Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/FCDhxeHyBk4QPvuJgabf5RK9UwUvrrSJmdKCHPJA5YZq/0/34352e3137332e3232302e302f32322d3234203d3e20323638383239.roa
File:                     34352e3137332e3232302e302f32322d3234203d3e20323638383239.roa (raw, json)
Hash identifier:          mqQ3WWWgNLefjJ0PlEn28PP6NUOLc15a++0RklWEvPU=
Subject key identifier:   A3:20:D1:39:EA:D2:23:8B:B0:E2:3A:A9:90:AF:3A:48:FF:7A:8F:F2
Certificate issuer:       /CN=39E85F0FE1363D1C06C587486EEDD5B362BE6AF8
Certificate serial:       6793B450BB1AC72C88606A4C1746487B0BBE0990
Authority key identifier: 39:E8:5F:0F:E1:36:3D:1C:06:C5:87:48:6E:ED:D5:B3:62:BE:6A:F8
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/39E85F0FE1363D1C06C587486EEDD5B362BE6AF8.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/FCDhxeHyBk4QPvuJgabf5RK9UwUvrrSJmdKCHPJA5YZq/0/34352e3137332e3232302e302f32322d3234203d3e20323638383239.roa
Signing time:             Thu 23 May 2024 13:34:45 +0000
ROA not before:           Thu 23 May 2024 13:29:45 +0000
ROA not after:            Thu 22 May 2025 13:34:45 +0000
asID:                     268829
IP address blocks:        45.173.220.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/FCDhxeHyBk4QPvuJgabf5RK9UwUvrrSJmdKCHPJA5YZq/0/39E85F0FE1363D1C06C587486EEDD5B362BE6AF8.crl
                          rsync://rpki-repo.registro.br/repo/FCDhxeHyBk4QPvuJgabf5RK9UwUvrrSJmdKCHPJA5YZq/0/39E85F0FE1363D1C06C587486EEDD5B362BE6AF8.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/39E85F0FE1363D1C06C587486EEDD5B362BE6AF8.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Jun 2024 11:54:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:93:b4:50:bb:1a:c7:2c:88:60:6a:4c:17:46:48:7b:0b:be:09:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=39E85F0FE1363D1C06C587486EEDD5B362BE6AF8
        Validity
            Not Before: May 23 13:29:45 2024 GMT
            Not After : May 22 13:34:45 2025 GMT
        Subject: CN=A320D139EAD2238BB0E23AA990AF3A48FF7A8FF2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:4f:a9:b3:0e:36:49:63:03:88:7e:27:64:4a:
                    06:7c:73:e7:0b:5a:5f:80:98:99:ba:26:cb:9a:4a:
                    7d:3a:84:eb:10:09:aa:e4:80:dc:66:59:fa:a4:bf:
                    5f:de:a4:5a:3b:4e:1e:c6:90:47:a0:af:4c:b4:4f:
                    4a:56:5e:0a:bc:ea:dd:08:27:b9:78:fc:dc:7f:bc:
                    0e:02:98:33:0c:d7:2c:b8:3a:e8:9c:57:0a:52:58:
                    52:1d:8c:d1:02:df:41:83:d4:2c:59:22:44:09:21:
                    fc:c8:ee:85:13:84:6e:28:a8:9a:02:13:26:04:2d:
                    42:a8:98:d3:0e:cb:da:13:06:39:af:06:7d:a2:08:
                    69:4f:30:b3:30:b1:9d:12:fa:7e:0d:c7:6f:6b:b5:
                    31:57:91:51:94:58:3f:ed:a4:a9:06:2c:7d:3b:3e:
                    3a:99:47:7a:8e:45:9c:e1:4f:b8:d1:56:04:5c:ad:
                    10:3e:1b:0e:bf:a4:e9:7b:ed:04:b7:96:c7:aa:b5:
                    e7:6e:92:b3:24:68:23:b5:02:50:49:6f:44:95:7a:
                    f3:6d:6e:d3:dd:e6:05:af:bd:04:2a:c1:45:38:3d:
                    c2:01:ec:8d:4c:2d:65:88:be:b4:ae:11:22:25:bb:
                    06:ce:c8:a8:7d:6a:4e:48:f0:38:1b:99:ec:33:fe:
                    e5:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:20:D1:39:EA:D2:23:8B:B0:E2:3A:A9:90:AF:3A:48:FF:7A:8F:F2
            X509v3 Authority Key Identifier:
                keyid:39:E8:5F:0F:E1:36:3D:1C:06:C5:87:48:6E:ED:D5:B3:62:BE:6A:F8

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/FCDhxeHyBk4QPvuJgabf5RK9UwUvrrSJmdKCHPJA5YZq/0/39E85F0FE1363D1C06C587486EEDD5B362BE6AF8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/39E85F0FE1363D1C06C587486EEDD5B362BE6AF8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/FCDhxeHyBk4QPvuJgabf5RK9UwUvrrSJmdKCHPJA5YZq/0/34352e3137332e3232302e302f32322d3234203d3e20323638383239.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.173.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ea:89:d7:b2:d0:e7:ae:14:d1:2f:d9:16:68:a1:7f:ee:d6:dd:
         30:b9:36:1b:a5:3a:09:0d:60:14:2f:04:ea:e4:2b:cb:f8:85:
         8e:4c:bf:94:b3:c9:34:2d:40:ea:a2:97:c1:56:b2:02:07:53:
         c1:bc:7a:11:75:e1:ae:61:e0:2b:9f:a5:86:00:e8:b0:27:45:
         61:7f:33:58:43:1f:db:22:ed:88:ec:bb:a7:c0:b0:4f:ef:ca:
         9d:cf:3e:45:c9:67:10:5a:93:29:19:b5:64:f6:c3:8b:de:7c:
         66:f4:b6:f4:03:5e:b7:8a:64:ba:d2:14:97:73:59:c9:9b:37:
         79:b1:21:2e:82:e7:f7:32:ed:c0:51:b3:18:63:a4:c8:cb:7b:
         07:56:ed:59:41:2f:d6:a5:32:97:dc:b8:19:97:d9:1a:2f:c0:
         b9:30:8f:94:41:65:3f:8c:76:4f:08:ed:86:ca:56:5c:97:9d:
         23:e4:ce:0b:85:03:79:e9:26:97:a2:ed:91:ec:6d:0d:59:6d:
         33:cb:8c:9c:86:9b:c3:ba:58:fe:10:69:15:43:de:8a:ba:b2:
         7b:88:a7:77:25:2d:d2:cc:24:1e:02:bc:68:cc:76:a2:7d:02:
         3f:79:bb:ca:55:8c:3f:aa:96:2f:2c:3e:90:ef:72:6f:f8:28:
         77:d0:44:f7
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUZ5O0ULsaxyyIYGpMF0ZIewu+CZAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzlFODVGMEZFMTM2M0QxQzA2QzU4NzQ4NkVFREQ1QjM2
MkJFNkFGODAeFw0yNDA1MjMxMzI5NDVaFw0yNTA1MjIxMzM0NDVaMDMxMTAvBgNV
BAMTKEEzMjBEMTM5RUFEMjIzOEJCMEUyM0FBOTkwQUYzQTQ4RkY3QThGRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYT6mzDjZJYwOIfidkSgZ8c+cL
Wl+AmJm6JsuaSn06hOsQCarkgNxmWfqkv1/epFo7Th7GkEegr0y0T0pWXgq86t0I
J7l4/Nx/vA4CmDMM1yy4OuicVwpSWFIdjNEC30GD1CxZIkQJIfzI7oUThG4oqJoC
EyYELUKomNMOy9oTBjmvBn2iCGlPMLMwsZ0S+n4Nx29rtTFXkVGUWD/tpKkGLH07
PjqZR3qORZzhT7jRVgRcrRA+Gw6/pOl77QS3lseqtedukrMkaCO1AlBJb0SVevNt
btPd5gWvvQQqwUU4PcIB7I1MLWWIvrSuESIluwbOyKh9ak5I8Dgbmewz/uU/AgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUoyDROerSI4uw4jqpkK86SP96j/IwHwYDVR0j
BBgwFoAUOehfD+E2PRwGxYdIbu3Vs2K+avgwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRkNEaHhlSHlCazRRUHZ1SmdhYmY1Uks5VXdVdnJyU0ptZEtDSFBKQTVZ
WnEvMC8zOUU4NUYwRkUxMzYzRDFDMDZDNTg3NDg2RUVERDVCMzYyQkU2QUY4LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzM5RTg1RjBGRTEzNjNEMUMw
NkM1ODc0ODZFRURENUIzNjJCRTZBRjguY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0ZDRGh4ZUh5Qms0UVB2dUpnYWJmNVJLOVV3VXZyclNKbWRLQ0hQSkE1WVpxLzAv
MzQzNTJlMzEzNzMzMmUzMjMyMzAyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2
MzgzODMyMzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAItrdwwDQYJKoZIhvcNAQELBQADggEBAOqJ17LQ
564U0S/ZFmihf+7W3TC5NhulOgkNYBQvBOrkK8v4hY5Mv5SzyTQtQOqil8FWsgIH
U8G8ehF14a5h4CufpYYA6LAnRWF/M1hDH9si7Yjsu6fAsE/vyp3PPkXJZxBakykZ
tWT2w4vefGb0tvQDXreKZLrSFJdzWcmbN3mxIS6C5/cy7cBRsxhjpMjLewdW7VlB
L9alMpfcuBmX2RovwLkwj5RBZT+Mdk8I7YbKVlyXnSPkzguFA3npJpei7ZHsbQ1Z
bTPLjJyGm8O6WP4QaRVD3oq6snuIp3clLdLMJB4CvGjMdqJ9Aj95u8pVjD+qli8s
PpDvcm/4KHfQRPc=
-----END CERTIFICATE-----
Generated at Sun Jun 16 17:32:31 2024 by rpki-client on console-ams.rpki-client.org