Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/34352e3138312e3233302e302f32332d3233203d3e20323632353033.roa
File:                     34352e3138312e3233302e302f32332d3233203d3e20323632353033.roa (raw, json)
Hash identifier:          +1LJbBPQbCUcUPJfm11t5f5pRbCbtz2XawQtTKng0KA=
Subject key identifier:   BB:A3:B9:44:44:7C:C0:4D:7F:69:15:5E:1F:BD:12:2F:C4:5C:8A:7A
Certificate issuer:       /CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
Certificate serial:       6C21CBA401C788A54365D987B8599D6A5B74125D
Authority key identifier: AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/34352e3138312e3233302e302f32332d3233203d3e20323632353033.roa
Signing time:             Thu 29 May 2025 18:50:13 +0000
ROA not before:           Thu 29 May 2025 18:45:13 +0000
ROA not after:            Thu 28 May 2026 18:50:13 +0000
asID:                     262503
IP address blocks:        45.181.230.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl
                          rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 09 Jun 2025 21:56:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:21:cb:a4:01:c7:88:a5:43:65:d9:87:b8:59:9d:6a:5b:74:12:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
        Validity
            Not Before: May 29 18:45:13 2025 GMT
            Not After : May 28 18:50:13 2026 GMT
        Subject: CN=BBA3B944447CC04D7F69155E1FBD122FC45C8A7A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:9d:68:7b:d0:2d:cc:13:cb:50:59:21:c1:70:
                    2f:b2:27:69:0a:bb:b3:3f:d7:f4:34:57:b2:18:41:
                    ab:d0:3f:4c:1c:6b:ba:15:ed:b6:ee:36:5e:c0:63:
                    ce:38:e9:8c:e6:9c:19:1d:df:79:0a:c8:5b:82:c6:
                    68:a4:1a:78:33:17:b9:86:10:c9:bd:88:a3:e8:57:
                    21:d9:4d:28:25:f0:91:df:e2:f7:b8:9f:d5:ce:cd:
                    75:c1:5d:01:11:38:c7:52:96:f3:e3:dd:5e:6f:96:
                    07:c3:69:1d:75:23:a8:59:be:3b:cf:ad:53:43:6c:
                    70:dc:ac:a3:85:51:68:38:ca:2e:64:66:98:d7:ad:
                    1f:e4:16:a7:42:81:84:86:d0:b2:c3:79:4a:bf:75:
                    20:f9:27:85:0d:e9:d2:d8:a0:ba:ef:4d:ef:87:03:
                    df:3e:12:67:0c:01:cf:66:46:93:f7:ff:38:e8:aa:
                    f5:57:db:49:68:ca:41:8b:11:73:ae:79:3f:8f:2c:
                    a0:60:83:49:e7:cb:1f:4a:c2:0c:c5:fb:b7:42:0a:
                    56:99:36:ac:5f:0d:47:54:5f:f3:a7:aa:fa:52:4f:
                    4c:a9:45:34:08:87:dd:6c:40:a9:dc:3b:f8:86:a5:
                    48:f4:cb:9d:39:32:7d:6a:5c:91:b5:b7:08:b3:10:
                    5d:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:A3:B9:44:44:7C:C0:4D:7F:69:15:5E:1F:BD:12:2F:C4:5C:8A:7A
            X509v3 Authority Key Identifier:
                keyid:AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/34352e3138312e3233302e302f32332d3233203d3e20323632353033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.181.230.0/23

