Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/57i6EhFRpGYi4na8qaF1XYwmwYozik7yWvuPTVvMWgLM/0/3138392e38342e3230382e302f32302d3234203d3e203238313733.roa
File:                     3138392e38342e3230382e302f32302d3234203d3e203238313733.roa (raw, json)
Hash identifier:          HaQiamyFpyxlpjPEH6tsa+fv3FiWDNSD7sVfNwdX564=
Subject key identifier:   33:90:FC:58:EB:5B:84:01:A7:6E:F1:8E:43:5B:E8:48:B7:D7:F6:7C
Certificate issuer:       /CN=700C105F866D3955B5DC6A4CACFF8263EED77B4C
Certificate serial:       344BBF1D2F2C30044DBA7502A10A443C6399A073
Authority key identifier: 70:0C:10:5F:86:6D:39:55:B5:DC:6A:4C:AC:FF:82:63:EE:D7:7B:4C
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/700C105F866D3955B5DC6A4CACFF8263EED77B4C.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/57i6EhFRpGYi4na8qaF1XYwmwYozik7yWvuPTVvMWgLM/0/3138392e38342e3230382e302f32302d3234203d3e203238313733.roa
Signing time:             Fri 30 May 2025 17:04:01 +0000
ROA not before:           Fri 30 May 2025 16:59:01 +0000
ROA not after:            Fri 29 May 2026 17:04:01 +0000
asID:                     28173
IP address blocks:        189.84.208.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/57i6EhFRpGYi4na8qaF1XYwmwYozik7yWvuPTVvMWgLM/0/700C105F866D3955B5DC6A4CACFF8263EED77B4C.crl
                          rsync://rpki-repo.registro.br/repo/57i6EhFRpGYi4na8qaF1XYwmwYozik7yWvuPTVvMWgLM/0/700C105F866D3955B5DC6A4CACFF8263EED77B4C.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/700C105F866D3955B5DC6A4CACFF8263EED77B4C.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 03:18:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:4b:bf:1d:2f:2c:30:04:4d:ba:75:02:a1:0a:44:3c:63:99:a0:73
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=700C105F866D3955B5DC6A4CACFF8263EED77B4C
        Validity
            Not Before: May 30 16:59:01 2025 GMT
            Not After : May 29 17:04:01 2026 GMT
        Subject: CN=3390FC58EB5B8401A76EF18E435BE848B7D7F67C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e5:4f:e4:59:5f:e0:5f:13:da:4a:33:33:7e:
                    1f:50:18:d7:99:5e:4c:10:f6:14:77:ea:0c:57:e4:
                    b9:36:4e:78:8c:04:94:8f:bd:14:6e:39:b6:83:5b:
                    16:2d:70:75:d8:1c:e4:3c:c6:02:c9:f6:97:45:2b:
                    43:30:e3:d4:f2:4d:5b:34:c1:6d:b3:91:79:b4:7c:
                    99:f9:65:39:d7:c3:ed:9d:d7:5c:df:07:97:0a:02:
                    13:4c:d0:d1:ca:2e:0d:5f:a7:93:7c:3b:63:a6:bf:
                    5e:9c:03:31:a4:8a:a4:41:81:5f:8a:7d:14:aa:c3:
                    6d:93:9b:11:47:d7:84:56:ba:40:30:ad:02:b5:58:
                    ff:00:94:c4:20:b8:5c:9a:06:1f:2b:13:62:4b:83:
                    7b:1f:92:9a:05:44:41:26:25:5a:55:8c:d5:2d:02:
                    1d:2d:66:25:e2:17:9e:d6:3c:b2:06:34:60:43:32:
                    9e:75:e0:03:6f:95:be:47:36:bd:2d:63:ad:37:70:
                    c4:28:92:96:5a:de:6a:9e:9b:57:f2:98:25:68:e9:
                    a2:fb:96:16:cf:6e:9a:13:7f:ec:f6:65:f5:de:d3:
                    d0:d8:f2:5b:7d:a7:fe:44:41:dc:33:c5:df:c0:99:
                    2e:f9:7c:fb:ce:cc:43:5a:e0:ea:e8:cf:cd:49:f8:
                    d5:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:90:FC:58:EB:5B:84:01:A7:6E:F1:8E:43:5B:E8:48:B7:D7:F6:7C
            X509v3 Authority Key Identifier:
