Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/HLx9sJ9FQnk2bVmevSRFxPaaJX8TQLTC7d63UmWHwKxo/1/3133382e3231392e3138382e302f32322d3234203d3e20323633393332.roa
File:                     3133382e3231392e3138382e302f32322d3234203d3e20323633393332.roa (raw, json)
Hash identifier:          AEfV7f5YOerguN+KLmK8APtyCVd6LZByPB7qu3wAxrA=
Subject key identifier:   27:6D:88:55:B6:01:85:26:03:A2:66:2F:67:01:11:19:5D:EA:3A:C5
Certificate issuer:       /CN=DC2E44207997D76B55B0EE905DAC1F10B2550C4E
Certificate serial:       2260D5228AAA996BA4BE46539E02D351189D9BF3
Authority key identifier: DC:2E:44:20:79:97:D7:6B:55:B0:EE:90:5D:AC:1F:10:B2:55:0C:4E
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DC2E44207997D76B55B0EE905DAC1F10B2550C4E.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/HLx9sJ9FQnk2bVmevSRFxPaaJX8TQLTC7d63UmWHwKxo/1/3133382e3231392e3138382e302f32322d3234203d3e20323633393332.roa
Signing time:             Thu 04 Apr 2024 13:28:26 +0000
ROA not before:           Thu 04 Apr 2024 13:23:26 +0000
ROA not after:            Thu 03 Apr 2025 13:28:26 +0000
asID:                     263932
IP address blocks:        138.219.188.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/HLx9sJ9FQnk2bVmevSRFxPaaJX8TQLTC7d63UmWHwKxo/1/DC2E44207997D76B55B0EE905DAC1F10B2550C4E.crl
                          rsync://rpki-repo.registro.br/repo/HLx9sJ9FQnk2bVmevSRFxPaaJX8TQLTC7d63UmWHwKxo/1/DC2E44207997D76B55B0EE905DAC1F10B2550C4E.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DC2E44207997D76B55B0EE905DAC1F10B2550C4E.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 13:14:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:60:d5:22:8a:aa:99:6b:a4:be:46:53:9e:02:d3:51:18:9d:9b:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DC2E44207997D76B55B0EE905DAC1F10B2550C4E
        Validity
            Not Before: Apr  4 13:23:26 2024 GMT
            Not After : Apr  3 13:28:26 2025 GMT
        Subject: CN=276D8855B601852603A2662F670111195DEA3AC5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:e3:c0:e6:74:b7:e0:fe:45:6c:d9:03:b2:e7:
                    40:62:f0:80:3f:5c:fa:e8:8d:f4:b8:30:ab:34:3e:
                    0f:65:22:a4:8c:db:95:a6:0c:7a:37:40:4f:18:ab:
                    01:93:01:5a:ea:0a:71:d2:ad:93:92:7c:91:08:9c:
                    50:5e:f8:26:91:da:f8:6f:37:9b:1d:81:55:1a:25:
                    c5:6c:1b:1f:37:d0:85:49:32:0b:23:a0:3d:08:7b:
                    be:16:1c:cd:94:78:e2:b5:1f:4d:bd:f4:f3:17:7c:
                    1e:ef:b2:53:42:0d:89:25:e2:63:d6:7b:4a:b5:e6:
                    29:e2:f8:a5:36:4b:a7:6b:b6:53:b2:d2:f3:c8:67:
                    15:1c:8c:c3:dd:06:51:da:22:73:c2:ce:56:f6:3f:
                    4a:61:56:06:51:1b:1c:97:02:0a:9c:84:58:d0:db:
                    a3:18:a8:be:f5:4d:27:4c:a6:ad:a2:39:7e:fe:cc:
                    e8:af:2b:a1:bb:c3:60:df:be:b1:57:a2:7a:d0:46:
                    e3:7a:5f:bd:f2:a7:70:2e:bb:7b:43:f2:56:6a:a7:
                    92:df:4a:76:42:6d:6d:cb:1c:07:ee:9f:33:20:54:
                    1b:e9:1e:15:cb:06:a6:1d:ea:b4:22:65:2d:46:95:
                    c4:d2:7f:18:8b:7b:cd:95:b8:00:2f:1c:eb:6e:92:
                    fc:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:6D:88:55:B6:01:85:26:03:A2:66:2F:67:01:11:19:5D:EA:3A:C5
            X509v3 Authority Key Identifier:
                keyid:DC:2E:44:20:79:97:D7:6B:55:B0:EE:90:5D:AC:1F:10:B2:55:0C:4E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/HLx9sJ9FQnk2bVmevSRFxPaaJX8TQLTC7d63UmWHwKxo/1/DC2E44207997D76B55B0EE905DAC1F10B2550C4E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DC2E44207997D76B55B0EE905DAC1F10B2550C4E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/HLx9sJ9FQnk2bVmevSRFxPaaJX8TQLTC7d63UmWHwKxo/1/3133382e3231392e3138382e302f32322d3234203d3e20323633393332.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.219.188.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7c:f5:94:8c:07:81:c7:d3:a3:4e:d5:fd:80:29:d8:cc:f3:4a:
         ac:73:d0:ba:77:e6:3a:19:a2:ee:eb:3e:00:a6:92:99:d1:39:
         12:f1:96:9d:a6:a5:ce:58:5d:5c:34:b5:44:9d:ee:89:92:c3:
         38:6c:87:71:dd:9d:9f:1c:a7:1e:7f:77:2a:fd:7d:3c:13:0d:
         f9:b6:24:e8:a8:d8:17:c7:97:ab:ef:41:ee:0e:6d:44:3a:1e:
         36:f3:35:41:74:49:00:38:f7:9c:b1:b9:26:00:1b:b6:fe:5d:
         76:82:2e:86:72:2b:fb:71:fd:6c:54:b3:9e:61:38:5f:4d:ff:
         f9:36:23:65:ce:21:fb:c5:5f:fa:4c:e0:d9:00:f7:29:40:d8:
         7c:88:d1:e6:51:56:09:a5:63:1d:8b:f9:aa:66:e2:bb:95:6f:
         18:de:b8:5c:90:b3:9d:61:83:44:eb:e6:8d:f6:cb:f8:89:06:
         68:e6:45:24:b0:d7:7d:42:26:a9:a0:5a:dc:07:ba:87:c5:a1:
         bd:05:70:ef:93:0e:c6:30:65:01:e5:f4:65:d3:6b:d4:35:ab:
         fb:da:a3:22:9e:3f:c6:3c:3b:37:00:d3:19:5c:a9:de:ab:1a:
         9f:c1:f2:68:76:20:fc:24:5b:fc:6b:ea:39:94:9c:d9:fc:34:
         ca:27:dd:60
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUImDVIoqqmWukvkZTngLTURidm/MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREMyRTQ0MjA3OTk3RDc2QjU1QjBFRTkwNURBQzFGMTBC
MjU1MEM0RTAeFw0yNDA0MDQxMzIzMjZaFw0yNTA0MDMxMzI4MjZaMDMxMTAvBgNV
BAMTKDI3NkQ4ODU1QjYwMTg1MjYwM0EyNjYyRjY3MDExMTE5NURFQTNBQzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+48DmdLfg/kVs2QOy50Bi8IA/
XProjfS4MKs0Pg9lIqSM25WmDHo3QE8YqwGTAVrqCnHSrZOSfJEInFBe+CaR2vhv
N5sdgVUaJcVsGx830IVJMgsjoD0Ie74WHM2UeOK1H0299PMXfB7vslNCDYkl4mPW
e0q15ini+KU2S6drtlOy0vPIZxUcjMPdBlHaInPCzlb2P0phVgZRGxyXAgqchFjQ
26MYqL71TSdMpq2iOX7+zOivK6G7w2DfvrFXonrQRuN6X73yp3Auu3tD8lZqp5Lf
SnZCbW3LHAfunzMgVBvpHhXLBqYd6rQiZS1GlcTSfxiLe82VuAAvHOtukvyhAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUJ22IVbYBhSYDomYvZwERGV3qOsUwHwYDVR0j
BBgwFoAU3C5EIHmX12tVsO6QXawfELJVDE4wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vSEx4OXNKOUZRbmsyYlZtZXZTUkZ4UGFhSlg4VFFMVEM3ZDYzVW1XSHdL
eG8vMS9EQzJFNDQyMDc5OTdENzZCNTVCMEVFOTA1REFDMUYxMEIyNTUwQzRFLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0RDMkU0NDIwNzk5N0Q3NkI1
NUIwRUU5MDVEQUMxRjEwQjI1NTBDNEUuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0hMeDlzSjlGUW5rMmJWbWV2U1JGeFBhYUpYOFRRTFRDN2Q2M1VtV0h3S3hvLzEv
MzEzMzM4MmUzMjMxMzkyZTMxMzgzODJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMy
MzYzMzM5MzMzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAorbvDANBgkqhkiG9w0BAQsFAAOCAQEAfPWU
jAeBx9OjTtX9gCnYzPNKrHPQunfmOhmi7us+AKaSmdE5EvGWnaalzlhdXDS1RJ3u
iZLDOGyHcd2dnxynHn93Kv19PBMN+bYk6KjYF8eXq+9B7g5tRDoeNvM1QXRJADj3
nLG5JgAbtv5ddoIuhnIr+3H9bFSznmE4X03/+TYjZc4h+8Vf+kzg2QD3KUDYfIjR
5lFWCaVjHYv5qmbiu5VvGN64XJCznWGDROvmjfbL+IkGaOZFJLDXfUImqaBa3Ae6
h8WhvQVw75MOxjBlAeX0ZdNr1DWr+9qjIp4/xjw7NwDTGVyp3qsan8HyaHYg/CRb
/GvqOZSc2fw0yifdYA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:44:20 2024 by rpki-client on console-ams.rpki-client.org