Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/Afzi3DnYwho28VDmKjRaUX53dmetK6yPwdVxDEUX9NLo/1/34352e37312e3132392e302f32342d3234203d3e20323637363038.roa
File:                     34352e37312e3132392e302f32342d3234203d3e20323637363038.roa (raw, json)
Hash identifier:          WUCDWvohRvrvS96YeTgKOoiwhEFdcMNtCYW0E426cwU=
Subject key identifier:   D1:65:91:E8:A7:18:3E:A2:3E:96:ED:A4:18:4D:54:74:F4:C6:50:83
Certificate issuer:       /CN=371070DB3AF9489AC044A01894F7F3DEA5016C1F
Certificate serial:       3A115AA9EE2A1D7482E640AFE8469D1222766E7C
Authority key identifier: 37:10:70:DB:3A:F9:48:9A:C0:44:A0:18:94:F7:F3:DE:A5:01:6C:1F
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/371070DB3AF9489AC044A01894F7F3DEA5016C1F.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/Afzi3DnYwho28VDmKjRaUX53dmetK6yPwdVxDEUX9NLo/1/34352e37312e3132392e302f32342d3234203d3e20323637363038.roa
Signing time:             Fri 30 May 2025 23:27:08 +0000
ROA not before:           Fri 30 May 2025 23:22:08 +0000
ROA not after:            Fri 29 May 2026 23:27:08 +0000
asID:                     267608
IP address blocks:        45.71.129.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/Afzi3DnYwho28VDmKjRaUX53dmetK6yPwdVxDEUX9NLo/1/371070DB3AF9489AC044A01894F7F3DEA5016C1F.crl
                          rsync://rpki-repo.registro.br/repo/Afzi3DnYwho28VDmKjRaUX53dmetK6yPwdVxDEUX9NLo/1/371070DB3AF9489AC044A01894F7F3DEA5016C1F.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/371070DB3AF9489AC044A01894F7F3DEA5016C1F.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 06:24:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:11:5a:a9:ee:2a:1d:74:82:e6:40:af:e8:46:9d:12:22:76:6e:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=371070DB3AF9489AC044A01894F7F3DEA5016C1F
        Validity
            Not Before: May 30 23:22:08 2025 GMT
            Not After : May 29 23:27:08 2026 GMT
        Subject: CN=D16591E8A7183EA23E96EDA4184D5474F4C65083
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:f5:15:21:85:70:d6:de:88:33:0e:f8:75:da:
                    9b:d0:96:cf:0b:12:93:27:d7:5d:73:64:be:d6:ae:
                    ad:3e:65:33:22:01:22:b7:ff:d0:51:d0:bf:7c:cb:
                    9d:86:8e:b8:a7:d4:d8:e3:35:56:af:3e:25:e1:a9:
                    af:88:6a:d7:38:de:0a:71:d5:03:46:91:d7:0c:8d:
                    78:2b:16:24:b9:a9:1a:15:63:a4:21:68:b8:a2:2b:
                    7d:86:e8:df:de:e6:07:ec:b1:20:2e:73:38:aa:e8:
                    48:cf:86:0f:70:04:e8:2f:fb:91:1c:4e:0b:55:6a:
                    d2:58:73:f0:8a:99:42:93:c1:11:83:1c:b9:84:61:
                    5b:dc:0b:51:4f:37:96:e4:3c:a0:d3:6d:c6:69:63:
                    a1:0a:a7:22:16:47:52:de:59:99:ef:26:8a:78:85:
                    84:70:32:f8:a6:b7:b7:86:7a:22:e6:0c:39:82:90:
                    c0:37:72:5b:4c:7d:fe:b9:5a:a3:53:04:5a:dc:bd:
                    2d:ca:ca:ca:ed:f1:de:30:6c:f9:6d:d7:82:e7:2c:
                    c4:09:18:46:9f:52:e3:82:e1:32:6b:8f:27:15:1d:
                    87:7b:a2:11:49:96:f9:dd:34:2d:06:62:b6:18:c7:
                    9b:43:07:99:72:17:c1:d2:a5:94:3b:0e:a9:69:61:
                    75:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:65:91:E8:A7:18:3E:A2:3E:96:ED:A4:18:4D:54:74:F4:C6:50:83
            X509v3 Authority Key Identifier:
                keyid:37:10:70:DB:3A:F9:48:9A:C0:44:A0:18:94:F7:F3:DE:A5:01:6C:1F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/Afzi3DnYwho28VDmKjRaUX53dmetK6yPwdVxDEUX9NLo/1/371070DB3AF9489AC044A01894F7F3DEA5016C1F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/371070DB3AF9489AC044A01894F7F3DEA5016C1F.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/Afzi3DnYwho28VDmKjRaUX53dmetK6yPwdVxDEUX9NLo/1/34352e37312e3132392e302f32342d3234203d3e20323637363038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.71.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         15:a8:b7:92:df:12:06:e7:14:7b:5a:f9:06:46:5c:40:a0:26:
         82:56:da:89:2d:3a:66:19:a2:c5:ab:92:d2:5a:77:8f:85:64:
         34:78:f2:87:72:5d:fe:24:f5:ae:f3:25:9e:73:7f:53:24:e4:
         f9:d5:ac:f1:59:68:fc:36:d9:82:9d:70:dd:79:45:bb:a5:7d:
         56:00:b3:a0:49:61:11:56:b3:3b:ab:90:52:05:bd:a2:79:56:
         fe:c6:30:01:72:18:11:97:e0:36:05:cc:76:f9:1f:63:3a:0e:
         eb:8e:df:0b:77:6d:84:ca:3a:72:84:28:ee:2c:c0:7d:4f:b2:
         80:84:52:ce:43:45:0e:fd:a4:6d:84:ac:7b:27:89:de:72:11:
         2f:90:36:3d:b5:70:85:2a:2d:55:a8:ed:c0:67:63:92:78:92:
         4e:b4:c3:fb:79:45:6f:2e:85:29:8b:4e:0e:00:d2:d1:a4:52:
         14:47:92:79:0e:bb:40:db:78:40:e4:f1:85:4e:e9:ca:2f:55:
         95:af:c1:0f:9d:84:e3:f2:75:1b:7f:0c:5b:7d:a8:2a:74:b3:
         24:ed:45:30:da:35:96:53:14:9f:82:43:4d:e4:a5:0b:e5:c4:
         c7:e6:6d:e9:df:c5:16:c2:0c:22:4c:75:9c:57:41:93:3b:21:
         29:56:e2:69
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUOhFaqe4qHXSC5kCv6EadEiJ2bnwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzcxMDcwREIzQUY5NDg5QUMwNDRBMDE4OTRGN0YzREVB
NTAxNkMxRjAeFw0yNTA1MzAyMzIyMDhaFw0yNjA1MjkyMzI3MDhaMDMxMTAvBgNV
BAMTKEQxNjU5MUU4QTcxODNFQTIzRTk2RURBNDE4NEQ1NDc0RjRDNjUwODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCY9RUhhXDW3ogzDvh12pvQls8L
EpMn111zZL7Wrq0+ZTMiASK3/9BR0L98y52Gjrin1NjjNVavPiXhqa+Iatc43gpx
1QNGkdcMjXgrFiS5qRoVY6QhaLiiK32G6N/e5gfssSAucziq6EjPhg9wBOgv+5Ec
TgtVatJYc/CKmUKTwRGDHLmEYVvcC1FPN5bkPKDTbcZpY6EKpyIWR1LeWZnvJop4
hYRwMvimt7eGeiLmDDmCkMA3cltMff65WqNTBFrcvS3Kysrt8d4wbPlt14LnLMQJ
GEafUuOC4TJrjycVHYd7ohFJlvndNC0GYrYYx5tDB5lyF8HSpZQ7DqlpYXVJAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQU0WWR6KcYPqI+lu2kGE1UdPTGUIMwHwYDVR0j
BBgwFoAUNxBw2zr5SJrARKAYlPfz3qUBbB8wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQWZ6aTNEbll3aG8yOFZEbUtqUmFVWDUzZG1ldEs2eVB3ZFZ4REVVWDlO
TG8vMS8zNzEwNzBEQjNBRjk0ODlBQzA0NEEwMTg5NEY3RjNERUE1MDE2QzFGLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzM3MTA3MERCM0FGOTQ4OUFD
MDQ0QTAxODk0RjdGM0RFQTUwMTZDMUYuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0FmemkzRG5Zd2hvMjhWRG1LalJhVVg1M2RtZXRLNnlQd2RWeERFVVg5TkxvLzEv
MzQzNTJlMzczMTJlMzEzMjM5MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM3
MzYzMDM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQALUeBMA0GCSqGSIb3DQEBCwUAA4IBAQAVqLeS3xIG
5xR7WvkGRlxAoCaCVtqJLTpmGaLFq5LSWnePhWQ0ePKHcl3+JPWu8yWec39TJOT5
1azxWWj8NtmCnXDdeUW7pX1WALOgSWERVrM7q5BSBb2ieVb+xjABchgRl+A2Bcx2
+R9jOg7rjt8Ld22EyjpyhCjuLMB9T7KAhFLOQ0UO/aRthKx7J4nechEvkDY9tXCF
Ki1VqO3AZ2OSeJJOtMP7eUVvLoUpi04OANLRpFIUR5J5DrtA23hA5PGFTunKL1WV
r8EPnYTj8nUbfwxbfagqdLMk7UUw2jWWUxSfgkNN5KUL5cTH5m3p38UWwgwiTHWc
V0GTOyEpVuJp
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:22:03 2025 by rpki-client