Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/7MZEimnaS59E2eAw8h4oXKehr5CYmmMtHXkn1ouAthdQ/0/34352e3232392e3133362e302f32342d3234203d3e20323731323937.roa
File:                     34352e3232392e3133362e302f32342d3234203d3e20323731323937.roa (raw, json)
Hash identifier:          +o5sIScdM46kmAqqS9GWVWLK1tGhtWhWXgceQVZIZ0s=
Subject key identifier:   39:93:9B:2E:48:A8:1D:59:20:11:8B:A3:65:F7:AA:B5:06:C9:CC:21
Certificate issuer:       /CN=9BCF5352E2C8A437597FAB4E6275E861F7E42F01
Certificate serial:       4AFE188B87E8637FD1EF5B16A62BA3C9C05EB0E2
Authority key identifier: 9B:CF:53:52:E2:C8:A4:37:59:7F:AB:4E:62:75:E8:61:F7:E4:2F:01
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/9BCF5352E2C8A437597FAB4E6275E861F7E42F01.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/7MZEimnaS59E2eAw8h4oXKehr5CYmmMtHXkn1ouAthdQ/0/34352e3232392e3133362e302f32342d3234203d3e20323731323937.roa
Signing time:             Tue 03 Jun 2025 17:09:45 +0000
ROA not before:           Tue 03 Jun 2025 17:04:45 +0000
ROA not after:            Tue 02 Jun 2026 17:09:45 +0000
asID:                     271297
IP address blocks:        45.229.136.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/7MZEimnaS59E2eAw8h4oXKehr5CYmmMtHXkn1ouAthdQ/0/9BCF5352E2C8A437597FAB4E6275E861F7E42F01.crl
                          rsync://rpki-repo.registro.br/repo/7MZEimnaS59E2eAw8h4oXKehr5CYmmMtHXkn1ouAthdQ/0/9BCF5352E2C8A437597FAB4E6275E861F7E42F01.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/9BCF5352E2C8A437597FAB4E6275E861F7E42F01.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 02:26:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:fe:18:8b:87:e8:63:7f:d1:ef:5b:16:a6:2b:a3:c9:c0:5e:b0:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9BCF5352E2C8A437597FAB4E6275E861F7E42F01
        Validity
            Not Before: Jun  3 17:04:45 2025 GMT
            Not After : Jun  2 17:09:45 2026 GMT
        Subject: CN=39939B2E48A81D5920118BA365F7AAB506C9CC21
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:41:9e:91:a3:68:b8:c5:9c:dd:ee:f5:44:f6:
                    a3:7b:3d:f5:e5:ff:75:96:6b:27:d7:44:49:74:4d:
                    6f:0a:05:cc:02:67:54:c6:fd:a7:4b:fc:a7:e1:da:
                    bc:27:69:ce:e3:47:52:af:16:d6:23:5a:49:5f:de:
                    c2:42:65:25:54:45:e3:f9:27:b0:f8:05:55:3d:89:
                    a0:a2:25:4d:75:a6:ec:6e:b5:ec:e4:00:6b:8e:f8:
                    b3:5e:10:0f:55:81:3b:2c:51:76:f7:f4:49:55:fa:
                    00:2a:4c:2b:41:f3:70:fe:03:b3:61:a6:70:6b:3c:
                    e8:ad:13:2f:ad:5a:e4:26:5f:39:ca:37:cd:d8:0d:
                    13:56:9b:fb:fb:6b:12:a7:b7:d5:7e:5e:18:d0:1b:
                    85:ac:51:6f:77:a2:d9:30:94:76:4f:b1:fe:85:b8:
                    6f:3c:43:d7:7f:5d:ce:7b:3d:86:8b:7f:63:70:17:
                    49:af:41:7b:33:0d:7e:79:89:cc:86:a0:5c:27:5e:
                    20:cf:c8:e8:45:06:cc:cf:6b:57:0e:85:96:36:45:
                    a7:71:4a:f7:9e:d0:36:65:5a:f7:ab:29:8e:26:0a:
                    00:41:08:5d:25:50:b6:bd:5f:48:8e:ea:bc:22:fc:
                    59:9d:f3:a2:b0:09:88:ae:d8:ef:50:6e:95:f6:dc:
                    5a:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:93:9B:2E:48:A8:1D:59:20:11:8B:A3:65:F7:AA:B5:06:C9:CC:21
            X509v3 Authority Key Identifier:
