Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/GsJebcBnKVV7LJWrEXgMyd544JvofJpEqP458FoSWYJe/1/3132382e3230312e32382e302f32332d3233203d3e20323636363131.roa
File:                     3132382e3230312e32382e302f32332d3233203d3e20323636363131.roa (raw, json)
Hash identifier:          BqNGfMxaj9WskbGzOZLSnXqDf8jxDAnw7UXUQ9pIskY=
Subject key identifier:   65:A2:46:BD:41:B3:71:8D:44:4C:6A:E0:3B:3C:ED:E7:4C:DD:DB:86
Certificate issuer:       /CN=C70EC4383B792424E71BC6853AD1C792781070B3
Certificate serial:       3CAB788CCB7C54C331BF0A74EE36FDA0346121AB
Authority key identifier: C7:0E:C4:38:3B:79:24:24:E7:1B:C6:85:3A:D1:C7:92:78:10:70:B3
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C70EC4383B792424E71BC6853AD1C792781070B3.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/GsJebcBnKVV7LJWrEXgMyd544JvofJpEqP458FoSWYJe/1/3132382e3230312e32382e302f32332d3233203d3e20323636363131.roa
Signing time:             Thu 04 Apr 2024 02:26:18 +0000
ROA not before:           Thu 04 Apr 2024 02:21:18 +0000
ROA not after:            Thu 03 Apr 2025 02:26:18 +0000
asID:                     266611
IP address blocks:        128.201.28.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/GsJebcBnKVV7LJWrEXgMyd544JvofJpEqP458FoSWYJe/1/C70EC4383B792424E71BC6853AD1C792781070B3.crl
                          rsync://rpki-repo.registro.br/repo/GsJebcBnKVV7LJWrEXgMyd544JvofJpEqP458FoSWYJe/1/C70EC4383B792424E71BC6853AD1C792781070B3.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C70EC4383B792424E71BC6853AD1C792781070B3.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 14:32:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:ab:78:8c:cb:7c:54:c3:31:bf:0a:74:ee:36:fd:a0:34:61:21:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C70EC4383B792424E71BC6853AD1C792781070B3
        Validity
            Not Before: Apr  4 02:21:18 2024 GMT
            Not After : Apr  3 02:26:18 2025 GMT
        Subject: CN=65A246BD41B3718D444C6AE03B3CEDE74CDDDB86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ec:8e:96:37:73:e1:77:65:b7:b9:54:11:bd:e4:
                    ef:a4:aa:c9:81:da:16:99:b2:56:58:df:19:fe:67:
                    91:af:58:a8:3b:9e:17:cc:c8:09:a2:2d:72:8b:be:
                    17:5a:2f:d6:31:5f:52:be:d5:f4:cd:84:5b:41:da:
                    d7:01:47:52:e5:02:0d:98:b1:4a:b0:de:d2:a0:6c:
                    8c:85:95:2c:ee:5f:7d:0a:1b:54:b2:bc:3a:01:12:
                    1f:ad:b2:f1:50:6a:3a:bb:a7:02:c3:ff:56:5a:59:
                    67:0a:ac:da:71:f1:cc:2d:90:d6:2b:22:47:8d:16:
                    f6:99:ef:d2:a4:dc:ab:b1:c0:c5:8f:6d:0f:ef:77:
                    fb:71:46:0a:c1:0f:e9:26:50:e7:e3:58:a9:bf:10:
                    6f:1e:44:9b:f9:28:83:04:a7:bb:47:39:1f:49:55:
                    9d:31:b2:8a:93:f5:94:9f:94:0e:48:1d:fb:49:06:
                    f7:5d:75:db:75:7f:ca:71:7b:07:e5:89:2d:d6:72:
                    5e:aa:e1:ac:71:d0:4b:df:cb:bd:50:f1:ba:ac:d2:
                    3d:7d:10:b1:31:dc:76:a1:ed:e5:82:2c:fa:58:07:
                    41:fa:bf:a4:e1:79:65:22:19:68:f2:82:57:87:69:
                    43:bd:c0:46:ad:6a:40:a2:45:6b:fb:fc:85:8a:e3:
                    d3:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:A2:46:BD:41:B3:71:8D:44:4C:6A:E0:3B:3C:ED:E7:4C:DD:DB:86
            X509v3 Authority Key Identifier:
                keyid:C7:0E:C4:38:3B:79:24:24:E7:1B:C6:85:3A:D1:C7:92:78:10:70:B3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/GsJebcBnKVV7LJWrEXgMyd544JvofJpEqP458FoSWYJe/1/C70EC4383B792424E71BC6853AD1C792781070B3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C70EC4383B792424E71BC6853AD1C792781070B3.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/GsJebcBnKVV7LJWrEXgMyd544JvofJpEqP458FoSWYJe/1/3132382e3230312e32382e302f32332d3233203d3e20323636363131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.201.28.0/23

    Signature Algorithm: sha256WithRSAEncryption
         66:26:90:f4:1f:52:6c:2b:82:36:3b:24:3b:55:6e:2e:a2:72:
         d3:4b:d8:8f:dd:cf:c6:90:9c:e3:17:52:a9:b6:2b:d1:53:b7:
         ef:a0:ff:9c:b7:88:36:b0:53:80:e3:f8:22:1b:9c:bf:f0:d4:
         9e:59:c5:37:54:99:96:b9:ea:6b:47:8b:ba:9e:a5:22:f3:85:
         90:f6:a4:b9:03:4b:91:e3:2a:6c:00:d7:62:30:2c:48:3f:14:
         82:99:ae:72:83:30:0b:c8:27:4f:6f:44:f9:dd:55:54:1c:f3:
         fc:81:4b:fd:a5:f9:7b:b1:f8:8d:99:3a:cc:b6:e3:38:8c:3c:
         8c:c6:db:92:ca:de:d1:af:1d:77:37:f8:f5:d5:b2:50:9a:7d:
         2c:e7:a7:9a:42:3e:f1:7b:3a:c8:61:db:a0:df:51:c6:3f:8c:
         5a:99:46:8c:56:c2:cf:ad:81:7a:ea:b7:43:95:27:b5:c8:b6:
         7f:a2:5f:23:4f:6a:03:79:c1:13:ef:aa:94:c0:c3:8e:68:f1:
         de:07:91:f3:62:f4:47:5b:0e:c9:f2:6f:8c:a1:68:75:36:d6:
         f1:b2:7b:46:1a:ae:61:d6:b8:58:0f:ed:28:3e:69:ce:8c:86:
         e1:1a:d8:22:59:1b:57:a4:85:73:d3:7f:25:9b:bd:a7:1b:b6:
         6a:b5:94:31
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUPKt4jMt8VMMxvwp07jb9oDRhIaswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzcwRUM0MzgzQjc5MjQyNEU3MUJDNjg1M0FEMUM3OTI3
ODEwNzBCMzAeFw0yNDA0MDQwMjIxMThaFw0yNTA0MDMwMjI2MThaMDMxMTAvBgNV
BAMTKDY1QTI0NkJENDFCMzcxOEQ0NDRDNkFFMDNCM0NFREU3NENERERCODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsjpY3c+F3Zbe5VBG95O+kqsmB
2haZslZY3xn+Z5GvWKg7nhfMyAmiLXKLvhdaL9YxX1K+1fTNhFtB2tcBR1LlAg2Y
sUqw3tKgbIyFlSzuX30KG1SyvDoBEh+tsvFQajq7pwLD/1ZaWWcKrNpx8cwtkNYr
IkeNFvaZ79Kk3KuxwMWPbQ/vd/txRgrBD+kmUOfjWKm/EG8eRJv5KIMEp7tHOR9J
VZ0xsoqT9ZSflA5IHftJBvddddt1f8pxewfliS3Wcl6q4axx0Evfy71Q8bqs0j19
ELEx3Hah7eWCLPpYB0H6v6TheWUiGWjygleHaUO9wEatakCiRWv7/IWK49OhAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUZaJGvUGzcY1ETGrgOzzt50zd24YwHwYDVR0j
BBgwFoAUxw7EODt5JCTnG8aFOtHHkngQcLMwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vR3NKZWJjQm5LVlY3TEpXckVYZ015ZDU0NEp2b2ZKcEVxUDQ1OEZvU1dZ
SmUvMS9DNzBFQzQzODNCNzkyNDI0RTcxQkM2ODUzQUQxQzc5Mjc4MTA3MEIzLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0M3MEVDNDM4M0I3OTI0MjRF
NzFCQzY4NTNBRDFDNzkyNzgxMDcwQjMuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0dzSmViY0JuS1ZWN0xKV3JFWGdNeWQ1NDRKdm9mSnBFcVA0NThGb1NXWUplLzEv
MzEzMjM4MmUzMjMwMzEyZTMyMzgyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjM2
MzYzNjMxMzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAGAyRwwDQYJKoZIhvcNAQELBQADggEBAGYmkPQf
UmwrgjY7JDtVbi6ictNL2I/dz8aQnOMXUqm2K9FTt++g/5y3iDawU4Dj+CIbnL/w
1J5ZxTdUmZa56mtHi7qepSLzhZD2pLkDS5HjKmwA12IwLEg/FIKZrnKDMAvIJ09v
RPndVVQc8/yBS/2l+Xux+I2ZOsy24ziMPIzG25LK3tGvHXc3+PXVslCafSznp5pC
PvF7Oshh26DfUcY/jFqZRoxWws+tgXrqt0OVJ7XItn+iXyNPagN5wRPvqpTAw45o
8d4HkfNi9EdbDsnyb4yhaHU21vGye0YarmHWuFgP7Sg+ac6MhuEa2CJZG1ekhXPT
fyWbvacbtmq1lDE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:19:53 2024 by rpki-client on console-ams.rpki-client.org