Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/H248hoi7i19GS224vzB3PSbvxpQ89Si55EHTSSGXALaa/1/34352e3233382e3131322e302f32322d3234203d3e20323638333331.roa
File:                     34352e3233382e3131322e302f32322d3234203d3e20323638333331.roa (raw, json)
Hash identifier:          Flq21VcmVKAs/ameaDMSWsqQr/I7i10q2VBS/aBnZG4=
Subject key identifier:   BD:AD:CA:E2:41:6E:D6:CC:CA:EC:F9:38:5E:BA:6E:29:D9:CD:77:A4
Certificate issuer:       /CN=BF9D09185198062395625CCDCA55DA0C823BC527
Certificate serial:       72D2725FC40035609888DB7CB287079F752E2663
Authority key identifier: BF:9D:09:18:51:98:06:23:95:62:5C:CD:CA:55:DA:0C:82:3B:C5:27
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BF9D09185198062395625CCDCA55DA0C823BC527.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/H248hoi7i19GS224vzB3PSbvxpQ89Si55EHTSSGXALaa/1/34352e3233382e3131322e302f32322d3234203d3e20323638333331.roa
Signing time:             Fri 23 May 2025 15:04:45 +0000
ROA not before:           Fri 23 May 2025 14:59:45 +0000
ROA not after:            Fri 22 May 2026 15:04:45 +0000
asID:                     268331
IP address blocks:        45.238.112.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/H248hoi7i19GS224vzB3PSbvxpQ89Si55EHTSSGXALaa/1/BF9D09185198062395625CCDCA55DA0C823BC527.crl
                          rsync://rpki-repo.registro.br/repo/H248hoi7i19GS224vzB3PSbvxpQ89Si55EHTSSGXALaa/1/BF9D09185198062395625CCDCA55DA0C823BC527.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BF9D09185198062395625CCDCA55DA0C823BC527.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Jun 2025 01:54:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:d2:72:5f:c4:00:35:60:98:88:db:7c:b2:87:07:9f:75:2e:26:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BF9D09185198062395625CCDCA55DA0C823BC527
        Validity
            Not Before: May 23 14:59:45 2025 GMT
            Not After : May 22 15:04:45 2026 GMT
        Subject: CN=BDADCAE2416ED6CCCAECF9385EBA6E29D9CD77A4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:92:0f:22:90:45:f6:76:b0:f5:b9:a3:0d:db:
                    c7:38:36:f7:fb:9e:33:a2:27:e2:fe:b8:f3:db:f3:
                    ad:cd:f9:3b:d9:32:bd:b4:37:73:a8:2d:6f:51:24:
                    25:d5:31:db:f5:19:cd:15:2d:28:33:8b:38:db:cd:
                    1d:92:23:16:0a:7a:6d:1e:5e:68:b6:03:73:0b:d0:
                    24:b9:75:df:19:fe:41:87:41:43:2c:27:1c:ad:d6:
                    cc:a9:76:0e:21:66:09:65:0c:9b:c5:62:61:b8:26:
                    fc:24:67:68:49:b3:cd:bd:39:3e:e8:ec:cd:c2:b6:
                    9b:b9:aa:39:94:0a:f1:1b:89:57:1d:16:ae:61:9e:
                    70:45:0a:f4:b7:e1:33:d8:ed:30:c6:c6:01:53:b8:
                    29:2e:84:89:32:02:6f:6e:29:e7:7e:59:ee:7c:c3:
                    84:1c:c9:27:75:3d:66:a1:ab:fe:4f:c1:ea:5f:bf:
                    93:c7:52:bf:f8:03:e0:de:a2:e9:47:cc:10:36:f1:
                    fe:e6:72:b4:d7:69:f5:b2:ef:a7:74:44:f7:a3:d4:
                    ad:59:c3:90:a0:6d:1a:83:40:1e:c0:35:4f:f3:35:
                    c3:a4:ee:a8:a8:a4:df:68:6f:be:3a:c1:22:ae:de:
                    ca:3a:2b:ae:f4:a6:52:bc:0c:79:65:f8:72:f4:c5:
                    d3:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:AD:CA:E2:41:6E:D6:CC:CA:EC:F9:38:5E:BA:6E:29:D9:CD:77:A4
            X509v3 Authority Key Identifier:
                keyid:BF:9D:09:18:51:98:06:23:95:62:5C:CD:CA:55:DA:0C:82:3B:C5:27

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/H248hoi7i19GS224vzB3PSbvxpQ89Si55EHTSSGXALaa/1/BF9D09185198062395625CCDCA55DA0C823BC527.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BF9D09185198062395625CCDCA55DA0C823BC527.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/H248hoi7i19GS224vzB3PSbvxpQ89Si55EHTSSGXALaa/1/34352e3233382e3131322e302f32322d3234203d3e20323638333331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.238.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         d2:cb:c0:aa:d0:fb:42:df:82:69:a2:d2:31:3d:fd:6b:d5:99:
         46:2c:2a:be:1a:ed:76:cd:4b:3d:f2:ae:a5:0d:47:a7:b6:32:
         fe:23:b0:29:d6:79:c6:95:f7:a6:01:11:aa:2a:ba:17:58:f4:
         98:d3:9f:91:32:90:f0:e4:88:48:d1:ea:77:9e:0a:eb:3b:65:
         d0:38:0d:cc:53:6c:0a:e1:ec:a8:27:d6:06:61:1c:d5:31:52:
         b2:1b:d1:c7:4e:a9:f9:01:e2:91:fd:68:df:2f:55:0b:05:63:
         e2:45:de:ef:a0:64:d7:40:e4:03:f6:d0:83:9d:77:d5:5d:e2:
         de:fd:ec:8b:4f:17:2d:f3:d6:28:2b:7c:87:80:a3:d1:64:4c:
         19:fd:ad:30:c2:cf:c6:79:55:fc:b7:d1:a2:8a:37:9c:31:2b:
         ff:2f:00:1b:e5:d8:34:04:3f:3c:cf:6c:eb:f0:fa:f5:c9:4d:
         62:75:6a:ec:15:a7:6e:03:0c:8b:8e:ad:2a:24:9c:7e:e3:88:
         f3:eb:d6:9d:9a:64:dc:ca:ee:68:a1:77:30:61:55:c8:af:89:
         79:99:ed:af:c6:30:e7:0f:d6:db:a2:b1:d1:c2:ad:67:b8:3a:
         e8:37:1f:8c:26:87:36:32:0b:a7:29:5b:46:11:21:33:aa:52:
         04:b0:8d:de
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUctJyX8QANWCYiNt8socHn3UuJmMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkY5RDA5MTg1MTk4MDYyMzk1NjI1Q0NEQ0E1NURBMEM4
MjNCQzUyNzAeFw0yNTA1MjMxNDU5NDVaFw0yNjA1MjIxNTA0NDVaMDMxMTAvBgNV
BAMTKEJEQURDQUUyNDE2RUQ2Q0NDQUVDRjkzODVFQkE2RTI5RDlDRDc3QTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCikg8ikEX2drD1uaMN28c4Nvf7
njOiJ+L+uPPb863N+TvZMr20N3OoLW9RJCXVMdv1Gc0VLSgzizjbzR2SIxYKem0e
Xmi2A3ML0CS5dd8Z/kGHQUMsJxyt1sypdg4hZgllDJvFYmG4JvwkZ2hJs829OT7o
7M3Ctpu5qjmUCvEbiVcdFq5hnnBFCvS34TPY7TDGxgFTuCkuhIkyAm9uKed+We58
w4QcySd1PWahq/5Pwepfv5PHUr/4A+DeoulHzBA28f7mcrTXafWy76d0RPej1K1Z
w5CgbRqDQB7ANU/zNcOk7qiopN9ob746wSKu3so6K670plK8DHll+HL0xdMFAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUva3K4kFu1szK7Pk4XrpuKdnNd6QwHwYDVR0j
BBgwFoAUv50JGFGYBiOVYlzNylXaDII7xScwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vSDI0OGhvaTdpMTlHUzIyNHZ6QjNQU2J2eHBRODlTaTU1RUhUU1NHWEFM
YWEvMS9CRjlEMDkxODUxOTgwNjIzOTU2MjVDQ0RDQTU1REEwQzgyM0JDNTI3LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0JGOUQwOTE4NTE5ODA2MjM5
NTYyNUNDRENBNTVEQTBDODIzQkM1MjcuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0gyNDhob2k3aTE5R1MyMjR2ekIzUFNidnhwUTg5U2k1NUVIVFNTR1hBTGFhLzEv
MzQzNTJlMzIzMzM4MmUzMTMxMzIyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2
MzgzMzMzMzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAIt7nAwDQYJKoZIhvcNAQELBQADggEBANLLwKrQ
+0Lfgmmi0jE9/WvVmUYsKr4a7XbNSz3yrqUNR6e2Mv4jsCnWecaV96YBEaoquhdY
9JjTn5EykPDkiEjR6neeCus7ZdA4DcxTbArh7Kgn1gZhHNUxUrIb0cdOqfkB4pH9
aN8vVQsFY+JF3u+gZNdA5AP20IOdd9Vd4t797ItPFy3z1igrfIeAo9FkTBn9rTDC
z8Z5Vfy30aKKN5wxK/8vABvl2DQEPzzPbOvw+vXJTWJ1auwVp24DDIuOrSoknH7j
iPPr1p2aZNzK7mihdzBhVciviXmZ7a/GMOcP1tuisdHCrWe4Oug3H4wmhzYyC6cp
W0YRITOqUgSwjd4=
-----END CERTIFICATE-----
Generated at Thu Jun 12 16:39:25 2025 by rpki-client