Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/43r5HtNuaBtfqCD3LbVgGoawviriwV6NXYypba3raWPn/0/3136382e3233322e38322e302f32332d3233203d3e20323634393336.roa
File:                     3136382e3233322e38322e302f32332d3233203d3e20323634393336.roa (raw, json)
Hash identifier:          XX5qrjzHm+mQbV7K49sB6nvBHaGzO5XymNKAoktvfRI=
Subject key identifier:   BC:EE:D1:30:71:24:8A:97:29:58:B9:58:F3:E7:75:49:3D:4C:22:21
Certificate issuer:       /CN=3C8F0CFC9B35F328402AD269F14D94BF6C5C7372
Certificate serial:       2B55F1022EADCD5101A8EC08222122D84FF793BE
Authority key identifier: 3C:8F:0C:FC:9B:35:F3:28:40:2A:D2:69:F1:4D:94:BF:6C:5C:73:72
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3C8F0CFC9B35F328402AD269F14D94BF6C5C7372.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/43r5HtNuaBtfqCD3LbVgGoawviriwV6NXYypba3raWPn/0/3136382e3233322e38322e302f32332d3233203d3e20323634393336.roa
Signing time:             Tue 03 Jun 2025 00:27:03 +0000
ROA not before:           Tue 03 Jun 2025 00:22:03 +0000
ROA not after:            Tue 02 Jun 2026 00:27:03 +0000
asID:                     264936
IP address blocks:        168.232.82.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/43r5HtNuaBtfqCD3LbVgGoawviriwV6NXYypba3raWPn/0/3C8F0CFC9B35F328402AD269F14D94BF6C5C7372.crl
                          rsync://rpki-repo.registro.br/repo/43r5HtNuaBtfqCD3LbVgGoawviriwV6NXYypba3raWPn/0/3C8F0CFC9B35F328402AD269F14D94BF6C5C7372.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3C8F0CFC9B35F328402AD269F14D94BF6C5C7372.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Jun 2025 19:18:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:55:f1:02:2e:ad:cd:51:01:a8:ec:08:22:21:22:d8:4f:f7:93:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3C8F0CFC9B35F328402AD269F14D94BF6C5C7372
        Validity
            Not Before: Jun  3 00:22:03 2025 GMT
            Not After : Jun  2 00:27:03 2026 GMT
        Subject: CN=BCEED13071248A972958B958F3E775493D4C2221
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:a5:42:4e:5e:15:19:ab:eb:a2:8d:90:83:7a:
                    ec:96:82:66:90:90:7c:7d:66:45:2c:71:98:f5:75:
                    ad:01:c7:10:db:f6:e4:c3:dd:f1:e1:4b:f0:4e:cc:
                    1a:a4:bd:44:11:89:6a:94:af:9c:18:88:f8:fb:21:
                    4a:6f:c4:28:8c:a7:3d:9a:09:62:9e:d6:33:bc:9b:
                    db:99:c9:05:35:92:f2:25:86:13:9c:7f:54:7f:b9:
                    40:d3:68:7c:4e:a2:b8:4d:5d:23:66:32:87:e1:81:
                    cd:50:b2:dd:0f:52:60:00:49:ff:66:18:88:ad:30:
                    3a:26:ba:50:de:11:0f:ea:8f:b2:17:c3:33:5f:f2:
                    05:26:4c:6e:66:8d:f6:10:bb:c1:73:63:61:21:b6:
                    cc:ef:b9:2b:70:a9:ed:3a:a5:37:6e:29:d0:84:25:
                    34:df:df:84:70:85:13:f7:0d:d1:b0:9e:34:f8:81:
                    23:8f:ff:3a:10:8a:39:fb:20:b0:2b:e3:1a:8c:09:
                    c0:d6:45:f2:d8:a5:43:51:63:bb:96:fe:84:89:ba:
                    df:3f:cc:30:20:f1:4c:db:ff:f9:a9:61:ec:a9:a9:
                    24:8b:72:ba:ec:67:92:bc:9c:2b:0a:55:d8:53:43:
                    1d:a3:fc:5e:ae:0c:9e:db:a9:2a:f3:2e:5a:b5:de:
                    6c:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:EE:D1:30:71:24:8A:97:29:58:B9:58:F3:E7:75:49:3D:4C:22:21
            X509v3 Authority Key Identifier:
