Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/B8qcsaJVHfBteNZKt3heV7iK9oLLgdHM8zJrA7VnqruF/0/34352e3138382e38382e302f32322d3232203d3e20323639353237.roa
File:                     34352e3138382e38382e302f32322d3232203d3e20323639353237.roa (raw, json)
Hash identifier:          /AJxynoBpKqf3ap3g82dgMjmUrsde87iPgZAKu06dWo=
Subject key identifier:   70:77:76:E2:56:3B:07:55:DF:C9:0B:F5:A6:92:21:53:42:51:22:FD
Certificate issuer:       /CN=76B0EA57E03504BE922FDE919983808A4300E231
Certificate serial:       30017E7C5A47171263E0A499A0219C89F6B4DFD5
Authority key identifier: 76:B0:EA:57:E0:35:04:BE:92:2F:DE:91:99:83:80:8A:43:00:E2:31
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/76B0EA57E03504BE922FDE919983808A4300E231.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/B8qcsaJVHfBteNZKt3heV7iK9oLLgdHM8zJrA7VnqruF/0/34352e3138382e38382e302f32322d3232203d3e20323639353237.roa
Signing time:             Mon 19 May 2025 19:38:01 +0000
ROA not before:           Mon 19 May 2025 19:33:01 +0000
ROA not after:            Mon 18 May 2026 19:38:01 +0000
asID:                     269527
IP address blocks:        45.188.88.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/B8qcsaJVHfBteNZKt3heV7iK9oLLgdHM8zJrA7VnqruF/0/76B0EA57E03504BE922FDE919983808A4300E231.crl
                          rsync://rpki-repo.registro.br/repo/B8qcsaJVHfBteNZKt3heV7iK9oLLgdHM8zJrA7VnqruF/0/76B0EA57E03504BE922FDE919983808A4300E231.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/76B0EA57E03504BE922FDE919983808A4300E231.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 10:40:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:01:7e:7c:5a:47:17:12:63:e0:a4:99:a0:21:9c:89:f6:b4:df:d5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=76B0EA57E03504BE922FDE919983808A4300E231
        Validity
            Not Before: May 19 19:33:01 2025 GMT
            Not After : May 18 19:38:01 2026 GMT
        Subject: CN=707776E2563B0755DFC90BF5A6922153425122FD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:91:aa:4a:8d:ac:85:dc:a2:eb:d3:01:b9:aa:
                    48:a2:80:aa:e0:d2:29:2b:7f:e6:c1:d3:4a:fc:e3:
                    2f:87:66:59:ef:9f:50:45:bc:e4:72:97:65:2d:ac:
                    d8:55:0b:ec:d2:83:7b:eb:ed:04:82:37:c1:32:44:
                    b1:b8:7d:78:2e:32:13:85:33:c2:98:0c:e5:ac:54:
                    f2:75:d3:26:c9:d4:89:4d:18:19:e6:6f:86:c6:b1:
                    51:ed:93:23:cd:00:66:dc:81:a1:1c:8d:47:f8:75:
                    9b:cb:8d:29:5d:55:8d:c1:b5:f3:ad:b1:98:d0:60:
                    11:fc:b5:8c:65:5d:da:2e:87:14:b1:94:0d:b4:8c:
                    cc:4e:35:be:80:0a:26:27:32:2b:e7:cb:31:5e:f4:
                    b4:20:d2:71:f8:7e:f5:84:0c:a8:26:16:f1:bf:56:
                    05:26:15:9f:16:43:bd:31:92:ea:c1:76:1c:a0:2a:
                    13:e0:2b:86:3d:4d:d2:1d:7e:d5:85:e5:ef:0b:e8:
                    a6:f0:5d:07:ae:6e:2b:a8:37:73:d5:1d:ca:fb:ca:
                    ed:16:f2:f1:3d:ea:49:5b:fa:b1:6b:9f:46:a4:95:
                    de:46:ac:dd:8d:4c:6c:05:98:0e:63:e5:15:15:d0:
                    4d:e3:ad:6a:9d:08:5d:9f:2e:f8:33:a5:ab:09:2a:
                    b9:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:77:76:E2:56:3B:07:55:DF:C9:0B:F5:A6:92:21:53:42:51:22:FD
            X509v3 Authority Key Identifier:
                keyid:76:B0:EA:57:E0:35:04:BE:92:2F:DE:91:99:83:80:8A:43:00:E2:31

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/B8qcsaJVHfBteNZKt3heV7iK9oLLgdHM8zJrA7VnqruF/0/76B0EA57E03504BE922FDE919983808A4300E231.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/76B0EA57E03504BE922FDE919983808A4300E231.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/B8qcsaJVHfBteNZKt3heV7iK9oLLgdHM8zJrA7VnqruF/0/34352e3138382e38382e302f32322d3232203d3e20323639353237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.188.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         69:fd:54:6a:c2:b9:33:35:af:3e:32:fb:74:62:10:8b:18:0f:
         5e:b6:8b:ff:bd:1b:5b:d8:23:87:54:9d:87:67:b6:ff:2b:ab:
         0a:ac:f7:5f:fb:0b:d3:34:42:d0:25:26:33:ec:fc:9f:16:40:
         da:d9:d5:68:09:9a:76:45:a8:2a:78:9f:d9:de:c9:bc:3a:12:
         73:bf:fb:f6:e7:f8:2b:f7:08:40:25:0c:38:cd:6a:96:c9:25:
         c5:79:c8:09:a6:c1:9e:73:36:7f:80:33:76:52:2b:ac:d3:75:
         82:5f:86:7b:09:7b:97:f7:d6:ad:d9:bb:0c:d5:e1:30:ac:de:
         7b:76:af:13:df:3d:80:c6:de:22:9d:9e:26:bb:b1:01:e4:59:
         82:1b:84:5a:32:9c:08:b2:24:bb:dd:83:3b:df:14:7b:58:1b:
         21:68:cb:82:2a:72:cf:62:98:ca:dd:8a:d1:2e:22:5d:bc:01:
         3b:98:b9:bf:06:c5:2e:b0:16:e6:cd:0c:bb:40:e7:58:f5:bd:
         e8:67:38:71:ab:27:76:55:00:3e:8c:2b:40:58:3c:b1:6f:72:
         37:74:14:70:30:eb:ea:9d:51:a2:60:24:2b:90:a8:3f:f8:7d:
         4d:05:8e:a5:d0:5a:88:d6:cd:96:c0:3d:b0:98:be:92:c6:24:
         c4:90:f3:88
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUMAF+fFpHFxJj4KSZoCGcifa039UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzZCMEVBNTdFMDM1MDRCRTkyMkZERTkxOTk4MzgwOEE0
MzAwRTIzMTAeFw0yNTA1MTkxOTMzMDFaFw0yNjA1MTgxOTM4MDFaMDMxMTAvBgNV
BAMTKDcwNzc3NkUyNTYzQjA3NTVERkM5MEJGNUE2OTIyMTUzNDI1MTIyRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBkapKjayF3KLr0wG5qkiigKrg
0ikrf+bB00r84y+HZlnvn1BFvORyl2UtrNhVC+zSg3vr7QSCN8EyRLG4fXguMhOF
M8KYDOWsVPJ10ybJ1IlNGBnmb4bGsVHtkyPNAGbcgaEcjUf4dZvLjSldVY3BtfOt
sZjQYBH8tYxlXdouhxSxlA20jMxONb6ACiYnMivnyzFe9LQg0nH4fvWEDKgmFvG/
VgUmFZ8WQ70xkurBdhygKhPgK4Y9TdIdftWF5e8L6KbwXQeubiuoN3PVHcr7yu0W
8vE96klb+rFrn0akld5GrN2NTGwFmA5j5RUV0E3jrWqdCF2fLvgzpasJKrmrAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUcHd24lY7B1XfyQv1ppIhU0JRIv0wHwYDVR0j
BBgwFoAUdrDqV+A1BL6SL96RmYOAikMA4jEwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQjhxY3NhSlZIZkJ0ZU5aS3QzaGVWN2lLOW9MTGdkSE04ekpyQTdWbnFy
dUYvMC83NkIwRUE1N0UwMzUwNEJFOTIyRkRFOTE5OTgzODA4QTQzMDBFMjMxLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzc2QjBFQTU3RTAzNTA0QkU5
MjJGREU5MTk5ODM4MDhBNDMwMEUyMzEuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0I4cWNzYUpWSGZCdGVOWkt0M2hlVjdpSzlvTExnZEhNOHpKckE3Vm5xcnVGLzAv
MzQzNTJlMzEzODM4MmUzODM4MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzNjM5
MzUzMjM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCLbxYMA0GCSqGSIb3DQEBCwUAA4IBAQBp/VRqwrkz
Na8+Mvt0YhCLGA9etov/vRtb2COHVJ2HZ7b/K6sKrPdf+wvTNELQJSYz7PyfFkDa
2dVoCZp2RagqeJ/Z3sm8OhJzv/v25/gr9whAJQw4zWqWySXFecgJpsGeczZ/gDN2
Uius03WCX4Z7CXuX99at2bsM1eEwrN57dq8T3z2Axt4inZ4mu7EB5FmCG4RaMpwI
siS73YM73xR7WBshaMuCKnLPYpjK3YrRLiJdvAE7mLm/BsUusBbmzQy7QOdY9b3o
Zzhxqyd2VQA+jCtAWDyxb3I3dBRwMOvqnVGiYCQrkKg/+H1NBY6l0FqI1s2WwD2w
mL6SxiTEkPOI
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:23:56 2025 by rpki-client