Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/Hu2HCEaCSJmqkeL6L39GzErd8mJ5CzGDATrHAAF1C58S/1/34352e3136312e31362e302f32322d3232203d3e20323638343436.roa
File:                     34352e3136312e31362e302f32322d3232203d3e20323638343436.roa (raw, json)
Hash identifier:          W5Avw41xUm9/9MPiCLR0WMIcs6FjypNDUyd7w0NNYN4=
Subject key identifier:   9D:FA:BF:DE:59:FC:4B:8D:CC:84:25:3A:87:28:93:33:4B:6A:42:58
Certificate issuer:       /CN=D0A1938AF53CAB915AA9E5271A1CC06BCE0D4F40
Certificate serial:       3A0E9F7ECC590A1BC85D99EA73B15DC4283C1ADC
Authority key identifier: D0:A1:93:8A:F5:3C:AB:91:5A:A9:E5:27:1A:1C:C0:6B:CE:0D:4F:40
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D0A1938AF53CAB915AA9E5271A1CC06BCE0D4F40.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/Hu2HCEaCSJmqkeL6L39GzErd8mJ5CzGDATrHAAF1C58S/1/34352e3136312e31362e302f32322d3232203d3e20323638343436.roa
Signing time:             Wed 03 Apr 2024 18:33:11 +0000
ROA not before:           Wed 03 Apr 2024 18:28:11 +0000
ROA not after:            Wed 02 Apr 2025 18:33:11 +0000
asID:                     268446
IP address blocks:        45.161.16.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/Hu2HCEaCSJmqkeL6L39GzErd8mJ5CzGDATrHAAF1C58S/1/D0A1938AF53CAB915AA9E5271A1CC06BCE0D4F40.crl
                          rsync://rpki-repo.registro.br/repo/Hu2HCEaCSJmqkeL6L39GzErd8mJ5CzGDATrHAAF1C58S/1/D0A1938AF53CAB915AA9E5271A1CC06BCE0D4F40.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D0A1938AF53CAB915AA9E5271A1CC06BCE0D4F40.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 23:46:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:0e:9f:7e:cc:59:0a:1b:c8:5d:99:ea:73:b1:5d:c4:28:3c:1a:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D0A1938AF53CAB915AA9E5271A1CC06BCE0D4F40
        Validity
            Not Before: Apr  3 18:28:11 2024 GMT
            Not After : Apr  2 18:33:11 2025 GMT
        Subject: CN=9DFABFDE59FC4B8DCC84253A872893334B6A4258
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:57:11:2d:9a:a3:1f:3b:36:63:4c:cd:f1:40:
                    5e:5e:51:63:f5:bd:21:90:7b:20:34:13:01:5d:d8:
                    91:53:7d:95:6c:69:cc:eb:0c:17:49:16:c3:8a:96:
                    63:26:dc:85:27:93:20:e0:a9:87:5d:e4:f8:ee:4f:
                    2e:0b:94:63:04:d3:5e:6b:54:86:66:45:fc:fd:8b:
                    91:1d:68:1b:18:4a:94:22:6e:7e:84:96:e1:f9:3b:
                    8d:25:2a:18:60:1c:8e:a4:93:69:94:b0:c9:b6:ec:
                    b4:8e:aa:2a:04:d8:8e:ff:d6:6d:6e:6e:aa:78:47:
                    e0:98:a8:ad:82:40:b6:70:48:be:5f:75:10:35:02:
                    c1:7c:4d:3a:fd:48:48:df:cf:f5:37:aa:73:bf:cc:
                    0d:96:b8:de:ba:69:42:ad:2c:ab:be:3a:e6:87:08:
                    fc:e7:65:be:6c:d4:1e:27:e2:d6:52:29:6a:ec:da:
                    7f:f3:80:9b:10:00:12:87:4e:a4:b9:9d:0f:8f:9a:
                    66:af:c1:ca:c3:28:aa:14:5f:56:f2:38:17:bd:77:
                    e4:08:8c:aa:88:e6:a2:b4:d8:ae:6a:fd:df:23:82:
                    ca:d8:a8:9b:10:83:5d:15:8c:ad:8b:c0:17:e4:2d:
                    c8:fb:b0:2e:e2:71:f0:05:bc:92:e9:87:bb:50:e5:
                    43:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:FA:BF:DE:59:FC:4B:8D:CC:84:25:3A:87:28:93:33:4B:6A:42:58
            X509v3 Authority Key Identifier:
