Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/4JiP45fvdhxWEyXdPKdmEGraQLGCwHz7uyE8X2yiWYx4/0/34352e352e372e302f32342d3234203d3e20323636313332.roa
File:                     34352e352e372e302f32342d3234203d3e20323636313332.roa (raw, json)
Hash identifier:          CCDJvr/biGd1+S1DqiLj91/ZMnSJ1YjAtj8Aaakwq94=
Subject key identifier:   D2:10:EC:F5:AF:7A:A2:EF:8C:4C:3E:5E:36:6A:D7:D2:A2:76:AA:48
Certificate issuer:       /CN=6B792102F0C53138CBEE6F3B8C349CBBE603B8A0
Certificate serial:       7D935C65454AFB18C0B4386B8C04C7678DAF613D
Authority key identifier: 6B:79:21:02:F0:C5:31:38:CB:EE:6F:3B:8C:34:9C:BB:E6:03:B8:A0
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/6B792102F0C53138CBEE6F3B8C349CBBE603B8A0.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/4JiP45fvdhxWEyXdPKdmEGraQLGCwHz7uyE8X2yiWYx4/0/34352e352e372e302f32342d3234203d3e20323636313332.roa
Signing time:             Fri 13 Jun 2025 14:38:39 +0000
ROA not before:           Fri 13 Jun 2025 14:33:39 +0000
ROA not after:            Fri 12 Jun 2026 14:38:39 +0000
asID:                     266132
IP address blocks:        45.5.7.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/4JiP45fvdhxWEyXdPKdmEGraQLGCwHz7uyE8X2yiWYx4/0/6B792102F0C53138CBEE6F3B8C349CBBE603B8A0.crl
                          rsync://rpki-repo.registro.br/repo/4JiP45fvdhxWEyXdPKdmEGraQLGCwHz7uyE8X2yiWYx4/0/6B792102F0C53138CBEE6F3B8C349CBBE603B8A0.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/6B792102F0C53138CBEE6F3B8C349CBBE603B8A0.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 14 Jun 2025 14:54:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:93:5c:65:45:4a:fb:18:c0:b4:38:6b:8c:04:c7:67:8d:af:61:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6B792102F0C53138CBEE6F3B8C349CBBE603B8A0
        Validity
            Not Before: Jun 13 14:33:39 2025 GMT
            Not After : Jun 12 14:38:39 2026 GMT
        Subject: CN=D210ECF5AF7AA2EF8C4C3E5E366AD7D2A276AA48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a5:21:b1:e4:fa:bb:c6:f2:01:f5:a1:79:77:af:
                    9c:5c:b3:48:08:7e:55:b8:37:a9:49:fb:20:3b:4e:
                    ae:7c:38:1f:02:94:7e:57:cf:58:19:fc:fa:52:0d:
                    cf:1b:31:ee:27:79:3e:00:ae:a7:9d:8e:69:12:8f:
                    76:4d:71:d0:14:84:8c:99:d5:38:9a:ea:32:ea:b6:
                    9c:c7:49:41:77:cf:7e:00:31:03:f7:d7:37:93:e5:
                    a7:7e:45:53:f2:70:c0:4b:06:2f:3c:a0:74:9e:14:
                    e8:43:24:3d:ba:95:28:8f:5d:c6:c4:97:0d:07:7c:
                    e6:45:25:6b:23:02:07:48:ce:0e:a0:13:f8:05:1b:
                    72:bf:00:b9:19:bb:73:d1:6e:13:38:6b:21:3a:a1:
                    d5:8e:81:ef:1c:db:27:c9:9d:bb:10:d0:71:74:f5:
                    ff:d0:62:08:01:d2:fa:6e:89:5b:ed:a3:0f:14:b3:
                    1b:32:74:e1:9a:f5:b9:7d:d3:76:ba:23:8f:cf:da:
                    89:7c:f6:d3:26:4a:d7:95:95:19:93:d3:83:66:4a:
                    6f:e2:4c:8b:eb:e6:39:75:bb:57:09:fc:61:b7:99:
                    27:f3:46:57:a0:f5:20:65:16:cf:d7:53:a1:e5:09:
                    df:31:5c:a0:4a:e0:0b:56:18:0a:dd:5d:b8:57:ae:
                    39:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:10:EC:F5:AF:7A:A2:EF:8C:4C:3E:5E:36:6A:D7:D2:A2:76:AA:48
            X509v3 Authority Key Identifier:
                keyid:6B:79:21:02:F0:C5:31:38:CB:EE:6F:3B:8C:34:9C:BB:E6:03:B8:A0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/4JiP45fvdhxWEyXdPKdmEGraQLGCwHz7uyE8X2yiWYx4/0/6B792102F0C53138CBEE6F3B8C349CBBE603B8A0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/6B792102F0C53138CBEE6F3B8C349CBBE603B8A0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/4JiP45fvdhxWEyXdPKdmEGraQLGCwHz7uyE8X2yiWYx4/0/34352e352e372e302f32342d3234203d3e20323636313332.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.5.7.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:82:49:03:eb:4c:fe:28:8a:08:9e:e0:b3:a4:eb:9f:2c:ab:
         f1:4f:37:29:52:bc:c3:5b:94:07:70:e8:d1:76:4f:18:6d:23:
         23:da:a5:0b:e9:a8:2e:56:b4:1d:b8:88:9d:72:71:8b:bc:e6:
         73:16:9d:ef:1a:aa:03:b4:64:2b:20:59:95:4c:5f:c9:fe:11:
         a5:0b:32:8b:63:0c:b3:6c:00:b7:21:d2:9f:04:c7:ce:1e:e8:
         ac:34:f7:c0:6d:a1:c1:06:ca:95:05:20:96:34:21:40:ae:80:
         79:35:e5:b1:ea:82:62:cf:f9:c5:21:7f:79:db:be:74:99:ad:
         03:2d:c2:4d:81:64:6b:0b:1d:98:4b:08:d9:fa:18:bd:d9:e5:
         4d:05:b7:27:c4:1a:83:fa:61:7d:ba:55:f2:ea:80:04:7c:91:
         48:a3:72:ba:e0:39:2a:b5:4a:96:3b:0a:e4:48:30:0a:67:d3:
         02:a8:50:e9:b7:d4:37:a8:a3:fb:3f:ab:51:92:c2:5d:5a:a9:
         bd:fb:18:39:06:81:f3:63:49:7f:9d:83:5c:df:50:50:25:6e:
         a0:56:76:61:b7:77:da:f6:05:e1:4f:56:46:29:c6:b6:cc:a2:
         87:74:f4:9e:57:c7:d2:e7:af:99:a9:9f:80:35:25:2a:fe:98:
         7a:56:61:71
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUfZNcZUVK+xjAtDhrjATHZ42vYT0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkI3OTIxMDJGMEM1MzEzOENCRUU2RjNCOEMzNDlDQkJF
NjAzQjhBMDAeFw0yNTA2MTMxNDMzMzlaFw0yNjA2MTIxNDM4MzlaMDMxMTAvBgNV
BAMTKEQyMTBFQ0Y1QUY3QUEyRUY4QzRDM0U1RTM2NkFEN0QyQTI3NkFBNDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClIbHk+rvG8gH1oXl3r5xcs0gI
flW4N6lJ+yA7Tq58OB8ClH5Xz1gZ/PpSDc8bMe4neT4ArqedjmkSj3ZNcdAUhIyZ
1Tia6jLqtpzHSUF3z34AMQP31zeT5ad+RVPycMBLBi88oHSeFOhDJD26lSiPXcbE
lw0HfOZFJWsjAgdIzg6gE/gFG3K/ALkZu3PRbhM4ayE6odWOge8c2yfJnbsQ0HF0
9f/QYggB0vpuiVvtow8UsxsydOGa9bl903a6I4/P2ol89tMmSteVlRmT04NmSm/i
TIvr5jl1u1cJ/GG3mSfzRleg9SBlFs/XU6HlCd8xXKBK4AtWGArdXbhXrjmtAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQU0hDs9a96ou+MTD5eNmrX0qJ2qkgwHwYDVR0j
BBgwFoAUa3khAvDFMTjL7m87jDScu+YDuKAwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNEppUDQ1ZnZkaHhXRXlYZFBLZG1FR3JhUUxHQ3dIejd1eUU4WDJ5aVdZ
eDQvMC82Qjc5MjEwMkYwQzUzMTM4Q0JFRTZGM0I4QzM0OUNCQkU2MDNCOEEwLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzZCNzkyMTAyRjBDNTMxMzhD
QkVFNkYzQjhDMzQ5Q0JCRTYwM0I4QTAuY2VyMIGmBggrBgEFBQcBCwSBmTCBljCB
kwYIKwYBBQUHMAuGgYZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzRKaVA0NWZ2ZGh4V0V5WGRQS2RtRUdyYVFMR0N3SHo3dXlFOFgyeWlXWXg0LzAv
MzQzNTJlMzUyZTM3MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM2MzEzMzMy
LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAw
DjAMBAIAATAGAwQALQUHMA0GCSqGSIb3DQEBCwUAA4IBAQCvgkkD60z+KIoInuCz
pOufLKvxTzcpUrzDW5QHcOjRdk8YbSMj2qUL6aguVrQduIidcnGLvOZzFp3vGqoD
tGQrIFmVTF/J/hGlCzKLYwyzbAC3IdKfBMfOHuisNPfAbaHBBsqVBSCWNCFAroB5
NeWx6oJiz/nFIX952750ma0DLcJNgWRrCx2YSwjZ+hi92eVNBbcnxBqD+mF9ulXy
6oAEfJFIo3K64DkqtUqWOwrkSDAKZ9MCqFDpt9Q3qKP7P6tRksJdWqm9+xg5BoHz
Y0l/nYNc31BQJW6gVnZht3fa9gXhT1ZGKca2zKKHdPSeV8fS56+ZqZ+ANSUq/ph6
VmFx
-----END CERTIFICATE-----
Generated at Fri Jun 13 21:25:12 2025 by rpki-client