Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/34352e3233372e3231352e302f32342d3234203d3e20323638333033.roa
File:                     34352e3233372e3231352e302f32342d3234203d3e20323638333033.roa (raw, json)
Hash identifier:          6WI4TSxV1fedjh4uELpG58iMuK4njdSw/VwH8RA3jus=
Subject key identifier:   C5:D3:23:79:97:4B:48:99:46:84:F7:A1:5B:A8:49:E0:91:BD:75:DD
Certificate issuer:       /CN=7E09C85B0E5ACF758DAA966E4C1E2328D0322164
Certificate serial:       10BB9A1EC15683B93D83EE496DEEEC2AED7B4A02
Authority key identifier: 7E:09:C8:5B:0E:5A:CF:75:8D:AA:96:6E:4C:1E:23:28:D0:32:21:64
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/34352e3233372e3231352e302f32342d3234203d3e20323638333033.roa
Signing time:             Fri 02 May 2025 14:16:00 +0000
ROA not before:           Fri 02 May 2025 14:11:00 +0000
ROA not after:            Fri 01 May 2026 14:16:00 +0000
asID:                     268303
IP address blocks:        45.237.215.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.crl
                          rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 13:15:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:bb:9a:1e:c1:56:83:b9:3d:83:ee:49:6d:ee:ec:2a:ed:7b:4a:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7E09C85B0E5ACF758DAA966E4C1E2328D0322164
        Validity
            Not Before: May  2 14:11:00 2025 GMT
            Not After : May  1 14:16:00 2026 GMT
        Subject: CN=C5D32379974B48994684F7A15BA849E091BD75DD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:3e:53:f2:ab:6c:22:57:c2:60:7e:ea:d2:96:
                    56:ff:0e:28:3c:f1:2b:a8:6a:6b:5a:7f:55:21:5f:
                    e3:49:02:60:33:4e:a7:b3:05:ba:72:04:f2:96:a6:
                    90:67:26:49:e5:6c:17:29:5c:06:ef:9e:86:5d:54:
                    fb:53:ed:ed:b7:00:c7:63:f3:33:4b:30:13:de:c2:
                    2d:15:1d:e3:f1:0f:e8:46:ba:76:80:09:f3:64:6d:
                    60:9e:e3:c0:1e:cd:38:5c:2d:a6:44:66:5d:95:f3:
                    7c:9b:da:00:3f:65:6c:af:e4:2d:b7:0f:74:24:2f:
                    a0:13:57:f0:59:b7:03:4c:d3:b6:e6:de:d0:09:16:
                    57:bb:32:a0:58:00:bf:f6:96:af:3f:8d:a0:5f:f3:
                    08:12:f9:37:47:e4:06:9e:5b:9d:56:ea:29:9b:fe:
                    68:3e:c0:2f:4f:6a:2d:cf:66:05:db:19:28:9c:11:
                    5c:1c:6a:bb:a4:56:58:d7:a8:58:de:82:92:21:c6:
                    a5:70:72:86:d4:21:9b:b3:2c:ba:99:84:4c:d0:01:
                    0e:ff:ce:a4:9c:0e:62:b3:39:95:5a:87:03:d3:ed:
                    a0:fa:d8:3a:9e:9f:50:da:2e:05:62:5e:80:5a:b9:
                    c1:0f:a0:5b:8f:f0:3d:c2:73:3f:12:40:90:70:1a:
                    ac:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:D3:23:79:97:4B:48:99:46:84:F7:A1:5B:A8:49:E0:91:BD:75:DD
            X509v3 Authority Key Identifier:
                keyid:7E:09:C8:5B:0E:5A:CF:75:8D:AA:96:6E:4C:1E:23:28:D0:32:21:64

