Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/GJCusm1LTjde7t7vuR9A5RBQKJ4KDde6mYYUu9zhbtUi/0/34352e3136302e37362e302f32332d3332203d3e20323638343431.roa
File:                     34352e3136302e37362e302f32332d3332203d3e20323638343431.roa (raw, json)
Hash identifier:          imj7LsVHyqAiX/UYq3j4D64tJQWq6iQObTNkI6LXPB4=
Subject key identifier:   09:B8:11:70:5D:48:1F:06:79:FB:89:82:03:18:23:D8:B2:25:F1:81
Certificate issuer:       /CN=C952C93A676BA611AEC114DD4983F2B03168FE10
Certificate serial:       574F1F72F0262B9C1C4A3E0F77DAEA77F329318A
Authority key identifier: C9:52:C9:3A:67:6B:A6:11:AE:C1:14:DD:49:83:F2:B0:31:68:FE:10
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C952C93A676BA611AEC114DD4983F2B03168FE10.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/GJCusm1LTjde7t7vuR9A5RBQKJ4KDde6mYYUu9zhbtUi/0/34352e3136302e37362e302f32332d3332203d3e20323638343431.roa
Signing time:             Mon 29 Jun 2026 14:51:36 +0000
ROA not before:           Mon 29 Jun 2026 14:46:36 +0000
ROA not after:            Mon 28 Jun 2027 14:51:36 +0000
asID:                     268441
IP address blocks:        45.160.76.0/23 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/GJCusm1LTjde7t7vuR9A5RBQKJ4KDde6mYYUu9zhbtUi/0/C952C93A676BA611AEC114DD4983F2B03168FE10.crl
                          rsync://rpki-repo.registro.br/repo/GJCusm1LTjde7t7vuR9A5RBQKJ4KDde6mYYUu9zhbtUi/0/C952C93A676BA611AEC114DD4983F2B03168FE10.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C952C93A676BA611AEC114DD4983F2B03168FE10.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 09 Jul 2026 15:07:21 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:4f:1f:72:f0:26:2b:9c:1c:4a:3e:0f:77:da:ea:77:f3:29:31:8a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C952C93A676BA611AEC114DD4983F2B03168FE10
        Validity
            Not Before: Jun 29 14:46:36 2026 GMT
            Not After : Jun 28 14:51:36 2027 GMT
        Subject: CN=09B811705D481F0679FB8982031823D8B225F181
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:7b:fe:19:7d:ad:db:6c:ae:34:76:cb:b0:bd:
                    f0:ab:e9:74:56:f2:aa:16:25:7a:31:b5:37:ed:f2:
                    ac:90:3a:69:ca:3f:77:3c:0d:5b:7e:1a:3d:7d:08:
                    9a:c8:d4:15:32:4a:8f:2d:f3:1c:59:a8:ad:55:1f:
                    cc:7f:05:c4:56:46:eb:25:3c:42:5a:2a:a8:c9:6e:
                    b3:90:06:40:ac:25:48:7c:8a:79:b5:bf:7f:f0:0d:
                    35:10:db:eb:ba:5c:39:77:59:ea:58:87:10:33:ff:
                    e6:d8:bb:19:ba:51:48:30:60:fe:a0:bc:65:f5:ab:
                    6f:b3:28:b5:c4:fa:22:ff:99:56:63:b0:6c:97:b3:
                    08:bc:f0:a1:9c:47:61:cc:61:a3:6a:a9:db:fe:52:
                    fa:7d:af:9f:63:37:6e:c7:6b:4a:c3:5c:5c:6d:0a:
                    09:28:74:a5:8d:0e:e0:f8:27:aa:de:8a:37:aa:47:
                    b4:5b:2c:59:d8:ed:c7:c1:96:5c:15:1e:2a:31:54:
                    28:e2:ea:85:5a:10:3e:53:c6:cd:ee:b5:95:18:18:
                    ab:f6:ca:c2:fd:c7:d8:b3:38:16:c0:6a:a9:1c:fb:
                    a6:96:51:df:85:21:0c:f3:64:1c:c4:70:b4:c0:56:
                    92:15:70:45:c6:c4:26:b4:d9:58:59:d3:ac:f6:f1:
                    e7:e7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:B8:11:70:5D:48:1F:06:79:FB:89:82:03:18:23:D8:B2:25:F1:81
            X509v3 Authority Key Identifier:
