Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/CZFRUVi2U4ZjQ78BgEF79NQfzVxF5LxTT9vvd9odu1VP/1/3138362e3231392e3132382e302f32302d3234203d3e203533313637.roa
File:                     3138362e3231392e3132382e302f32302d3234203d3e203533313637.roa (raw, json)
Hash identifier:          y0n2B/L8wc/IygTVLFUhPsB8yjLJeKdCL4tgSM3iIH0=
Subject key identifier:   64:62:21:95:99:EF:6C:FD:F0:A5:DA:70:1B:A0:DE:D9:B1:3C:E9:5C
Certificate issuer:       /CN=B7A04B6E71FC9DEC924E3D3536A1EE0B2701E5F4
Certificate serial:       3F94D9D734101FD3625D673A0410D78240F0CF18
Authority key identifier: B7:A0:4B:6E:71:FC:9D:EC:92:4E:3D:35:36:A1:EE:0B:27:01:E5:F4
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/B7A04B6E71FC9DEC924E3D3536A1EE0B2701E5F4.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/CZFRUVi2U4ZjQ78BgEF79NQfzVxF5LxTT9vvd9odu1VP/1/3138362e3231392e3132382e302f32302d3234203d3e203533313637.roa
Signing time:             Wed 03 Apr 2024 19:18:32 +0000
ROA not before:           Wed 03 Apr 2024 19:13:32 +0000
ROA not after:            Wed 02 Apr 2025 19:18:32 +0000
asID:                     53167
IP address blocks:        186.219.128.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/CZFRUVi2U4ZjQ78BgEF79NQfzVxF5LxTT9vvd9odu1VP/1/B7A04B6E71FC9DEC924E3D3536A1EE0B2701E5F4.crl
                          rsync://rpki-repo.registro.br/repo/CZFRUVi2U4ZjQ78BgEF79NQfzVxF5LxTT9vvd9odu1VP/1/B7A04B6E71FC9DEC924E3D3536A1EE0B2701E5F4.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/B7A04B6E71FC9DEC924E3D3536A1EE0B2701E5F4.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 13:43:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:94:d9:d7:34:10:1f:d3:62:5d:67:3a:04:10:d7:82:40:f0:cf:18
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B7A04B6E71FC9DEC924E3D3536A1EE0B2701E5F4
        Validity
            Not Before: Apr  3 19:13:32 2024 GMT
            Not After : Apr  2 19:18:32 2025 GMT
        Subject: CN=6462219599EF6CFDF0A5DA701BA0DED9B13CE95C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:c3:7f:e2:d0:74:6e:1e:cc:0c:08:46:e3:4e:
                    f0:a9:e5:d7:c7:3e:8f:81:df:b4:5c:ea:e9:55:ed:
                    44:9b:b6:f9:62:1e:fb:a5:ce:b8:cb:f0:89:a3:a5:
                    0f:7f:ce:53:60:69:b2:ee:1a:4b:b6:d3:a4:37:74:
                    ce:36:4e:b9:ba:1d:99:5a:79:3d:e5:c4:3d:ec:a0:
                    b5:c1:f0:cd:bd:54:2b:87:ea:2c:8c:98:b0:28:86:
                    5d:cc:d1:97:dc:5f:92:09:3b:4b:56:5d:2b:83:a2:
                    d4:64:97:40:52:73:43:2f:1f:01:f4:03:20:ba:b2:
                    da:5f:aa:f5:79:cb:1d:ff:bb:b0:9f:00:8e:f3:43:
                    df:40:87:f5:80:f6:1f:e6:78:26:1b:30:d4:80:7f:
                    90:ac:93:db:47:bc:ad:72:b4:d7:c3:72:8f:86:92:
                    35:cd:49:96:e6:ce:43:64:f5:f0:a3:dd:0d:00:18:
                    ad:53:f3:b7:2b:8e:40:7a:b4:61:c1:83:9f:3f:9c:
                    10:85:1c:3f:88:87:ff:8f:05:ca:d0:db:a1:62:25:
                    a7:8f:7c:0d:78:ec:e9:a8:88:cf:ef:aa:79:db:59:
                    4f:d7:8b:7f:bb:0f:8a:2c:a0:08:20:b9:b7:d4:c2:
                    64:af:82:6d:74:b1:3a:0a:03:cb:f4:43:43:c6:f4:
                    cf:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:62:21:95:99:EF:6C:FD:F0:A5:DA:70:1B:A0:DE:D9:B1:3C:E9:5C
            X509v3 Authority Key Identifier:
                keyid:B7:A0:4B:6E:71:FC:9D:EC:92:4E:3D:35:36:A1:EE:0B:27:01:E5:F4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/CZFRUVi2U4ZjQ78BgEF79NQfzVxF5LxTT9vvd9odu1VP/1/B7A04B6E71FC9DEC924E3D3536A1EE0B2701E5F4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/B7A04B6E71FC9DEC924E3D3536A1EE0B2701E5F4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/CZFRUVi2U4ZjQ78BgEF79NQfzVxF5LxTT9vvd9odu1VP/1/3138362e3231392e3132382e302f32302d3234203d3e203533313637.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  186.219.128.0/20

    Signature Algorithm: sha256WithRSAEncryption
         44:5b:37:00:74:19:65:c7:a9:a4:be:72:d2:e6:ca:7b:c1:d8:
         76:ea:e0:19:f0:58:18:9f:8e:f7:ab:09:af:cc:33:97:f4:25:
         d7:01:e6:87:62:8b:12:1b:c3:38:ec:b7:dd:c5:b7:57:ef:12:
         b6:1c:fc:5e:61:a7:eb:b3:a2:55:b8:e9:41:e4:45:ef:5b:d8:
         8a:2f:bd:9d:5f:4d:e4:c3:34:c0:31:0a:6e:ba:9a:0d:fb:d3:
         b8:83:26:44:04:86:81:79:ff:19:be:bf:6d:d7:0e:fa:f2:77:
         d8:fe:62:38:44:14:a8:ee:3c:a5:91:40:0b:0c:5e:88:7e:77:
         c3:51:20:45:78:f4:fd:df:3c:1e:6c:bb:85:0e:19:7b:df:17:
         a4:ed:c6:73:97:40:8a:ca:c7:19:a6:60:b8:0a:3a:e9:f0:0d:
         79:d1:2a:31:6a:84:f3:f9:08:c2:08:70:17:9d:8a:ac:52:f3:
         58:5c:ff:b9:4d:ef:9e:77:22:00:75:f9:d1:4b:4d:52:d0:71:
         c9:e6:4e:62:d6:96:d4:29:cf:8c:1f:88:8e:37:98:6c:de:a6:
         3f:0e:9e:3f:e1:be:76:de:00:83:51:4d:80:c6:ff:86:e7:5b:
         73:2f:f7:fe:ba:94:14:12:3a:95:a5:d6:69:57:4f:d5:e3:64:
         92:eb:b7:cc
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUP5TZ1zQQH9NiXWc6BBDXgkDwzxgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjdBMDRCNkU3MUZDOURFQzkyNEUzRDM1MzZBMUVFMEIy
NzAxRTVGNDAeFw0yNDA0MDMxOTEzMzJaFw0yNTA0MDIxOTE4MzJaMDMxMTAvBgNV
BAMTKDY0NjIyMTk1OTlFRjZDRkRGMEE1REE3MDFCQTBERUQ5QjEzQ0U5NUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsw3/i0HRuHswMCEbjTvCp5dfH
Po+B37Rc6ulV7USbtvliHvulzrjL8ImjpQ9/zlNgabLuGku206Q3dM42Trm6HZla
eT3lxD3soLXB8M29VCuH6iyMmLAohl3M0ZfcX5IJO0tWXSuDotRkl0BSc0MvHwH0
AyC6stpfqvV5yx3/u7CfAI7zQ99Ah/WA9h/meCYbMNSAf5Csk9tHvK1ytNfDco+G
kjXNSZbmzkNk9fCj3Q0AGK1T87crjkB6tGHBg58/nBCFHD+Ih/+PBcrQ26FiJaeP
fA147OmoiM/vqnnbWU/Xi3+7D4osoAggubfUwmSvgm10sToKA8v0Q0PG9M+jAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUZGIhlZnvbP3wpdpwG6De2bE86VwwHwYDVR0j
BBgwFoAUt6BLbnH8neySTj01NqHuCycB5fQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQ1pGUlVWaTJVNFpqUTc4QmdFRjc5TlFmelZ4RjVMeFRUOXZ2ZDlvZHUx
VlAvMS9CN0EwNEI2RTcxRkM5REVDOTI0RTNEMzUzNkExRUUwQjI3MDFFNUY0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0I3QTA0QjZFNzFGQzlERUM5
MjRFM0QzNTM2QTFFRTBCMjcwMUU1RjQuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0NaRlJVVmkyVTRaalE3OEJnRUY3OU5RZnpWeEY1THhUVDl2dmQ5b2R1MVZQLzEv
MzEzODM2MmUzMjMxMzkyZTMxMzIzODJlMzAyZjMyMzAyZDMyMzQyMDNkM2UyMDM1
MzMzMTM2Mzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAS624AwDQYJKoZIhvcNAQELBQADggEBAERbNwB0
GWXHqaS+ctLmynvB2Hbq4BnwWBifjverCa/MM5f0JdcB5odiixIbwzjst93Ft1fv
ErYc/F5hp+uzolW46UHkRe9b2IovvZ1fTeTDNMAxCm66mg3707iDJkQEhoF5/xm+
v23XDvryd9j+YjhEFKjuPKWRQAsMXoh+d8NRIEV49P3fPB5su4UOGXvfF6TtxnOX
QIrKxxmmYLgKOunwDXnRKjFqhPP5CMIIcBediqxS81hc/7lN7553IgB1+dFLTVLQ
ccnmTmLWltQpz4wfiI43mGzepj8Onj/hvnbeAINRTYDG/4bnW3Mv9/66lBQSOpWl
1mlXT9XjZJLrt8w=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:44:14 2024 by rpki-client on console-ams.rpki-client.org