Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/8MppwbQjErZzdCCwdxx5Kn7WGKVxckRRs5m99ampc5X6/1/34352e3233312e3130302e302f32322d3234203d3e20323637323336.roa
File:                     34352e3233312e3130302e302f32322d3234203d3e20323637323336.roa (raw, json)
Hash identifier:          sB2KLYkwNZmrVp1jYE2WdevpVLvUXmrC4F/bc/s1TV0=
Subject key identifier:   1C:90:31:15:60:03:8A:3B:4C:79:DC:20:3D:8D:9F:00:D6:3E:AB:DE
Certificate issuer:       /CN=CCEF2D3EA5BD187C45EA6D3A8FAF71CD15F7D2A7
Certificate serial:       53014470CD30189785C0751EF5F41047806BE7ED
Authority key identifier: CC:EF:2D:3E:A5:BD:18:7C:45:EA:6D:3A:8F:AF:71:CD:15:F7:D2:A7
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/CCEF2D3EA5BD187C45EA6D3A8FAF71CD15F7D2A7.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/8MppwbQjErZzdCCwdxx5Kn7WGKVxckRRs5m99ampc5X6/1/34352e3233312e3130302e302f32322d3234203d3e20323637323336.roa
Signing time:             Fri 05 Apr 2024 04:29:53 +0000
ROA not before:           Fri 05 Apr 2024 04:24:53 +0000
ROA not after:            Fri 04 Apr 2025 04:29:53 +0000
asID:                     267236
IP address blocks:        45.231.100.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/8MppwbQjErZzdCCwdxx5Kn7WGKVxckRRs5m99ampc5X6/1/CCEF2D3EA5BD187C45EA6D3A8FAF71CD15F7D2A7.crl
                          rsync://rpki-repo.registro.br/repo/8MppwbQjErZzdCCwdxx5Kn7WGKVxckRRs5m99ampc5X6/1/CCEF2D3EA5BD187C45EA6D3A8FAF71CD15F7D2A7.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/CCEF2D3EA5BD187C45EA6D3A8FAF71CD15F7D2A7.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 24 Nov 2024 07:45:38 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:01:44:70:cd:30:18:97:85:c0:75:1e:f5:f4:10:47:80:6b:e7:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CCEF2D3EA5BD187C45EA6D3A8FAF71CD15F7D2A7
        Validity
            Not Before: Apr  5 04:24:53 2024 GMT
            Not After : Apr  4 04:29:53 2025 GMT
        Subject: CN=1C90311560038A3B4C79DC203D8D9F00D63EABDE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:f0:87:78:d6:0b:18:ad:fd:d8:31:8c:57:4b:
                    05:69:26:db:e7:84:f2:10:b7:5e:dc:b5:12:be:82:
                    33:cb:b4:ab:fa:51:80:f4:d9:f1:2a:31:b8:e9:14:
                    80:fa:ce:e4:17:35:e4:c1:d3:7e:df:3c:ef:92:19:
                    60:96:ef:98:8a:35:9c:80:7c:a0:e5:df:c3:06:3b:
                    98:8d:9a:77:95:9c:98:b8:d2:f6:a7:de:85:a4:59:
                    fe:80:24:9d:54:f8:11:61:79:12:b6:9d:2f:58:1c:
                    dd:65:12:ce:78:2f:df:ee:e8:c9:7e:0a:1e:4d:27:
                    e7:07:82:8c:f3:99:d0:ce:86:83:a4:5a:20:e7:31:
                    36:57:dc:13:c8:6b:4b:7f:be:9a:46:9a:2f:0e:99:
                    0e:ac:35:e3:65:5e:4e:dd:d8:0c:62:1b:66:07:78:
                    ee:6e:a4:48:5b:50:bf:a1:48:98:36:45:a3:3b:0b:
                    eb:bb:17:c9:78:10:b5:5f:94:5e:1c:48:84:10:58:
                    d0:35:89:25:40:e8:78:64:45:ac:0b:f5:9d:8e:42:
                    e9:a5:a8:6e:7d:47:f1:9f:7a:13:cf:9e:35:4c:9e:
                    13:a4:5d:41:2f:b3:46:17:b7:13:4f:65:e4:58:29:
                    ae:f9:c7:6a:17:25:f8:16:75:70:0f:da:ec:6b:49:
                    9b:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:90:31:15:60:03:8A:3B:4C:79:DC:20:3D:8D:9F:00:D6:3E:AB:DE
            X509v3 Authority Key Identifier:
