Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/34352e3233372e3231322e302f32332d3233203d3e20323638333033.roa
File:                     34352e3233372e3231322e302f32332d3233203d3e20323638333033.roa (raw, json)
Hash identifier:          Kg6jDTjqu+tn78Aqt9ato0uf+cbaWeFl3mf0rzFRtK8=
Subject key identifier:   D9:6F:50:EC:A9:D4:DF:D6:3D:DB:EE:63:34:57:AE:D0:E8:7E:02:91
Certificate issuer:       /CN=7E09C85B0E5ACF758DAA966E4C1E2328D0322164
Certificate serial:       38F36D788DAA5F2040DE27D8690EBD0FE0C3DDB9
Authority key identifier: 7E:09:C8:5B:0E:5A:CF:75:8D:AA:96:6E:4C:1E:23:28:D0:32:21:64
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/34352e3233372e3231322e302f32332d3233203d3e20323638333033.roa
Signing time:             Fri 31 May 2024 13:50:19 +0000
ROA not before:           Fri 31 May 2024 13:45:19 +0000
ROA not after:            Fri 30 May 2025 13:50:19 +0000
asID:                     268303
IP address blocks:        45.237.212.0/23 maxlen: 23

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.crl
                          rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 16 Jun 2024 19:20:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:f3:6d:78:8d:aa:5f:20:40:de:27:d8:69:0e:bd:0f:e0:c3:dd:b9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7E09C85B0E5ACF758DAA966E4C1E2328D0322164
        Validity
            Not Before: May 31 13:45:19 2024 GMT
            Not After : May 30 13:50:19 2025 GMT
        Subject: CN=D96F50ECA9D4DFD63DDBEE633457AED0E87E0291
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:25:1d:59:82:f4:cb:8a:6e:69:9c:c1:f7:77:
                    01:0b:a8:c1:bb:a5:fa:66:48:69:6e:9c:cb:72:47:
                    71:21:77:72:fb:f3:51:19:82:ee:17:12:7c:7e:89:
                    ca:95:35:6c:68:b0:db:7f:77:0a:f9:0f:f3:44:ee:
                    ff:f9:ad:d5:8b:18:2e:71:8a:67:33:06:09:13:2c:
                    8a:e1:fa:2a:6f:22:56:d8:53:07:b6:e1:f1:98:c8:
                    97:ab:80:aa:26:b2:b9:07:9c:c4:3f:a3:8f:eb:82:
                    8e:c2:21:d0:a1:19:e7:02:d8:20:e6:89:e7:ef:e3:
                    96:af:d3:c3:fc:c0:2f:db:02:81:ce:03:a3:1b:ea:
                    0f:15:da:b8:6e:04:a1:49:b8:cc:67:52:00:e6:d8:
                    25:bd:10:e2:9c:f5:a2:37:d9:35:02:7a:f3:c4:84:
                    81:65:16:17:77:c6:4f:58:20:99:e7:27:39:1c:91:
                    0f:0b:4a:09:26:49:e5:e4:00:76:c1:1b:97:f5:67:
                    2a:18:47:8c:49:da:e4:fc:43:e3:12:5c:2f:76:ab:
                    cf:8e:33:9f:e9:f4:dc:de:ca:7a:25:42:6f:79:64:
                    41:9d:a6:9d:9c:78:42:9b:ae:62:fa:ba:0e:49:44:
                    f4:e5:cf:94:51:9e:7f:63:d5:bc:34:6f:f2:10:d2:
                    1a:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:6F:50:EC:A9:D4:DF:D6:3D:DB:EE:63:34:57:AE:D0:E8:7E:02:91
            X509v3 Authority Key Identifier:
                keyid:7E:09:C8:5B:0E:5A:CF:75:8D:AA:96:6E:4C:1E:23:28:D0:32:21:64

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/34352e3233372e3231322e302f32332d3233203d3e20323638333033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.237.212.0/23

