Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2pEeBi3Dx4fRqNbFbbPW45SsqCCBMSM7fBkyGQNHCy3z/0/3137372e3132382e3139302e302f32342d3234203d3e203238353837.roa
File:                     3137372e3132382e3139302e302f32342d3234203d3e203238353837.roa (raw, json)
Hash identifier:          bj4PCvQhOszV6qWX97PmttPEzjqFvP+vOtNUKwmAn7g=
Subject key identifier:   A1:4F:36:E7:9A:59:CB:36:01:D0:68:6B:3B:8C:CF:5F:07:4E:F8:E5
Certificate issuer:       /CN=2288FF0341950A63A6215C01F2FF9D9291FEB946
Certificate serial:       065162E9AD78831B66BD8A1219EBAB2336F44D9B
Authority key identifier: 22:88:FF:03:41:95:0A:63:A6:21:5C:01:F2:FF:9D:92:91:FE:B9:46
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/2288FF0341950A63A6215C01F2FF9D9291FEB946.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2pEeBi3Dx4fRqNbFbbPW45SsqCCBMSM7fBkyGQNHCy3z/0/3137372e3132382e3139302e302f32342d3234203d3e203238353837.roa
Signing time:             Mon 01 Jul 2024 18:03:40 +0000
ROA not before:           Mon 01 Jul 2024 17:58:40 +0000
ROA not after:            Mon 30 Jun 2025 18:03:40 +0000
asID:                     28587
IP address blocks:        177.128.190.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/2pEeBi3Dx4fRqNbFbbPW45SsqCCBMSM7fBkyGQNHCy3z/0/2288FF0341950A63A6215C01F2FF9D9291FEB946.crl
                          rsync://rpki-repo.registro.br/repo/2pEeBi3Dx4fRqNbFbbPW45SsqCCBMSM7fBkyGQNHCy3z/0/2288FF0341950A63A6215C01F2FF9D9291FEB946.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/2288FF0341950A63A6215C01F2FF9D9291FEB946.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 15 Jul 2024 00:47:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:51:62:e9:ad:78:83:1b:66:bd:8a:12:19:eb:ab:23:36:f4:4d:9b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2288FF0341950A63A6215C01F2FF9D9291FEB946
        Validity
            Not Before: Jul  1 17:58:40 2024 GMT
            Not After : Jun 30 18:03:40 2025 GMT
        Subject: CN=A14F36E79A59CB3601D0686B3B8CCF5F074EF8E5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:a8:0d:e1:c9:fd:49:14:65:5f:87:88:bd:95:
                    fd:68:07:50:56:a4:30:06:21:1d:bf:08:97:5a:9f:
                    23:d2:69:16:a2:0c:7e:1c:9b:5e:3d:bd:d5:b2:6e:
                    40:85:5b:1a:8d:50:b3:c9:28:f2:86:24:71:c9:c6:
                    c3:e2:ae:c8:55:91:36:8a:c6:f4:56:02:b3:a6:fc:
                    a4:fe:0b:b5:8a:15:be:06:e5:54:90:7f:f7:f3:06:
                    4c:ff:cb:ea:fe:04:c6:14:b4:aa:d5:0b:83:17:bf:
                    30:b1:8d:bc:78:92:2b:be:e8:1e:f7:cc:51:01:3c:
                    2b:12:86:fc:26:56:b8:91:de:6b:f7:86:ff:a7:8d:
                    c3:72:f4:41:10:ea:0a:30:65:fb:4c:a0:c1:9c:96:
                    da:1a:ec:d3:38:c4:a8:b8:ee:70:5c:fd:c5:bf:d2:
                    7e:4a:9f:f4:0c:e8:e5:a6:e7:dc:2a:9a:9a:6c:c3:
                    4b:dd:bc:0f:17:6d:2e:14:ff:ce:a5:fb:a7:95:77:
                    4d:3a:fa:d3:5a:f3:37:9f:80:7c:02:63:35:22:d0:
                    5f:d0:3b:43:b3:12:a7:cc:b2:1c:e1:95:a8:48:db:
                    b1:db:02:c4:77:87:b1:88:2a:c9:c8:75:d0:3a:bb:
                    5f:f9:ed:f2:b5:2d:d9:8e:cd:8a:e6:3f:0f:0b:30:
                    b0:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:4F:36:E7:9A:59:CB:36:01:D0:68:6B:3B:8C:CF:5F:07:4E:F8:E5
            X509v3 Authority Key Identifier:
                keyid:22:88:FF:03:41:95:0A:63:A6:21:5C:01:F2:FF:9D:92:91:FE:B9:46

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2pEeBi3Dx4fRqNbFbbPW45SsqCCBMSM7fBkyGQNHCy3z/0/2288FF0341950A63A6215C01F2FF9D9291FEB946.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/2288FF0341950A63A6215C01F2FF9D9291FEB946.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2pEeBi3Dx4fRqNbFbbPW45SsqCCBMSM7fBkyGQNHCy3z/0/3137372e3132382e3139302e302f32342d3234203d3e203238353837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.128.190.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5c:54:8b:96:6e:69:c5:78:8f:aa:34:5b:1b:b4:47:1a:52:cf:
         45:10:2a:36:bc:2e:ef:8d:05:09:6d:cb:f6:1b:93:5e:37:05:
         98:02:99:14:6c:6d:54:c2:d9:72:ec:01:fe:1e:0b:36:af:f2:
         1c:4c:d2:c9:50:92:e4:d4:e8:d1:7e:0e:c8:cf:82:08:a4:1f:
         50:b7:19:a9:1e:9a:7b:da:2b:85:bc:da:9d:05:3e:72:1b:68:
         9e:14:5d:d0:d0:2f:4f:5d:c4:c5:06:d9:9c:d6:24:11:95:1d:
         85:d5:71:33:0b:ad:92:a7:13:fb:d8:50:d5:79:f7:61:5b:c9:
         d5:7e:1c:40:54:cd:9b:8e:0e:6f:54:18:26:65:1a:ae:e1:24:
         57:0f:19:5d:a9:88:37:3f:88:c7:2b:39:1d:b6:16:b9:5a:6d:
         df:a2:ab:5e:cf:be:0a:a6:f9:ce:ff:e2:47:ca:18:b5:c9:42:
         59:d4:93:ca:cb:0f:21:51:7e:6e:4d:08:26:d9:cd:20:6c:81:
         5f:23:b3:c2:17:de:77:a3:d4:8d:68:b5:32:cb:1b:96:e0:23:
         03:b5:9a:e4:62:e3:7e:83:48:4f:01:aa:ad:57:42:49:15:9e:
         75:53:6e:f6:20:b5:6d:47:d4:67:52:bd:39:6e:99:55:ee:d2:
         11:67:53:d2
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUBlFi6a14gxtmvYoSGeurIzb0TZswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjI4OEZGMDM0MTk1MEE2M0E2MjE1QzAxRjJGRjlEOTI5
MUZFQjk0NjAeFw0yNDA3MDExNzU4NDBaFw0yNTA2MzAxODAzNDBaMDMxMTAvBgNV
BAMTKEExNEYzNkU3OUE1OUNCMzYwMUQwNjg2QjNCOENDRjVGMDc0RUY4RTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+qA3hyf1JFGVfh4i9lf1oB1BW
pDAGIR2/CJdanyPSaRaiDH4cm149vdWybkCFWxqNULPJKPKGJHHJxsPirshVkTaK
xvRWArOm/KT+C7WKFb4G5VSQf/fzBkz/y+r+BMYUtKrVC4MXvzCxjbx4kiu+6B73
zFEBPCsShvwmVriR3mv3hv+njcNy9EEQ6gowZftMoMGcltoa7NM4xKi47nBc/cW/
0n5Kn/QM6OWm59wqmppsw0vdvA8XbS4U/86l+6eVd006+tNa8zefgHwCYzUi0F/Q
O0OzEqfMshzhlahI27HbAsR3h7GIKsnIddA6u1/57fK1LdmOzYrmPw8LMLALAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUoU8255pZyzYB0GhrO4zPXwdO+OUwHwYDVR0j
BBgwFoAUIoj/A0GVCmOmIVwB8v+dkpH+uUYwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMnBFZUJpM0R4NGZScU5iRmJiUFc0NVNzcUNDQk1TTTdmQmt5R1FOSEN5
M3ovMC8yMjg4RkYwMzQxOTUwQTYzQTYyMTVDMDFGMkZGOUQ5MjkxRkVCOTQ2LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzIyODhGRjAzNDE5NTBBNjNB
NjIxNUMwMUYyRkY5RDkyOTFGRUI5NDYuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJwRWVCaTNEeDRmUnFOYkZiYlBXNDVTc3FDQ0JNU003ZkJreUdRTkhDeTN6LzAv
MzEzNzM3MmUzMTMyMzgyZTMxMzkzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMy
MzgzNTM4Mzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBACxgL4wDQYJKoZIhvcNAQELBQADggEBAFxUi5Zu
acV4j6o0Wxu0RxpSz0UQKja8Lu+NBQlty/Ybk143BZgCmRRsbVTC2XLsAf4eCzav
8hxM0slQkuTU6NF+DsjPggikH1C3GakemnvaK4W82p0FPnIbaJ4UXdDQL09dxMUG
2ZzWJBGVHYXVcTMLrZKnE/vYUNV592FbydV+HEBUzZuODm9UGCZlGq7hJFcPGV2p
iDc/iMcrOR22Frlabd+iq17Pvgqm+c7/4kfKGLXJQlnUk8rLDyFRfm5NCCbZzSBs
gV8js8IX3nej1I1otTLLG5bgIwO1muRi436DSE8Bqq1XQkkVnnVTbvYgtW1H1GdS
vTlumVXu0hFnU9I=
-----END CERTIFICATE-----
Generated at Sun Jul 14 07:52:07 2024 by rpki-client on console.sobornost.net