Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/34352e3233372e3231332e302f32342d3234203d3e20323638333033.roa
File:                     34352e3233372e3231332e302f32342d3234203d3e20323638333033.roa (raw, json)
Hash identifier:          aLTW5LZf8mfd21r9GqxhzLCjS4bw7JwDxxmIj2oeTEk=
Subject key identifier:   9E:E1:5E:EA:85:22:9C:60:E6:C0:EF:50:84:46:0D:7D:E3:30:B4:63
Certificate issuer:       /CN=7E09C85B0E5ACF758DAA966E4C1E2328D0322164
Certificate serial:       397327D3A66EBD0512A1BA905B0B3249DAE7A73D
Authority key identifier: 7E:09:C8:5B:0E:5A:CF:75:8D:AA:96:6E:4C:1E:23:28:D0:32:21:64
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/34352e3233372e3231332e302f32342d3234203d3e20323638333033.roa
Signing time:             Fri 31 May 2024 13:50:18 +0000
ROA not before:           Fri 31 May 2024 13:45:18 +0000
ROA not after:            Fri 30 May 2025 13:50:18 +0000
asID:                     268303
IP address blocks:        45.237.213.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.crl
                          rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 16 Jun 2024 19:20:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:73:27:d3:a6:6e:bd:05:12:a1:ba:90:5b:0b:32:49:da:e7:a7:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7E09C85B0E5ACF758DAA966E4C1E2328D0322164
        Validity
            Not Before: May 31 13:45:18 2024 GMT
            Not After : May 30 13:50:18 2025 GMT
        Subject: CN=9EE15EEA85229C60E6C0EF5084460D7DE330B463
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:ef:f2:74:4b:27:60:5f:7c:2d:96:35:12:e8:
                    93:10:49:5e:44:b2:5f:0b:26:3c:29:46:21:55:f6:
                    f9:5a:26:b4:1f:a1:63:e4:63:2b:18:f0:95:4c:9f:
                    bf:bd:5b:10:44:dc:d0:48:7c:8c:61:e5:44:ca:1a:
                    4c:fe:eb:bb:eb:9b:38:92:30:94:ac:13:79:89:6f:
                    38:a8:bc:d1:99:2a:04:9d:31:f5:4c:0a:df:d6:1e:
                    60:b6:bf:aa:1f:64:18:78:b7:6e:89:d1:94:17:de:
                    70:f1:2b:cd:57:24:6b:da:b4:a2:95:b2:d4:06:1a:
                    4b:32:d9:a2:a1:a8:ed:f3:b3:d0:7d:80:a7:46:10:
                    37:2a:76:d6:ca:f2:d5:70:4c:a1:a8:6d:61:0a:be:
                    2c:41:79:c0:20:74:63:83:ce:45:0d:76:55:7c:a1:
                    8d:4a:74:82:79:ec:29:4f:27:ce:de:07:31:ce:1d:
                    78:8c:ac:c8:e9:bc:12:36:c9:16:77:d7:92:d5:42:
                    66:2b:dc:53:b0:20:21:89:7c:7f:ce:26:8f:d5:e7:
                    72:6d:b9:51:d5:c5:d8:08:ff:ba:ce:1b:15:ed:29:
                    7c:7d:aa:fd:ba:dd:e9:32:bb:fe:77:ec:2f:dc:88:
                    f4:bf:bc:3f:42:03:f6:bf:2a:a2:ff:c9:c6:23:88:
                    b4:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9E:E1:5E:EA:85:22:9C:60:E6:C0:EF:50:84:46:0D:7D:E3:30:B4:63
            X509v3 Authority Key Identifier:
                keyid:7E:09:C8:5B:0E:5A:CF:75:8D:AA:96:6E:4C:1E:23:28:D0:32:21:64