    Signature Algorithm: sha256WithRSAEncryption
         14:e4:e5:33:a7:3c:71:b6:a6:4b:cc:ec:d9:5b:5b:9f:c8:e6:
         d6:bc:4a:bf:c2:6d:7e:64:ad:24:ca:7a:99:ca:20:c7:d9:eb:
         3a:f4:6a:80:d1:de:cf:a7:dd:8d:17:1a:98:f7:35:54:f9:10:
         b1:d1:95:9f:48:f8:9e:8f:57:7f:25:8f:2b:86:10:01:eb:84:
         c7:10:ce:c3:f2:18:70:36:f3:e5:8f:b0:bd:af:6c:fe:1d:6c:
         e0:9f:f4:25:b5:62:26:b2:73:fc:be:52:ea:b5:79:bc:dd:6e:
         d9:03:ce:05:0f:7c:3b:b8:fc:c3:c6:17:7e:c3:a7:83:5d:46:
         61:26:77:2d:7c:35:cd:39:74:ed:cb:a7:ef:28:e9:0a:bf:c4:
         e2:97:3f:72:f0:80:5e:3a:05:85:cc:82:04:5a:9b:e6:63:e2:
         44:bf:9b:2c:b8:c0:92:b0:33:c7:4e:77:bb:cd:39:0d:94:59:
         a6:35:6f:f3:25:6a:ec:c7:8c:1b:6b:2e:e9:75:1f:65:13:ca:
         ad:59:bd:be:ef:f7:e0:2f:bb:bb:18:d1:91:c4:aa:cd:ae:07:
         24:16:78:63:44:89:90:94:40:38:74:6f:fa:be:fb:4f:30:6d:
         be:88:62:e7:b5:19:32:cd:cf:dd:9d:76:39:38:8d:3c:65:a7:
         06:ab:06:be
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUOPNteI2qXyBA3ifYaQ69D+DD3bkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0UwOUM4NUIwRTVBQ0Y3NThEQUE5NjZFNEMxRTIzMjhE
MDMyMjE2NDAeFw0yNDA1MzExMzQ1MTlaFw0yNTA1MzAxMzUwMTlaMDMxMTAvBgNV
BAMTKEQ5NkY1MEVDQTlENERGRDYzRERCRUU2MzM0NTdBRUQwRTg3RTAyOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTJR1ZgvTLim5pnMH3dwELqMG7
pfpmSGlunMtyR3Ehd3L781EZgu4XEnx+icqVNWxosNt/dwr5D/NE7v/5rdWLGC5x
imczBgkTLIrh+ipvIlbYUwe24fGYyJergKomsrkHnMQ/o4/rgo7CIdChGecC2CDm
iefv45av08P8wC/bAoHOA6Mb6g8V2rhuBKFJuMxnUgDm2CW9EOKc9aI32TUCevPE
hIFlFhd3xk9YIJnnJzkckQ8LSgkmSeXkAHbBG5f1ZyoYR4xJ2uT8Q+MSXC92q8+O
M5/p9NzeynolQm95ZEGdpp2ceEKbrmL6ug5JRPTlz5RRnn9j1bw0b/IQ0hq/AgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQU2W9Q7KnU39Y92+5jNFeu0Oh+ApEwHwYDVR0j
BBgwFoAUfgnIWw5az3WNqpZuTB4jKNAyIWQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOUhHNU5laFNBV1F5a1NDc2Z0THpqaEdlY24xbXdrMUJqa3VFSnJqWmdQ
a2IvMC83RTA5Qzg1QjBFNUFDRjc1OERBQTk2NkU0QzFFMjMyOEQwMzIyMTY0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzdFMDlDODVCMEU1QUNGNzU4
REFBOTY2RTRDMUUyMzI4RDAzMjIxNjQuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzlIRzVOZWhTQVdReWtTQ3NmdEx6amhHZWNuMW13azFCamt1RUpyalpnUGtiLzAv
MzQzNTJlMzIzMzM3MmUzMjMxMzIyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjM2
MzgzMzMwMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAEt7dQwDQYJKoZIhvcNAQELBQADggEBABTk5TOn
PHG2pkvM7NlbW5/I5ta8Sr/CbX5krSTKepnKIMfZ6zr0aoDR3s+n3Y0XGpj3NVT5
ELHRlZ9I+J6PV38ljyuGEAHrhMcQzsPyGHA28+WPsL2vbP4dbOCf9CW1Yiayc/y+
Uuq1ebzdbtkDzgUPfDu4/MPGF37Dp4NdRmEmdy18Nc05dO3Lp+8o6Qq/xOKXP3Lw
gF46BYXMggRam+Zj4kS/myy4wJKwM8dOd7vNOQ2UWaY1b/MlauzHjBtrLul1H2UT
yq1Zvb7v9+Avu7sY0ZHEqs2uByQWeGNEiZCUQDh0b/q++08wbb6IYue1GTLNz92d
djk4jTxlpwarBr4=
-----END CERTIFICATE-----
Generated at Sun Jun 16 10:51:39 2024 by rpki-client on console-fra.rpki-client.org