Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/34352e3233372e3231352e302f32342d3234203d3e20323638333033.roa
File:                     34352e3233372e3231352e302f32342d3234203d3e20323638333033.roa (raw, json)
Hash identifier:          R2ItJsB2oTgYQ8C0PQC+vfUHLFKZX9FqOUFUnzK4HK0=
Subject key identifier:   60:B9:5E:26:AB:DD:77:15:1A:E3:12:2A:1D:38:78:85:84:FD:53:BA
Certificate issuer:       /CN=7E09C85B0E5ACF758DAA966E4C1E2328D0322164
Certificate serial:       6BF1BADC70B338D222EDFB8D40AF9718DFD1E3F5
Authority key identifier: 7E:09:C8:5B:0E:5A:CF:75:8D:AA:96:6E:4C:1E:23:28:D0:32:21:64
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/34352e3233372e3231352e302f32342d3234203d3e20323638333033.roa
Signing time:             Fri 31 May 2024 13:50:18 +0000
ROA not before:           Fri 31 May 2024 13:45:18 +0000
ROA not after:            Fri 30 May 2025 13:50:18 +0000
asID:                     268303
IP address blocks:        45.237.215.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.crl
                          rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 16 Jun 2024 19:20:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:f1:ba:dc:70:b3:38:d2:22:ed:fb:8d:40:af:97:18:df:d1:e3:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7E09C85B0E5ACF758DAA966E4C1E2328D0322164
        Validity
            Not Before: May 31 13:45:18 2024 GMT
            Not After : May 30 13:50:18 2025 GMT
        Subject: CN=60B95E26ABDD77151AE3122A1D38788584FD53BA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:cd:95:81:ce:43:bf:dd:e4:ad:3b:65:0e:2d:
                    de:32:f0:50:a0:54:7f:8e:1f:5f:b4:cd:31:0a:a7:
                    39:f7:dc:e2:d5:3b:f5:49:1c:69:bd:b1:60:04:b5:
                    09:9b:20:b3:42:72:24:17:bf:9b:f0:86:20:72:35:
                    c3:c5:72:6e:54:6a:ca:38:db:e5:98:fc:79:b4:9d:
                    03:53:af:61:ab:41:8a:a4:0b:ae:ca:33:a7:d9:f5:
                    8b:d3:05:f2:3d:4d:43:ad:3d:69:92:41:dc:59:3d:
                    b5:f0:d4:68:a8:db:77:98:fa:3d:3a:f7:76:59:63:
                    ce:35:d2:4e:d4:ab:1c:d1:82:e7:9a:8e:7b:27:27:
                    ca:d6:7e:5b:b6:ea:87:b7:bd:8e:ce:6d:68:69:ef:
                    6b:5a:46:d5:0b:cb:39:60:92:70:ef:9f:ef:90:3a:
                    41:2b:04:51:8c:4b:98:c9:49:11:2a:70:b7:15:8e:
                    23:65:c6:18:04:4e:34:70:c5:a3:62:e1:3e:cb:4c:
                    7e:7a:c0:cb:35:82:a6:74:f4:79:a8:99:55:7e:8f:
                    97:cc:a8:b5:90:0e:00:b6:9f:73:b7:3d:74:e7:13:
                    af:fc:d9:a3:f5:6b:0f:7f:85:24:0d:77:c0:22:0c:
                    1d:a5:3f:e9:87:8d:d2:0e:72:0c:8b:10:01:8a:02:
                    19:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:B9:5E:26:AB:DD:77:15:1A:E3:12:2A:1D:38:78:85:84:FD:53:BA
            X509v3 Authority Key Identifier:
                keyid:7E:09:C8:5B:0E:5A:CF:75:8D:AA:96:6E:4C:1E:23:28:D0:32:21:64