                keyid:D0:A1:93:8A:F5:3C:AB:91:5A:A9:E5:27:1A:1C:C0:6B:CE:0D:4F:40

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/Hu2HCEaCSJmqkeL6L39GzErd8mJ5CzGDATrHAAF1C58S/1/D0A1938AF53CAB915AA9E5271A1CC06BCE0D4F40.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D0A1938AF53CAB915AA9E5271A1CC06BCE0D4F40.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/Hu2HCEaCSJmqkeL6L39GzErd8mJ5CzGDATrHAAF1C58S/1/34352e3136312e31362e302f32322d3232203d3e20323638343436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.161.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         42:dd:7a:cf:9f:25:f7:b5:5c:23:ff:d8:c2:dd:aa:b8:00:d0:
         74:9b:41:66:b9:a9:ac:54:e8:bc:a1:c1:f7:27:19:a1:49:31:
         87:c7:31:62:f1:bd:a9:da:ed:08:2a:b5:39:16:14:74:91:7e:
         25:43:f2:01:de:5d:c1:0c:c2:97:9a:30:3a:03:24:5e:58:29:
         c8:64:41:67:3a:69:ae:b6:c0:dc:18:98:1e:79:9b:4d:44:d3:
         c8:7b:03:7b:bc:a9:37:2c:29:44:6a:51:dc:1b:18:14:24:0b:
         6c:69:93:47:a8:cf:9e:61:77:73:3f:1d:d2:50:01:1b:b3:fa:
         75:59:84:5e:18:4d:e1:0b:9f:4e:2e:2e:3c:3f:ac:48:2f:cf:
         c0:c0:6d:f0:44:c2:7e:a0:4d:df:f9:52:e2:4a:e3:a9:38:0c:
         d9:e8:9e:3c:46:e1:44:27:62:58:aa:f2:20:5c:9a:24:8d:db:
         02:ca:b0:52:39:f0:74:db:5c:ac:32:54:eb:6b:a6:0e:8b:f3:
         b3:31:d0:4b:eb:35:0f:06:70:6b:87:bb:e8:6f:39:d1:ff:93:
         70:d9:6c:f9:2a:74:c4:ce:2e:24:44:94:a7:4a:6d:a3:3c:11:
         d5:1a:66:5b:a6:41:07:31:02:f9:43:af:b7:f6:4e:77:46:0f:
         90:a8:e5:21
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUOg6ffsxZChvIXZnqc7FdxCg8GtwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDBBMTkzOEFGNTNDQUI5MTVBQTlFNTI3MUExQ0MwNkJD
RTBENEY0MDAeFw0yNDA0MDMxODI4MTFaFw0yNTA0MDIxODMzMTFaMDMxMTAvBgNV
BAMTKDlERkFCRkRFNTlGQzRCOERDQzg0MjUzQTg3Mjg5MzMzNEI2QTQyNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDXVxEtmqMfOzZjTM3xQF5eUWP1
vSGQeyA0EwFd2JFTfZVsaczrDBdJFsOKlmMm3IUnkyDgqYdd5PjuTy4LlGME015r
VIZmRfz9i5EdaBsYSpQibn6EluH5O40lKhhgHI6kk2mUsMm27LSOqioE2I7/1m1u
bqp4R+CYqK2CQLZwSL5fdRA1AsF8TTr9SEjfz/U3qnO/zA2WuN66aUKtLKu+OuaH
CPznZb5s1B4n4tZSKWrs2n/zgJsQABKHTqS5nQ+PmmavwcrDKKoUX1byOBe9d+QI
jKqI5qK02K5q/d8jgsrYqJsQg10VjK2LwBfkLcj7sC7icfAFvJLph7tQ5UPvAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUnfq/3ln8S43MhCU6hyiTM0tqQlgwHwYDVR0j
BBgwFoAU0KGTivU8q5FaqeUnGhzAa84NT0AwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vSHUySENFYUNTSm1xa2VMNkwzOUd6RXJkOG1KNUN6R0RBVHJIQUFGMUM1
OFMvMS9EMEExOTM4QUY1M0NBQjkxNUFBOUU1MjcxQTFDQzA2QkNFMEQ0RjQwLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0QwQTE5MzhBRjUzQ0FCOTE1
QUE5RTUyNzFBMUNDMDZCQ0UwRDRGNDAuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0h1MkhDRWFDU0ptcWtlTDZMMzlHekVyZDhtSjVDekdEQVRySEFBRjFDNThTLzEv
MzQzNTJlMzEzNjMxMmUzMTM2MmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzNjM4
MzQzNDM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCLaEQMA0GCSqGSIb3DQEBCwUAA4IBAQBC3XrPnyX3
tVwj/9jC3aq4ANB0m0FmuamsVOi8ocH3JxmhSTGHxzFi8b2p2u0IKrU5FhR0kX4l
Q/IB3l3BDMKXmjA6AyReWCnIZEFnOmmutsDcGJgeeZtNRNPIewN7vKk3LClEalHc
GxgUJAtsaZNHqM+eYXdzPx3SUAEbs/p1WYReGE3hC59OLi48P6xIL8/AwG3wRMJ+
oE3f+VLiSuOpOAzZ6J48RuFEJ2JYqvIgXJokjdsCyrBSOfB021ysMlTra6YOi/Oz
MdBL6zUPBnBrh7vobznR/5Nw2Wz5KnTEzi4kRJSnSm2jPBHVGmZbpkEHMQL5Q6+3
9k53Rg+QqOUh
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:21:15 2024 by rpki-client on console-fra.rpki-client.org