Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/XWWV878AXX23G99pEXbrrnADvVAaxJMuKmoiUhDLxvH/0/323830343a3637343a3130303a3a2f34302d3430203d3e203238333238.roa
File:                     323830343a3637343a3130303a3a2f34302d3430203d3e203238333238.roa (raw, json)
Hash identifier:          OpMPbs0rcZOZlbFNj595x3t52ExF1U+RW6hxCXV2ACE=
Subject key identifier:   F4:A2:ED:14:A3:5A:5A:E2:07:30:2C:73:CD:C1:3D:21:5D:B9:A3:78
Certificate issuer:       /CN=5B2D2DF0A92DA3733DD7225515A63E3D6BF65785
Certificate serial:       3B7E5E287AD20AB61C46460AA060239E096D02E5
Authority key identifier: 5B:2D:2D:F0:A9:2D:A3:73:3D:D7:22:55:15:A6:3E:3D:6B:F6:57:85
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5B2D2DF0A92DA3733DD7225515A63E3D6BF65785.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/XWWV878AXX23G99pEXbrrnADvVAaxJMuKmoiUhDLxvH/0/323830343a3637343a3130303a3a2f34302d3430203d3e203238333238.roa
Signing time:             Wed 24 Apr 2024 21:38:52 +0000
ROA not before:           Wed 24 Apr 2024 21:33:52 +0000
ROA not after:            Wed 23 Apr 2025 21:38:52 +0000
asID:                     28328
IP address blocks:        2804:674:100::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/XWWV878AXX23G99pEXbrrnADvVAaxJMuKmoiUhDLxvH/0/5B2D2DF0A92DA3733DD7225515A63E3D6BF65785.crl
                          rsync://rpki-repo.registro.br/repo/XWWV878AXX23G99pEXbrrnADvVAaxJMuKmoiUhDLxvH/0/5B2D2DF0A92DA3733DD7225515A63E3D6BF65785.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5B2D2DF0A92DA3733DD7225515A63E3D6BF65785.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 18 Jun 2024 22:29:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3b:7e:5e:28:7a:d2:0a:b6:1c:46:46:0a:a0:60:23:9e:09:6d:02:e5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5B2D2DF0A92DA3733DD7225515A63E3D6BF65785
        Validity
            Not Before: Apr 24 21:33:52 2024 GMT
            Not After : Apr 23 21:38:52 2025 GMT
        Subject: CN=F4A2ED14A35A5AE207302C73CDC13D215DB9A378
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:f1:69:9e:8c:20:7a:21:d3:32:65:ce:62:b1:
                    b1:08:8f:2a:ff:35:ae:16:96:43:3b:ef:cb:57:b8:
                    2a:2f:58:cc:17:a4:20:42:26:0f:dd:ee:cd:56:f3:
                    bd:6b:ca:5e:c2:b3:3f:8f:a5:59:8e:49:1b:17:ea:
                    ef:31:ae:1d:de:46:46:71:ed:68:a5:ed:66:90:95:
                    80:18:df:57:cf:7f:89:c7:04:3f:e5:b3:e3:61:f6:
                    fb:48:85:b6:2f:45:fb:79:3a:a2:76:5f:d9:ba:fe:
                    d2:2e:23:6a:57:82:cb:95:7f:15:89:2d:00:a3:c5:
                    46:16:82:4f:17:9e:06:39:ca:ca:54:59:1f:14:d1:
                    a7:ce:86:0a:c3:13:94:44:d1:8e:51:fe:38:3d:7c:
                    8c:2c:f8:17:96:25:fa:e5:8e:bb:b0:de:d1:46:25:
                    4d:36:9c:93:af:7b:85:e2:02:0a:f7:5b:b9:f2:9e:
                    dd:28:3d:86:d6:02:1c:95:28:f1:67:dc:5a:e5:8e:
                    e3:49:5b:cd:a9:e9:ae:0d:fd:68:03:4c:fd:5b:97:
                    94:2f:7a:b4:d3:a8:2f:a0:f8:bb:98:c0:a7:74:a5:
                    c3:f6:e2:d3:7a:19:f7:50:76:2d:1d:7f:9d:8e:48:
                    69:36:e9:81:c9:02:a1:56:df:d0:7a:be:d2:07:24:
                    9b:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:A2:ED:14:A3:5A:5A:E2:07:30:2C:73:CD:C1:3D:21:5D:B9:A3:78
            X509v3 Authority Key Identifier:
                keyid:5B:2D:2D:F0:A9:2D:A3:73:3D:D7:22:55:15:A6:3E:3D:6B:F6:57:85

