Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/34352e3138372e3132302e302f32342d3234203d3e20323638353436.roa
File:                     34352e3138372e3132302e302f32342d3234203d3e20323638353436.roa (raw, json)
Hash identifier:          IPEz2G6ctUeHmMRARL3aXyZjYt0GxAqaqQynWcDu0Ug=
Subject key identifier:   CD:4D:03:8C:4E:A9:D8:F1:5B:F6:A4:3B:3C:15:D6:F2:74:91:DB:39
Certificate issuer:       /CN=32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4
Certificate serial:       6573027C1E75A1293D9AF3546C49F805854881C6
Authority key identifier: 32:C3:A2:0B:EB:E1:AC:7A:6C:3E:09:58:CC:B9:71:DE:A6:4D:E1:B4
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/34352e3138372e3132302e302f32342d3234203d3e20323638353436.roa
Signing time:             Wed 04 Jun 2025 01:05:44 +0000
ROA not before:           Wed 04 Jun 2025 01:00:44 +0000
ROA not after:            Wed 03 Jun 2026 01:05:44 +0000
asID:                     268546
IP address blocks:        45.187.120.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.crl
                          rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 05:18:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:73:02:7c:1e:75:a1:29:3d:9a:f3:54:6c:49:f8:05:85:48:81:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4
        Validity
            Not Before: Jun  4 01:00:44 2025 GMT
            Not After : Jun  3 01:05:44 2026 GMT
        Subject: CN=CD4D038C4EA9D8F15BF6A43B3C15D6F27491DB39
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:51:41:62:14:b7:21:8a:c8:f8:83:8a:77:65:
                    b3:f1:28:ef:ca:f1:bf:6a:9a:fa:fa:1e:08:f4:46:
                    03:64:65:02:14:7b:8f:05:b3:1e:54:40:0e:80:c7:
                    97:ac:3e:99:06:a7:ce:6c:ce:44:69:eb:9c:10:af:
                    b0:af:8d:d9:65:be:23:12:84:73:cf:7c:3b:2f:bf:
                    54:b8:51:a8:f8:70:3e:24:6b:d8:6c:1a:aa:2c:a0:
                    bc:98:84:45:f0:c7:d3:00:1b:1e:12:f0:29:9c:ed:
                    93:96:fc:cb:15:d2:d0:9a:81:00:aa:e7:eb:38:56:
                    f9:4f:12:26:df:a4:16:c6:b5:7e:a0:6c:ed:5e:83:
                    81:33:03:30:fb:fe:13:99:f0:59:d5:69:27:5f:3b:
                    b8:cd:3e:c0:cc:e4:8b:56:81:93:59:55:d5:cf:61:
                    ff:36:bb:69:c9:8b:1d:ab:c1:7e:a6:b3:4c:46:4f:
                    8c:ab:4a:b9:43:59:2c:4f:71:90:76:69:4f:07:9e:
                    c4:ac:77:7d:25:be:87:d9:07:a7:eb:47:8a:f5:d9:
                    bc:ea:f7:31:3a:06:9e:3d:79:a5:ed:46:e7:35:f7:
                    7f:5e:3c:34:40:a3:13:5d:26:85:95:9a:0d:f2:dd:
                    40:dd:93:76:6b:14:00:7f:2e:b3:96:f1:62:3e:dd:
                    99:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CD:4D:03:8C:4E:A9:D8:F1:5B:F6:A4:3B:3C:15:D6:F2:74:91:DB:39
            X509v3 Authority Key Identifier:
                keyid:32:C3:A2:0B:EB:E1:AC:7A:6C:3E:09:58:CC:B9:71:DE:A6:4D:E1:B4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/34352e3138372e3132302e302f32342d3234203d3e20323638353436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.187.120.0/24

