Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/34352e3233372e3231322e302f32342d3234203d3e20323638333033.roa
File:                     34352e3233372e3231322e302f32342d3234203d3e20323638333033.roa (raw, json)
Hash identifier:          spSAYLVunEd1fZUYpWJ2AEzeuW9QoYNk6WvpGr4A5nk=
Subject key identifier:   40:6B:15:F6:C2:F9:62:BF:DD:E1:60:F6:8A:33:09:7B:84:C1:EB:C4
Certificate issuer:       /CN=7E09C85B0E5ACF758DAA966E4C1E2328D0322164
Certificate serial:       3F567D65CCB146827679FFA8342422CA15635CF7
Authority key identifier: 7E:09:C8:5B:0E:5A:CF:75:8D:AA:96:6E:4C:1E:23:28:D0:32:21:64
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/34352e3233372e3231322e302f32342d3234203d3e20323638333033.roa
Signing time:             Fri 31 May 2024 13:49:09 +0000
ROA not before:           Fri 31 May 2024 13:44:09 +0000
ROA not after:            Fri 30 May 2025 13:49:09 +0000
asID:                     268303
IP address blocks:        45.237.212.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.crl
                          rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 16 Jun 2024 19:20:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:56:7d:65:cc:b1:46:82:76:79:ff:a8:34:24:22:ca:15:63:5c:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7E09C85B0E5ACF758DAA966E4C1E2328D0322164
        Validity
            Not Before: May 31 13:44:09 2024 GMT
            Not After : May 30 13:49:09 2025 GMT
        Subject: CN=406B15F6C2F962BFDDE160F68A33097B84C1EBC4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:b1:75:c2:0e:8e:f2:34:f6:4e:1e:5a:ad:54:
                    e9:df:81:f7:88:03:c1:4b:18:69:6c:94:3c:7e:de:
                    0d:3c:d7:b3:60:39:41:63:de:24:56:8d:20:4a:62:
                    e3:04:23:f0:e2:a2:e8:d1:9e:30:d2:8d:30:92:6b:
                    93:64:63:7c:0a:30:37:e0:51:40:54:79:4a:c8:a1:
                    44:54:8e:a3:9b:73:e3:e2:44:04:7a:93:8e:36:c0:
                    db:9a:ab:f6:4e:59:c2:14:51:11:76:aa:0d:f3:ef:
                    b4:4b:52:e7:9d:ca:f6:84:cd:6d:76:ca:0b:83:96:
                    e5:9f:73:04:89:b1:26:1e:f6:ee:ef:a0:04:99:a1:
                    8c:2f:56:d8:ef:46:1a:37:6f:49:69:5c:bd:25:a0:
                    69:ed:1d:34:2d:85:ce:f7:cd:e0:ee:46:82:ca:db:
                    a1:a0:4e:f0:9b:a7:57:ef:eb:a1:e1:b7:75:6c:a0:
                    bc:28:f1:57:1b:22:6e:7d:b8:f7:ed:62:fe:a4:fb:
                    db:0b:f4:85:d3:38:42:bd:e8:74:fd:a5:96:c8:ef:
                    08:6d:5e:47:6b:5d:4b:e0:e3:a2:5e:d9:03:e5:be:
                    e5:80:33:e9:81:b3:e0:b2:20:72:17:02:42:01:c9:
                    ca:c4:6b:1e:ea:50:6f:9f:1b:06:6a:40:fb:6e:84:
                    11:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:6B:15:F6:C2:F9:62:BF:DD:E1:60:F6:8A:33:09:7B:84:C1:EB:C4
            X509v3 Authority Key Identifier:
                keyid:7E:09:C8:5B:0E:5A:CF:75:8D:AA:96:6E:4C:1E:23:28:D0:32:21:64