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/XWWV878AXX23G99pEXbrrnADvVAaxJMuKmoiUhDLxvH/0/5B2D2DF0A92DA3733DD7225515A63E3D6BF65785.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5B2D2DF0A92DA3733DD7225515A63E3D6BF65785.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/XWWV878AXX23G99pEXbrrnADvVAaxJMuKmoiUhDLxvH/0/323830343a3637343a3130303a3a2f34302d3430203d3e203238333238.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:674:100::/40

    Signature Algorithm: sha256WithRSAEncryption
         01:15:db:54:88:9d:53:38:31:56:21:0a:34:5d:1d:9e:2e:7b:
         83:d5:64:41:6e:23:c6:15:ca:8b:a9:27:3f:03:4e:7c:6e:e9:
         9c:c3:80:88:9a:cb:41:eb:11:fc:16:ac:c2:9f:54:4a:1b:40:
         a8:10:b1:f4:ba:82:4e:f3:cb:28:4e:7d:5d:4c:90:b3:1b:c5:
         f7:12:2e:05:00:be:b6:df:8c:c5:c6:33:70:ce:be:48:3e:3f:
         25:ed:8d:6f:12:83:c1:7f:ba:2c:18:ce:d7:7e:54:18:ed:37:
         e3:a9:c9:2d:30:07:79:de:c0:b4:43:43:19:9c:33:11:02:3a:
         ce:a8:5e:a3:32:d0:4b:88:32:99:e1:43:c0:2e:31:76:54:c0:
         7f:1d:3c:59:7e:33:19:66:d5:0e:a2:9c:40:cb:4e:4b:fe:5c:
         54:4e:c6:e5:98:a8:dc:e1:5f:ee:b0:27:11:83:03:ac:43:f7:
         77:99:15:9b:97:74:3d:1e:fb:8d:4e:41:bc:ea:4b:a8:f0:8f:
         61:8c:0b:38:e9:fb:68:b1:30:fa:e3:cd:60:fb:bb:af:ff:d1:
         bf:ec:27:10:c1:66:8e:a0:34:c3:f0:d4:94:0b:66:90:48:16:
         a4:d8:03:f4:11:ae:58:c3:da:4a:60:28:5c:21:3b:32:5f:6d:
         60:bd:cd:c0
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIUO35eKHrSCrYcRkYKoGAjngltAuUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNUIyRDJERjBBOTJEQTM3MzNERDcyMjU1MTVBNjNFM0Q2
QkY2NTc4NTAeFw0yNDA0MjQyMTMzNTJaFw0yNTA0MjMyMTM4NTJaMDMxMTAvBgNV
BAMTKEY0QTJFRDE0QTM1QTVBRTIwNzMwMkM3M0NEQzEzRDIxNURCOUEzNzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDz8WmejCB6IdMyZc5isbEIjyr/
Na4WlkM778tXuCovWMwXpCBCJg/d7s1W871ryl7Csz+PpVmOSRsX6u8xrh3eRkZx
7Wil7WaQlYAY31fPf4nHBD/ls+Nh9vtIhbYvRft5OqJ2X9m6/tIuI2pXgsuVfxWJ
LQCjxUYWgk8XngY5yspUWR8U0afOhgrDE5RE0Y5R/jg9fIws+BeWJfrljruw3tFG
JU02nJOve4XiAgr3W7nynt0oPYbWAhyVKPFn3FrljuNJW82p6a4N/WgDTP1bl5Qv
erTTqC+g+LuYwKd0pcP24tN6GfdQdi0df52OSGk26YHJAqFW39B6vtIHJJubAgMB
AAGjggJSMIICTjAdBgNVHQ4EFgQU9KLtFKNaWuIHMCxzzcE9IV25o3gwHwYDVR0j
BBgwFoAUWy0t8Kkto3M91yJVFaY+PWv2V4UwDgYDVR0PAQH/BAQDAgeAMIGSBgNV
HR8EgYowgYcwgYSggYGgf4Z9cnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIv
cmVwby9YV1dWODc4QVhYMjNHOTlwRVhicnJuQUR2VkFheEpNdUttb2lVaERMeHZI
LzAvNUIyRDJERjBBOTJEQTM3MzNERDcyMjU1MTVBNjNFM0Q2QkY2NTc4NS5jcmww
eAYIKwYBBQUHAQEEbDBqMGgGCCsGAQUFBzAChlxyc3luYzovL3Jwa2ktcmVwby5y
ZWdpc3Ryby5ici9yZXBvL25pY2JyX3JlcG8vMS81QjJEMkRGMEE5MkRBMzczM0RE
NzIyNTUxNUE2M0UzRDZCRjY1Nzg1LmNlcjCBrwYIKwYBBQUHAQsEgaIwgZ8wgZwG
CCsGAQUFBzALhoGPcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby9Y
V1dWODc4QVhYMjNHOTlwRVhicnJuQUR2VkFheEpNdUttb2lVaERMeHZILzAvMzIz
ODMwMzQzYTM2MzczNDNhMzEzMDMwM2EzYTJmMzQzMDJkMzQzMDIwM2QzZTIwMzIz
ODMzMzIzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcB
BwEB/wQSMBAwDgQCAAIwCAMGACgEBnQBMA0GCSqGSIb3DQEBCwUAA4IBAQABFdtU
iJ1TODFWIQo0XR2eLnuD1WRBbiPGFcqLqSc/A058bumcw4CImstB6xH8FqzCn1RK
G0CoELH0uoJO88soTn1dTJCzG8X3Ei4FAL6234zFxjNwzr5IPj8l7Y1vEoPBf7os
GM7XflQY7TfjqcktMAd53sC0Q0MZnDMRAjrOqF6jMtBLiDKZ4UPALjF2VMB/HTxZ
fjMZZtUOopxAy05L/lxUTsblmKjc4V/usCcRgwOsQ/d3mRWbl3Q9HvuNTkG86kuo
8I9hjAs46ftosTD6481g+7uv/9G/7CcQwWaOoDTD8NSUC2aQSBak2AP0Ea5Yw9pK
YChcITsyX21gvc3A
-----END CERTIFICATE-----
Generated at Mon Jun 17 21:25:26 2024 by rpki-client on console-ams.rpki-client.org