                keyid:70:0C:10:5F:86:6D:39:55:B5:DC:6A:4C:AC:FF:82:63:EE:D7:7B:4C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/57i6EhFRpGYi4na8qaF1XYwmwYozik7yWvuPTVvMWgLM/0/700C105F866D3955B5DC6A4CACFF8263EED77B4C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/700C105F866D3955B5DC6A4CACFF8263EED77B4C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/57i6EhFRpGYi4na8qaF1XYwmwYozik7yWvuPTVvMWgLM/0/3138392e38342e3230382e302f32302d3234203d3e203238313733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  189.84.208.0/20

    Signature Algorithm: sha256WithRSAEncryption
         64:72:da:a7:7c:fc:d5:93:c0:3d:ec:f5:79:f5:dd:6a:0f:38:
         f4:8d:2a:a6:33:6f:7c:69:c7:93:fe:85:37:a8:75:3a:a0:4b:
         7c:fe:01:da:6f:8d:ec:fc:bd:77:d6:ae:6a:b3:30:86:6b:d4:
         5f:9c:3d:3d:2b:2d:6d:fe:7b:22:b6:7d:ae:9e:fd:89:fb:0d:
         e3:15:3d:33:f9:27:e6:c2:65:54:27:39:98:76:6e:4f:2a:aa:
         18:eb:85:b4:99:28:90:9d:1c:74:a2:39:92:ab:d3:3b:67:84:
         6d:6a:0a:4a:7e:73:b3:13:58:b2:0c:75:d3:37:68:72:50:2c:
         5a:28:51:aa:71:63:8c:ff:84:74:49:86:3c:91:1e:b3:96:a3:
         2e:67:7b:03:0b:87:c4:c4:81:fa:14:17:d1:00:70:4b:a6:c4:
         e6:23:f4:3b:76:08:35:16:e8:c4:71:93:18:6c:de:f3:5c:ff:
         bb:31:0e:18:47:20:58:1a:b5:e0:f3:06:f3:f2:74:6d:14:db:
         a0:10:e8:45:b7:3c:cf:a3:d5:33:e4:62:07:46:1f:b6:78:c5:
         50:aa:29:b1:dc:f4:23:1d:11:77:b8:67:61:d8:74:84:b3:1c:
         8f:6b:24:e5:c5:de:7d:c1:6c:95:28:40:d4:64:93:d3:99:64:
         77:44:28:7c
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUNEu/HS8sMARNunUCoQpEPGOZoHMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzAwQzEwNUY4NjZEMzk1NUI1REM2QTRDQUNGRjgyNjNF
RUQ3N0I0QzAeFw0yNTA1MzAxNjU5MDFaFw0yNjA1MjkxNzA0MDFaMDMxMTAvBgNV
BAMTKDMzOTBGQzU4RUI1Qjg0MDFBNzZFRjE4RTQzNUJFODQ4QjdEN0Y2N0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw5U/kWV/gXxPaSjMzfh9QGNeZ
XkwQ9hR36gxX5Lk2TniMBJSPvRRuObaDWxYtcHXYHOQ8xgLJ9pdFK0Mw49TyTVs0
wW2zkXm0fJn5ZTnXw+2d11zfB5cKAhNM0NHKLg1fp5N8O2Omv16cAzGkiqRBgV+K
fRSqw22TmxFH14RWukAwrQK1WP8AlMQguFyaBh8rE2JLg3sfkpoFREEmJVpVjNUt
Ah0tZiXiF57WPLIGNGBDMp514ANvlb5HNr0tY603cMQokpZa3mqem1fymCVo6aL7
lhbPbpoTf+z2ZfXe09DY8lt9p/5EQdwzxd/AmS75fPvOzENa4Oroz81J+NXpAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUM5D8WOtbhAGnbvGOQ1voSLfX9nwwHwYDVR0j
BBgwFoAUcAwQX4ZtOVW13GpMrP+CY+7Xe0wwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNTdpNkVoRlJwR1lpNG5hOHFhRjFYWXdtd1lvemlrN3lXdnVQVFZ2TVdn
TE0vMC83MDBDMTA1Rjg2NkQzOTU1QjVEQzZBNENBQ0ZGODI2M0VFRDc3QjRDLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzcwMEMxMDVGODY2RDM5NTVC
NURDNkE0Q0FDRkY4MjYzRUVENzdCNEMuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzU3aTZFaEZScEdZaTRuYThxYUYxWFl3bXdZb3ppazd5V3Z1UFRWdk1XZ0xNLzAv
MzEzODM5MmUzODM0MmUzMjMwMzgyZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMjM4
MzEzNzMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQEvVTQMA0GCSqGSIb3DQEBCwUAA4IBAQBkctqnfPzV
k8A97PV59d1qDzj0jSqmM298aceT/oU3qHU6oEt8/gHab43s/L131q5qszCGa9Rf
nD09Ky1t/nsitn2unv2J+w3jFT0z+SfmwmVUJzmYdm5PKqoY64W0mSiQnRx0ojmS
q9M7Z4RtagpKfnOzE1iyDHXTN2hyUCxaKFGqcWOM/4R0SYY8kR6zlqMuZ3sDC4fE
xIH6FBfRAHBLpsTmI/Q7dgg1FujEcZMYbN7zXP+7MQ4YRyBYGrXg8wbz8nRtFNug
EOhFtzzPo9Uz5GIHRh+2eMVQqimx3PQjHRF3uGdh2HSEsxyPayTlxd59wWyVKEDU
ZJPTmWR3RCh8
-----END CERTIFICATE-----
Generated at Tue Jun 10 07:06:32 2025 by rpki-client