:af:12:3c:bf:22:99:b6:12:2b:78:f0:
         d7:73:b0:78
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUJZPltcRTt1v9SOph3MwK/L5Qd9QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUFDOTE2QjlENEU4RkQzNzZBMEIyNDJGN0I3REM3QzVF
NEU5QkREMTAeFw0yNDA5MTEyMjEwMjZaFw0yNTA5MTAyMjE1MjZaMDMxMTAvBgNV
BAMTKEZGNDc3NkFEOURBQjc3NDU2OTIwNkM1MDVGMTgwMjI1NjExOTVCNjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJWDVWXNJci2j9JaytU0wQqPuZ
8zrebkx8gEaCLCu/di1WMHgEl3oQVwKUzu6UYyf9eyZR4pz8WoAzSZ8GqaRY2Nak
uLJJhxifPYN4GCxy1eCE2Lda7r885z7WkQNi78iDPuoxjrUxXjz4fdimzcyClhtM
uLXg5/JwiN3NxX6q7GYQXBM2sDaNToAvqJkIKHa3xWXPQwL11a84FoBvtkMfz5vC
myr+hZKGutHYkMOtdmcFELWu6O+xIzsXY+lNG4yUB1rmODEhDGLqByONkgqIXO99
uTHcWv1eBoKSe8MMrFFAmkU/XD1YgB+8w+P9TgdeBbF2Gu1dodqdt9JlhYJRAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQU/0d2rZ2rd0VpIGxQXxgCJWEZW2MwHwYDVR0j
BBgwFoAUqskWudTo/TdqCyQve33HxeTpvdEwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQ0hveGpkZ3pvOW1pRmFrVzh3UDh1dmNaMUZucEc4NXBVTmh5Tm9RR0hu
MlUvMS9BQUM5MTZCOUQ0RThGRDM3NkEwQjI0MkY3QjdEQzdDNUU0RTlCREQxLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FBQzkxNkI5RDRFOEZEMzc2
QTBCMjQyRjdCN0RDN0M1RTRFOUJERDEuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0NIb3hqZGd6bzltaUZha1c4d1A4dXZjWjFGbnBHODVwVU5oeU5vUUdIbjJVLzEv
MzEzMzM4MmUzNTM5MmUzMTMxMzIyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM4
MzYzMDM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCijtwMA0GCSqGSIb3DQEBCwUAA4IBAQCMSpjHMV1F
KmekEdNya0iX29WEeMwLvvjH6a0Y1F0FZlJ8Vf59UGfvctYM4bWrfQTMH8cRO/t/
1qJmKm/c3hsKNB5JDP6L+n4ix8ZBp+uSzXYC61tcXg5PpbAZVGqI06plCph2MgZI
c0c7KqRYroKVqvXuWWC3mUstD3LtpTa1HuokPrDG1rZLuKznQRVpRnMh0w297svI
BQcru4iiygPwuwKHPZUM8516rZj/Mca+/F/oJtmMb28rx+j98mfA6q37LbbJiO4n
pAYKJVS2FgntVSOG1P65R5yEmQolc9jn4cFuMkv+9bnyzlTfO51hyn/arxI8vyKZ
thIrePDXc7B4
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:13:11 2024 by rpki-client on console-fra.rpki-client.org