Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/XWWV878AXX23G99pEXbrrnADvVAaxJMuKmoiUhDLxvH/0/3138392e31342e3139322e302f32302d3234203d3e203238333238.roa
File:                     3138392e31342e3139322e302f32302d3234203d3e203238333238.roa (raw, json)
Hash identifier:          TV1jghazx2121iDYpJeDyyr1eewJZG9MiY6dWs80sKA=
Subject key identifier:   9C:30:4B:32:A9:0D:F9:DE:79:3A:06:53:06:8A:4B:8F:DF:85:6B:B2
Certificate issuer:       /CN=5B2D2DF0A92DA3733DD7225515A63E3D6BF65785
Certificate serial:       5AAC824897A1C349C921E92250DD1668469E62A1
Authority key identifier: 5B:2D:2D:F0:A9:2D:A3:73:3D:D7:22:55:15:A6:3E:3D:6B:F6:57:85
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5B2D2DF0A92DA3733DD7225515A63E3D6BF65785.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/XWWV878AXX23G99pEXbrrnADvVAaxJMuKmoiUhDLxvH/0/3138392e31342e3139322e302f32302d3234203d3e203238333238.roa
Signing time:             Fri 26 Apr 2024 17:13:49 +0000
ROA not before:           Fri 26 Apr 2024 17:08:49 +0000
ROA not after:            Fri 25 Apr 2025 17:13:49 +0000
asID:                     28328
IP address blocks:        189.14.192.0/20 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/XWWV878AXX23G99pEXbrrnADvVAaxJMuKmoiUhDLxvH/0/5B2D2DF0A92DA3733DD7225515A63E3D6BF65785.crl
                          rsync://rpki-repo.registro.br/repo/XWWV878AXX23G99pEXbrrnADvVAaxJMuKmoiUhDLxvH/0/5B2D2DF0A92DA3733DD7225515A63E3D6BF65785.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5B2D2DF0A92DA3733DD7225515A63E3D6BF65785.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Jun 2024 22:29:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:ac:82:48:97:a1:c3:49:c9:21:e9:22:50:dd:16:68:46:9e:62:a1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5B2D2DF0A92DA3733DD7225515A63E3D6BF65785
        Validity
            Not Before: Apr 26 17:08:49 2024 GMT
            Not After : Apr 25 17:13:49 2025 GMT
        Subject: CN=9C304B32A90DF9DE793A0653068A4B8FDF856BB2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:99:38:15:b6:c0:5f:17:05:22:06:7a:f2:75:
                    3f:36:d8:09:97:50:91:a4:d5:7c:09:8c:00:34:db:
                    d6:fa:7c:90:a9:43:22:4d:8b:20:20:b5:37:9c:cd:
                    d8:14:c1:41:5c:0b:59:eb:56:de:a3:26:4b:35:b7:
                    3b:8a:81:d0:5d:3e:fd:04:c8:29:18:fd:0a:c7:27:
                    43:ca:94:7e:1f:d1:db:b8:cc:60:c7:3f:e6:9b:12:
                    62:13:a6:95:14:15:b9:e4:3c:8e:2b:e8:8c:72:48:
                    56:f4:a8:7b:a6:10:62:eb:ef:02:57:75:fc:e3:06:
                    2f:b2:a2:b2:7d:5e:dc:a8:32:68:12:e6:c7:fd:83:
                    c9:03:77:d5:25:74:57:e3:db:59:3f:9a:fb:e9:d2:
                    55:83:f0:ca:02:39:61:fc:72:37:aa:21:bc:fe:d1:
                    b9:ea:5b:db:df:7f:92:e6:a3:6d:be:8e:9e:3d:f3:
                    23:4a:9b:ef:c5:9a:9f:16:c6:00:4e:d4:3c:b5:7e:
                    21:34:75:8f:fb:22:47:51:55:76:7c:36:7d:2b:d9:
                    4c:12:5f:c8:1a:42:08:59:98:1e:4e:de:58:90:26:
                    49:e7:48:9e:81:64:95:d9:98:2a:06:e6:ff:d2:b5:
                    29:07:64:fe:d3:3e:b5:f7:b4:fb:d6:36:a0:a3:bd:
                    42:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:30:4B:32:A9:0D:F9:DE:79:3A:06:53:06:8A:4B:8F:DF:85:6B:B2
            X509v3 Authority Key Identifier:
                keyid:5B:2D:2D:F0:A9:2D:A3:73:3D:D7:22:55:15:A6:3E:3D:6B:F6:57:85