                keyid:9B:CF:53:52:E2:C8:A4:37:59:7F:AB:4E:62:75:E8:61:F7:E4:2F:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/7MZEimnaS59E2eAw8h4oXKehr5CYmmMtHXkn1ouAthdQ/0/9BCF5352E2C8A437597FAB4E6275E861F7E42F01.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/9BCF5352E2C8A437597FAB4E6275E861F7E42F01.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/7MZEimnaS59E2eAw8h4oXKehr5CYmmMtHXkn1ouAthdQ/0/34352e3232392e3133362e302f32342d3234203d3e20323731323937.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.229.136.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:4f:39:ad:e7:7c:8b:a3:c4:e0:66:fa:76:99:19:6e:9b:58:
         aa:08:b1:f6:8e:55:a3:8b:40:0f:e2:a8:64:c2:93:96:45:04:
         7c:79:04:35:d0:5b:a3:b0:ac:c9:f4:9e:ce:bf:fa:b3:9b:00:
         a1:91:cc:3e:7b:af:6d:46:5c:39:19:ed:03:78:0a:0a:96:ae:
         4a:5a:20:3f:71:b5:8b:ab:70:0e:ab:45:92:57:90:6f:de:0e:
         e8:b2:92:ff:19:f0:c9:85:6a:c5:ac:32:88:21:49:4e:be:ff:
         81:0b:80:78:c9:a8:17:d5:08:fc:41:c2:ea:b0:53:27:cb:f6:
         db:37:4d:33:49:ef:85:19:d1:42:db:15:fc:92:5c:bb:34:a9:
         0b:2f:5a:63:07:d1:66:b9:20:b0:ee:17:9d:bc:36:b9:bc:00:
         02:27:de:35:e3:fb:19:7a:a1:e4:db:84:6c:e8:f3:96:cb:f9:
         6c:16:40:ae:a6:dd:8e:bb:8d:0e:12:c5:93:0e:8a:31:09:9a:
         8c:bc:6c:e0:5f:77:c5:7e:fc:8e:eb:cb:f7:c0:7f:68:6b:6b:
         40:52:71:9a:a4:1e:f9:5c:82:10:25:29:43:ce:d1:fb:29:70:
         91:db:0e:19:13:97:d4:10:ce:c5:f9:18:01:eb:70:94:d2:cd:
         0a:3d:25:93
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUSv4Yi4foY3/R71sWpiujycBesOIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUJDRjUzNTJFMkM4QTQzNzU5N0ZBQjRFNjI3NUU4NjFG
N0U0MkYwMTAeFw0yNTA2MDMxNzA0NDVaFw0yNjA2MDIxNzA5NDVaMDMxMTAvBgNV
BAMTKDM5OTM5QjJFNDhBODFENTkyMDExOEJBMzY1RjdBQUI1MDZDOUNDMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaQZ6Ro2i4xZzd7vVE9qN7PfXl
/3WWayfXREl0TW8KBcwCZ1TG/adL/Kfh2rwnac7jR1KvFtYjWklf3sJCZSVUReP5
J7D4BVU9iaCiJU11puxutezkAGuO+LNeEA9VgTssUXb39ElV+gAqTCtB83D+A7Nh
pnBrPOitEy+tWuQmXznKN83YDRNWm/v7axKnt9V+XhjQG4WsUW93otkwlHZPsf6F
uG88Q9d/Xc57PYaLf2NwF0mvQXszDX55icyGoFwnXiDPyOhFBszPa1cOhZY2Radx
Svee0DZlWverKY4mCgBBCF0lULa9X0iO6rwi/Fmd86KwCYiu2O9QbpX23FotAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUOZObLkioHVkgEYujZfeqtQbJzCEwHwYDVR0j
BBgwFoAUm89TUuLIpDdZf6tOYnXoYffkLwEwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vN01aRWltbmFTNTlFMmVBdzhoNG9YS2VocjVDWW1tTXRIWGtuMW91QXRo
ZFEvMC85QkNGNTM1MkUyQzhBNDM3NTk3RkFCNEU2Mjc1RTg2MUY3RTQyRjAxLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzlCQ0Y1MzUyRTJDOEE0Mzc1
OTdGQUI0RTYyNzVFODYxRjdFNDJGMDEuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzdNWkVpbW5hUzU5RTJlQXc4aDRvWEtlaHI1Q1ltbU10SFhrbjFvdUF0aGRRLzAv
MzQzNTJlMzIzMjM5MmUzMTMzMzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3
MzEzMjM5Mzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAAt5YgwDQYJKoZIhvcNAQELBQADggEBAEJPOa3n
fIujxOBm+naZGW6bWKoIsfaOVaOLQA/iqGTCk5ZFBHx5BDXQW6OwrMn0ns6/+rOb
AKGRzD57r21GXDkZ7QN4CgqWrkpaID9xtYurcA6rRZJXkG/eDuiykv8Z8MmFasWs
MoghSU6+/4ELgHjJqBfVCPxBwuqwUyfL9ts3TTNJ74UZ0ULbFfySXLs0qQsvWmMH
0Wa5ILDuF528Nrm8AAIn3jXj+xl6oeTbhGzo85bL+WwWQK6m3Y67jQ4SxZMOijEJ
moy8bOBfd8V+/I7ry/fAf2hra0BScZqkHvlcghAlKUPO0fspcJHbDhkTl9QQzsX5
GAHrcJTSzQo9JZM=
-----END CERTIFICATE-----
Generated at Mon Jun 9 11:32:34 2025 by rpki-client