Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/HC43PViezn3vWRdP16kFzRL2tczqHJ1SPRH8QPWNcXjZ/2/3230312e3232322e32342e302f32322d3234203d3e203631383233.roa
File:                     3230312e3232322e32342e302f32322d3234203d3e203631383233.roa (raw, json)
Hash identifier:          mmPYEdqkGjWXkUuBZ/c6mtPS1ILplzM72QF3hPQL3yg=
Subject key identifier:   FE:29:B8:B5:C8:2A:46:05:94:E0:56:55:99:9B:D8:BE:D6:75:98:E3
Certificate issuer:       /CN=DF1195DA2AA3835ACEB6C0314248212FD90A0F83
Certificate serial:       050E09338A16DFC0FA5BD9EFC88386B8715F0D7A
Authority key identifier: DF:11:95:DA:2A:A3:83:5A:CE:B6:C0:31:42:48:21:2F:D9:0A:0F:83
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DF1195DA2AA3835ACEB6C0314248212FD90A0F83.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/HC43PViezn3vWRdP16kFzRL2tczqHJ1SPRH8QPWNcXjZ/2/3230312e3232322e32342e302f32322d3234203d3e203631383233.roa
Signing time:             Thu 04 Apr 2024 01:40:52 +0000
ROA not before:           Thu 04 Apr 2024 01:35:52 +0000
ROA not after:            Thu 03 Apr 2025 01:40:52 +0000
asID:                     61823
IP address blocks:        201.222.24.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/HC43PViezn3vWRdP16kFzRL2tczqHJ1SPRH8QPWNcXjZ/2/DF1195DA2AA3835ACEB6C0314248212FD90A0F83.crl
                          rsync://rpki-repo.registro.br/repo/HC43PViezn3vWRdP16kFzRL2tczqHJ1SPRH8QPWNcXjZ/2/DF1195DA2AA3835ACEB6C0314248212FD90A0F83.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DF1195DA2AA3835ACEB6C0314248212FD90A0F83.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 07:45:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:0e:09:33:8a:16:df:c0:fa:5b:d9:ef:c8:83:86:b8:71:5f:0d:7a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DF1195DA2AA3835ACEB6C0314248212FD90A0F83
        Validity
            Not Before: Apr  4 01:35:52 2024 GMT
            Not After : Apr  3 01:40:52 2025 GMT
        Subject: CN=FE29B8B5C82A460594E05655999BD8BED67598E3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:02:8d:4f:06:06:9e:76:b6:a3:60:95:f7:a4:
                    da:b6:a8:9a:3b:9a:96:9b:d4:46:8c:91:f7:f2:e4:
                    45:7d:f7:ac:43:21:5c:c7:fc:b8:b4:7a:c2:4d:a7:
                    e1:49:b1:90:df:e2:de:55:01:29:3f:87:62:d1:2c:
                    d9:a0:fc:69:93:84:db:17:28:f4:87:1a:65:e3:29:
                    4f:5c:fa:00:13:da:8e:7d:0c:b4:47:63:7f:2a:42:
                    5c:5d:79:21:8f:56:85:24:fc:67:3c:8b:93:37:bd:
                    e8:d1:86:d8:1a:2d:5f:6e:f0:78:aa:ef:b7:09:83:
                    5b:1f:56:20:71:47:e8:6c:d7:71:74:d9:ce:58:12:
                    cb:be:f0:57:11:32:7f:fa:e0:c5:1b:e9:0e:3a:5f:
                    96:87:38:b1:34:de:d8:a2:0a:dc:b1:a9:31:1a:7a:
                    78:db:56:0e:db:da:9b:4e:02:1d:da:1a:93:23:fc:
                    67:3a:39:e3:06:29:bf:16:a4:2c:ff:85:69:9b:df:
                    4e:6c:2e:2f:8d:80:95:2c:e6:4e:85:ab:3f:32:d8:
                    11:f9:97:2d:14:ac:66:3a:a1:9e:04:8e:7b:94:4e:
                    63:a3:52:b7:0a:08:9e:92:b1:ec:8c:3b:83:46:4b:
                    be:17:e7:b8:56:d8:cc:e7:cc:19:5b:5b:45:45:fb:
                    41:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FE:29:B8:B5:C8:2A:46:05:94:E0:56:55:99:9B:D8:BE:D6:75:98:E3
            X509v3 Authority Key Identifier:
                keyid:DF:11:95:DA:2A:A3:83:5A:CE:B6:C0:31:42:48:21:2F:D9:0A:0F:83

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/HC43PViezn3vWRdP16kFzRL2tczqHJ1SPRH8QPWNcXjZ/2/DF1195DA2AA3835ACEB6C0314248212FD90A0F83.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DF1195DA2AA3835ACEB6C0314248212FD90A0F83.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/HC43PViezn3vWRdP16kFzRL2tczqHJ1SPRH8QPWNcXjZ/2/3230312e3232322e32342e302f32322d3234203d3e203631383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.222.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1c:8e:1b:d7:12:61:d3:66:92:73:02:db:22:c8:b2:19:ae:ab:
         1d:7c:6b:1f:15:78:d1:92:ea:b3:2c:dc:6e:9d:e6:29:4b:38:
         05:45:b0:e6:13:84:2b:68:08:d4:4a:af:ff:e4:43:6f:a1:cc:
         1f:bd:6b:91:a5:b6:ce:f3:f1:c1:e0:8e:33:5b:f3:9e:30:f1:
         5d:df:3d:d1:bf:3d:40:1f:a6:aa:06:7e:c3:b1:fa:8f:e3:1e:
         41:81:79:ea:12:fb:99:bd:65:a5:a2:0a:7e:28:54:e7:84:dd:
         a0:ec:98:47:02:5b:e4:6e:58:52:c5:c9:bf:35:8e:60:f8:fc:
         a3:fc:de:4d:e6:65:ad:d5:35:84:8e:89:62:58:bc:14:fe:ef:
         40:4d:60:20:fe:5a:c2:bd:31:a0:53:ce:65:78:59:c2:74:8f:
         5b:63:0d:ca:fc:d4:73:33:51:79:b2:a2:3a:22:e2:52:a4:2d:
         75:9d:0d:0b:cc:03:59:99:15:50:83:3e:d3:65:68:45:6e:1d:
         de:31:75:4a:4e:52:8b:9a:19:36:29:c5:6d:01:21:fa:f7:04:
         20:7b:8b:14:31:f8:b3:ad:e7:ec:f1:98:45:aa:3d:1e:0e:bf:
         87:d8:81:08:6f:32:21:17:3e:1f:b9:1c:79:28:8d:b4:20:4c:
         43:8c:88:8f
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUBQ4JM4oW38D6W9nvyIOGuHFfDXowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREYxMTk1REEyQUEzODM1QUNFQjZDMDMxNDI0ODIxMkZE
OTBBMEY4MzAeFw0yNDA0MDQwMTM1NTJaFw0yNTA0MDMwMTQwNTJaMDMxMTAvBgNV
BAMTKEZFMjlCOEI1QzgyQTQ2MDU5NEUwNTY1NTk5OUJEOEJFRDY3NTk4RTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLAo1PBgaedrajYJX3pNq2qJo7
mpab1EaMkffy5EV996xDIVzH/Li0esJNp+FJsZDf4t5VASk/h2LRLNmg/GmThNsX
KPSHGmXjKU9c+gAT2o59DLRHY38qQlxdeSGPVoUk/Gc8i5M3vejRhtgaLV9u8Hiq
77cJg1sfViBxR+hs13F02c5YEsu+8FcRMn/64MUb6Q46X5aHOLE03tiiCtyxqTEa
enjbVg7b2ptOAh3aGpMj/Gc6OeMGKb8WpCz/hWmb305sLi+NgJUs5k6Fqz8y2BH5
ly0UrGY6oZ4EjnuUTmOjUrcKCJ6SseyMO4NGS74X57hW2MznzBlbW0VF+0FBAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQU/im4tcgqRgWU4FZVmZvYvtZ1mOMwHwYDVR0j
BBgwFoAU3xGV2iqjg1rOtsAxQkghL9kKD4MwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vSEM0M1BWaWV6bjN2V1JkUDE2a0Z6UkwydGN6cUhKMVNQUkg4UVBXTmNY
alovMi9ERjExOTVEQTJBQTM4MzVBQ0VCNkMwMzE0MjQ4MjEyRkQ5MEEwRjgzLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0RGMTE5NURBMkFBMzgzNUFD
RUI2QzAzMTQyNDgyMTJGRDkwQTBGODMuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0hDNDNQVmllem4zdldSZFAxNmtGelJMMnRjenFISjFTUFJIOFFQV05jWGpaLzIv
MzIzMDMxMmUzMjMyMzIyZTMyMzQyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNjMx
MzgzMjMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCyd4YMA0GCSqGSIb3DQEBCwUAA4IBAQAcjhvXEmHT
ZpJzAtsiyLIZrqsdfGsfFXjRkuqzLNxuneYpSzgFRbDmE4QraAjUSq//5ENvocwf
vWuRpbbO8/HB4I4zW/OeMPFd3z3Rvz1AH6aqBn7DsfqP4x5BgXnqEvuZvWWlogp+
KFTnhN2g7JhHAlvkblhSxcm/NY5g+Pyj/N5N5mWt1TWEjoliWLwU/u9ATWAg/lrC
vTGgU85leFnCdI9bYw3K/NRzM1F5sqI6IuJSpC11nQ0LzANZmRVQgz7TZWhFbh3e
MXVKTlKLmhk2KcVtASH69wQge4sUMfizrefs8ZhFqj0eDr+H2IEIbzIhFz4fuRx5
KI20IExDjIiP
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:45:01 2024 by rpki-client on console-ams.rpki-client.org