Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/Gn8VNxiYMQJR8fdq6EUMKZRJvQEtbFY4KWidtneeDQH6/1/3137372e3132362e3232302e302f32342d3234203d3e20323633353232.roa
File:                     3137372e3132362e3232302e302f32342d3234203d3e20323633353232.roa (raw, json)
Hash identifier:          PkZ5Rs9bwIcP7S1fw/kJjZ9FyiPQWzJcY+tsU1wY0P8=
Subject key identifier:   F1:CD:1A:F1:B7:6F:20:7C:FA:53:3A:D7:77:5F:62:EB:64:5F:32:3E
Certificate issuer:       /CN=ADE62729B7C2F675CBB616815CBA292A798BEB4B
Certificate serial:       0B60812DEA31F6ECF8A1B5BDCEE59C4E28A31340
Authority key identifier: AD:E6:27:29:B7:C2:F6:75:CB:B6:16:81:5C:BA:29:2A:79:8B:EB:4B
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/ADE62729B7C2F675CBB616815CBA292A798BEB4B.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/Gn8VNxiYMQJR8fdq6EUMKZRJvQEtbFY4KWidtneeDQH6/1/3137372e3132362e3232302e302f32342d3234203d3e20323633353232.roa
Signing time:             Thu 04 Apr 2024 16:11:26 +0000
ROA not before:           Thu 04 Apr 2024 16:06:26 +0000
ROA not after:            Thu 03 Apr 2025 16:11:26 +0000
asID:                     263522
IP address blocks:        177.126.220.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/Gn8VNxiYMQJR8fdq6EUMKZRJvQEtbFY4KWidtneeDQH6/1/ADE62729B7C2F675CBB616815CBA292A798BEB4B.crl
                          rsync://rpki-repo.registro.br/repo/Gn8VNxiYMQJR8fdq6EUMKZRJvQEtbFY4KWidtneeDQH6/1/ADE62729B7C2F675CBB616815CBA292A798BEB4B.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/ADE62729B7C2F675CBB616815CBA292A798BEB4B.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 18:27:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:60:81:2d:ea:31:f6:ec:f8:a1:b5:bd:ce:e5:9c:4e:28:a3:13:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ADE62729B7C2F675CBB616815CBA292A798BEB4B
        Validity
            Not Before: Apr  4 16:06:26 2024 GMT
            Not After : Apr  3 16:11:26 2025 GMT
        Subject: CN=F1CD1AF1B76F207CFA533AD7775F62EB645F323E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:b5:06:11:30:5d:fe:1f:09:02:85:88:d7:85:
                    59:1d:9c:27:00:41:e9:74:5b:ab:ee:d0:44:9a:c3:
                    fd:78:fa:cc:ee:50:b3:29:df:40:b1:ec:b6:dc:be:
                    9d:a4:79:fc:9f:63:53:f7:22:c4:53:b1:be:41:11:
                    23:cf:58:3e:e2:18:f8:f2:06:1f:fa:73:53:8f:d8:
                    4e:36:50:08:a0:fb:9a:fb:8e:f9:59:15:49:f8:21:
                    f4:63:a9:8f:52:ac:b5:fd:a0:ba:21:62:2f:76:ac:
                    f4:8d:4b:fd:57:5c:cb:33:4d:00:2b:07:2b:b2:db:
                    98:cd:7c:a0:98:3c:8f:0b:70:55:49:c7:05:44:ee:
                    35:b6:5d:9b:cc:ce:88:34:a4:8a:c0:3a:eb:22:bf:
                    0e:c5:77:17:9f:ff:62:5b:7c:78:45:c2:fb:e5:ab:
                    90:91:75:a1:36:26:5c:a8:b6:cd:80:85:87:f4:2f:
                    4b:56:07:84:bb:75:0f:f3:b4:8e:cc:de:38:e8:92:
                    d8:39:76:b7:de:16:d2:95:19:08:45:a6:70:d0:b6:
                    ad:44:f4:60:af:08:5a:7a:01:85:8b:17:2f:87:39:
                    03:cd:c1:ba:44:20:b5:ad:f5:bf:ea:6e:df:75:5e:
                    60:40:5b:20:d1:6f:d1:97:cb:d7:5c:51:73:a9:f9:
                    8c:c5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F1:CD:1A:F1:B7:6F:20:7C:FA:53:3A:D7:77:5F:62:EB:64:5F:32:3E
            X509v3 Authority Key Identifier:
                keyid:AD:E6:27:29:B7:C2:F6:75:CB:B6:16:81:5C:BA:29:2A:79:8B:EB:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/Gn8VNxiYMQJR8fdq6EUMKZRJvQEtbFY4KWidtneeDQH6/1/ADE62729B7C2F675CBB616815CBA292A798BEB4B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/ADE62729B7C2F675CBB616815CBA292A798BEB4B.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/Gn8VNxiYMQJR8fdq6EUMKZRJvQEtbFY4KWidtneeDQH6/1/3137372e3132362e3232302e302f32342d3234203d3e20323633353232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.126.220.0/24

    Signature Algorithm: sha256WithRSAEncryption
         65:03:80:5b:95:66:a3:2f:b0:17:8c:7b:24:89:dd:3d:dd:ae:
         22:3c:e3:64:0a:75:a5:13:13:8d:5c:84:cf:51:ab:92:68:b8:
         42:5d:31:b6:2d:cd:2f:b9:7c:ef:ca:9b:44:2f:6c:a5:8d:e5:
         eb:ad:c7:50:18:f3:3f:45:e5:fe:07:f2:55:e7:1b:69:cf:b5:
         8a:13:23:97:3a:5e:c0:99:21:d6:6c:c1:5c:5e:54:17:2d:a9:
         11:4c:e8:1c:6f:03:e1:14:40:e7:f8:a5:5f:85:f9:57:c4:d6:
         e4:9c:c4:52:46:eb:c9:7c:35:0c:7a:e7:07:2a:cc:d4:ff:fd:
         e0:a1:6e:11:6c:27:92:23:84:7e:32:49:c6:54:68:6e:a7:ab:
         03:04:82:77:b4:8e:ee:43:14:bd:ea:6f:2b:a4:84:90:a9:fa:
         2b:3a:a8:e3:b0:a4:b7:b1:e3:1f:43:a3:9b:fb:16:2f:28:b9:
         b4:05:bf:bb:f9:ca:3b:35:bf:e1:09:b3:b4:f6:ba:5f:b0:54:
         9b:70:10:ea:fd:01:04:73:3d:9b:29:55:1d:f3:5f:be:7f:1f:
         b8:0f:87:60:ea:20:2c:ac:80:99:1e:26:01:c4:f3:26:f5:89:
         a9:c2:69:d1:a6:da:91:3e:c1:20:04:16:db:76:6c:ed:18:92:
         c5:81:9c:e3
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUC2CBLeox9uz4obW9zuWcTiijE0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQURFNjI3MjlCN0MyRjY3NUNCQjYxNjgxNUNCQTI5MkE3
OThCRUI0QjAeFw0yNDA0MDQxNjA2MjZaFw0yNTA0MDMxNjExMjZaMDMxMTAvBgNV
BAMTKEYxQ0QxQUYxQjc2RjIwN0NGQTUzM0FENzc3NUY2MkVCNjQ1RjMyM0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDatQYRMF3+HwkChYjXhVkdnCcA
Qel0W6vu0ESaw/14+szuULMp30Cx7Lbcvp2kefyfY1P3IsRTsb5BESPPWD7iGPjy
Bh/6c1OP2E42UAig+5r7jvlZFUn4IfRjqY9SrLX9oLohYi92rPSNS/1XXMszTQAr
Byuy25jNfKCYPI8LcFVJxwVE7jW2XZvMzog0pIrAOusivw7Fdxef/2JbfHhFwvvl
q5CRdaE2Jlyots2AhYf0L0tWB4S7dQ/ztI7M3jjoktg5drfeFtKVGQhFpnDQtq1E
9GCvCFp6AYWLFy+HOQPNwbpEILWt9b/qbt91XmBAWyDRb9GXy9dcUXOp+YzFAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQU8c0a8bdvIHz6UzrXd19i62RfMj4wHwYDVR0j
BBgwFoAUreYnKbfC9nXLthaBXLopKnmL60swDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vR244Vk54aVlNUUpSOGZkcTZFVU1LWlJKdlFFdGJGWTRLV2lkdG5lZURR
SDYvMS9BREU2MjcyOUI3QzJGNjc1Q0JCNjE2ODE1Q0JBMjkyQTc5OEJFQjRCLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FERTYyNzI5QjdDMkY2NzVD
QkI2MTY4MTVDQkEyOTJBNzk4QkVCNEIuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0duOFZOeGlZTVFKUjhmZHE2RVVNS1pSSnZRRXRiRlk0S1dpZHRuZWVEUUg2LzEv
MzEzNzM3MmUzMTMyMzYyZTMyMzIzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMy
MzYzMzM1MzIzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEALF+3DANBgkqhkiG9w0BAQsFAAOCAQEAZQOA
W5Vmoy+wF4x7JIndPd2uIjzjZAp1pRMTjVyEz1Grkmi4Ql0xti3NL7l878qbRC9s
pY3l663HUBjzP0Xl/gfyVecbac+1ihMjlzpewJkh1mzBXF5UFy2pEUzoHG8D4RRA
5/ilX4X5V8TW5JzEUkbryXw1DHrnByrM1P/94KFuEWwnkiOEfjJJxlRobqerAwSC
d7SO7kMUvepvK6SEkKn6Kzqo47Ckt7HjH0Ojm/sWLyi5tAW/u/nKOzW/4QmztPa6
X7BUm3AQ6v0BBHM9mylVHfNfvn8fuA+HYOogLKyAmR4mAcTzJvWJqcJp0abakT7B
IAQW23Zs7RiSxYGc4w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:50:33 2024 by rpki-client on console-fra.rpki-client.org