Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/GEH7UUpY7TRmEbYWtKdWSVne5gBzxfvNQLyF7WsuabaP/1/3230302e3232302e3136302e302f32322d3232203d3e2037303239.roa
File:                     3230302e3232302e3136302e302f32322d3232203d3e2037303239.roa (raw, json)
Hash identifier:          bT5rKbD0vwc71mcF9pAmnd3f60NPhL+jpvLcFpLG6OE=
Subject key identifier:   72:5F:A7:2C:05:1F:DB:1C:56:68:59:F5:38:7D:5F:D9:59:2D:26:D6
Certificate issuer:       /CN=801C62756CEAB17FA0153A254E96D04D8EA570B3
Certificate serial:       08DC8D580D882228CF4EB10EF0764918C1163A37
Authority key identifier: 80:1C:62:75:6C:EA:B1:7F:A0:15:3A:25:4E:96:D0:4D:8E:A5:70:B3
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/801C62756CEAB17FA0153A254E96D04D8EA570B3.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/GEH7UUpY7TRmEbYWtKdWSVne5gBzxfvNQLyF7WsuabaP/1/3230302e3232302e3136302e302f32322d3232203d3e2037303239.roa
Signing time:             Mon 29 Apr 2024 16:42:57 +0000
ROA not before:           Mon 29 Apr 2024 16:37:57 +0000
ROA not after:            Mon 28 Apr 2025 16:42:57 +0000
asID:                     7029
IP address blocks:        200.220.160.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/GEH7UUpY7TRmEbYWtKdWSVne5gBzxfvNQLyF7WsuabaP/1/801C62756CEAB17FA0153A254E96D04D8EA570B3.crl
                          rsync://rpki-repo.registro.br/repo/GEH7UUpY7TRmEbYWtKdWSVne5gBzxfvNQLyF7WsuabaP/1/801C62756CEAB17FA0153A254E96D04D8EA570B3.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/801C62756CEAB17FA0153A254E96D04D8EA570B3.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Jun 2024 11:54:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:dc:8d:58:0d:88:22:28:cf:4e:b1:0e:f0:76:49:18:c1:16:3a:37
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=801C62756CEAB17FA0153A254E96D04D8EA570B3
        Validity
            Not Before: Apr 29 16:37:57 2024 GMT
            Not After : Apr 28 16:42:57 2025 GMT
        Subject: CN=725FA72C051FDB1C566859F5387D5FD9592D26D6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:03:49:3e:87:3d:a2:40:0e:94:e8:0f:0b:32:
                    7b:a0:bc:9a:c8:41:08:16:1d:fa:be:71:ff:0d:cd:
                    72:c6:10:5d:b0:6a:3e:00:7e:5a:df:31:cf:d5:e2:
                    58:a5:79:3a:96:ef:fb:69:ae:4a:0c:a7:b7:82:17:
                    5c:f6:15:55:a0:a9:57:42:e6:a5:90:21:a6:9b:2b:
                    6b:1d:e3:b8:b9:aa:15:64:b0:cf:b8:81:5b:e3:6b:
                    6b:c5:21:d6:b2:a4:e7:fa:13:c1:57:db:2a:77:f3:
                    3e:c9:69:d3:ae:ec:6c:30:3b:4f:0b:d4:6a:58:00:
                    75:25:ba:f0:c9:b0:8d:3f:e0:07:e5:b9:d7:53:bf:
                    60:13:f5:35:9f:f1:4b:29:ba:1b:7a:a5:01:bf:2f:
                    37:47:9b:ec:6a:99:14:ee:ee:27:66:3e:81:92:bc:
                    9e:d5:57:ec:ad:db:79:2a:79:6b:fd:e1:03:1c:c1:
                    b1:01:0e:ee:55:6d:51:d2:90:db:00:1d:90:b1:a5:
                    8e:9d:38:4e:d7:5e:4e:85:6a:0d:32:dd:f3:91:fd:
                    52:28:a5:da:f1:f2:f0:ef:3c:29:2a:b6:aa:aa:a7:
                    ac:44:4f:4a:7a:a4:b2:db:50:65:2c:6b:f0:e3:b5:
                    f8:63:ce:24:fc:c7:a4:44:f8:6c:fd:0f:f0:fa:e5:
                    e0:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:5F:A7:2C:05:1F:DB:1C:56:68:59:F5:38:7D:5F:D9:59:2D:26:D6
            X509v3 Authority Key Identifier:
                keyid:80:1C:62:75:6C:EA:B1:7F:A0:15:3A:25:4E:96:D0:4D:8E:A5:70:B3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/GEH7UUpY7TRmEbYWtKdWSVne5gBzxfvNQLyF7WsuabaP/1/801C62756CEAB17FA0153A254E96D04D8EA570B3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/801C62756CEAB17FA0153A254E96D04D8EA570B3.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/GEH7UUpY7TRmEbYWtKdWSVne5gBzxfvNQLyF7WsuabaP/1/3230302e3232302e3136302e302f32322d3232203d3e2037303239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.220.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         40:55:77:69:a3:f7:8d:98:da:e0:6f:4f:64:3b:71:81:d9:2e:
         7c:64:17:b2:84:43:4e:38:8a:57:23:8c:fe:72:67:fd:82:ee:
         c1:af:b1:f1:18:ac:23:88:8f:af:a2:44:08:e9:be:ad:fc:d8:
         2d:61:63:46:2b:5f:ac:4e:95:b0:0b:8f:73:09:5e:7b:af:5b:
         25:4c:ce:fe:2f:1c:6a:26:85:95:ec:2a:83:e8:30:83:7a:a1:
         b3:24:d9:79:55:e6:72:70:e1:f7:a7:f5:99:a4:e9:5a:e8:39:
         1f:d6:46:58:83:31:08:91:af:01:f4:01:8a:91:f3:c0:f2:a3:
         e8:2c:ba:7f:a6:3a:b0:b6:ad:68:bf:fc:75:12:9b:c2:d3:84:
         15:dd:64:ae:6e:53:f3:5d:4c:b5:7d:64:ae:7c:af:c5:b2:f3:
         0b:92:a3:13:98:31:93:ec:b4:18:8c:0d:eb:6b:2c:a5:c8:50:
         49:2b:5b:5a:5b:02:0e:ab:af:74:d9:7d:7d:dd:4e:df:4b:32:
         6b:34:40:43:b3:6d:a5:6c:8a:1f:5e:76:5e:57:dc:d0:f4:b2:
         7e:21:39:b0:10:d6:f0:ee:98:6f:ee:fa:7a:e2:ba:32:13:db:
         19:f4:73:97:aa:6a:de:5d:9a:c6:d9:c1:48:2d:b5:33:66:b7:
         fe:5a:dc:11
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUCNyNWA2IIijPTrEO8HZJGMEWOjcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODAxQzYyNzU2Q0VBQjE3RkEwMTUzQTI1NEU5NkQwNEQ4
RUE1NzBCMzAeFw0yNDA0MjkxNjM3NTdaFw0yNTA0MjgxNjQyNTdaMDMxMTAvBgNV
BAMTKDcyNUZBNzJDMDUxRkRCMUM1NjY4NTlGNTM4N0Q1RkQ5NTkyRDI2RDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClA0k+hz2iQA6U6A8LMnugvJrI
QQgWHfq+cf8NzXLGEF2waj4AflrfMc/V4lileTqW7/tprkoMp7eCF1z2FVWgqVdC
5qWQIaabK2sd47i5qhVksM+4gVvja2vFIdaypOf6E8FX2yp38z7JadOu7GwwO08L
1GpYAHUluvDJsI0/4AfluddTv2AT9TWf8Uspuht6pQG/LzdHm+xqmRTu7idmPoGS
vJ7VV+yt23kqeWv94QMcwbEBDu5VbVHSkNsAHZCxpY6dOE7XXk6Fag0y3fOR/VIo
pdrx8vDvPCkqtqqqp6xET0p6pLLbUGUsa/DjtfhjziT8x6RE+Gz9D/D65eBZAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUcl+nLAUf2xxWaFn1OH1f2VktJtYwHwYDVR0j
BBgwFoAUgBxidWzqsX+gFTolTpbQTY6lcLMwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vR0VIN1VVcFk3VFJtRWJZV3RLZFdTVm5lNWdCenhmdk5RTHlGN1dzdWFi
YVAvMS84MDFDNjI3NTZDRUFCMTdGQTAxNTNBMjU0RTk2RDA0RDhFQTU3MEIzLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzgwMUM2Mjc1NkNFQUIxN0ZB
MDE1M0EyNTRFOTZEMDREOEVBNTcwQjMuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0dFSDdVVXBZN1RSbUViWVd0S2RXU1ZuZTVnQnp4ZnZOUUx5RjdXc3VhYmFQLzEv
MzIzMDMwMmUzMjMyMzAyZTMxMzYzMDJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDM3
MzAzMjM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCyNygMA0GCSqGSIb3DQEBCwUAA4IBAQBAVXdpo/eN
mNrgb09kO3GB2S58ZBeyhENOOIpXI4z+cmf9gu7Br7HxGKwjiI+vokQI6b6t/Ngt
YWNGK1+sTpWwC49zCV57r1slTM7+LxxqJoWV7CqD6DCDeqGzJNl5VeZycOH3p/WZ
pOla6Dkf1kZYgzEIka8B9AGKkfPA8qPoLLp/pjqwtq1ov/x1EpvC04QV3WSublPz
XUy1fWSufK/FsvMLkqMTmDGT7LQYjA3rayylyFBJK1taWwIOq6902X193U7fSzJr
NEBDs22lbIofXnZeV9zQ9LJ+ITmwENbw7phv7vp64royE9sZ9HOXqmreXZrG2cFI
LbUzZrf+WtwR
-----END CERTIFICATE-----
Generated at Sun Jun 16 23:33:45 2024 by rpki-client on console-fra.rpki-client.org