                keyid:3C:8F:0C:FC:9B:35:F3:28:40:2A:D2:69:F1:4D:94:BF:6C:5C:73:72

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/43r5HtNuaBtfqCD3LbVgGoawviriwV6NXYypba3raWPn/0/3C8F0CFC9B35F328402AD269F14D94BF6C5C7372.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3C8F0CFC9B35F328402AD269F14D94BF6C5C7372.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/43r5HtNuaBtfqCD3LbVgGoawviriwV6NXYypba3raWPn/0/3136382e3233322e38322e302f32332d3233203d3e20323634393336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.232.82.0/23

    Signature Algorithm: sha256WithRSAEncryption
         27:aa:fe:f5:32:e7:fa:d8:52:05:10:ed:97:5e:c5:4d:3e:74:
         7f:e1:80:00:59:e0:5d:b4:86:dc:79:0c:82:23:93:48:24:6b:
         fa:a8:12:d1:23:6f:d7:2e:43:3e:35:3c:6a:c8:ff:a1:2e:74:
         a5:c5:86:0c:4c:83:3c:f4:bd:6c:77:23:92:60:eb:d7:fc:8d:
         95:17:08:dd:ab:c9:cd:4e:2e:17:ad:03:07:a0:c8:da:39:5c:
         48:a6:c9:5a:6a:61:a8:71:32:6f:df:2f:e9:6d:d9:15:39:13:
         57:fd:f8:cd:e2:60:2b:9a:93:1d:6e:18:61:d2:27:fe:b3:19:
         b5:93:80:6e:30:fd:45:94:e5:7e:bc:47:cb:b4:40:04:45:8f:
         47:e6:76:16:67:8e:4a:90:12:51:6b:b6:46:47:fd:b5:69:ee:
         2b:6a:e8:66:97:6a:2e:a5:4d:f6:01:b3:7d:32:51:d1:b6:81:
         66:95:84:54:a8:14:99:e5:2e:14:86:5b:1e:d4:50:ad:0d:77:
         f3:86:3e:d0:fb:c4:a0:77:fb:7d:6e:09:12:bc:21:01:3a:25:
         c6:f3:a8:39:b0:3b:46:31:76:73:67:21:3a:2b:e0:52:55:92:
         f7:b4:7f:a7:8b:5e:ee:23:1c:99:26:08:fe:84:c2:32:4c:8a:
         33:55:59:f3
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUK1XxAi6tzVEBqOwIIiEi2E/3k74wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0M4RjBDRkM5QjM1RjMyODQwMkFEMjY5RjE0RDk0QkY2
QzVDNzM3MjAeFw0yNTA2MDMwMDIyMDNaFw0yNjA2MDIwMDI3MDNaMDMxMTAvBgNV
BAMTKEJDRUVEMTMwNzEyNDhBOTcyOTU4Qjk1OEYzRTc3NTQ5M0Q0QzIyMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOpUJOXhUZq+uijZCDeuyWgmaQ
kHx9ZkUscZj1da0BxxDb9uTD3fHhS/BOzBqkvUQRiWqUr5wYiPj7IUpvxCiMpz2a
CWKe1jO8m9uZyQU1kvIlhhOcf1R/uUDTaHxOorhNXSNmMofhgc1Qst0PUmAASf9m
GIitMDomulDeEQ/qj7IXwzNf8gUmTG5mjfYQu8FzY2EhtszvuStwqe06pTduKdCE
JTTf34RwhRP3DdGwnjT4gSOP/zoQijn7ILAr4xqMCcDWRfLYpUNRY7uW/oSJut8/
zDAg8Uzb//mpYeypqSSLcrrsZ5K8nCsKVdhTQx2j/F6uDJ7bqSrzLlq13mwPAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUvO7RMHEkipcpWLlY8+d1ST1MIiEwHwYDVR0j
BBgwFoAUPI8M/Js18yhAKtJp8U2Uv2xcc3IwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNDNyNUh0TnVhQnRmcUNEM0xiVmdHb2F3dmlyaXdWNk5YWXlwYmEzcmFX
UG4vMC8zQzhGMENGQzlCMzVGMzI4NDAyQUQyNjlGMTREOTRCRjZDNUM3MzcyLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzNDOEYwQ0ZDOUIzNUYzMjg0
MDJBRDI2OUYxNEQ5NEJGNkM1QzczNzIuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzQzcjVIdE51YUJ0ZnFDRDNMYlZnR29hd3Zpcml3VjZOWFl5cGJhM3JhV1BuLzAv
MzEzNjM4MmUzMjMzMzIyZTM4MzIyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjM2
MzQzOTMzMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAGo6FIwDQYJKoZIhvcNAQELBQADggEBACeq/vUy
5/rYUgUQ7ZdexU0+dH/hgABZ4F20htx5DIIjk0gka/qoEtEjb9cuQz41PGrI/6Eu
dKXFhgxMgzz0vWx3I5Jg69f8jZUXCN2ryc1OLhetAwegyNo5XEimyVpqYahxMm/f
L+lt2RU5E1f9+M3iYCuakx1uGGHSJ/6zGbWTgG4w/UWU5X68R8u0QARFj0fmdhZn
jkqQElFrtkZH/bVp7itq6GaXai6lTfYBs30yUdG2gWaVhFSoFJnlLhSGWx7UUK0N
d/OGPtD7xKB3+31uCRK8IQE6JcbzqDmwO0YxdnNnITor4FJVkve0f6eLXu4jHJkm
CP6EwjJMijNVWfM=
-----END CERTIFICATE-----
Generated at Fri Jun 13 05:43:04 2025 by rpki-client