Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/D81aiXpDAv5WBmgE8oEpfordjGP62otn2fHrhaL4cgby/0/3138372e39352e33322e302f32302d3234203d3e203238323630.roa
File:                     3138372e39352e33322e302f32302d3234203d3e203238323630.roa (raw, json)
Hash identifier:          QeYIY7lvI5qkaW1CjKiGhTqu/xnhLjb6Ju4Wz8F6Fhw=
Subject key identifier:   7B:29:B2:F7:C2:1D:AA:9A:94:76:F4:00:1D:72:DB:C0:22:C4:FC:40
Certificate issuer:       /CN=8BD556C1877889D5972C0C092DDCA81620EC2EE1
Certificate serial:       4D7B56FA2483CCBADA002D94FDD38F1CFA91A123
Authority key identifier: 8B:D5:56:C1:87:78:89:D5:97:2C:0C:09:2D:DC:A8:16:20:EC:2E:E1
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8BD556C1877889D5972C0C092DDCA81620EC2EE1.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/D81aiXpDAv5WBmgE8oEpfordjGP62otn2fHrhaL4cgby/0/3138372e39352e33322e302f32302d3234203d3e203238323630.roa
Signing time:             Wed 29 May 2024 16:21:12 +0000
ROA not before:           Wed 29 May 2024 16:16:12 +0000
ROA not after:            Wed 28 May 2025 16:21:12 +0000
asID:                     28260
IP address blocks:        187.95.32.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/D81aiXpDAv5WBmgE8oEpfordjGP62otn2fHrhaL4cgby/0/8BD556C1877889D5972C0C092DDCA81620EC2EE1.crl
                          rsync://rpki-repo.registro.br/repo/D81aiXpDAv5WBmgE8oEpfordjGP62otn2fHrhaL4cgby/0/8BD556C1877889D5972C0C092DDCA81620EC2EE1.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8BD556C1877889D5972C0C092DDCA81620EC2EE1.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 19 Jun 2024 05:01:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4d:7b:56:fa:24:83:cc:ba:da:00:2d:94:fd:d3:8f:1c:fa:91:a1:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8BD556C1877889D5972C0C092DDCA81620EC2EE1
        Validity
            Not Before: May 29 16:16:12 2024 GMT
            Not After : May 28 16:21:12 2025 GMT
        Subject: CN=7B29B2F7C21DAA9A9476F4001D72DBC022C4FC40
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:f1:42:e2:8b:60:9a:1c:24:18:d8:d2:7e:5b:
                    eb:0a:76:19:ba:91:d6:06:7d:d4:23:97:20:1a:70:
                    23:c1:ec:e8:15:80:89:4c:6e:16:5a:5d:59:45:d0:
                    50:1f:77:01:63:8c:1e:43:a8:2f:6a:38:ec:73:93:
                    84:88:8a:62:b6:98:f3:51:94:5e:5d:4d:d2:7e:84:
                    cb:02:56:11:83:b2:4f:ce:d9:b8:bb:48:1d:9f:32:
                    79:6d:57:29:83:92:65:51:71:9a:b3:eb:67:f1:18:
                    45:b8:6d:08:f6:7f:74:d7:ef:e1:b0:e6:96:f6:fc:
                    3f:43:d0:54:d0:b3:ed:9b:ba:65:ce:8c:5a:51:51:
                    63:f0:7b:b4:9d:4b:74:26:06:1a:a7:60:93:02:c1:
                    33:c5:bf:2b:4b:83:06:37:ad:df:c4:f4:42:da:64:
                    e8:32:83:5f:0c:2a:06:a3:55:5a:7d:02:1a:26:4c:
                    4a:af:b9:61:bb:4c:e1:8d:c1:e7:c6:a7:05:02:8b:
                    04:69:91:1f:4f:d7:3f:a9:20:9d:7f:c0:99:66:2c:
                    d0:92:78:bf:7c:5a:e5:32:62:bb:4d:a6:25:06:9e:
                    2a:49:fe:b6:53:c0:4c:4b:bb:d8:c1:2b:47:5c:85:
                    47:b4:d6:a6:1e:3a:c2:cc:06:58:af:29:7e:78:1d:
                    74:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:29:B2:F7:C2:1D:AA:9A:94:76:F4:00:1D:72:DB:C0:22:C4:FC:40
            X509v3 Authority Key Identifier:
                keyid:8B:D5:56:C1:87:78:89:D5:97:2C:0C:09:2D:DC:A8:16:20:EC:2E:E1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/D81aiXpDAv5WBmgE8oEpfordjGP62otn2fHrhaL4cgby/0/8BD556C1877889D5972C0C092DDCA81620EC2EE1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8BD556C1877889D5972C0C092DDCA81620EC2EE1.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/D81aiXpDAv5WBmgE8oEpfordjGP62otn2fHrhaL4cgby/0/3138372e39352e33322e302f32302d3234203d3e203238323630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  187.95.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         2c:17:2b:3d:61:fd:2a:13:fa:57:14:5c:39:d7:1e:a5:ae:84:
         f2:4b:bd:62:cc:cc:cd:a8:c9:00:84:6f:7c:cc:ee:86:84:d4:
         38:2d:48:71:03:b1:78:e1:4a:4e:41:d8:03:84:12:96:c7:88:
         46:25:d8:81:db:9d:00:5b:71:d7:5b:b1:17:8d:ee:be:1d:65:
         cb:7f:78:c2:ae:24:43:47:04:5e:72:5b:63:58:f0:f9:05:b6:
         08:24:42:fc:5f:1e:26:0c:e9:d6:f7:ae:85:da:6a:ea:05:19:
         93:03:4f:ef:bd:38:cf:8e:3a:5c:c8:a7:90:c5:b8:39:d4:ca:
         2a:e3:27:b0:f3:f9:04:d5:cc:73:52:5a:ef:2d:84:74:07:9d:
         cf:f4:59:91:fe:82:a9:83:8c:2c:58:3c:93:14:22:3d:85:9d:
         b4:52:c9:ff:ed:17:79:e2:a6:fa:ca:c9:93:6e:7b:62:84:53:
         bd:b4:87:4a:37:2e:33:90:80:1b:a4:f8:5a:cf:8b:bf:20:85:
         c9:98:6d:e2:b0:43:ba:a2:a8:78:31:a5:32:c6:2c:a6:b5:4d:
         cb:24:23:bc:31:2b:9e:cc:dd:99:e4:6b:e7:e9:4e:3a:91:8b:
         ed:30:69:b3:b5:b9:fd:81:14:d9:5c:7e:65:89:21:dc:6e:56:
         ce:cf:e6:34
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUTXtW+iSDzLraAC2U/dOPHPqRoSMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEJENTU2QzE4Nzc4ODlENTk3MkMwQzA5MkREQ0E4MTYy
MEVDMkVFMTAeFw0yNDA1MjkxNjE2MTJaFw0yNTA1MjgxNjIxMTJaMDMxMTAvBgNV
BAMTKDdCMjlCMkY3QzIxREFBOUE5NDc2RjQwMDFENzJEQkMwMjJDNEZDNDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDd8ULii2CaHCQY2NJ+W+sKdhm6
kdYGfdQjlyAacCPB7OgVgIlMbhZaXVlF0FAfdwFjjB5DqC9qOOxzk4SIimK2mPNR
lF5dTdJ+hMsCVhGDsk/O2bi7SB2fMnltVymDkmVRcZqz62fxGEW4bQj2f3TX7+Gw
5pb2/D9D0FTQs+2bumXOjFpRUWPwe7SdS3QmBhqnYJMCwTPFvytLgwY3rd/E9ELa
ZOgyg18MKgajVVp9AhomTEqvuWG7TOGNwefGpwUCiwRpkR9P1z+pIJ1/wJlmLNCS
eL98WuUyYrtNpiUGnipJ/rZTwExLu9jBK0dchUe01qYeOsLMBlivKX54HXSpAgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUeymy98IdqpqUdvQAHXLbwCLE/EAwHwYDVR0j
BBgwFoAUi9VWwYd4idWXLAwJLdyoFiDsLuEwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRDgxYWlYcERBdjVXQm1nRThvRXBmb3JkakdQNjJvdG4yZkhyaGFMNGNn
YnkvMC84QkQ1NTZDMTg3Nzg4OUQ1OTcyQzBDMDkyRERDQTgxNjIwRUMyRUUxLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzhCRDU1NkMxODc3ODg5RDU5
NzJDMEMwOTJERENBODE2MjBFQzJFRTEuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0Q4MWFpWHBEQXY1V0JtZ0U4b0VwZm9yZGpHUDYyb3RuMmZIcmhhTDRjZ2J5LzAv
MzEzODM3MmUzOTM1MmUzMzMyMmUzMDJmMzIzMDJkMzIzNDIwM2QzZTIwMzIzODMy
MzYzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB
/wQQMA4wDAQCAAEwBgMEBLtfIDANBgkqhkiG9w0BAQsFAAOCAQEALBcrPWH9KhP6
VxRcOdcepa6E8ku9YszMzajJAIRvfMzuhoTUOC1IcQOxeOFKTkHYA4QSlseIRiXY
gdudAFtx11uxF43uvh1ly394wq4kQ0cEXnJbY1jw+QW2CCRC/F8eJgzp1veuhdpq
6gUZkwNP7704z446XMinkMW4OdTKKuMnsPP5BNXMc1Ja7y2EdAedz/RZkf6CqYOM
LFg8kxQiPYWdtFLJ/+0XeeKm+srJk257YoRTvbSHSjcuM5CAG6T4Ws+LvyCFyZht
4rBDuqKoeDGlMsYsprVNyyQjvDErnszdmeRr5+lOOpGL7TBps7W5/YEU2Vx+ZYkh
3G5Wzs/mNA==
-----END CERTIFICATE-----
Generated at Tue Jun 18 07:40:37 2024 by rpki-client on console-ams.rpki-client.org