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/7E09C85B0E5ACF758DAA966E4C1E2328D0322164.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/9HG5NehSAWQykSCsftLzjhGecn1mwk1BjkuEJrjZgPkb/0/34352e3233372e3231352e302f32342d3234203d3e20323638333033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.237.215.0/24

    Signature Algorithm: sha256WithRSAEncryption
         5b:4d:e0:14:68:85:2e:17:7a:7d:d1:f4:c1:77:24:82:8b:88:
         aa:74:55:06:90:f6:57:ae:58:10:4e:e8:6c:0b:16:a5:a2:94:
         3f:3c:85:af:7a:bb:68:48:8b:d3:36:39:8a:9d:6f:25:7f:c3:
         a3:1b:f2:98:da:62:32:4b:9d:01:fa:db:f8:74:43:a9:72:3d:
         aa:8e:27:88:2d:85:34:23:5d:66:68:c5:af:84:57:56:c5:b9:
         74:ae:c8:73:08:55:e0:03:46:da:26:ab:c2:d4:8f:e5:6d:a6:
         78:94:99:f4:57:da:7a:90:72:da:82:b1:1a:07:f5:16:2f:37:
         07:de:a1:43:fd:27:13:4e:c0:f9:87:ec:01:4d:b4:e2:e4:03:
         2f:f3:f8:73:34:eb:fd:c8:8d:cd:43:41:8f:ed:c0:e2:2d:08:
         03:13:79:eb:17:83:11:98:5a:99:34:5a:f8:ee:17:b8:25:ca:
         cd:a2:ba:c9:68:df:a8:29:90:a6:db:84:3a:b1:cb:82:f1:77:
         64:a7:98:60:8f:c3:ed:d1:7a:c8:c0:19:fb:63:da:4c:21:f9:
         44:c7:6e:11:9f:64:06:30:1a:4e:19:9e:6d:6d:2a:02:b4:d5:
         47:a6:85:e6:b2:0a:43:cb:40:c4:e0:3d:85:79:08:43:01:ff:
         4e:35:98:e0
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUELuaHsFWg7k9g+5Jbe7sKu17SgIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0UwOUM4NUIwRTVBQ0Y3NThEQUE5NjZFNEMxRTIzMjhE
MDMyMjE2NDAeFw0yNTA1MDIxNDExMDBaFw0yNjA1MDExNDE2MDBaMDMxMTAvBgNV
BAMTKEM1RDMyMzc5OTc0QjQ4OTk0Njg0RjdBMTVCQTg0OUUwOTFCRDc1REQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzPlPyq2wiV8JgfurSllb/Dig8
8Suoamtaf1UhX+NJAmAzTqezBbpyBPKWppBnJknlbBcpXAbvnoZdVPtT7e23AMdj
8zNLMBPewi0VHePxD+hGunaACfNkbWCe48AezThcLaZEZl2V83yb2gA/ZWyv5C23
D3QkL6ATV/BZtwNM07bm3tAJFle7MqBYAL/2lq8/jaBf8wgS+TdH5AaeW51W6imb
/mg+wC9Pai3PZgXbGSicEVwcarukVljXqFjegpIhxqVwcobUIZuzLLqZhEzQAQ7/
zqScDmKzOZVahwPT7aD62Dqen1DaLgViXoBaucEPoFuP8D3Ccz8SQJBwGqxjAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUxdMjeZdLSJlGhPehW6hJ4JG9dd0wHwYDVR0j
BBgwFoAUfgnIWw5az3WNqpZuTB4jKNAyIWQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOUhHNU5laFNBV1F5a1NDc2Z0THpqaEdlY24xbXdrMUJqa3VFSnJqWmdQ
a2IvMC83RTA5Qzg1QjBFNUFDRjc1OERBQTk2NkU0QzFFMjMyOEQwMzIyMTY0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzdFMDlDODVCMEU1QUNGNzU4
REFBOTY2RTRDMUUyMzI4RDAzMjIxNjQuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzlIRzVOZWhTQVdReWtTQ3NmdEx6amhHZWNuMW13azFCamt1RUpyalpnUGtiLzAv
MzQzNTJlMzIzMzM3MmUzMjMxMzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2
MzgzMzMwMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAAt7dcwDQYJKoZIhvcNAQELBQADggEBAFtN4BRo
hS4Xen3R9MF3JIKLiKp0VQaQ9leuWBBO6GwLFqWilD88ha96u2hIi9M2OYqdbyV/
w6Mb8pjaYjJLnQH62/h0Q6lyPaqOJ4gthTQjXWZoxa+EV1bFuXSuyHMIVeADRtom
q8LUj+VtpniUmfRX2nqQctqCsRoH9RYvNwfeoUP9JxNOwPmH7AFNtOLkAy/z+HM0
6/3Ijc1DQY/twOItCAMTeesXgxGYWpk0WvjuF7glys2iuslo36gpkKbbhDqxy4Lx
d2SnmGCPw+3ResjAGftj2kwh+UTHbhGfZAYwGk4Znm1tKgK01UemheayCkPLQMTg
PYV5CEMB/041mOA=
-----END CERTIFICATE-----
Generated at Tue Jun 10 01:23:51 2025 by rpki-client