Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/34352e3233372e3231342e302f32342d3234203d3e20323638333033.roa
File:                     34352e3233372e3231342e302f32342d3234203d3e20323638333033.roa (raw, json)
Hash identifier:          NYW/bHlwlqPAyhVk8uPbhTZu+5Q+DhlXWgy6cwpDJpI=
Subject key identifier:   58:3E:97:41:A9:25:DB:D1:8C:20:C3:D8:98:22:62:C1:FE:62:DF:BD
Certificate issuer:       /CN=7E09C85B0E5ACF758DAA966E4C1E2328D0322164
Certificate serial:       6C5ADEE1B10964C3A1936DDF73C009206C02E9B6
Authority key identifier: 7E:09:C8:5B:0E:5A:CF:75:8D:AA:96:6E:4C:1E:23:28:D0:32:21:64
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/34352e3233372e3231342e302f32342d3234203d3e20323638333033.roa
Signing time:             Fri 31 May 2024 13:50:19 +0000
ROA not before:           Fri 31 May 2024 13:45:19 +0000
ROA not after:            Fri 30 May 2025 13:50:19 +0000
asID:                     268303
IP address blocks:        45.237.214.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.crl
                          rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 16 Jun 2024 19:20:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:5a:de:e1:b1:09:64:c3:a1:93:6d:df:73:c0:09:20:6c:02:e9:b6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7E09C85B0E5ACF758DAA966E4C1E2328D0322164
        Validity
            Not Before: May 31 13:45:19 2024 GMT
            Not After : May 30 13:50:19 2025 GMT
        Subject: CN=583E9741A925DBD18C20C3D8982262C1FE62DFBD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:63:ff:d7:c6:8d:9f:66:ad:f2:c4:9a:e5:4f:
                    80:8c:18:cc:2d:5f:a8:28:5e:67:22:33:89:a4:f5:
                    ac:1e:9f:2b:db:d1:9a:20:af:4f:a3:b2:a9:cc:96:
                    b8:c0:06:a6:e8:33:a8:39:5f:fa:5a:ce:87:02:50:
                    ab:0e:6b:56:43:9e:11:ee:0a:97:f5:74:2a:19:47:
                    86:56:c2:37:c8:07:a1:ff:0d:79:fb:04:9f:9d:70:
                    ce:56:30:9d:c2:d9:87:57:e0:61:9e:0d:85:5e:a7:
                    7b:48:aa:d0:9f:5f:42:ea:32:82:bc:72:47:6b:21:
                    e7:ba:7d:41:c2:e3:35:94:94:b9:3f:c4:ef:6c:a5:
                    79:5e:fe:72:c9:80:07:95:67:39:f6:84:aa:19:6d:
                    39:d1:f5:8e:3c:5c:56:fd:19:82:16:21:d7:99:90:
                    c7:27:d0:15:57:24:4d:36:b9:e5:50:9b:13:c3:0d:
                    dc:03:b6:05:96:f0:1b:37:65:22:87:54:39:e1:66:
                    02:b7:5d:e0:62:c7:61:be:11:a1:a2:f4:12:6e:d7:
                    f6:09:83:85:e4:c5:15:fd:23:52:dc:dc:98:d6:a7:
                    d1:fa:de:12:9d:92:82:3f:e8:cd:e4:81:bb:bc:fe:
                    24:c1:a1:17:fc:47:28:26:b1:c3:fc:11:80:d7:7b:
                    2d:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                58:3E:97:41:A9:25:DB:D1:8C:20:C3:D8:98:22:62:C1:FE:62:DF:BD
            X509v3 Authority Key Identifier:
                keyid:7E:09:C8:5B:0E:5A:CF:75:8D:AA:96:6E:4C:1E:23:28:D0:32:21:64