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/XWWV878AXX23G99pEXbrrnADvVAaxJMuKmoiUhDLxvH/0/5B2D2DF0A92DA3733DD7225515A63E3D6BF65785.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5B2D2DF0A92DA3733DD7225515A63E3D6BF65785.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/XWWV878AXX23G99pEXbrrnADvVAaxJMuKmoiUhDLxvH/0/3138392e31342e3139322e302f32302d3234203d3e203238333238.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  189.14.192.0/20

    Signature Algorithm: sha256WithRSAEncryption
         95:8f:54:a1:8f:18:73:5c:05:10:7a:4c:ae:9e:08:98:eb:27:
         7e:58:6c:6b:5f:d9:c9:89:ed:62:b8:4a:13:f2:04:cc:3e:be:
         71:68:24:e8:8d:54:b6:26:85:30:d1:ff:bc:4c:44:31:58:88:
         e1:52:89:45:6e:f0:d3:2a:b4:77:2b:29:d1:4d:c1:74:45:81:
         23:91:f7:2c:cb:f7:de:ab:f7:6c:b8:ea:e2:78:7f:b1:81:52:
         dd:57:9f:47:1c:c0:81:07:1d:aa:d0:87:f4:53:29:8e:67:15:
         ca:00:7f:1d:09:f0:24:89:81:72:57:68:46:16:d4:70:f3:7e:
         a0:8d:89:fa:88:f2:e2:42:85:0f:ee:4c:6a:da:81:31:f4:1f:
         22:58:8f:77:14:af:29:ce:58:b6:53:eb:a6:ce:9a:76:17:0d:
         97:97:a3:97:c2:12:10:38:51:6a:59:be:58:c1:4d:f4:10:93:
         f5:3c:d2:20:bd:77:af:ec:bb:3f:b4:f3:6b:07:8a:d6:5d:64:
         92:83:e0:92:a2:93:88:76:a0:d3:a8:fe:a9:9e:dc:28:8f:94:
         55:a3:aa:da:fa:4a:41:74:17:d8:84:e1:0e:89:32:52:77:99:
         15:3d:fa:65:c5:40:fb:e3:fe:8a:e4:33:df:b5:02:8d:d5:a2:
         44:db:b6:2a
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUWqyCSJehw0nJIekiUN0WaEaeYqEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNUIyRDJERjBBOTJEQTM3MzNERDcyMjU1MTVBNjNFM0Q2
QkY2NTc4NTAeFw0yNDA0MjYxNzA4NDlaFw0yNTA0MjUxNzEzNDlaMDMxMTAvBgNV
BAMTKDlDMzA0QjMyQTkwREY5REU3OTNBMDY1MzA2OEE0QjhGREY4NTZCQjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbmTgVtsBfFwUiBnrydT822AmX
UJGk1XwJjAA029b6fJCpQyJNiyAgtTeczdgUwUFcC1nrVt6jJks1tzuKgdBdPv0E
yCkY/QrHJ0PKlH4f0du4zGDHP+abEmITppUUFbnkPI4r6IxySFb0qHumEGLr7wJX
dfzjBi+yorJ9XtyoMmgS5sf9g8kDd9UldFfj21k/mvvp0lWD8MoCOWH8cjeqIbz+
0bnqW9vff5Lmo22+jp498yNKm+/Fmp8WxgBO1Dy1fiE0dY/7IkdRVXZ8Nn0r2UwS
X8gaQghZmB5O3liQJknnSJ6BZJXZmCoG5v/StSkHZP7TPrX3tPvWNqCjvUIDAgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQUnDBLMqkN+d55OgZTBopLj9+Fa7IwHwYDVR0j
BBgwFoAUWy0t8Kkto3M91yJVFaY+PWv2V4UwDgYDVR0PAQH/BAQDAgeAMIGSBgNV
HR8EgYowgYcwgYSggYGgf4Z9cnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIv
cmVwby9YV1dWODc4QVhYMjNHOTlwRVhicnJuQUR2VkFheEpNdUttb2lVaERMeHZI
LzAvNUIyRDJERjBBOTJEQTM3MzNERDcyMjU1MTVBNjNFM0Q2QkY2NTc4NS5jcmww
eAYIKwYBBQUHAQEEbDBqMGgGCCsGAQUFBzAChlxyc3luYzovL3Jwa2ktcmVwby5y
ZWdpc3Ryby5ici9yZXBvL25pY2JyX3JlcG8vMS81QjJEMkRGMEE5MkRBMzczM0RE
NzIyNTUxNUE2M0UzRDZCRjY1Nzg1LmNlcjCBqwYIKwYBBQUHAQsEgZ4wgZswgZgG
CCsGAQUFBzALhoGLcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby9Y
V1dWODc4QVhYMjNHOTlwRVhicnJuQUR2VkFheEpNdUttb2lVaERMeHZILzAvMzEz
ODM5MmUzMTM0MmUzMTM5MzIyZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMjM4MzMz
MjM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQEvQ7AMA0GCSqGSIb3DQEBCwUAA4IBAQCVj1ShjxhzXAUQ
ekyungiY6yd+WGxrX9nJie1iuEoT8gTMPr5xaCTojVS2JoUw0f+8TEQxWIjhUolF
bvDTKrR3KynRTcF0RYEjkfcsy/feq/dsuOrieH+xgVLdV59HHMCBBx2q0If0UymO
ZxXKAH8dCfAkiYFyV2hGFtRw836gjYn6iPLiQoUP7kxq2oEx9B8iWI93FK8pzli2
U+umzpp2Fw2Xl6OXwhIQOFFqWb5YwU30EJP1PNIgvXev7Ls/tPNrB4rWXWSSg+CS
opOIdqDTqP6pntwoj5RVo6ra+kpBdBfYhOEOiTJSd5kVPfplxUD74/6K5DPftQKN
1aJE27Yq
-----END CERTIFICATE-----
Generated at Mon Jun 17 22:40:34 2024 by rpki-client on console-fra.rpki-client.org