Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/DQ1svLaooAzooDnkgpsj3J38FLvuxpkrEu6byws8ZCLh/0/34352e3233332e3232342e302f32322d3234203d3e20323637333330.roa
File:                     34352e3233332e3232342e302f32322d3234203d3e20323637333330.roa (raw, json)
Hash identifier:          kp/r+H7c4TwcaB0mUlBwZuxFIh0gPOyLDxGJmgq/c20=
Subject key identifier:   88:54:49:4F:8B:D7:F0:4D:85:92:8C:99:10:6F:86:31:16:B7:5F:75
Certificate issuer:       /CN=CF003B615CAAD618C94E1EB995B64B55082F0C0C
Certificate serial:       01F64C8DCFE567918883899C5D3F71D8B62F6311
Authority key identifier: CF:00:3B:61:5C:AA:D6:18:C9:4E:1E:B9:95:B6:4B:55:08:2F:0C:0C
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/CF003B615CAAD618C94E1EB995B64B55082F0C0C.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/DQ1svLaooAzooDnkgpsj3J38FLvuxpkrEu6byws8ZCLh/0/34352e3233332e3232342e302f32322d3234203d3e20323637333330.roa
Signing time:             Mon 22 Apr 2024 13:16:07 +0000
ROA not before:           Mon 22 Apr 2024 13:11:07 +0000
ROA not after:            Mon 21 Apr 2025 13:16:07 +0000
asID:                     267330
IP address blocks:        45.233.224.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/DQ1svLaooAzooDnkgpsj3J38FLvuxpkrEu6byws8ZCLh/0/CF003B615CAAD618C94E1EB995B64B55082F0C0C.crl
                          rsync://rpki-repo.registro.br/repo/DQ1svLaooAzooDnkgpsj3J38FLvuxpkrEu6byws8ZCLh/0/CF003B615CAAD618C94E1EB995B64B55082F0C0C.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/CF003B615CAAD618C94E1EB995B64B55082F0C0C.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Jun 2024 11:54:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:f6:4c:8d:cf:e5:67:91:88:83:89:9c:5d:3f:71:d8:b6:2f:63:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CF003B615CAAD618C94E1EB995B64B55082F0C0C
        Validity
            Not Before: Apr 22 13:11:07 2024 GMT
            Not After : Apr 21 13:16:07 2025 GMT
        Subject: CN=8854494F8BD7F04D85928C99106F863116B75F75
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:08:b4:2e:d6:1e:ec:eb:4d:85:f4:13:0f:4b:
                    3f:8c:45:3f:8a:9c:e1:98:2b:de:19:20:ca:1d:88:
                    3b:db:b3:17:26:8a:7f:b6:d1:46:c8:e7:bd:22:b5:
                    0b:f6:a4:9b:84:e2:ff:2f:e4:f1:02:08:d1:9a:6b:
                    17:98:93:76:ce:e6:fa:6f:45:1d:40:67:28:74:3f:
                    37:80:3c:32:00:6e:3c:f7:ce:bd:1f:3f:de:53:8a:
                    04:f7:d6:51:ba:64:b4:53:48:e9:4d:bc:b3:c7:6a:
                    7a:37:93:ad:b7:2b:9d:0b:b2:ae:58:31:0b:77:99:
                    c7:25:56:ee:84:c8:5e:ab:ec:be:50:11:f5:7a:f5:
                    9d:2e:88:44:cd:50:2e:a0:4a:f6:7f:09:30:d7:d6:
                    b7:7a:18:dc:89:42:1c:f6:59:9f:20:3d:6c:a8:81:
                    98:7a:56:fb:38:34:94:50:e2:83:31:af:8e:7f:a6:
                    65:64:cf:5a:1a:42:8d:9a:3a:00:90:f5:6e:25:56:
                    75:10:ed:cc:6d:8a:38:66:0b:6e:78:94:c5:e6:47:
                    bd:69:ed:62:7d:9e:06:09:30:eb:f6:8d:b5:a1:82:
                    c7:20:a3:6e:96:fb:04:d0:95:53:97:32:47:af:4d:
                    6a:d4:0f:bc:4e:e5:d3:60:67:06:1b:89:30:ef:39:
                    88:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:54:49:4F:8B:D7:F0:4D:85:92:8C:99:10:6F:86:31:16:B7:5F:75
            X509v3 Authority Key Identifier:
                keyid:CF:00:3B:61:5C:AA:D6:18:C9:4E:1E:B9:95:B6:4B:55:08:2F:0C:0C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/DQ1svLaooAzooDnkgpsj3J38FLvuxpkrEu6byws8ZCLh/0/CF003B615CAAD618C94E1EB995B64B55082F0C0C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/CF003B615CAAD618C94E1EB995B64B55082F0C0C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/DQ1svLaooAzooDnkgpsj3J38FLvuxpkrEu6byws8ZCLh/0/34352e3233332e3232342e302f32322d3234203d3e20323637333330.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.233.224.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1e:9e:ca:3f:92:f5:cb:22:75:f9:74:3e:ba:52:20:39:7e:ed:
         93:27:d4:72:59:35:31:6c:e9:0f:14:f2:ae:2c:34:7e:fe:ed:
         92:18:ed:a6:c4:42:8f:90:bc:b1:92:24:d7:bf:bf:0f:97:68:
         5c:5a:0d:41:e2:46:a9:1a:55:4a:03:6e:69:e6:ac:73:df:e5:
         f4:31:2c:f2:e6:52:84:fa:93:22:3b:c5:e5:f3:9e:58:f3:4f:
         ad:47:90:21:0e:84:58:a8:ca:20:b7:42:15:e5:64:3c:81:88:
         ca:77:a2:d5:64:87:6a:72:d9:a0:2b:83:bc:2f:76:ae:c2:77:
         a9:f3:90:ba:e3:98:a9:d8:d2:d3:c7:d9:2c:36:f2:5f:55:9d:
         63:8c:88:e9:91:5b:45:6f:ad:aa:b6:f5:4c:d6:54:71:34:d5:
         65:17:66:6a:fb:d2:79:9f:aa:e3:50:44:d0:fe:e9:a2:d4:40:
         a6:26:fb:68:ea:c6:d0:d1:ad:09:45:aa:90:5b:11:c9:fe:99:
         63:47:f3:71:a4:83:e0:2f:a0:07:db:ae:50:19:3b:33:82:21:
         6d:c2:4d:79:af:68:ec:48:12:b4:fd:ec:06:d9:b8:55:35:df:
         15:d4:86:43:91:68:ed:f2:c2:7d:8a:21:bc:b3:9a:29:9e:b2:
         fd:6a:32:71
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUAfZMjc/lZ5GIg4mcXT9x2LYvYxEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0YwMDNCNjE1Q0FBRDYxOEM5NEUxRUI5OTVCNjRCNTUw
ODJGMEMwQzAeFw0yNDA0MjIxMzExMDdaFw0yNTA0MjExMzE2MDdaMDMxMTAvBgNV
BAMTKDg4NTQ0OTRGOEJEN0YwNEQ4NTkyOEM5OTEwNkY4NjMxMTZCNzVGNzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7CLQu1h7s602F9BMPSz+MRT+K
nOGYK94ZIModiDvbsxcmin+20UbI570itQv2pJuE4v8v5PECCNGaaxeYk3bO5vpv
RR1AZyh0PzeAPDIAbjz3zr0fP95TigT31lG6ZLRTSOlNvLPHano3k623K50Lsq5Y
MQt3mcclVu6EyF6r7L5QEfV69Z0uiETNUC6gSvZ/CTDX1rd6GNyJQhz2WZ8gPWyo
gZh6Vvs4NJRQ4oMxr45/pmVkz1oaQo2aOgCQ9W4lVnUQ7cxtijhmC254lMXmR71p
7WJ9ngYJMOv2jbWhgscgo26W+wTQlVOXMkevTWrUD7xO5dNgZwYbiTDvOYhpAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUiFRJT4vX8E2FkoyZEG+GMRa3X3UwHwYDVR0j
BBgwFoAUzwA7YVyq1hjJTh65lbZLVQgvDAwwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRFExc3ZMYW9vQXpvb0Rua2dwc2ozSjM4Rkx2dXhwa3JFdTZieXdzOFpD
TGgvMC9DRjAwM0I2MTVDQUFENjE4Qzk0RTFFQjk5NUI2NEI1NTA4MkYwQzBDLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0NGMDAzQjYxNUNBQUQ2MThD
OTRFMUVCOTk1QjY0QjU1MDgyRjBDMEMuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0RRMXN2TGFvb0F6b29EbmtncHNqM0ozOEZMdnV4cGtyRXU2Ynl3czhaQ0xoLzAv
MzQzNTJlMzIzMzMzMmUzMjMyMzQyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2
MzczMzMzMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAIt6eAwDQYJKoZIhvcNAQELBQADggEBAB6eyj+S
9csidfl0PrpSIDl+7ZMn1HJZNTFs6Q8U8q4sNH7+7ZIY7abEQo+QvLGSJNe/vw+X
aFxaDUHiRqkaVUoDbmnmrHPf5fQxLPLmUoT6kyI7xeXznljzT61HkCEOhFioyiC3
QhXlZDyBiMp3otVkh2py2aArg7wvdq7Cd6nzkLrjmKnY0tPH2Sw28l9VnWOMiOmR
W0Vvraq29UzWVHE01WUXZmr70nmfquNQRND+6aLUQKYm+2jqxtDRrQlFqpBbEcn+
mWNH83Gkg+AvoAfbrlAZOzOCIW3CTXmvaOxIErT97AbZuFU13xXUhkORaO3ywn2K
Ibyzmimesv1qMnE=
-----END CERTIFICATE-----
Generated at Sun Jun 16 23:33:44 2024 by rpki-client on console-fra.rpki-client.org