Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/FQzWMHW4dL8srzo7aH1Fn3seZQLqRss72W4r8UbRRQG9/0/3138372e34392e302e302f32312d3332203d3e203238313338.roa
File:                     3138372e34392e302e302f32312d3332203d3e203238313338.roa (raw, json)
Hash identifier:          lsEmfW8eTeNHuDR7EQ8zl8JoyV9kgS5k2IuD5WuE7Qs=
Subject key identifier:   98:33:44:97:66:3A:C4:57:BD:F0:59:2C:01:90:42:DC:61:7B:9A:5E
Certificate issuer:       /CN=3B5FFE4EFF6120F9AF6411651E451BC850DA97E3
Certificate serial:       24B4C0CFA40A08D148B0E10C3DEDDF427831A916
Authority key identifier: 3B:5F:FE:4E:FF:61:20:F9:AF:64:11:65:1E:45:1B:C8:50:DA:97:E3
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3B5FFE4EFF6120F9AF6411651E451BC850DA97E3.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/FQzWMHW4dL8srzo7aH1Fn3seZQLqRss72W4r8UbRRQG9/0/3138372e34392e302e302f32312d3332203d3e203238313338.roa
Signing time:             Mon 15 Apr 2024 14:22:02 +0000
ROA not before:           Mon 15 Apr 2024 14:17:02 +0000
ROA not after:            Mon 14 Apr 2025 14:22:02 +0000
asID:                     28138
IP address blocks:        187.49.0.0/21 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/FQzWMHW4dL8srzo7aH1Fn3seZQLqRss72W4r8UbRRQG9/0/3B5FFE4EFF6120F9AF6411651E451BC850DA97E3.crl
                          rsync://rpki-repo.registro.br/repo/FQzWMHW4dL8srzo7aH1Fn3seZQLqRss72W4r8UbRRQG9/0/3B5FFE4EFF6120F9AF6411651E451BC850DA97E3.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3B5FFE4EFF6120F9AF6411651E451BC850DA97E3.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 06:14:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:b4:c0:cf:a4:0a:08:d1:48:b0:e1:0c:3d:ed:df:42:78:31:a9:16
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3B5FFE4EFF6120F9AF6411651E451BC850DA97E3
        Validity
            Not Before: Apr 15 14:17:02 2024 GMT
            Not After : Apr 14 14:22:02 2025 GMT
        Subject: CN=98334497663AC457BDF0592C019042DC617B9A5E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:c5:68:fa:c9:56:1b:d8:e4:bc:53:74:b7:b7:
                    9e:52:df:4f:d8:7e:36:97:8b:f3:2b:96:e2:0c:a5:
                    fa:68:dd:91:98:2a:7e:b7:c5:9a:fe:cd:f1:20:7c:
                    5e:2e:70:79:0e:cc:a0:35:99:d6:b3:ef:53:f0:51:
                    aa:c1:e4:b9:96:22:24:4d:f0:65:61:09:07:77:e0:
                    7b:18:41:6a:84:a8:36:79:ed:1d:c3:6f:c8:d2:08:
                    89:23:bb:13:1b:c5:42:00:83:32:74:1a:37:ec:2a:
                    a0:c9:dd:44:6e:7c:b3:76:ac:89:28:e2:ae:6c:b4:
                    91:8c:3a:a9:99:80:5e:1c:25:3d:d8:2d:2a:61:8a:
                    5d:6d:77:e2:f4:ec:ee:7c:60:1e:ed:78:23:bb:b3:
                    d2:57:95:fe:3f:f6:c8:ba:77:5d:5f:77:a5:d1:16:
                    15:ea:5f:c2:a3:d1:61:35:42:34:bb:20:e4:d1:2e:
                    52:c0:24:b2:af:9f:4e:ee:9a:e9:32:0a:31:56:f0:
                    1e:c9:7c:5f:77:e1:7d:4a:93:4a:78:70:06:cf:75:
                    02:7f:10:a1:2f:dd:d1:59:77:cb:c4:9e:a9:2e:ba:
                    39:17:ad:a9:1c:f1:4a:13:df:9c:f9:ea:b0:ee:5d:
                    34:41:5a:8e:a6:21:57:74:6b:f0:eb:73:fb:41:de:
                    2a:7f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:33:44:97:66:3A:C4:57:BD:F0:59:2C:01:90:42:DC:61:7B:9A:5E
            X509v3 Authority Key Identifier:
                keyid:3B:5F:FE:4E:FF:61:20:F9:AF:64:11:65:1E:45:1B:C8:50:DA:97:E3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/FQzWMHW4dL8srzo7aH1Fn3seZQLqRss72W4r8UbRRQG9/0/3B5FFE4EFF6120F9AF6411651E451BC850DA97E3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3B5FFE4EFF6120F9AF6411651E451BC850DA97E3.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/FQzWMHW4dL8srzo7aH1Fn3seZQLqRss72W4r8UbRRQG9/0/3138372e34392e302e302f32312d3332203d3e203238313338.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  187.49.0.0/21

    Signature Algorithm: sha256WithRSAEncryption
         4c:9d:5f:26:7d:88:e8:1a:23:65:0d:27:a5:bb:a7:b9:af:40:
         6c:80:81:ff:eb:b5:52:7d:4f:c9:28:c9:1d:4e:29:cf:4d:22:
         da:08:5c:8d:59:9f:ed:c6:e8:85:71:c7:e9:e8:18:c6:2f:92:
         7a:d9:85:bd:57:8b:6f:5a:a6:06:3e:e4:76:81:41:99:ec:52:
         7e:47:fd:d6:6e:8f:85:04:69:6b:37:c0:35:7b:96:b0:12:5a:
         c6:c8:04:81:ce:c3:f5:cd:23:9f:2f:a2:11:3d:c9:85:f8:e3:
         86:b2:ab:63:a0:19:35:c2:e8:81:8f:1d:39:17:50:51:50:fe:
         66:c6:b4:9b:60:cb:0e:b2:54:19:fa:a8:de:88:e4:47:f9:23:
         b7:64:4e:9d:df:e5:99:df:ed:1c:91:fc:20:5b:4d:16:58:84:
         9e:2e:d3:67:c9:48:e4:bb:ac:8e:74:68:49:01:70:41:21:59:
         1d:a3:e8:f2:dc:be:6b:15:b7:90:de:5d:d7:1c:39:5a:db:61:
         f3:c8:ff:9c:29:af:44:c6:08:f5:26:8e:64:90:40:e6:7e:a0:
         5b:1f:82:d4:92:1d:7f:42:54:2b:87:b7:85:59:67:10:79:b5:
         e2:fc:05:d0:dc:7f:bf:dc:83:b0:cb:2a:3a:bf:f3:39:8f:2b:
         cf:19:16:4a
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUJLTAz6QKCNFIsOEMPe3fQngxqRYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0I1RkZFNEVGRjYxMjBGOUFGNjQxMTY1MUU0NTFCQzg1
MERBOTdFMzAeFw0yNDA0MTUxNDE3MDJaFw0yNTA0MTQxNDIyMDJaMDMxMTAvBgNV
BAMTKDk4MzM0NDk3NjYzQUM0NTdCREYwNTkyQzAxOTA0MkRDNjE3QjlBNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrxWj6yVYb2OS8U3S3t55S30/Y
fjaXi/MrluIMpfpo3ZGYKn63xZr+zfEgfF4ucHkOzKA1mdaz71PwUarB5LmWIiRN
8GVhCQd34HsYQWqEqDZ57R3Db8jSCIkjuxMbxUIAgzJ0GjfsKqDJ3URufLN2rIko
4q5stJGMOqmZgF4cJT3YLSphil1td+L07O58YB7teCO7s9JXlf4/9si6d11fd6XR
FhXqX8Kj0WE1QjS7IOTRLlLAJLKvn07umukyCjFW8B7JfF934X1Kk0p4cAbPdQJ/
EKEv3dFZd8vEnqkuujkXrakc8UoT35z56rDuXTRBWo6mIVd0a/Drc/tB3ip/AgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUmDNEl2Y6xFe98FksAZBC3GF7ml4wHwYDVR0j
BBgwFoAUO1/+Tv9hIPmvZBFlHkUbyFDal+MwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRlF6V01IVzRkTDhzcnpvN2FIMUZuM3NlWlFMcVJzczcyVzRyOFViUlJR
RzkvMC8zQjVGRkU0RUZGNjEyMEY5QUY2NDExNjUxRTQ1MUJDODUwREE5N0UzLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzNCNUZGRTRFRkY2MTIwRjlB
RjY0MTE2NTFFNDUxQkM4NTBEQTk3RTMuY2VyMIGoBggrBgEFBQcBCwSBmzCBmDCB
lQYIKwYBBQUHMAuGgYhyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0ZReldNSFc0ZEw4c3J6bzdhSDFGbjNzZVpRTHFSc3M3Mlc0cjhVYlJSUUc5LzAv
MzEzODM3MmUzNDM5MmUzMDJlMzAyZjMyMzEyZDMzMzIyMDNkM2UyMDMyMzgzMTMz
Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAO7MQAwDQYJKoZIhvcNAQELBQADggEBAEydXyZ9iOgaI2UN
J6W7p7mvQGyAgf/rtVJ9T8koyR1OKc9NItoIXI1Zn+3G6IVxx+noGMYvknrZhb1X
i29apgY+5HaBQZnsUn5H/dZuj4UEaWs3wDV7lrASWsbIBIHOw/XNI58vohE9yYX4
44ayq2OgGTXC6IGPHTkXUFFQ/mbGtJtgyw6yVBn6qN6I5Ef5I7dkTp3f5Znf7RyR
/CBbTRZYhJ4u02fJSOS7rI50aEkBcEEhWR2j6PLcvmsVt5DeXdccOVrbYfPI/5wp
r0TGCPUmjmSQQOZ+oFsfgtSSHX9CVCuHt4VZZxB5teL8BdDcf7/cg7DLKjq/8zmP
K88ZFko=
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:20:57 2024 by rpki-client on console-fra.rpki-client.org