Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/ArT8vrDjqy4bWaMCtFP24CFU5hMzWhHRkjvgxZyQBQkp/0/3136382e3232382e3136382e302f32342d3234203d3e20323632363131.roa
File:                     3136382e3232382e3136382e302f32342d3234203d3e20323632363131.roa (raw, json)
Hash identifier:          VWZg8bSjMAXzc8S3kSM/enqqJJFgk0QlXZ3lMyPDBkY=
Subject key identifier:   6F:FF:C9:6E:0D:D5:61:7D:9A:3F:DA:C8:1D:3A:4B:B3:42:09:01:72
Certificate issuer:       /CN=D2B24673AF94F6E8A7171887B60BF4EBE9D15E73
Certificate serial:       2B47CC501088C5063BA1A8239EA903997A1958BE
Authority key identifier: D2:B2:46:73:AF:94:F6:E8:A7:17:18:87:B6:0B:F4:EB:E9:D1:5E:73
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D2B24673AF94F6E8A7171887B60BF4EBE9D15E73.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/ArT8vrDjqy4bWaMCtFP24CFU5hMzWhHRkjvgxZyQBQkp/0/3136382e3232382e3136382e302f32342d3234203d3e20323632363131.roa
Signing time:             Wed 19 Mar 2025 14:30:13 +0000
ROA not before:           Wed 19 Mar 2025 14:25:13 +0000
ROA not after:            Wed 18 Mar 2026 14:30:13 +0000
asID:                     262611
IP address blocks:        168.228.168.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/ArT8vrDjqy4bWaMCtFP24CFU5hMzWhHRkjvgxZyQBQkp/0/D2B24673AF94F6E8A7171887B60BF4EBE9D15E73.crl
                          rsync://rpki-repo.registro.br/repo/ArT8vrDjqy4bWaMCtFP24CFU5hMzWhHRkjvgxZyQBQkp/0/D2B24673AF94F6E8A7171887B60BF4EBE9D15E73.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D2B24673AF94F6E8A7171887B60BF4EBE9D15E73.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 28 Apr 2025 04:53:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:47:cc:50:10:88:c5:06:3b:a1:a8:23:9e:a9:03:99:7a:19:58:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2B24673AF94F6E8A7171887B60BF4EBE9D15E73
        Validity
            Not Before: Mar 19 14:25:13 2025 GMT
            Not After : Mar 18 14:30:13 2026 GMT
        Subject: CN=6FFFC96E0DD5617D9A3FDAC81D3A4BB342090172
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:5e:79:1f:70:90:90:12:7e:2b:19:64:37:4a:
                    92:a4:e9:cd:75:5f:0e:09:ca:b7:0e:97:6b:c4:fb:
                    0f:6c:47:61:ef:16:7a:73:7a:ce:7e:d4:87:a3:32:
                    4e:35:eb:3a:ab:c2:24:fe:3a:a6:3a:0a:a3:b7:83:
                    5e:4a:11:10:54:40:88:f4:52:cc:8e:94:df:51:51:
                    78:b8:c8:92:ba:e1:7e:34:57:e9:7a:94:9a:de:f3:
                    b1:88:2a:e9:84:fb:1f:8f:bd:93:2a:5a:e8:c9:06:
                    50:78:99:7f:76:33:1a:41:01:6b:73:1d:f8:06:b5:
                    41:6e:92:a3:92:00:cd:d5:6f:d2:22:58:67:fa:f0:
                    97:d7:26:33:c3:1f:ad:a7:11:78:44:23:7f:18:79:
                    32:15:6b:fe:a1:91:95:22:3b:b4:01:57:89:52:79:
                    1a:dc:57:78:a4:c0:ec:c7:dc:f8:45:f0:82:aa:1b:
                    c6:75:db:b0:d4:e9:5c:65:95:89:d7:e9:ad:d8:b7:
                    40:bb:77:f7:90:3b:a0:80:a3:6b:59:3d:ef:6d:95:
                    95:2e:7a:d2:cf:ee:27:e1:32:aa:37:82:7c:8f:ae:
                    e6:da:53:a1:bb:de:dc:e0:aa:be:58:bb:b7:69:3b:
                    75:51:88:ff:c2:b3:d3:f5:96:a1:a5:7d:b9:2f:54:
                    cd:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:FF:C9:6E:0D:D5:61:7D:9A:3F:DA:C8:1D:3A:4B:B3:42:09:01:72
            X509v3 Authority Key Identifier:
                keyid:D2:B2:46:73:AF:94:F6:E8:A7:17:18:87:B6:0B:F4:EB:E9:D1:5E:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/ArT8vrDjqy4bWaMCtFP24CFU5hMzWhHRkjvgxZyQBQkp/0/D2B24673AF94F6E8A7171887B60BF4EBE9D15E73.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D2B24673AF94F6E8A7171887B60BF4EBE9D15E73.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/ArT8vrDjqy4bWaMCtFP24CFU5hMzWhHRkjvgxZyQBQkp/0/3136382e3232382e3136382e302f32342d3234203d3e20323632363131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.228.168.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:d3:19:59:06:e4:95:73:fa:b1:bd:c1:f0:5f:7f:66:2c:4e:
         7a:e8:81:7d:e0:3e:1f:13:e9:fd:67:f1:0e:0b:6b:e3:e8:36:
         27:f2:3f:0d:8a:1b:14:74:03:ea:f3:1a:cc:ad:85:2c:09:09:
         f7:64:57:8e:e3:94:ca:f0:80:c3:86:fa:63:54:e7:71:38:27:
         55:d4:86:35:66:04:a8:39:cf:6f:cf:38:48:8a:a5:5f:35:35:
         d1:33:22:3f:7f:64:65:0d:0e:f9:aa:d4:71:68:de:a8:f5:91:
         c6:d5:9a:a3:33:0c:05:fe:03:2e:7e:ec:4c:1e:f8:cc:2a:28:
         74:09:3a:bc:64:c6:f5:01:76:ff:0c:8d:ac:55:82:82:e6:f8:
         6d:33:40:49:35:ec:b4:72:f0:e7:78:11:a1:35:f2:10:ae:ce:
         d7:b6:cc:be:d8:cb:93:85:2e:e2:a3:18:05:29:b8:02:41:ba:
         46:61:59:c6:72:a0:57:a4:55:94:0b:6c:b3:e6:06:d6:fd:ce:
         f1:f3:1b:ff:c0:c4:7c:65:4b:d1:8d:1b:ca:50:5a:aa:7e:47:
         cb:38:c2:07:db:ab:46:f1:41:78:30:3c:8f:bf:e0:22:27:06:
         4b:32:18:a6:2c:c3:5d:e0:f7:4e:31:31:26:a8:ec:12:cb:98:
         e6:f1:69:d5
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUK0fMUBCIxQY7oagjnqkDmXoZWL4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDJCMjQ2NzNBRjk0RjZFOEE3MTcxODg3QjYwQkY0RUJF
OUQxNUU3MzAeFw0yNTAzMTkxNDI1MTNaFw0yNjAzMTgxNDMwMTNaMDMxMTAvBgNV
BAMTKDZGRkZDOTZFMERENTYxN0Q5QTNGREFDODFEM0E0QkIzNDIwOTAxNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeXnkfcJCQEn4rGWQ3SpKk6c11
Xw4JyrcOl2vE+w9sR2HvFnpzes5+1IejMk416zqrwiT+OqY6CqO3g15KERBUQIj0
UsyOlN9RUXi4yJK64X40V+l6lJre87GIKumE+x+PvZMqWujJBlB4mX92MxpBAWtz
HfgGtUFukqOSAM3Vb9IiWGf68JfXJjPDH62nEXhEI38YeTIVa/6hkZUiO7QBV4lS
eRrcV3ikwOzH3PhF8IKqG8Z127DU6VxllYnX6a3Yt0C7d/eQO6CAo2tZPe9tlZUu
etLP7ifhMqo3gnyPrubaU6G73tzgqr5Yu7dpO3VRiP/Cs9P1lqGlfbkvVM1rAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUb//Jbg3VYX2aP9rIHTpLs0IJAXIwHwYDVR0j
BBgwFoAU0rJGc6+U9uinFxiHtgv06+nRXnMwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQXJUOHZyRGpxeTRiV2FNQ3RGUDI0Q0ZVNWhNeldoSFJranZneFp5UUJR
a3AvMC9EMkIyNDY3M0FGOTRGNkU4QTcxNzE4ODdCNjBCRjRFQkU5RDE1RTczLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0QyQjI0NjczQUY5NEY2RThB
NzE3MTg4N0I2MEJGNEVCRTlEMTVFNzMuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0FyVDh2ckRqcXk0YldhTUN0RlAyNENGVTVoTXpXaEhSa2p2Z3haeVFCUWtwLzAv
MzEzNjM4MmUzMjMyMzgyZTMxMzYzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMy
MzYzMjM2MzEzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAKjkqDANBgkqhkiG9w0BAQsFAAOCAQEAN9MZ
WQbklXP6sb3B8F9/ZixOeuiBfeA+HxPp/WfxDgtr4+g2J/I/DYobFHQD6vMazK2F
LAkJ92RXjuOUyvCAw4b6Y1TncTgnVdSGNWYEqDnPb884SIqlXzU10TMiP39kZQ0O
+arUcWjeqPWRxtWaozMMBf4DLn7sTB74zCoodAk6vGTG9QF2/wyNrFWCgub4bTNA
STXstHLw53gRoTXyEK7O17bMvtjLk4Uu4qMYBSm4AkG6RmFZxnKgV6RVlAtss+YG
1v3O8fMb/8DEfGVL0Y0bylBaqn5HyzjCB9urRvFBeDA8j7/gIicGSzIYpizDXeD3
TjExJqjsEsuY5vFp1Q==
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:34:00 2025 by rpki-client on console.sobornost.net