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/34352e3233372e3231322e302f32342d3234203d3e20323638333033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.237.212.0/24

    Signature Algorithm: sha256WithRSAEncryption
         69:1c:07:8f:63:33:08:41:9c:0f:1d:be:b9:c5:28:86:d0:79:
         41:91:10:3b:8e:e8:01:e5:a3:c8:f4:bc:02:7d:03:65:f9:a4:
         b4:cf:f5:8a:d8:55:e3:a3:c1:89:45:3d:62:dc:c0:4c:ae:4a:
         7c:1d:cf:93:06:ea:65:29:40:d4:ca:8a:67:8d:b6:33:6b:e4:
         fe:83:7f:66:2b:9d:d6:97:1c:57:8b:ae:f9:1d:a7:bd:69:6b:
         97:2b:1d:b3:45:19:78:5c:5e:71:5d:aa:70:3f:e0:ed:b2:a0:
         7b:a3:52:0c:57:4d:1b:dc:ce:68:72:9b:f5:46:90:a2:c6:5b:
         9e:30:b0:f9:c2:c3:71:87:40:db:34:ac:d7:52:b9:78:d8:49:
         73:1e:81:f6:eb:d6:6a:3f:e7:5c:0e:6f:49:5f:57:78:83:79:
         e6:4a:a4:43:f0:df:f9:5d:6e:9a:21:72:d0:61:ef:17:63:08:
         97:b7:79:86:82:cb:80:bf:32:1b:d7:87:fa:17:40:ae:3f:e6:
         91:87:bf:b7:12:6c:ae:3e:34:4b:38:88:ee:81:56:f1:46:4f:
         61:9f:fd:7b:8c:70:0a:5a:92:d6:1a:63:1c:72:04:c5:8e:cc:
         49:85:2b:9e:74:6e:4a:2e:d2:43:6a:94:3f:00:c6:ed:39:94:
         b2:4d:10:af
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUP1Z9ZcyxRoJ2ef+oNCQiyhVjXPcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0UwOUM4NUIwRTVBQ0Y3NThEQUE5NjZFNEMxRTIzMjhE
MDMyMjE2NDAeFw0yNDA1MzExMzQ0MDlaFw0yNTA1MzAxMzQ5MDlaMDMxMTAvBgNV
BAMTKDQwNkIxNUY2QzJGOTYyQkZEREUxNjBGNjhBMzMwOTdCODRDMUVCQzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKsXXCDo7yNPZOHlqtVOnfgfeI
A8FLGGlslDx+3g0817NgOUFj3iRWjSBKYuMEI/DioujRnjDSjTCSa5NkY3wKMDfg
UUBUeUrIoURUjqObc+PiRAR6k442wNuaq/ZOWcIUURF2qg3z77RLUuedyvaEzW12
yguDluWfcwSJsSYe9u7voASZoYwvVtjvRho3b0lpXL0loGntHTQthc73zeDuRoLK
26GgTvCbp1fv66Hht3VsoLwo8VcbIm59uPftYv6k+9sL9IXTOEK96HT9pZbI7wht
XkdrXUvg46Je2QPlvuWAM+mBs+CyIHIXAkIBycrEax7qUG+fGwZqQPtuhBHdAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUQGsV9sL5Yr/d4WD2ijMJe4TB68QwHwYDVR0j
BBgwFoAUfgnIWw5az3WNqpZuTB4jKNAyIWQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOUhHNU5laFNBV1F5a1NDc2Z0THpqaEdlY24xbXdrMUJqa3VFSnJqWmdQ
a2IvMC83RTA5Qzg1QjBFNUFDRjc1OERBQTk2NkU0QzFFMjMyOEQwMzIyMTY0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzdFMDlDODVCMEU1QUNGNzU4
REFBOTY2RTRDMUUyMzI4RDAzMjIxNjQuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzlIRzVOZWhTQVdReWtTQ3NmdEx6amhHZWNuMW13azFCamt1RUpyalpnUGtiLzAv
MzQzNTJlMzIzMzM3MmUzMjMxMzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2
MzgzMzMwMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAAt7dQwDQYJKoZIhvcNAQELBQADggEBAGkcB49j
MwhBnA8dvrnFKIbQeUGREDuO6AHlo8j0vAJ9A2X5pLTP9YrYVeOjwYlFPWLcwEyu
Snwdz5MG6mUpQNTKimeNtjNr5P6Df2YrndaXHFeLrvkdp71pa5crHbNFGXhcXnFd
qnA/4O2yoHujUgxXTRvczmhym/VGkKLGW54wsPnCw3GHQNs0rNdSuXjYSXMegfbr
1mo/51wOb0lfV3iDeeZKpEPw3/ldbpohctBh7xdjCJe3eYaCy4C/MhvXh/oXQK4/
5pGHv7cSbK4+NEs4iO6BVvFGT2Gf/XuMcApaktYaYxxyBMWOzEmFK550bkou0kNq
lD8Axu05lLJNEK8=
-----END CERTIFICATE-----
Generated at Sun Jun 16 11:23:09 2024 by rpki-client on console-ams.rpki-client.org