    Signature Algorithm: sha256WithRSAEncryption
         41:37:d3:98:6f:0c:eb:76:90:7a:21:b5:aa:3b:4b:6d:84:fe:
         79:c1:7a:36:9a:70:03:ab:bf:08:9e:07:38:70:92:29:ae:bc:
         53:91:aa:04:62:0c:9f:e2:14:dc:10:66:35:0e:07:ea:bb:f2:
         31:17:09:61:8a:fb:2c:e4:3f:5d:78:76:9b:3c:c3:40:8b:40:
         81:91:0e:26:3f:ab:3a:f7:c7:ad:cd:30:84:69:3e:2a:b0:9c:
         92:46:28:08:ca:f8:e7:6a:9c:cb:39:84:98:db:ee:97:c6:7a:
         ee:f7:0c:8a:06:06:62:cb:06:a1:12:9b:d4:7b:a2:c3:06:2b:
         bc:db:b1:d5:b1:e8:80:f3:01:ae:59:9c:62:f2:e5:60:a4:10:
         aa:65:19:82:33:31:74:3f:30:9f:30:ea:b1:00:96:50:c5:68:
         74:9f:a8:65:44:f2:ec:d1:74:12:46:e1:6c:d1:7c:c1:bc:09:
         ea:1e:ab:f9:d8:c3:88:dd:a1:ca:6b:71:5f:9c:5c:78:d2:d7:
         ef:01:5c:10:42:a4:12:fc:90:67:35:b2:06:2d:a9:4e:cc:7a:
         a1:e8:25:bb:29:87:4c:42:c8:f6:e5:1e:c4:17:65:d2:22:3d:
         db:eb:8a:9a:e3:ff:95:eb:ed:95:6f:36:b2:72:a1:57:a0:62:
         68:04:35:af
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUZXMCfB51oSk9mvNUbEn4BYVIgcYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzJDM0EyMEJFQkUxQUM3QTZDM0UwOTU4Q0NCOTcxREVB
NjRERTFCNDAeFw0yNTA2MDQwMTAwNDRaFw0yNjA2MDMwMTA1NDRaMDMxMTAvBgNV
BAMTKENENEQwMzhDNEVBOUQ4RjE1QkY2QTQzQjNDMTVENkYyNzQ5MURCMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOUUFiFLchisj4g4p3ZbPxKO/K
8b9qmvr6Hgj0RgNkZQIUe48Fsx5UQA6Ax5esPpkGp85szkRp65wQr7CvjdllviMS
hHPPfDsvv1S4Uaj4cD4ka9hsGqosoLyYhEXwx9MAGx4S8Cmc7ZOW/MsV0tCagQCq
5+s4VvlPEibfpBbGtX6gbO1eg4EzAzD7/hOZ8FnVaSdfO7jNPsDM5ItWgZNZVdXP
Yf82u2nJix2rwX6ms0xGT4yrSrlDWSxPcZB2aU8HnsSsd30lvofZB6frR4r12bzq
9zE6Bp49eaXtRuc1939ePDRAoxNdJoWVmg3y3UDdk3ZrFAB/LrOW8WI+3ZkLAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUzU0DjE6p2PFb9qQ7PBXW8nSR2zkwHwYDVR0j
BBgwFoAUMsOiC+vhrHpsPglYzLlx3qZN4bQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQkhrR1ZkQjJoUm96ZHFoSkZmZkduTmRpY0I4aG5wdDZKclJvWG1jZ0hn
NTMvMC8zMkMzQTIwQkVCRTFBQzdBNkMzRTA5NThDQ0I5NzFERUE2NERFMUI0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzMyQzNBMjBCRUJFMUFDN0E2
QzNFMDk1OENDQjk3MURFQTY0REUxQjQuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JIa0dWZEIyaFJvemRxaEpGZmZHbk5kaWNCOGhucHQ2SnJSb1htY2dIZzUzLzAv
MzQzNTJlMzEzODM3MmUzMTMyMzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2
MzgzNTM0MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAAtu3gwDQYJKoZIhvcNAQELBQADggEBAEE305hv
DOt2kHohtao7S22E/nnBejaacAOrvwieBzhwkimuvFORqgRiDJ/iFNwQZjUOB+q7
8jEXCWGK+yzkP114dps8w0CLQIGRDiY/qzr3x63NMIRpPiqwnJJGKAjK+OdqnMs5
hJjb7pfGeu73DIoGBmLLBqESm9R7osMGK7zbsdWx6IDzAa5ZnGLy5WCkEKplGYIz
MXQ/MJ8w6rEAllDFaHSfqGVE8uzRdBJG4WzRfMG8Ceoeq/nYw4jdocprcV+cXHjS
1+8BXBBCpBL8kGc1sgYtqU7MeqHoJbsph0xCyPblHsQXZdIiPdvriprj/5Xr7ZVv
NrJyoVegYmgENa8=
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:33:37 2025 by rpki-client