Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/3xEzHhnAZeadzR8kYfVsGmVZtfXKVpGQRdNYdT7XDjRK/0/34352e3233362e32302e302f32322d3234203d3e20323638323232.roa
File:                     34352e3233362e32302e302f32322d3234203d3e20323638323232.roa (raw, json)
Hash identifier:          5tfOBrygOXAVeXG5prlZAYljjLnFL4xsQWQCoQKIEPg=
Subject key identifier:   2A:64:1E:C9:6D:95:8B:EF:DE:12:76:28:07:F2:F4:DA:14:0C:1F:69
Certificate issuer:       /CN=DDA1EC4A0E48B5C09FB746327F05F51EB5F8E570
Certificate serial:       090F75D7004530D2A57E8845C5D59A8F2D91A73B
Authority key identifier: DD:A1:EC:4A:0E:48:B5:C0:9F:B7:46:32:7F:05:F5:1E:B5:F8:E5:70
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DDA1EC4A0E48B5C09FB746327F05F51EB5F8E570.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/3xEzHhnAZeadzR8kYfVsGmVZtfXKVpGQRdNYdT7XDjRK/0/34352e3233362e32302e302f32322d3234203d3e20323638323232.roa
Signing time:             Tue 21 May 2024 12:15:54 +0000
ROA not before:           Tue 21 May 2024 12:10:54 +0000
ROA not after:            Tue 20 May 2025 12:15:54 +0000
asID:                     268222
IP address blocks:        45.236.20.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/3xEzHhnAZeadzR8kYfVsGmVZtfXKVpGQRdNYdT7XDjRK/0/DDA1EC4A0E48B5C09FB746327F05F51EB5F8E570.crl
                          rsync://rpki-repo.registro.br/repo/3xEzHhnAZeadzR8kYfVsGmVZtfXKVpGQRdNYdT7XDjRK/0/DDA1EC4A0E48B5C09FB746327F05F51EB5F8E570.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DDA1EC4A0E48B5C09FB746327F05F51EB5F8E570.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 16 Jun 2024 19:20:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:0f:75:d7:00:45:30:d2:a5:7e:88:45:c5:d5:9a:8f:2d:91:a7:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DDA1EC4A0E48B5C09FB746327F05F51EB5F8E570
        Validity
            Not Before: May 21 12:10:54 2024 GMT
            Not After : May 20 12:15:54 2025 GMT
        Subject: CN=2A641EC96D958BEFDE12762807F2F4DA140C1F69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ef:58:70:26:0f:63:fb:4c:43:d2:5c:39:b7:a6:
                    a5:a0:16:10:66:78:5e:53:e1:e3:bd:00:e8:8b:29:
                    23:74:0f:24:d1:e9:5f:6e:1a:ff:97:b1:da:d9:59:
                    1b:e0:3f:d7:7e:93:28:be:4d:ad:85:b5:fd:0c:e4:
                    78:62:38:b8:86:1b:51:d1:44:59:10:27:6b:b6:28:
                    f6:7d:d0:89:1c:23:ca:d3:19:07:ce:ea:9b:3c:a7:
                    85:3d:c7:45:a6:56:dd:a1:d8:dc:64:91:c8:27:4e:
                    13:a7:c2:fc:9a:45:69:35:bd:c0:05:f6:00:0c:24:
                    9f:56:49:f6:10:35:87:37:dd:d5:ac:29:ee:37:50:
                    bd:1c:18:04:62:b2:ae:0b:81:78:a2:96:78:a1:c3:
                    d0:3c:8c:b1:bd:fa:a6:f7:38:72:1d:4d:da:95:2f:
                    fd:b8:70:b8:54:11:00:12:68:15:75:12:6f:c8:74:
                    a8:ed:37:fb:bc:f0:c1:15:c3:0c:64:c9:7d:98:e7:
                    00:1c:b9:be:f9:93:38:20:de:d3:dc:ec:4c:a7:ca:
                    e2:0b:e7:8d:ca:2e:f2:59:4e:22:7d:87:ec:88:a0:
                    6d:20:68:ba:70:0d:fa:c4:a1:b3:ea:4b:df:24:88:
                    14:96:b8:f6:7a:88:bb:ef:a5:08:2e:ff:a4:b4:5f:
                    f8:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:64:1E:C9:6D:95:8B:EF:DE:12:76:28:07:F2:F4:DA:14:0C:1F:69
            X509v3 Authority Key Identifier:
                keyid:DD:A1:EC:4A:0E:48:B5:C0:9F:B7:46:32:7F:05:F5:1E:B5:F8:E5:70

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/3xEzHhnAZeadzR8kYfVsGmVZtfXKVpGQRdNYdT7XDjRK/0/DDA1EC4A0E48B5C09FB746327F05F51EB5F8E570.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DDA1EC4A0E48B5C09FB746327F05F51EB5F8E570.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/3xEzHhnAZeadzR8kYfVsGmVZtfXKVpGQRdNYdT7XDjRK/0/34352e3233362e32302e302f32322d3234203d3e20323638323232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.236.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6d:81:c8:0e:27:85:6b:51:4a:88:0e:a9:60:4a:a7:62:29:34:
         8d:84:fe:ba:ec:6d:d6:a0:82:17:91:f0:fe:2c:9a:04:c6:5b:
         8c:1f:08:ee:33:c6:05:c8:85:f8:fc:65:5b:a0:a2:2b:a6:b6:
         d3:c5:e1:ce:04:da:5a:d0:5f:e2:14:47:79:98:17:b8:bd:c9:
         39:b4:ae:fd:27:44:27:e5:8b:b9:61:7c:9d:87:2f:57:4d:fd:
         a7:44:e8:44:76:b4:87:8a:a7:a4:96:47:da:ff:5d:ac:3d:df:
         8c:0f:47:23:73:87:70:0e:5a:b3:83:a7:cd:93:b6:d6:79:c9:
         fb:4a:0a:c8:ef:58:37:58:7c:bc:f0:a8:4c:12:98:f3:35:c4:
         ef:ea:76:e0:43:04:60:85:1b:dc:97:a6:32:ff:db:92:b8:3f:
         c0:be:01:43:76:81:8c:d3:ba:cc:a1:4b:ff:91:82:1a:8b:d2:
         b1:51:92:4b:43:19:bb:6b:9f:77:54:0f:70:5a:c3:5d:69:74:
         3b:d0:44:0a:1f:a2:b2:25:e2:57:2d:49:06:a6:d9:5e:0e:bc:
         49:e9:f1:8c:de:1d:d8:b1:bb:b5:43:4f:ce:08:fe:19:cd:53:
         2b:12:44:cb:a1:8e:91:8c:28:44:c8:71:7d:89:58:9c:51:c8:
         9c:46:37:8f
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUCQ911wBFMNKlfohFxdWajy2RpzswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRERBMUVDNEEwRTQ4QjVDMDlGQjc0NjMyN0YwNUY1MUVC
NUY4RTU3MDAeFw0yNDA1MjExMjEwNTRaFw0yNTA1MjAxMjE1NTRaMDMxMTAvBgNV
BAMTKDJBNjQxRUM5NkQ5NThCRUZERTEyNzYyODA3RjJGNERBMTQwQzFGNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDvWHAmD2P7TEPSXDm3pqWgFhBm
eF5T4eO9AOiLKSN0DyTR6V9uGv+XsdrZWRvgP9d+kyi+Ta2Ftf0M5HhiOLiGG1HR
RFkQJ2u2KPZ90IkcI8rTGQfO6ps8p4U9x0WmVt2h2NxkkcgnThOnwvyaRWk1vcAF
9gAMJJ9WSfYQNYc33dWsKe43UL0cGARisq4LgXiilnihw9A8jLG9+qb3OHIdTdqV
L/24cLhUEQASaBV1Em/IdKjtN/u88MEVwwxkyX2Y5wAcub75kzgg3tPc7EynyuIL
543KLvJZTiJ9h+yIoG0gaLpwDfrEobPqS98kiBSWuPZ6iLvvpQgu/6S0X/inAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUKmQeyW2Vi+/eEnYoB/L02hQMH2kwHwYDVR0j
BBgwFoAU3aHsSg5ItcCft0YyfwX1HrX45XAwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vM3hFekhobkFaZWFkelI4a1lmVnNHbVZadGZYS1ZwR1FSZE5ZZFQ3WERq
UksvMC9EREExRUM0QTBFNDhCNUMwOUZCNzQ2MzI3RjA1RjUxRUI1RjhFNTcwLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0REQTFFQzRBMEU0OEI1QzA5
RkI3NDYzMjdGMDVGNTFFQjVGOEU1NzAuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzN4RXpIaG5BWmVhZHpSOGtZZlZzR21WWnRmWEtWcEdRUmROWWRUN1hEalJLLzAv
MzQzNTJlMzIzMzM2MmUzMjMwMmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM4
MzIzMjMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCLewUMA0GCSqGSIb3DQEBCwUAA4IBAQBtgcgOJ4Vr
UUqIDqlgSqdiKTSNhP667G3WoIIXkfD+LJoExluMHwjuM8YFyIX4/GVboKIrprbT
xeHOBNpa0F/iFEd5mBe4vck5tK79J0Qn5Yu5YXydhy9XTf2nROhEdrSHiqeklkfa
/12sPd+MD0cjc4dwDlqzg6fNk7bWecn7SgrI71g3WHy88KhMEpjzNcTv6nbgQwRg
hRvcl6Yy/9uSuD/AvgFDdoGM07rMoUv/kYIai9KxUZJLQxm7a593VA9wWsNdaXQ7
0EQKH6KyJeJXLUkGptleDrxJ6fGM3h3Ysbu1Q0/OCP4ZzVMrEkTLoY6RjChEyHF9
iVicUcicRjeP
-----END CERTIFICATE-----
Generated at Sun Jun 16 09:32:32 2024 by rpki-client on console-fra.rpki-client.org