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/34352e3233372e3231352e302f32342d3234203d3e20323638333033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.237.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         34:a4:2d:82:81:46:16:4b:99:6f:03:28:7d:43:e7:d0:83:74:
         c4:f8:cc:64:76:2c:ad:c5:9a:2d:dd:11:68:36:14:07:f5:c3:
         81:13:a5:c0:70:ea:f5:f2:cc:8d:ce:c5:fb:78:9e:3b:9e:ea:
         b8:7d:26:cf:3b:31:dd:34:64:67:e0:7a:3a:2d:c0:2f:50:27:
         15:9b:10:d6:28:48:19:76:73:f4:c7:62:be:9b:2d:08:4c:91:
         9b:ab:c2:85:e9:c7:82:de:65:b3:cc:ac:e1:5c:a3:2c:bb:79:
         42:68:2d:d9:5c:b0:5a:37:c8:96:9b:20:f7:68:72:5f:90:a5:
         be:56:a2:69:4f:1b:85:ba:7e:71:13:e7:d9:8d:4a:79:0d:7d:
         b4:7f:60:b2:f7:9c:fa:6f:ce:fd:f4:5d:d6:77:7d:9e:b9:ce:
         f1:90:71:ed:f1:e3:26:2d:eb:15:89:ab:13:1c:64:3e:0a:ac:
         47:ab:60:3a:3b:83:2c:9e:23:5f:1e:d5:02:2d:b1:13:db:58:
         12:ea:91:cb:87:d3:98:ac:dd:74:a8:54:b4:1f:d6:79:1c:c1:
         11:9a:c4:60:fc:5c:9a:77:09:06:94:fd:74:1b:54:7c:34:20:
         6a:0e:92:03:34:b8:32:e8:d0:63:d1:0c:e1:c2:3a:57:d4:c2:
         86:64:b6:ce
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUa/G63HCzONIi7fuNQK+XGN/R4/UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0UwOUM4NUIwRTVBQ0Y3NThEQUE5NjZFNEMxRTIzMjhE
MDMyMjE2NDAeFw0yNDA1MzExMzQ1MThaFw0yNTA1MzAxMzUwMThaMDMxMTAvBgNV
BAMTKDYwQjk1RTI2QUJERDc3MTUxQUUzMTIyQTFEMzg3ODg1ODRGRDUzQkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyzZWBzkO/3eStO2UOLd4y8FCg
VH+OH1+0zTEKpzn33OLVO/VJHGm9sWAEtQmbILNCciQXv5vwhiByNcPFcm5Uaso4
2+WY/Hm0nQNTr2GrQYqkC67KM6fZ9YvTBfI9TUOtPWmSQdxZPbXw1Gio23eY+j06
93ZZY8410k7UqxzRgueajnsnJ8rWflu26oe3vY7ObWhp72taRtULyzlgknDvn++Q
OkErBFGMS5jJSREqcLcVjiNlxhgETjRwxaNi4T7LTH56wMs1gqZ09HmomVV+j5fM
qLWQDgC2n3O3PXTnE6/82aP1aw9/hSQNd8AiDB2lP+mHjdIOcgyLEAGKAhkZAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUYLleJqvddxUa4xIqHTh4hYT9U7owHwYDVR0j
BBgwFoAUfgnIWw5az3WNqpZuTB4jKNAyIWQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOUhHNU5laFNBV1F5a1NDc2Z0THpqaEdlY24xbXdrMUJqa3VFSnJqWmdQ
a2IvMC83RTA5Qzg1QjBFNUFDRjc1OERBQTk2NkU0QzFFMjMyOEQwMzIyMTY0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzdFMDlDODVCMEU1QUNGNzU4
REFBOTY2RTRDMUUyMzI4RDAzMjIxNjQuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzlIRzVOZWhTQVdReWtTQ3NmdEx6amhHZWNuMW13azFCamt1RUpyalpnUGtiLzAv
MzQzNTJlMzIzMzM3MmUzMjMxMzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2
MzgzMzMwMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAAt7dcwDQYJKoZIhvcNAQELBQADggEBADSkLYKB
RhZLmW8DKH1D59CDdMT4zGR2LK3Fmi3dEWg2FAf1w4ETpcBw6vXyzI3Oxft4njue
6rh9Js87Md00ZGfgejotwC9QJxWbENYoSBl2c/THYr6bLQhMkZurwoXpx4LeZbPM
rOFcoyy7eUJoLdlcsFo3yJabIPdocl+Qpb5WomlPG4W6fnET59mNSnkNfbR/YLL3
nPpvzv30XdZ3fZ65zvGQce3x4yYt6xWJqxMcZD4KrEerYDo7gyyeI18e1QItsRPb
WBLqkcuH05is3XSoVLQf1nkcwRGaxGD8XJp3CQaU/XQbVHw0IGoOkgM0uDLo0GPR
DOHCOlfUwoZkts4=
-----END CERTIFICATE-----
Generated at Sun Jun 16 10:51:39 2024 by rpki-client on console-fra.rpki-client.org