Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/EnHREsNpLviKCwb5LAAeyLEaDWKWSYc2kBanYLqW794v/0/34352e3136382e3130392e302f32342d3234203d3e20323638303537.roa
File:                     34352e3136382e3130392e302f32342d3234203d3e20323638303537.roa (raw, json)
Hash identifier:          DtobmpmrtnApTV02VGq+BHOznlqQxzpmMueStXgmZkc=
Subject key identifier:   76:79:97:85:5E:EF:07:1E:58:E1:C0:10:E7:9F:19:AD:34:17:90:79
Certificate issuer:       /CN=91CA9BA9DC2FA0ABD80B8DD62B485E9B6FDB00E5
Certificate serial:       331AE75356AC5B7CE19F02FC39AB4A22A6E4933B
Authority key identifier: 91:CA:9B:A9:DC:2F:A0:AB:D8:0B:8D:D6:2B:48:5E:9B:6F:DB:00:E5
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/91CA9BA9DC2FA0ABD80B8DD62B485E9B6FDB00E5.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/EnHREsNpLviKCwb5LAAeyLEaDWKWSYc2kBanYLqW794v/0/34352e3136382e3130392e302f32342d3234203d3e20323638303537.roa
Signing time:             Mon 06 Oct 2025 09:17:58 +0000
ROA not before:           Mon 06 Oct 2025 09:12:58 +0000
ROA not after:            Mon 05 Oct 2026 09:17:58 +0000
asID:                     268057
IP address blocks:        45.168.109.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/EnHREsNpLviKCwb5LAAeyLEaDWKWSYc2kBanYLqW794v/0/91CA9BA9DC2FA0ABD80B8DD62B485E9B6FDB00E5.crl
                          rsync://rpki-repo.registro.br/repo/EnHREsNpLviKCwb5LAAeyLEaDWKWSYc2kBanYLqW794v/0/91CA9BA9DC2FA0ABD80B8DD62B485E9B6FDB00E5.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/91CA9BA9DC2FA0ABD80B8DD62B485E9B6FDB00E5.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 21 Oct 2025 07:34:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:1a:e7:53:56:ac:5b:7c:e1:9f:02:fc:39:ab:4a:22:a6:e4:93:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=91CA9BA9DC2FA0ABD80B8DD62B485E9B6FDB00E5
        Validity
            Not Before: Oct  6 09:12:58 2025 GMT
            Not After : Oct  5 09:17:58 2026 GMT
        Subject: CN=767997855EEF071E58E1C010E79F19AD34179079
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:9b:b2:8d:f0:16:dc:37:4e:f6:87:0f:5e:a4:
                    1c:86:a3:a3:58:9b:70:12:99:cd:07:3d:a8:e5:dc:
                    35:8a:0c:7e:18:89:16:51:87:f2:91:ef:f6:bc:12:
                    6a:ba:5a:eb:50:a0:ae:bc:a3:28:97:86:f2:c5:07:
                    ac:c7:2c:52:fd:06:e0:27:03:5e:04:15:0c:f8:44:
                    4e:97:fc:35:67:0d:c8:5e:93:ef:09:3b:14:3e:6d:
                    43:50:b9:7a:c5:66:e8:57:35:7b:be:1e:27:ac:68:
                    3f:72:45:61:99:41:ef:27:51:83:56:5a:63:4b:bd:
                    c1:5a:28:56:7d:04:fb:cd:13:5d:8a:2f:c4:d1:b7:
                    ab:5a:9d:a9:31:ce:dc:31:12:fd:9e:6a:b0:ff:16:
                    78:6d:1a:87:d6:78:9d:8c:91:3a:9f:09:8d:40:49:
                    89:5e:a3:cf:6d:56:a4:73:ed:8b:4d:a1:56:f8:24:
                    59:40:c0:8d:1e:a5:3f:b9:62:cb:2d:e5:9f:b1:7f:
                    7b:18:03:f7:f7:0b:f2:d0:29:6e:53:d9:0a:e7:3f:
                    bb:b1:0d:90:23:82:45:95:84:65:1c:8e:d8:5e:ad:
                    38:f4:94:4e:cd:07:b2:a6:cd:f9:55:50:40:45:cb:
                    d4:f5:e9:d0:e3:f3:81:ee:37:b5:41:e7:93:d8:06:
                    3e:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:79:97:85:5E:EF:07:1E:58:E1:C0:10:E7:9F:19:AD:34:17:90:79
            X509v3 Authority Key Identifier:
                keyid:91:CA:9B:A9:DC:2F:A0:AB:D8:0B:8D:D6:2B:48:5E:9B:6F:DB:00:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/EnHREsNpLviKCwb5LAAeyLEaDWKWSYc2kBanYLqW794v/0/91CA9BA9DC2FA0ABD80B8DD62B485E9B6FDB00E5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/91CA9BA9DC2FA0ABD80B8DD62B485E9B6FDB00E5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/EnHREsNpLviKCwb5LAAeyLEaDWKWSYc2kBanYLqW794v/0/34352e3136382e3130392e302f32342d3234203d3e20323638303537.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.168.109.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:a3:5a:1d:c7:c2:6e:e4:ea:d3:f9:ed:f6:09:13:c3:bd:29:
         19:d9:e2:a3:c7:2c:e2:2e:ff:50:95:7f:ab:9d:5a:b9:7e:ca:
         e4:27:2c:79:f9:52:78:b2:72:7b:6d:30:c9:bd:59:3e:86:79:
         19:80:6c:20:18:04:8b:10:59:70:0b:e5:17:3a:b2:4e:6a:01:
         b8:7b:09:cd:9d:df:d1:a3:95:2d:cf:d3:03:83:c1:a3:66:fa:
         ea:47:f9:21:8d:f4:43:e6:e8:93:82:36:6d:ac:ba:fd:88:6d:
         ab:92:ca:13:5c:55:ff:cc:96:c4:f9:9b:b4:f7:c9:46:a2:0a:
         c6:80:cf:fe:17:27:b7:a3:ea:94:fe:27:95:3b:5b:09:7b:0e:
         72:80:83:05:df:ee:21:51:e5:0c:9b:ec:c8:14:8a:a2:49:de:
         27:fa:8a:4f:d4:0a:d5:5c:5e:51:ae:20:b5:2c:de:9a:87:4c:
         d6:be:2f:e7:28:39:32:14:19:cb:90:50:c0:f6:45:89:af:a3:
         96:88:75:a4:9d:a6:23:67:ba:9d:77:72:53:53:4d:6b:44:54:
         a4:d9:95:6e:f0:ef:4a:3e:0c:84:9b:5c:5b:dc:9a:1a:46:bc:
         18:d8:cf:ad:5d:1c:f2:3f:19:b6:4c:d7:4b:39:21:77:9e:50:
         20:a5:bd:14
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUMxrnU1asW3zhnwL8OatKIqbkkzswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTFDQTlCQTlEQzJGQTBBQkQ4MEI4REQ2MkI0ODVFOUI2
RkRCMDBFNTAeFw0yNTEwMDYwOTEyNThaFw0yNjEwMDUwOTE3NThaMDMxMTAvBgNV
BAMTKDc2Nzk5Nzg1NUVFRjA3MUU1OEUxQzAxMEU3OUYxOUFEMzQxNzkwNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1m7KN8BbcN072hw9epByGo6NY
m3ASmc0HPajl3DWKDH4YiRZRh/KR7/a8Emq6WutQoK68oyiXhvLFB6zHLFL9BuAn
A14EFQz4RE6X/DVnDchek+8JOxQ+bUNQuXrFZuhXNXu+HiesaD9yRWGZQe8nUYNW
WmNLvcFaKFZ9BPvNE12KL8TRt6tanakxztwxEv2earD/FnhtGofWeJ2MkTqfCY1A
SYleo89tVqRz7YtNoVb4JFlAwI0epT+5Ysst5Z+xf3sYA/f3C/LQKW5T2QrnP7ux
DZAjgkWVhGUcjtherTj0lE7NB7KmzflVUEBFy9T16dDj84HuN7VB55PYBj6dAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUdnmXhV7vBx5Y4cAQ558ZrTQXkHkwHwYDVR0j
BBgwFoAUkcqbqdwvoKvYC43WK0hem2/bAOUwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRW5IUkVzTnBMdmlLQ3diNUxBQWV5TEVhRFdLV1NZYzJrQmFuWUxxVzc5
NHYvMC85MUNBOUJBOURDMkZBMEFCRDgwQjhERDYyQjQ4NUU5QjZGREIwMEU1LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzkxQ0E5QkE5REMyRkEwQUJE
ODBCOERENjJCNDg1RTlCNkZEQjAwRTUuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0VuSFJFc05wTHZpS0N3YjVMQUFleUxFYURXS1dTWWMya0JhbllMcVc3OTR2LzAv
MzQzNTJlMzEzNjM4MmUzMTMwMzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2
MzgzMDM1Mzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAAtqG0wDQYJKoZIhvcNAQELBQADggEBAHejWh3H
wm7k6tP57fYJE8O9KRnZ4qPHLOIu/1CVf6udWrl+yuQnLHn5UniycnttMMm9WT6G
eRmAbCAYBIsQWXAL5Rc6sk5qAbh7Cc2d39GjlS3P0wODwaNm+upH+SGN9EPm6JOC
Nm2suv2IbauSyhNcVf/MlsT5m7T3yUaiCsaAz/4XJ7ej6pT+J5U7Wwl7DnKAgwXf
7iFR5Qyb7MgUiqJJ3if6ik/UCtVcXlGuILUs3pqHTNa+L+coOTIUGcuQUMD2RYmv
o5aIdaSdpiNnup13clNTTWtEVKTZlW7w70o+DISbXFvcmhpGvBjYz61dHPI/GbZM
10s5IXeeUCClvRQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 18:26:54 2025 by rpki-client