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/34352e3233372e3231342e302f32342d3234203d3e20323638333033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.237.214.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:73:54:eb:5d:94:27:71:6c:25:08:05:06:56:a9:b9:db:cc:
         b7:47:77:3b:5d:88:0c:66:32:44:e7:8d:c3:cf:fe:22:85:d6:
         19:9a:7a:02:c9:f6:77:b1:27:b6:25:4c:63:1d:aa:8c:af:f4:
         28:20:49:18:49:f6:9e:89:04:38:ee:7e:5c:3b:b9:49:02:62:
         e1:53:f7:f3:9a:a8:9e:a9:10:9e:2f:4e:14:42:74:00:e2:3b:
         68:91:a0:61:37:c0:a2:3f:87:d0:28:87:cf:dd:8c:bf:e3:34:
         76:9c:07:15:41:35:95:ff:9a:83:a5:f2:57:2e:69:f2:c1:8a:
         a2:1a:eb:31:57:15:dd:1f:19:59:9e:a1:4a:aa:f5:fb:21:3c:
         16:34:60:de:90:1d:96:c2:76:8c:84:f7:44:f8:bb:54:d9:d4:
         06:98:b3:80:92:d0:34:8e:0f:5f:c7:b8:fd:c3:17:a1:cc:7b:
         66:25:be:38:b5:7a:38:7b:b6:2f:89:25:c1:76:9b:67:a6:b1:
         57:ec:c5:75:0e:a1:45:70:0b:f6:4c:42:92:fd:08:27:16:a5:
         7a:99:20:cc:5e:78:f7:9e:28:a7:d7:13:64:ed:bf:52:68:81:
         82:bb:0e:36:3a:f3:3b:bd:00:97:c5:1e:f3:dc:df:86:6d:d1:
         e5:40:60:b9
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUbFre4bEJZMOhk23fc8AJIGwC6bYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0UwOUM4NUIwRTVBQ0Y3NThEQUE5NjZFNEMxRTIzMjhE
MDMyMjE2NDAeFw0yNDA1MzExMzQ1MTlaFw0yNTA1MzAxMzUwMTlaMDMxMTAvBgNV
BAMTKDU4M0U5NzQxQTkyNURCRDE4QzIwQzNEODk4MjI2MkMxRkU2MkRGQkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7Y//Xxo2fZq3yxJrlT4CMGMwt
X6goXmciM4mk9awenyvb0Zogr0+jsqnMlrjABqboM6g5X/pazocCUKsOa1ZDnhHu
Cpf1dCoZR4ZWwjfIB6H/DXn7BJ+dcM5WMJ3C2YdX4GGeDYVep3tIqtCfX0LqMoK8
ckdrIee6fUHC4zWUlLk/xO9spXle/nLJgAeVZzn2hKoZbTnR9Y48XFb9GYIWIdeZ
kMcn0BVXJE02ueVQmxPDDdwDtgWW8Bs3ZSKHVDnhZgK3XeBix2G+EaGi9BJu1/YJ
g4XkxRX9I1Lc3JjWp9H63hKdkoI/6M3kgbu8/iTBoRf8RygmscP8EYDXey1JAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUWD6XQakl29GMIMPYmCJiwf5i370wHwYDVR0j
BBgwFoAUfgnIWw5az3WNqpZuTB4jKNAyIWQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOUhHNU5laFNBV1F5a1NDc2Z0THpqaEdlY24xbXdrMUJqa3VFSnJqWmdQ
a2IvMC83RTA5Qzg1QjBFNUFDRjc1OERBQTk2NkU0QzFFMjMyOEQwMzIyMTY0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzdFMDlDODVCMEU1QUNGNzU4
REFBOTY2RTRDMUUyMzI4RDAzMjIxNjQuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzlIRzVOZWhTQVdReWtTQ3NmdEx6amhHZWNuMW13azFCamt1RUpyalpnUGtiLzAv
MzQzNTJlMzIzMzM3MmUzMjMxMzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2
MzgzMzMwMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAAt7dYwDQYJKoZIhvcNAQELBQADggEBAE5zVOtd
lCdxbCUIBQZWqbnbzLdHdztdiAxmMkTnjcPP/iKF1hmaegLJ9nexJ7YlTGMdqoyv
9CggSRhJ9p6JBDjuflw7uUkCYuFT9/OaqJ6pEJ4vThRCdADiO2iRoGE3wKI/h9Ao
h8/djL/jNHacBxVBNZX/moOl8lcuafLBiqIa6zFXFd0fGVmeoUqq9fshPBY0YN6Q
HZbCdoyE90T4u1TZ1AaYs4CS0DSOD1/HuP3DF6HMe2Ylvji1ejh7ti+JJcF2m2em
sVfsxXUOoUVwC/ZMQpL9CCcWpXqZIMxeePeeKKfXE2Ttv1JogYK7DjY68zu9AJfF
HvPc34Zt0eVAYLk=
-----END CERTIFICATE-----
Generated at Sun Jun 16 10:51:39 2024 by rpki-client on console-fra.rpki-client.org