Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/GEH7UUpY7TRmEbYWtKdWSVne5gBzxfvNQLyF7WsuabaP/1/3230302e3232302e3136342e302f32322d3232203d3e2037303239.roa
File:                     3230302e3232302e3136342e302f32322d3232203d3e2037303239.roa (raw, json)
Hash identifier:          h016Z9+cD6g/96YBAz6rw+8oTsYVxYrYXCYXW15DcbY=
Subject key identifier:   11:A6:3A:46:20:F1:12:A4:0B:71:F4:C8:39:AE:80:36:40:5B:E3:A5
Certificate issuer:       /CN=801C62756CEAB17FA0153A254E96D04D8EA570B3
Certificate serial:       7618FDBC7B0E2B9834A96FE419082407DE93CDA4
Authority key identifier: 80:1C:62:75:6C:EA:B1:7F:A0:15:3A:25:4E:96:D0:4D:8E:A5:70:B3
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/801C62756CEAB17FA0153A254E96D04D8EA570B3.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/GEH7UUpY7TRmEbYWtKdWSVne5gBzxfvNQLyF7WsuabaP/1/3230302e3232302e3136342e302f32322d3232203d3e2037303239.roa
Signing time:             Mon 29 Apr 2024 16:42:57 +0000
ROA not before:           Mon 29 Apr 2024 16:37:57 +0000
ROA not after:            Mon 28 Apr 2025 16:42:57 +0000
asID:                     7029
IP address blocks:        200.220.164.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/GEH7UUpY7TRmEbYWtKdWSVne5gBzxfvNQLyF7WsuabaP/1/801C62756CEAB17FA0153A254E96D04D8EA570B3.crl
                          rsync://rpki-repo.registro.br/repo/GEH7UUpY7TRmEbYWtKdWSVne5gBzxfvNQLyF7WsuabaP/1/801C62756CEAB17FA0153A254E96D04D8EA570B3.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/801C62756CEAB17FA0153A254E96D04D8EA570B3.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Jun 2024 11:54:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:18:fd:bc:7b:0e:2b:98:34:a9:6f:e4:19:08:24:07:de:93:cd:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=801C62756CEAB17FA0153A254E96D04D8EA570B3
        Validity
            Not Before: Apr 29 16:37:57 2024 GMT
            Not After : Apr 28 16:42:57 2025 GMT
        Subject: CN=11A63A4620F112A40B71F4C839AE8036405BE3A5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:20:f1:80:d7:91:73:7e:5f:d3:62:22:15:41:
                    21:7f:d8:c2:f5:04:86:c1:0a:d3:14:7a:32:e2:56:
                    1e:6f:bb:f4:cb:58:a3:43:d5:ab:b2:c4:7e:c3:e5:
                    25:b0:4f:cc:30:0d:b2:6b:29:40:9b:e5:a8:22:df:
                    05:ca:92:25:e9:23:3b:b1:17:2d:ec:20:43:55:db:
                    85:69:41:03:c5:92:03:ad:52:05:19:a8:9c:0b:d7:
                    fe:41:7c:6d:b2:d0:ba:39:2c:d3:f5:d8:46:cc:8e:
                    0f:dc:26:13:6b:36:ed:51:52:5d:b5:91:1c:cf:78:
                    41:85:c8:73:b5:12:ea:77:29:5b:5d:92:16:ac:db:
                    b2:00:75:1e:64:df:23:cd:41:84:b5:0d:a6:7a:01:
                    a1:c9:cb:38:67:a5:8d:f5:91:34:46:e7:66:d5:d6:
                    94:ae:82:bc:b0:1e:2f:08:cf:57:f6:6e:76:4c:d3:
                    6e:47:3c:ed:41:51:04:bc:2b:a1:7f:a8:e8:03:8c:
                    75:9f:07:3d:60:c1:a4:c6:30:aa:e2:6c:61:a2:3d:
                    28:eb:b4:fb:6b:b4:10:c1:4b:94:6d:62:09:fa:70:
                    93:52:f8:4e:64:9f:01:07:ca:95:c2:cd:0e:49:76:
                    fd:a2:c0:f8:34:f1:c1:e1:3c:03:b3:52:5b:6a:10:
                    44:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                11:A6:3A:46:20:F1:12:A4:0B:71:F4:C8:39:AE:80:36:40:5B:E3:A5
            X509v3 Authority Key Identifier:
                keyid:80:1C:62:75:6C:EA:B1:7F:A0:15:3A:25:4E:96:D0:4D:8E:A5:70:B3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/GEH7UUpY7TRmEbYWtKdWSVne5gBzxfvNQLyF7WsuabaP/1/801C62756CEAB17FA0153A254E96D04D8EA570B3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/801C62756CEAB17FA0153A254E96D04D8EA570B3.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/GEH7UUpY7TRmEbYWtKdWSVne5gBzxfvNQLyF7WsuabaP/1/3230302e3232302e3136342e302f32322d3232203d3e2037303239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.220.164.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4b:cd:63:7b:4c:75:9a:db:f5:d0:cc:90:94:f8:4b:68:6e:21:
         ea:71:90:94:e9:d1:0f:5e:30:3f:26:53:21:ad:07:18:7d:66:
         c1:b6:f1:65:6b:1f:66:a2:98:71:41:6b:8c:70:23:bd:e4:98:
         d2:bb:09:5b:63:63:04:4f:44:72:74:49:51:11:e8:2d:b7:9a:
         df:20:7a:6f:b5:e4:89:25:59:ec:70:67:9d:db:8c:03:44:b8:
         bc:ee:65:f5:1b:5f:9b:37:97:d1:f7:4a:64:20:45:97:b0:39:
         2d:b0:39:2d:93:b4:2d:71:87:17:f1:5e:5f:50:54:df:5d:b4:
         3a:ae:0f:62:63:c7:69:77:a7:6a:55:c8:2a:db:80:0e:4d:cb:
         b6:3a:90:6e:fb:65:db:a6:e5:cc:39:24:ae:0b:04:5d:f6:62:
         d3:61:03:ec:ec:e8:c6:cd:d7:a9:92:bb:25:bf:dc:b1:9e:47:
         f5:12:42:37:06:12:3d:21:cb:03:1c:04:75:8a:8e:8e:3c:3d:
         5f:d1:50:8f:a4:84:7e:93:8c:5e:7c:ef:2d:3f:e5:54:68:4d:
         c1:aa:8f:bd:f4:8d:bc:62:68:94:fd:3d:1a:24:ca:dd:08:12:
         02:60:41:78:0e:f6:5c:61:3a:3b:ec:23:70:dd:99:aa:75:48:
         66:a5:2c:5e
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUdhj9vHsOK5g0qW/kGQgkB96TzaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODAxQzYyNzU2Q0VBQjE3RkEwMTUzQTI1NEU5NkQwNEQ4
RUE1NzBCMzAeFw0yNDA0MjkxNjM3NTdaFw0yNTA0MjgxNjQyNTdaMDMxMTAvBgNV
BAMTKDExQTYzQTQ2MjBGMTEyQTQwQjcxRjRDODM5QUU4MDM2NDA1QkUzQTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtIPGA15Fzfl/TYiIVQSF/2ML1
BIbBCtMUejLiVh5vu/TLWKND1auyxH7D5SWwT8wwDbJrKUCb5agi3wXKkiXpIzux
Fy3sIENV24VpQQPFkgOtUgUZqJwL1/5BfG2y0Lo5LNP12EbMjg/cJhNrNu1RUl21
kRzPeEGFyHO1Eup3KVtdkhas27IAdR5k3yPNQYS1DaZ6AaHJyzhnpY31kTRG52bV
1pSugrywHi8Iz1f2bnZM025HPO1BUQS8K6F/qOgDjHWfBz1gwaTGMKribGGiPSjr
tPtrtBDBS5RtYgn6cJNS+E5knwEHypXCzQ5Jdv2iwPg08cHhPAOzUltqEETJAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUEaY6RiDxEqQLcfTIOa6ANkBb46UwHwYDVR0j
BBgwFoAUgBxidWzqsX+gFTolTpbQTY6lcLMwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vR0VIN1VVcFk3VFJtRWJZV3RLZFdTVm5lNWdCenhmdk5RTHlGN1dzdWFi
YVAvMS84MDFDNjI3NTZDRUFCMTdGQTAxNTNBMjU0RTk2RDA0RDhFQTU3MEIzLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzgwMUM2Mjc1NkNFQUIxN0ZB
MDE1M0EyNTRFOTZEMDREOEVBNTcwQjMuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0dFSDdVVXBZN1RSbUViWVd0S2RXU1ZuZTVnQnp4ZnZOUUx5RjdXc3VhYmFQLzEv
MzIzMDMwMmUzMjMyMzAyZTMxMzYzNDJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDM3
MzAzMjM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCyNykMA0GCSqGSIb3DQEBCwUAA4IBAQBLzWN7THWa
2/XQzJCU+EtobiHqcZCU6dEPXjA/JlMhrQcYfWbBtvFlax9mophxQWuMcCO95JjS
uwlbY2MET0RydElREegtt5rfIHpvteSJJVnscGed24wDRLi87mX1G1+bN5fR90pk
IEWXsDktsDktk7QtcYcX8V5fUFTfXbQ6rg9iY8dpd6dqVcgq24AOTcu2OpBu+2Xb
puXMOSSuCwRd9mLTYQPs7OjGzdepkrslv9yxnkf1EkI3BhI9IcsDHAR1io6OPD1f
0VCPpIR+k4xefO8tP+VUaE3Bqo+99I28YmiU/T0aJMrdCBICYEF4DvZcYTo77CNw
3ZmqdUhmpSxe
-----END CERTIFICATE-----
Generated at Sun Jun 16 23:33:45 2024 by rpki-client on console-fra.rpki-client.org