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/34352e3233372e3231332e302f32342d3234203d3e20323638333033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.237.213.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:11:3c:b0:a9:b3:dc:9f:0c:41:58:99:5f:91:a0:b2:fc:3d:
         f4:0c:3d:a4:b0:d8:41:59:eb:e5:65:58:f3:0a:40:56:1d:28:
         81:aa:b8:31:c9:77:0e:08:ae:a3:e2:91:ae:6e:3c:41:a5:5c:
         b0:1f:42:54:df:21:02:57:d6:ba:8e:be:ea:fe:3e:44:34:75:
         fd:72:c2:05:48:e7:e2:cf:e8:7a:53:d1:27:d2:07:15:9a:2e:
         81:bd:c7:aa:8b:30:eb:aa:b1:20:7b:2a:b0:b2:f1:0b:3f:50:
         af:8b:e2:d7:08:29:38:73:a5:67:23:29:49:ea:b8:b8:20:b9:
         27:2f:7c:34:44:a4:0f:7e:8b:30:21:c1:a7:c3:d4:84:91:ac:
         85:43:e8:17:6b:f4:4d:b8:ed:b7:90:a6:bf:fa:1c:7f:8f:35:
         6e:4d:d6:1a:ec:06:95:7b:3c:d7:79:37:ed:ba:27:85:b7:6d:
         e0:85:b2:62:fe:d6:63:d8:78:92:b1:48:90:75:d9:db:27:cf:
         b3:a9:b9:ff:02:c0:ff:71:8c:34:3b:0d:ff:ff:74:57:22:b7:
         b8:ef:2b:62:9f:1d:62:00:24:15:2e:8b:01:ec:4a:5a:c8:a7:
         ff:e3:47:7e:c3:d2:b5:e9:f0:76:91:c6:e9:8b:b9:47:38:18:
         0d:c2:71:6d
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUOXMn06ZuvQUSobqQWwsySdrnpz0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0UwOUM4NUIwRTVBQ0Y3NThEQUE5NjZFNEMxRTIzMjhE
MDMyMjE2NDAeFw0yNDA1MzExMzQ1MThaFw0yNTA1MzAxMzUwMThaMDMxMTAvBgNV
BAMTKDlFRTE1RUVBODUyMjlDNjBFNkMwRUY1MDg0NDYwRDdERTMzMEI0NjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDR7/J0SydgX3wtljUS6JMQSV5E
sl8LJjwpRiFV9vlaJrQfoWPkYysY8JVMn7+9WxBE3NBIfIxh5UTKGkz+67vrmziS
MJSsE3mJbziovNGZKgSdMfVMCt/WHmC2v6ofZBh4t26J0ZQX3nDxK81XJGvatKKV
stQGGksy2aKhqO3zs9B9gKdGEDcqdtbK8tVwTKGobWEKvixBecAgdGODzkUNdlV8
oY1KdIJ57ClPJ87eBzHOHXiMrMjpvBI2yRZ315LVQmYr3FOwICGJfH/OJo/V53Jt
uVHVxdgI/7rOGxXtKXx9qv263ekyu/537C/ciPS/vD9CA/a/KqL/ycYjiLSpAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUnuFe6oUinGDmwO9QhEYNfeMwtGMwHwYDVR0j
BBgwFoAUfgnIWw5az3WNqpZuTB4jKNAyIWQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOUhHNU5laFNBV1F5a1NDc2Z0THpqaEdlY24xbXdrMUJqa3VFSnJqWmdQ
a2IvMC83RTA5Qzg1QjBFNUFDRjc1OERBQTk2NkU0QzFFMjMyOEQwMzIyMTY0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzdFMDlDODVCMEU1QUNGNzU4
REFBOTY2RTRDMUUyMzI4RDAzMjIxNjQuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzlIRzVOZWhTQVdReWtTQ3NmdEx6amhHZWNuMW13azFCamt1RUpyalpnUGtiLzAv
MzQzNTJlMzIzMzM3MmUzMjMxMzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2
MzgzMzMwMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAAt7dUwDQYJKoZIhvcNAQELBQADggEBAJgRPLCp
s9yfDEFYmV+RoLL8PfQMPaSw2EFZ6+VlWPMKQFYdKIGquDHJdw4IrqPika5uPEGl
XLAfQlTfIQJX1rqOvur+PkQ0df1ywgVI5+LP6HpT0SfSBxWaLoG9x6qLMOuqsSB7
KrCy8Qs/UK+L4tcIKThzpWcjKUnquLgguScvfDREpA9+izAhwafD1ISRrIVD6Bdr
9E247beQpr/6HH+PNW5N1hrsBpV7PNd5N+26J4W3beCFsmL+1mPYeJKxSJB12dsn
z7Opuf8CwP9xjDQ7Df//dFcit7jvK2KfHWIAJBUuiwHsSlrIp//jR37D0rXp8HaR
xumLuUc4GA3CcW0=
-----END CERTIFICATE-----
Generated at Sun Jun 16 11:23:09 2024 by rpki-client on console-ams.rpki-client.org