                keyid:CC:EF:2D:3E:A5:BD:18:7C:45:EA:6D:3A:8F:AF:71:CD:15:F7:D2:A7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/8MppwbQjErZzdCCwdxx5Kn7WGKVxckRRs5m99ampc5X6/1/CCEF2D3EA5BD187C45EA6D3A8FAF71CD15F7D2A7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/CCEF2D3EA5BD187C45EA6D3A8FAF71CD15F7D2A7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/8MppwbQjErZzdCCwdxx5Kn7WGKVxckRRs5m99ampc5X6/1/34352e3233312e3130302e302f32322d3234203d3e20323637323336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.231.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         33:88:7a:86:ad:54:93:cd:3b:42:f0:07:6b:be:26:39:95:68:
         0c:51:53:3e:29:6d:21:0f:76:27:09:72:9e:b2:23:33:92:8c:
         61:2c:70:db:92:6e:04:57:fc:96:07:8c:4b:14:aa:65:ac:82:
         25:ef:df:b4:fe:50:09:47:f9:0c:a2:fd:a6:f9:95:97:9b:58:
         d2:60:3a:df:c6:ff:df:34:84:a5:b8:fb:4e:b7:44:51:aa:b7:
         9a:fe:f7:67:14:11:90:a6:f5:ad:4b:ee:c6:2f:3a:eb:50:93:
         f2:3d:68:71:ce:26:76:15:73:db:8b:40:90:c9:3f:09:cb:1e:
         c8:0a:89:e8:74:ea:1e:b3:88:bc:c7:f6:00:db:25:af:70:51:
         e0:cd:2d:4a:9f:5d:32:d0:60:40:27:4c:94:17:27:99:a6:c7:
         74:39:a6:8d:ee:b5:8a:d0:50:22:bd:32:6e:ac:c5:53:2c:04:
         49:ce:48:42:b8:e7:c0:21:05:3f:f0:ad:69:1e:95:67:c1:66:
         8a:d4:9c:75:cb:5c:40:7e:61:f3:b8:47:44:b2:95:be:cf:12:
         a2:31:a4:24:c6:51:56:9c:8e:59:a4:54:db:e9:1a:82:a6:9f:
         92:b4:ee:ad:a6:b1:54:01:8d:4d:8e:be:a1:c3:60:c9:f7:37:
         af:05:40:76
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUUwFEcM0wGJeFwHUe9fQQR4Br5+0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0NFRjJEM0VBNUJEMTg3QzQ1RUE2RDNBOEZBRjcxQ0Qx
NUY3RDJBNzAeFw0yNDA0MDUwNDI0NTNaFw0yNTA0MDQwNDI5NTNaMDMxMTAvBgNV
BAMTKDFDOTAzMTE1NjAwMzhBM0I0Qzc5REMyMDNEOEQ5RjAwRDYzRUFCREUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDO8Id41gsYrf3YMYxXSwVpJtvn
hPIQt17ctRK+gjPLtKv6UYD02fEqMbjpFID6zuQXNeTB037fPO+SGWCW75iKNZyA
fKDl38MGO5iNmneVnJi40van3oWkWf6AJJ1U+BFheRK2nS9YHN1lEs54L9/u6Ml+
Ch5NJ+cHgozzmdDOhoOkWiDnMTZX3BPIa0t/vppGmi8OmQ6sNeNlXk7d2AxiG2YH
eO5upEhbUL+hSJg2RaM7C+u7F8l4ELVflF4cSIQQWNA1iSVA6HhkRawL9Z2OQuml
qG59R/GfehPPnjVMnhOkXUEvs0YXtxNPZeRYKa75x2oXJfgWdXAP2uxrSZv7AgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUHJAxFWADijtMedwgPY2fANY+q94wHwYDVR0j
BBgwFoAUzO8tPqW9GHxF6m06j69xzRX30qcwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOE1wcHdiUWpFclp6ZENDd2R4eDVLbjdXR0tWeGNrUlJzNW05OWFtcGM1
WDYvMS9DQ0VGMkQzRUE1QkQxODdDNDVFQTZEM0E4RkFGNzFDRDE1RjdEMkE3LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0NDRUYyRDNFQTVCRDE4N0M0
NUVBNkQzQThGQUY3MUNEMTVGN0QyQTcuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzhNcHB3YlFqRXJaemRDQ3dkeHg1S243V0dLVnhja1JSczVtOTlhbXBjNVg2LzEv
MzQzNTJlMzIzMzMxMmUzMTMwMzAyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2
MzczMjMzMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAIt52QwDQYJKoZIhvcNAQELBQADggEBADOIeoat
VJPNO0LwB2u+JjmVaAxRUz4pbSEPdicJcp6yIzOSjGEscNuSbgRX/JYHjEsUqmWs
giXv37T+UAlH+Qyi/ab5lZebWNJgOt/G/980hKW4+063RFGqt5r+92cUEZCm9a1L
7sYvOutQk/I9aHHOJnYVc9uLQJDJPwnLHsgKieh06h6ziLzH9gDbJa9wUeDNLUqf
XTLQYEAnTJQXJ5mmx3Q5po3utYrQUCK9Mm6sxVMsBEnOSEK458AhBT/wrWkelWfB
ZorUnHXLXEB+YfO4R0Sylb7PEqIxpCTGUVacjlmkVNvpGoKmn5K07q2msVQBjU2O
vqHDYMn3N68FQHY=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:08:05 2024 by rpki-client on console-ams.rpki-client.org