Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/HrgJEbRsQzZPQBBHdkzxngKKapi92F7yCyDZaz9rVkFR/1/323830343a353931633a3a2f33322d3438203d3e203238333730.roa
File:                     323830343a353931633a3a2f33322d3438203d3e203238333730.roa (raw, json)
Hash identifier:          pKrcxGZyhb4jGCYcX+40tFaHJcL3QXqWXrtgtTDuwQY=
Subject key identifier:   9C:6E:72:E9:98:64:BD:2D:48:87:29:22:C9:6F:25:96:1E:B3:2F:E0
Certificate issuer:       /CN=32A915BA5A97568A877890D55DC289FFCB6FEE60
Certificate serial:       489DFB0527A4896C0666D883E5A8DAA5444D33DD
Authority key identifier: 32:A9:15:BA:5A:97:56:8A:87:78:90:D5:5D:C2:89:FF:CB:6F:EE:60
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32A915BA5A97568A877890D55DC289FFCB6FEE60.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/HrgJEbRsQzZPQBBHdkzxngKKapi92F7yCyDZaz9rVkFR/1/323830343a353931633a3a2f33322d3438203d3e203238333730.roa
Signing time:             Thu 04 Apr 2024 01:32:05 +0000
ROA not before:           Thu 04 Apr 2024 01:27:05 +0000
ROA not after:            Thu 03 Apr 2025 01:32:05 +0000
asID:                     28370
IP address blocks:        2804:591c::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/HrgJEbRsQzZPQBBHdkzxngKKapi92F7yCyDZaz9rVkFR/1/32A915BA5A97568A877890D55DC289FFCB6FEE60.crl
                          rsync://rpki-repo.registro.br/repo/HrgJEbRsQzZPQBBHdkzxngKKapi92F7yCyDZaz9rVkFR/1/32A915BA5A97568A877890D55DC289FFCB6FEE60.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32A915BA5A97568A877890D55DC289FFCB6FEE60.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 23:11:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:9d:fb:05:27:a4:89:6c:06:66:d8:83:e5:a8:da:a5:44:4d:33:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32A915BA5A97568A877890D55DC289FFCB6FEE60
        Validity
            Not Before: Apr  4 01:27:05 2024 GMT
            Not After : Apr  3 01:32:05 2025 GMT
        Subject: CN=9C6E72E99864BD2D48872922C96F25961EB32FE0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:d8:98:1b:bc:5f:28:88:1c:15:98:a6:b5:28:
                    21:8a:8c:1a:5e:82:50:21:b3:2d:b8:c6:63:9a:cb:
                    c4:89:8e:90:53:56:94:ac:14:2c:86:83:b1:de:1d:
                    ad:0f:8a:8d:cd:1b:b4:d0:a6:c2:f4:64:74:47:42:
                    4a:1b:e5:b9:5d:77:c6:1d:13:c6:9b:72:c3:34:53:
                    52:37:ba:03:23:46:cc:b8:5a:29:96:9d:ec:dd:d9:
                    9b:67:dc:91:d9:4a:e6:ba:ea:e8:bd:df:ae:c0:f2:
                    73:ba:5e:52:9d:db:cf:5d:fb:0b:2c:d1:01:25:b4:
                    f0:74:6e:a6:27:a5:56:ae:83:af:3e:59:07:76:b9:
                    76:2a:e6:27:5d:e5:2f:85:b0:36:16:2f:19:ac:3b:
                    03:6e:fd:28:c2:83:9a:93:c0:e0:7a:77:48:85:29:
                    13:2d:a9:93:3e:b2:cf:3e:7c:e2:55:71:3f:9d:5e:
                    03:85:88:3c:4f:97:24:89:4f:5f:2a:cd:b3:e2:5d:
                    0b:5f:26:11:7f:2a:64:fb:28:ec:16:cc:d4:b3:b6:
                    23:06:1e:dd:e3:f1:ce:d1:2f:cd:07:9a:14:3f:f0:
                    5d:f2:29:ac:e1:df:41:97:4b:cc:3f:3e:33:35:dd:
                    b8:ed:de:b7:be:94:54:c5:ef:d1:5f:05:2e:29:e9:
                    76:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:6E:72:E9:98:64:BD:2D:48:87:29:22:C9:6F:25:96:1E:B3:2F:E0
            X509v3 Authority Key Identifier:
                keyid:32:A9:15:BA:5A:97:56:8A:87:78:90:D5:5D:C2:89:FF:CB:6F:EE:60