                keyid:C9:52:C9:3A:67:6B:A6:11:AE:C1:14:DD:49:83:F2:B0:31:68:FE:10

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/GJCusm1LTjde7t7vuR9A5RBQKJ4KDde6mYYUu9zhbtUi/0/C952C93A676BA611AEC114DD4983F2B03168FE10.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C952C93A676BA611AEC114DD4983F2B03168FE10.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/GJCusm1LTjde7t7vuR9A5RBQKJ4KDde6mYYUu9zhbtUi/0/34352e3136302e37362e302f32332d3332203d3e20323638343431.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.160.76.0/23

    Signature Algorithm: sha256WithRSAEncryption
         40:43:b1:0e:47:db:c7:ba:30:9e:9e:9d:ae:1d:fd:28:61:8d:
         a7:0b:2c:e5:4b:17:8f:a6:ec:f0:14:27:b3:76:a6:97:85:c9:
         c4:6a:8e:6f:5c:c4:9d:9c:55:af:28:d5:d0:a1:66:44:73:a2:
         97:9f:b3:b6:c9:09:d5:2b:3c:f4:d6:77:97:76:c0:44:6c:62:
         72:3c:21:1f:d0:33:3f:7f:96:4e:59:93:ed:47:25:98:49:81:
         66:94:6a:7a:8e:bd:ae:4e:cd:fe:5e:2c:99:eb:70:01:7c:19:
         f6:bb:bb:f3:ad:9d:ca:94:03:98:6a:a5:77:c2:d3:a4:60:36:
         6c:68:84:8c:b0:fc:cb:d5:61:34:61:1f:5e:c0:e1:27:fb:75:
         32:a5:f0:21:8f:29:78:ca:77:b8:64:e6:32:fa:98:ca:18:1b:
         13:1b:0d:04:db:16:67:c0:a2:df:5e:58:01:fd:ae:cc:f6:b4:
         09:d7:95:e5:08:fe:c6:e3:71:04:4c:50:43:05:5b:ef:a5:bd:
         bc:c6:1e:00:1d:b5:98:07:df:76:44:9f:a2:b7:ef:21:1d:0d:
         30:ce:a7:b6:d2:2e:41:c5:77:59:63:51:79:08:b9:5f:8e:3f:
         9e:c4:81:04:50:b5:5c:ec:b3:b5:db:fb:89:78:a8:ed:9b:23:
         2d:08:5e:27
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUV08fcvAmK5wcSj4Pd9rqd/MpMYowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzk1MkM5M0E2NzZCQTYxMUFFQzExNERENDk4M0YyQjAz
MTY4RkUxMDAeFw0yNjA2MjkxNDQ2MzZaFw0yNzA2MjgxNDUxMzZaMDMxMTAvBgNV
BAMTKDA5QjgxMTcwNUQ0ODFGMDY3OUZCODk4MjAzMTgyM0Q4QjIyNUYxODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOe/4Zfa3bbK40dsuwvfCr6XRW
8qoWJXoxtTft8qyQOmnKP3c8DVt+Gj19CJrI1BUySo8t8xxZqK1VH8x/BcRWRusl
PEJaKqjJbrOQBkCsJUh8inm1v3/wDTUQ2+u6XDl3WepYhxAz/+bYuxm6UUgwYP6g
vGX1q2+zKLXE+iL/mVZjsGyXswi88KGcR2HMYaNqqdv+Uvp9r59jN27Ha0rDXFxt
CgkodKWNDuD4J6reijeqR7RbLFnY7cfBllwVHioxVCji6oVaED5Txs3utZUYGKv2
ysL9x9izOBbAaqkc+6aWUd+FIQzzZBzEcLTAVpIVcEXGxCa02VhZ06z28efnAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUCbgRcF1IHwZ5+4mCAxgj2LIl8YEwHwYDVR0j
BBgwFoAUyVLJOmdrphGuwRTdSYPysDFo/hAwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vR0pDdXNtMUxUamRlN3Q3dnVSOUE1UkJRS0o0S0RkZTZtWVlVdTl6aGJ0
VWkvMC9DOTUyQzkzQTY3NkJBNjExQUVDMTE0REQ0OTgzRjJCMDMxNjhGRTEwLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0M5NTJDOTNBNjc2QkE2MTFB
RUMxMTRERDQ5ODNGMkIwMzE2OEZFMTAuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0dKQ3VzbTFMVGpkZTd0N3Z1UjlBNVJCUUtKNEtEZGU2bVlZVXU5emhidFVpLzAv
MzQzNTJlMzEzNjMwMmUzNzM2MmUzMDJmMzIzMzJkMzMzMjIwM2QzZTIwMzIzNjM4
MzQzNDMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQBLaBMMA0GCSqGSIb3DQEBCwUAA4IBAQBAQ7EOR9vH
ujCenp2uHf0oYY2nCyzlSxePpuzwFCezdqaXhcnEao5vXMSdnFWvKNXQoWZEc6KX
n7O2yQnVKzz01neXdsBEbGJyPCEf0DM/f5ZOWZPtRyWYSYFmlGp6jr2uTs3+XiyZ
63ABfBn2u7vzrZ3KlAOYaqV3wtOkYDZsaISMsPzL1WE0YR9ewOEn+3UypfAhjyl4
yne4ZOYy+pjKGBsTGw0E2xZnwKLfXlgB/a7M9rQJ15XlCP7G43EETFBDBVvvpb28
xh4AHbWYB992RJ+it+8hHQ0wzqe20i5BxXdZY1F5CLlfjj+exIEEULVc7LO12/uJ
eKjtmyMtCF4n
-----END CERTIFICATE-----
Generated at Wed Jul 8 21:23:23 2026 by rpki-client