Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/FaBVyicnq715hLf9AekWSYccRaimfQLxbHpPZKwAUF8R/1/323830343a353932633a3a2f33322d3332203d3e20323638313733.roa
File:                     323830343a353932633a3a2f33322d3332203d3e20323638313733.roa (raw, json)
Hash identifier:          DXVbjRBunQIOMasRwax62AHcDPbsVmX1RHFQTlBWj+Y=
Subject key identifier:   77:35:E7:3E:90:73:03:A0:7C:51:EC:98:6C:99:1B:72:AF:59:AF:42
Certificate issuer:       /CN=99A78712ED297A370E4987A326F3177259C4BC40
Certificate serial:       1CC8BA9D106408A9A22AE9B23F8A6EE7A11184E4
Authority key identifier: 99:A7:87:12:ED:29:7A:37:0E:49:87:A3:26:F3:17:72:59:C4:BC:40
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/99A78712ED297A370E4987A326F3177259C4BC40.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/FaBVyicnq715hLf9AekWSYccRaimfQLxbHpPZKwAUF8R/1/323830343a353932633a3a2f33322d3332203d3e20323638313733.roa
Signing time:             Wed 03 Apr 2024 18:33:06 +0000
ROA not before:           Wed 03 Apr 2024 18:28:06 +0000
ROA not after:            Wed 02 Apr 2025 18:33:06 +0000
asID:                     268173
IP address blocks:        2804:592c::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/FaBVyicnq715hLf9AekWSYccRaimfQLxbHpPZKwAUF8R/1/99A78712ED297A370E4987A326F3177259C4BC40.crl
                          rsync://rpki-repo.registro.br/repo/FaBVyicnq715hLf9AekWSYccRaimfQLxbHpPZKwAUF8R/1/99A78712ED297A370E4987A326F3177259C4BC40.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/99A78712ED297A370E4987A326F3177259C4BC40.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 00:23:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:c8:ba:9d:10:64:08:a9:a2:2a:e9:b2:3f:8a:6e:e7:a1:11:84:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=99A78712ED297A370E4987A326F3177259C4BC40
        Validity
            Not Before: Apr  3 18:28:06 2024 GMT
            Not After : Apr  2 18:33:06 2025 GMT
        Subject: CN=7735E73E907303A07C51EC986C991B72AF59AF42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:e1:2b:ea:37:98:0c:5d:ef:7a:bb:73:86:24:
                    1a:15:e1:eb:cb:9a:63:ac:94:a3:29:23:b8:5e:49:
                    bf:0c:82:68:2b:3f:9e:34:2e:76:e2:d1:a4:89:44:
                    fe:8d:23:6f:db:02:4a:6e:de:bc:38:1c:d8:93:a5:
                    e5:cc:19:07:dc:e2:af:72:09:c6:36:68:c1:3a:95:
                    e0:a0:84:7f:f2:92:07:32:5c:4e:a9:ac:1d:b4:a1:
                    b8:70:4f:7f:3c:79:89:57:d9:51:2e:72:64:29:c2:
                    67:2f:cd:17:77:27:0c:5f:43:0b:bf:8c:7c:00:ad:
                    bb:36:cd:43:d6:92:d1:8d:25:79:41:94:f0:25:66:
                    be:ea:3d:85:53:40:8c:76:52:06:7f:70:33:ea:bc:
                    b4:6b:44:88:50:3a:e4:99:ab:94:1d:64:ee:8c:25:
                    d2:2f:e2:4b:d6:54:f6:d7:e0:d4:b3:60:4f:b3:f1:
                    92:88:83:c0:38:70:2e:85:b5:d6:cd:32:51:b7:d3:
                    90:67:0f:f5:91:d5:88:b1:99:b8:24:a3:76:4c:83:
                    0f:58:f7:8e:21:14:43:99:f6:6a:cb:e8:e4:32:50:
                    67:1a:73:8d:97:f0:b6:b1:7f:db:8d:da:1d:19:98:
                    58:31:40:7e:80:00:1e:53:aa:a3:d8:8a:78:3a:b2:
                    33:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                77:35:E7:3E:90:73:03:A0:7C:51:EC:98:6C:99:1B:72:AF:59:AF:42
            X509v3 Authority Key Identifier:
                keyid:99:A7:87:12:ED:29:7A:37:0E:49:87:A3:26:F3:17:72:59:C4:BC:40

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/FaBVyicnq715hLf9AekWSYccRaimfQLxbHpPZKwAUF8R/1/99A78712ED297A370E4987A326F3177259C4BC40.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/99A78712ED297A370E4987A326F3177259C4BC40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/FaBVyicnq715hLf9AekWSYccRaimfQLxbHpPZKwAUF8R/1/323830343a353932633a3a2f33322d3332203d3e20323638313733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:592c::/32

    Signature Algorithm: sha256WithRSAEncryption
         03:d9:19:75:c0:f4:ee:60:42:48:8b:93:91:1f:7d:cd:af:81:
         12:54:29:75:d3:82:ed:f9:29:c6:a2:ad:df:d6:49:7b:97:4e:
         cc:93:84:59:78:88:c4:03:a1:96:e3:3e:5c:1d:fb:f6:8e:0e:
         da:fa:55:c7:71:92:ba:8e:d2:45:ba:d9:51:f2:82:2f:8a:cc:
         c3:d0:8e:c6:75:c5:11:87:8f:75:4d:51:1c:c8:b0:21:dc:91:
         00:ca:3c:8a:86:34:21:29:8d:f8:03:e5:f5:af:91:e4:c9:bb:
         fa:f4:50:f8:39:18:df:a4:a7:49:c3:f2:5b:8b:b8:e9:60:e3:
         44:5d:e9:ba:58:85:4b:0e:5d:00:66:e5:03:f9:70:c6:a7:a6:
         2f:0b:4d:41:56:12:71:7b:6e:35:1c:6e:83:f6:da:e7:b7:46:
         d4:c7:46:08:b5:88:70:17:44:a1:68:f2:f3:a2:e4:dc:55:46:
         73:1a:68:e0:dc:ee:4c:33:79:41:2c:e6:e0:4b:ad:02:17:9a:
         b0:85:1b:c9:b8:a0:6c:f4:4f:fa:1a:c6:9e:f2:b6:8f:1c:b1:
         68:b6:4a:f7:f6:67:82:da:f2:e4:2a:4c:10:06:60:85:b3:ef:
         78:90:67:36:f9:c0:ce:f6:b7:34:4a:66:5e:45:b5:66:e6:fa:
         8b:8d:92:3d
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUHMi6nRBkCKmiKumyP4pu56ERhOQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTlBNzg3MTJFRDI5N0EzNzBFNDk4N0EzMjZGMzE3NzI1
OUM0QkM0MDAeFw0yNDA0MDMxODI4MDZaFw0yNTA0MDIxODMzMDZaMDMxMTAvBgNV
BAMTKDc3MzVFNzNFOTA3MzAzQTA3QzUxRUM5ODZDOTkxQjcyQUY1OUFGNDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI4SvqN5gMXe96u3OGJBoV4evL
mmOslKMpI7heSb8MgmgrP540Lnbi0aSJRP6NI2/bAkpu3rw4HNiTpeXMGQfc4q9y
CcY2aME6leCghH/ykgcyXE6prB20obhwT388eYlX2VEucmQpwmcvzRd3JwxfQwu/
jHwArbs2zUPWktGNJXlBlPAlZr7qPYVTQIx2UgZ/cDPqvLRrRIhQOuSZq5QdZO6M
JdIv4kvWVPbX4NSzYE+z8ZKIg8A4cC6FtdbNMlG305BnD/WR1Yixmbgko3ZMgw9Y
944hFEOZ9mrL6OQyUGcac42X8Laxf9uN2h0ZmFgxQH6AAB5TqqPYing6sjNbAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUdzXnPpBzA6B8UeyYbJkbcq9Zr0IwHwYDVR0j
BBgwFoAUmaeHEu0pejcOSYejJvMXclnEvEAwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRmFCVnlpY25xNzE1aExmOUFla1dTWWNjUmFpbWZRTHhiSHBQWkt3QVVG
OFIvMS85OUE3ODcxMkVEMjk3QTM3MEU0OTg3QTMyNkYzMTc3MjU5QzRCQzQwLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzk5QTc4NzEyRUQyOTdBMzcw
RTQ5ODdBMzI2RjMxNzcyNTlDNEJDNDAuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0ZhQlZ5aWNucTcxNWhMZjlBZWtXU1ljY1JhaW1mUUx4YkhwUFpLd0FVRjhSLzEv
MzIzODMwMzQzYTM1MzkzMjYzM2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzNjM4
MzEzNzMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKARZLDANBgkqhkiG9w0BAQsFAAOCAQEAA9kZdcD0
7mBCSIuTkR99za+BElQpddOC7fkpxqKt39ZJe5dOzJOEWXiIxAOhluM+XB379o4O
2vpVx3GSuo7SRbrZUfKCL4rMw9COxnXFEYePdU1RHMiwIdyRAMo8ioY0ISmN+APl
9a+R5Mm7+vRQ+DkY36SnScPyW4u46WDjRF3puliFSw5dAGblA/lwxqemLwtNQVYS
cXtuNRxug/ba57dG1MdGCLWIcBdEoWjy86Lk3FVGcxpo4NzuTDN5QSzm4EutAhea
sIUbybigbPRP+hrGnvK2jxyxaLZK9/Zngtry5CpMEAZghbPveJBnNvnAzva3NEpm
XkW1Zub6i42SPQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:25:38 2024 by rpki-client on console-ams.rpki-client.org