Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/3h976ZbRYcTTieSueVCACFLGDmREDD3CxhjCHQTLeQXw/0/34352e3232342e3130382e302f32322d3234203d3e20323636393131.roa
File:                     34352e3232342e3130382e302f32322d3234203d3e20323636393131.roa (raw, json)
Hash identifier:          Y4uaCalFDYJeMlhnElq3+KKXmmxI32b7osNH5I7SdOE=
Subject key identifier:   3B:24:5F:FD:E0:78:01:CD:2A:1A:85:6D:7F:C1:3B:0E:DC:8E:66:DA
Certificate issuer:       /CN=8174C9AD000FD5B5D370A3A331707606802570C2
Certificate serial:       6B6683568546D8E335D2AD4617B3D944EB0A8EF5
Authority key identifier: 81:74:C9:AD:00:0F:D5:B5:D3:70:A3:A3:31:70:76:06:80:25:70:C2
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8174C9AD000FD5B5D370A3A331707606802570C2.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/3h976ZbRYcTTieSueVCACFLGDmREDD3CxhjCHQTLeQXw/0/34352e3232342e3130382e302f32322d3234203d3e20323636393131.roa
Signing time:             Fri 30 May 2025 16:14:56 +0000
ROA not before:           Fri 30 May 2025 16:09:56 +0000
ROA not after:            Fri 29 May 2026 16:14:56 +0000
asID:                     266911
IP address blocks:        45.224.108.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/3h976ZbRYcTTieSueVCACFLGDmREDD3CxhjCHQTLeQXw/0/8174C9AD000FD5B5D370A3A331707606802570C2.crl
                          rsync://rpki-repo.registro.br/repo/3h976ZbRYcTTieSueVCACFLGDmREDD3CxhjCHQTLeQXw/0/8174C9AD000FD5B5D370A3A331707606802570C2.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8174C9AD000FD5B5D370A3A331707606802570C2.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 13:27:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:66:83:56:85:46:d8:e3:35:d2:ad:46:17:b3:d9:44:eb:0a:8e:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8174C9AD000FD5B5D370A3A331707606802570C2
        Validity
            Not Before: May 30 16:09:56 2025 GMT
            Not After : May 29 16:14:56 2026 GMT
        Subject: CN=3B245FFDE07801CD2A1A856D7FC13B0EDC8E66DA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:a3:34:c9:85:2a:a5:c2:62:5e:6e:26:f0:e7:
                    f1:0e:82:75:c0:06:72:66:b2:ac:06:91:e0:22:14:
                    6d:ba:d1:ab:45:10:b3:a8:98:f9:e1:06:2b:d9:1f:
                    a3:61:10:cc:70:a3:eb:49:f2:f0:0e:cd:9f:ea:6a:
                    37:d0:84:ec:b0:82:26:3a:4a:b2:aa:6f:37:5d:eb:
                    50:b4:72:d5:8e:4d:c9:ce:11:1a:42:b4:9e:14:ef:
                    30:eb:c9:94:15:f0:74:b3:96:20:c7:55:e7:8a:1a:
                    55:60:bc:70:cf:d2:1f:cc:17:a2:bc:e5:22:cc:c2:
                    68:f6:e5:e2:c0:fd:81:38:24:8b:6e:a0:2c:ce:26:
                    9c:68:8b:ab:d4:2b:ae:76:7c:ec:5c:38:66:44:ba:
                    6f:83:fe:5f:67:d2:86:f7:ce:40:17:03:0c:6a:e0:
                    bb:09:38:c6:74:46:a3:34:c5:84:98:7c:ee:cc:c1:
                    ca:8e:44:7c:0c:57:b3:67:d1:8a:e3:81:05:63:24:
                    83:e6:89:61:39:97:a6:8d:9e:37:84:b7:d8:d2:03:
                    5f:05:a6:6b:e9:76:e3:4b:99:91:31:73:04:3c:13:
                    85:30:ac:ac:87:05:2a:10:be:2a:8e:54:8b:9c:51:
                    08:8e:a9:9a:a5:e0:50:30:4d:a7:33:f8:a9:b3:ad:
                    bd:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3B:24:5F:FD:E0:78:01:CD:2A:1A:85:6D:7F:C1:3B:0E:DC:8E:66:DA
            X509v3 Authority Key Identifier:
                keyid:81:74:C9:AD:00:0F:D5:B5:D3:70:A3:A3:31:70:76:06:80:25:70:C2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/3h976ZbRYcTTieSueVCACFLGDmREDD3CxhjCHQTLeQXw/0/8174C9AD000FD5B5D370A3A331707606802570C2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8174C9AD000FD5B5D370A3A331707606802570C2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/3h976ZbRYcTTieSueVCACFLGDmREDD3CxhjCHQTLeQXw/0/34352e3232342e3130382e302f32322d3234203d3e20323636393131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.224.108.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0c:f3:af:b1:ee:a8:5b:4f:02:5e:3a:ed:91:dd:5f:a9:00:1a:
         4f:ce:03:8c:9c:a5:eb:ab:27:fb:01:35:ab:01:fe:23:42:ab:
         25:83:2c:a3:58:66:80:bf:4a:5f:e6:45:86:cc:b5:bf:e7:bc:
         f5:cc:4f:a2:c4:2c:06:0f:4b:f7:52:28:d6:7a:2d:a9:e5:0a:
         cc:d9:67:5c:87:1d:11:3e:c4:56:35:2b:23:e6:9d:86:24:4d:
         90:f3:de:5a:1b:0c:b0:d8:07:28:ae:61:0a:83:14:66:d0:73:
         42:fd:80:c1:eb:af:e0:23:9f:c7:2e:21:a7:8d:ce:68:ad:5e:
         ea:4f:6b:55:f1:79:fd:dd:03:9d:0c:77:ea:a7:ba:e9:f2:2c:
         32:62:10:66:bf:42:a3:29:29:cb:b8:e4:0b:53:bb:a9:3d:77:
         1a:55:4a:a9:72:56:b8:0a:c2:34:00:7e:82:a3:d3:6d:45:1b:
         80:8d:64:8a:6e:82:1b:00:a4:ea:fa:b9:1c:d2:82:a8:7d:7f:
         ea:61:df:f4:ff:36:0b:8c:d2:d1:d1:b8:8e:1c:95:95:68:1c:
         45:b1:2a:d7:8b:e2:ab:f7:7b:6c:c3:e8:d5:39:0c:ba:2a:09:
         48:9b:ce:04:1d:d8:aa:da:b2:cc:2a:8d:15:d2:10:f4:9b:05:
         84:b5:a5:24
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUa2aDVoVG2OM10q1GF7PZROsKjvUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODE3NEM5QUQwMDBGRDVCNUQzNzBBM0EzMzE3MDc2MDY4
MDI1NzBDMjAeFw0yNTA1MzAxNjA5NTZaFw0yNjA1MjkxNjE0NTZaMDMxMTAvBgNV
BAMTKDNCMjQ1RkZERTA3ODAxQ0QyQTFBODU2RDdGQzEzQjBFREM4RTY2REEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmozTJhSqlwmJebibw5/EOgnXA
BnJmsqwGkeAiFG260atFELOomPnhBivZH6NhEMxwo+tJ8vAOzZ/qajfQhOywgiY6
SrKqbzdd61C0ctWOTcnOERpCtJ4U7zDryZQV8HSzliDHVeeKGlVgvHDP0h/MF6K8
5SLMwmj25eLA/YE4JItuoCzOJpxoi6vUK652fOxcOGZEum+D/l9n0ob3zkAXAwxq
4LsJOMZ0RqM0xYSYfO7MwcqORHwMV7Nn0YrjgQVjJIPmiWE5l6aNnjeEt9jSA18F
pmvpduNLmZExcwQ8E4UwrKyHBSoQviqOVIucUQiOqZql4FAwTacz+Kmzrb1rAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUOyRf/eB4Ac0qGoVtf8E7DtyOZtowHwYDVR0j
BBgwFoAUgXTJrQAP1bXTcKOjMXB2BoAlcMIwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vM2g5NzZaYlJZY1RUaWVTdWVWQ0FDRkxHRG1SRUREM0N4aGpDSFFUTGVR
WHcvMC84MTc0QzlBRDAwMEZENUI1RDM3MEEzQTMzMTcwNzYwNjgwMjU3MEMyLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzgxNzRDOUFEMDAwRkQ1QjVE
MzcwQTNBMzMxNzA3NjA2ODAyNTcwQzIuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzNoOTc2WmJSWWNUVGllU3VlVkNBQ0ZMR0RtUkVERDNDeGhqQ0hRVExlUVh3LzAv
MzQzNTJlMzIzMjM0MmUzMTMwMzgyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2
MzYzOTMxMzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAIt4GwwDQYJKoZIhvcNAQELBQADggEBAAzzr7Hu
qFtPAl467ZHdX6kAGk/OA4ycpeurJ/sBNasB/iNCqyWDLKNYZoC/Sl/mRYbMtb/n
vPXMT6LELAYPS/dSKNZ6LanlCszZZ1yHHRE+xFY1KyPmnYYkTZDz3lobDLDYByiu
YQqDFGbQc0L9gMHrr+Ajn8cuIaeNzmitXupPa1Xxef3dA50Md+qnuunyLDJiEGa/
QqMpKcu45AtTu6k9dxpVSqlyVrgKwjQAfoKj021FG4CNZIpughsApOr6uRzSgqh9
f+ph3/T/NguM0tHRuI4clZVoHEWxKteL4qv3e2zD6NU5DLoqCUibzgQd2Krasswq
jRXSEPSbBYS1pSQ=
-----END CERTIFICATE-----
Generated at Mon Jun 9 21:41:06 2025 by rpki-client