    Signature Algorithm: sha256WithRSAEncryption
         91:71:0a:a2:d0:8a:d7:99:c5:c0:81:d8:a7:75:e7:a0:9b:e8:
         42:70:fc:d2:4b:6f:8b:9f:a2:ca:d7:57:f2:3e:4a:72:75:71:
         5f:9a:53:ac:92:95:ba:7f:d9:23:ec:eb:15:a6:17:ff:46:4a:
         e5:d4:90:e3:fd:29:98:26:ff:eb:2e:c8:5e:e6:59:db:93:36:
         07:65:7f:f7:1d:dc:6b:01:bc:ae:d9:dc:fe:8d:05:33:af:0e:
         a4:ce:35:05:c1:14:30:14:5d:27:fe:0d:49:47:8e:47:df:59:
         3d:2f:60:07:f5:56:24:7e:a4:d4:e2:26:de:59:e1:6d:7e:27:
         78:83:69:67:fa:42:0b:df:e1:6d:7b:53:d2:8d:57:83:e9:47:
         4a:b0:b7:d1:77:b3:4d:39:c5:2d:a2:ad:59:62:de:24:41:77:
         d9:95:8e:57:4a:c3:23:e8:f2:f4:08:d1:1c:8d:ed:cf:8f:b5:
         31:20:c8:c0:44:15:80:da:bc:d9:14:a1:57:23:22:0b:fc:5a:
         fc:c7:80:1e:d7:96:95:a0:12:d4:bf:8f:c8:20:d3:b9:ea:2f:
         88:9a:30:04:af:fd:75:f2:10:c3:16:e5:d0:a4:cb:dd:a5:a8:
         5a:fe:72:a8:ab:f1:4a:1b:2c:f6:d3:c1:17:46:6e:d4:27:70:
         80:28:9a:7b
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUbCHLpAHHiKVDZdmHuFmdalt0El0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM2NEIyRDE3NzFBQjMwRTE4ODgzQ0REMTQwMDFBODJE
OTkwNUY5ODAeFw0yNTA1MjkxODQ1MTNaFw0yNjA1MjgxODUwMTNaMDMxMTAvBgNV
BAMTKEJCQTNCOTQ0NDQ3Q0MwNEQ3RjY5MTU1RTFGQkQxMjJGQzQ1QzhBN0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+nWh70C3ME8tQWSHBcC+yJ2kK
u7M/1/Q0V7IYQavQP0wca7oV7bbuNl7AY8446YzmnBkd33kKyFuCxmikGngzF7mG
EMm9iKPoVyHZTSgl8JHf4ve4n9XOzXXBXQEROMdSlvPj3V5vlgfDaR11I6hZvjvP
rVNDbHDcrKOFUWg4yi5kZpjXrR/kFqdCgYSG0LLDeUq/dSD5J4UN6dLYoLrvTe+H
A98+EmcMAc9mRpP3/zjoqvVX20loykGLEXOueT+PLKBgg0nnyx9KwgzF+7dCClaZ
NqxfDUdUX/OnqvpST0ypRTQIh91sQKncO/iGpUj0y505Mn1qXJG1twizEF05AgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUu6O5RER8wE1/aRVeH70SL8RcinowHwYDVR0j
BBgwFoAUrGSy0Xcasw4YiDzdFAAagtmQX5gwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOEVvNVFNbXF0ZGltNGp3bzVBdFR1UEprUWl6UGNtV1NtOWZvUnVmWU1G
a0YvMC9BQzY0QjJEMTc3MUFCMzBFMTg4ODNDREQxNDAwMUE4MkQ5OTA1Rjk4LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FDNjRCMkQxNzcxQUIzMEUx
ODg4M0NERDE0MDAxQTgyRDk5MDVGOTguY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzhFbzVRTW1xdGRpbTRqd281QXRUdVBKa1FpelBjbVdTbTlmb1J1ZllNRmtGLzAv
MzQzNTJlMzEzODMxMmUzMjMzMzAyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjM2
MzIzNTMwMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAEtteYwDQYJKoZIhvcNAQELBQADggEBAJFxCqLQ
iteZxcCB2Kd156Cb6EJw/NJLb4ufosrXV/I+SnJ1cV+aU6ySlbp/2SPs6xWmF/9G
SuXUkOP9KZgm/+suyF7mWduTNgdlf/cd3GsBvK7Z3P6NBTOvDqTONQXBFDAUXSf+
DUlHjkffWT0vYAf1ViR+pNTiJt5Z4W1+J3iDaWf6Qgvf4W17U9KNV4PpR0qwt9F3
s005xS2irVli3iRBd9mVjldKwyPo8vQI0RyN7c+PtTEgyMBEFYDavNkUoVcjIgv8
WvzHgB7XlpWgEtS/j8gg07nqL4iaMASv/XXyEMMW5dCky92lqFr+cqir8UobLPbT
wRdGbtQncIAomns=
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:24:50 2025 by rpki-client