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/HrgJEbRsQzZPQBBHdkzxngKKapi92F7yCyDZaz9rVkFR/1/32A915BA5A97568A877890D55DC289FFCB6FEE60.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32A915BA5A97568A877890D55DC289FFCB6FEE60.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/HrgJEbRsQzZPQBBHdkzxngKKapi92F7yCyDZaz9rVkFR/1/323830343a353931633a3a2f33322d3438203d3e203238333730.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:591c::/32

    Signature Algorithm: sha256WithRSAEncryption
         81:e0:c7:9f:bf:ea:72:bb:35:65:fc:aa:2e:e3:3f:ba:f3:6f:
         d5:a0:98:72:ce:05:98:ff:56:a3:86:36:e8:d3:3e:1d:05:41:
         55:f0:5b:6f:83:5d:0e:8b:4b:3a:fd:63:61:09:5a:9e:5f:1c:
         2d:ec:49:6b:a0:ee:a6:52:91:a6:08:e5:a9:0b:15:86:e3:45:
         f0:7c:80:40:2b:d8:8d:88:b0:22:96:e8:4f:22:b3:01:69:24:
         ce:83:0d:19:a5:f5:7e:2c:8e:a7:86:f9:f1:ae:b9:82:aa:3f:
         98:2f:2a:b0:d3:d6:24:07:fe:d3:80:73:3c:64:4a:47:c7:d5:
         d4:fb:30:a4:35:fb:f2:84:2f:95:5e:ba:18:9c:4e:dd:48:7a:
         e5:c7:a3:86:3f:8b:2a:fe:05:02:07:0c:a7:28:3d:77:d7:8a:
         9b:b0:e3:a9:05:b8:03:61:af:e1:1e:d6:08:74:4d:50:72:d7:
         4b:3c:f6:c2:9d:4e:a5:09:f6:96:6e:88:f2:5e:43:6c:d3:e2:
         7e:4d:31:96:a5:42:c0:41:e2:02:22:6f:82:b4:ea:e3:55:d4:
         f9:e6:2a:0f:47:ee:8d:83:83:6a:dd:8e:a0:34:38:64:6a:e2:
         21:06:b9:8d:bb:d4:d2:7b:ce:2f:5a:d3:c4:84:5a:3b:67:1b:
         63:59:3c:cc
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgIUSJ37BSekiWwGZtiD5ajapURNM90wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzJBOTE1QkE1QTk3NTY4QTg3Nzg5MEQ1NURDMjg5RkZD
QjZGRUU2MDAeFw0yNDA0MDQwMTI3MDVaFw0yNTA0MDMwMTMyMDVaMDMxMTAvBgNV
BAMTKDlDNkU3MkU5OTg2NEJEMkQ0ODg3MjkyMkM5NkYyNTk2MUVCMzJGRTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDU2JgbvF8oiBwVmKa1KCGKjBpe
glAhsy24xmOay8SJjpBTVpSsFCyGg7HeHa0Pio3NG7TQpsL0ZHRHQkob5bldd8Yd
E8abcsM0U1I3ugMjRsy4WimWnezd2Ztn3JHZSua66ui9367A8nO6XlKd289d+wss
0QEltPB0bqYnpVaug68+WQd2uXYq5idd5S+FsDYWLxmsOwNu/SjCg5qTwOB6d0iF
KRMtqZM+ss8+fOJVcT+dXgOFiDxPlySJT18qzbPiXQtfJhF/KmT7KOwWzNSztiMG
Ht3j8c7RL80HmhQ/8F3yKazh30GXS8w/PjM13bjt3re+lFTF79FfBS4p6Xa7AgMB
AAGjggJOMIICSjAdBgNVHQ4EFgQUnG5y6ZhkvS1IhykiyW8llh6zL+AwHwYDVR0j
BBgwFoAUMqkVulqXVoqHeJDVXcKJ/8tv7mAwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vSHJnSkViUnNRelpQUUJCSGRrenhuZ0tLYXBpOTJGN3lDeURaYXo5clZr
RlIvMS8zMkE5MTVCQTVBOTc1NjhBODc3ODkwRDU1REMyODlGRkNCNkZFRTYwLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzMyQTkxNUJBNUE5NzU2OEE4
Nzc4OTBENTVEQzI4OUZGQ0I2RkVFNjAuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0hyZ0pFYlJzUXpaUFFCQkhka3p4bmdLS2FwaTkyRjd5Q3lEWmF6OXJWa0ZSLzEv
MzIzODMwMzQzYTM1MzkzMTYzM2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzIzODMz
MzczMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB
/wQRMA8wDQQCAAIwBwMFACgEWRwwDQYJKoZIhvcNAQELBQADggEBAIHgx5+/6nK7
NWX8qi7jP7rzb9WgmHLOBZj/VqOGNujTPh0FQVXwW2+DXQ6LSzr9Y2EJWp5fHC3s
SWug7qZSkaYI5akLFYbjRfB8gEAr2I2IsCKW6E8iswFpJM6DDRml9X4sjqeG+fGu
uYKqP5gvKrDT1iQH/tOAczxkSkfH1dT7MKQ1+/KEL5VeuhicTt1IeuXHo4Y/iyr+
BQIHDKcoPXfXipuw46kFuANhr+Ee1gh0TVBy10s89sKdTqUJ9pZuiPJeQ2zT4n5N
MZalQsBB4gIib4K06uNV1PnmKg9H7o2Dg2rdjqA0OGRq4iEGuY271NJ7zi9a08SE
WjtnG2NZPMw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:21:15 2024 by rpki-client on console-fra.rpki-client.org