Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/5QPCjcTeqDPbVfemuSyKb268eoWUWPyA2Mk9KSoWsr55/0/3137372e38352e36342e302f32312d3332203d3e20323632363030.roa
File:                     3137372e38352e36342e302f32312d3332203d3e20323632363030.roa (raw, json)
Hash identifier:          14OV4Hnwt7Cul9sxl0MNTFFcNgoWyS09Ft/nmqSSutM=
Subject key identifier:   B8:BE:54:B7:1B:DF:C2:FC:F6:67:47:08:ED:F6:25:F5:FE:2E:41:4E
Certificate issuer:       /CN=995CE8430B49957216B628B67310D17E6D81B43D
Certificate serial:       5C8F519A030B90FF38A66C18290FB7F4F5C99B43
Authority key identifier: 99:5C:E8:43:0B:49:95:72:16:B6:28:B6:73:10:D1:7E:6D:81:B4:3D
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/995CE8430B49957216B628B67310D17E6D81B43D.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/5QPCjcTeqDPbVfemuSyKb268eoWUWPyA2Mk9KSoWsr55/0/3137372e38352e36342e302f32312d3332203d3e20323632363030.roa
Signing time:             Mon 14 Jul 2025 20:36:14 +0000
ROA not before:           Mon 14 Jul 2025 20:31:14 +0000
ROA not after:            Mon 13 Jul 2026 20:36:14 +0000
asID:                     262600
IP address blocks:        177.85.64.0/21 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/5QPCjcTeqDPbVfemuSyKb268eoWUWPyA2Mk9KSoWsr55/0/995CE8430B49957216B628B67310D17E6D81B43D.crl
                          rsync://rpki-repo.registro.br/repo/5QPCjcTeqDPbVfemuSyKb268eoWUWPyA2Mk9KSoWsr55/0/995CE8430B49957216B628B67310D17E6D81B43D.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/995CE8430B49957216B628B67310D17E6D81B43D.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 26 Jul 2025 05:11:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5c:8f:51:9a:03:0b:90:ff:38:a6:6c:18:29:0f:b7:f4:f5:c9:9b:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=995CE8430B49957216B628B67310D17E6D81B43D
        Validity
            Not Before: Jul 14 20:31:14 2025 GMT
            Not After : Jul 13 20:36:14 2026 GMT
        Subject: CN=B8BE54B71BDFC2FCF6674708EDF625F5FE2E414E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8e:aa:52:b8:ce:17:a8:53:36:c2:0f:89:d6:0a:
                    b5:46:35:6b:5c:b4:37:e3:cf:63:ca:8a:2d:29:d0:
                    cb:17:5c:40:d5:07:02:8d:15:91:4e:6e:f3:9d:71:
                    10:2f:4b:6a:8f:ad:a3:e5:3f:2d:c8:3c:2d:e6:d3:
                    7d:30:25:dd:75:fc:4c:e9:91:e2:8a:dd:9f:a0:06:
                    aa:58:0f:db:b5:b7:b2:76:1f:96:8c:31:c3:80:6c:
                    c3:76:40:bd:1b:66:89:38:60:43:a7:b8:1d:06:a2:
                    e0:81:ee:3b:91:9a:7d:b0:83:5d:73:a3:af:95:17:
                    a7:c3:2b:31:60:53:3d:45:ab:6f:8d:45:ab:6a:b7:
                    23:32:e0:34:3e:75:95:73:9a:bf:e8:fb:82:11:b4:
                    81:4a:f8:da:35:78:d3:91:ce:eb:b0:6a:4a:f3:b8:
                    5d:0f:e9:73:ce:6d:3f:50:91:fb:e8:b3:6c:1a:81:
                    12:30:a2:a8:9e:5d:d3:b7:65:e3:66:6b:9a:2f:a7:
                    b8:07:4e:b7:cf:ca:6f:4c:c3:e1:0f:6a:4a:c5:2c:
                    7e:62:11:46:2c:8b:dd:47:42:90:de:51:fd:61:67:
                    89:31:41:9a:3e:e2:46:8f:28:6d:d1:92:bc:34:51:
                    fa:94:5a:ea:7a:af:0e:7f:f6:45:c3:6e:3d:1a:ee:
                    ac:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:BE:54:B7:1B:DF:C2:FC:F6:67:47:08:ED:F6:25:F5:FE:2E:41:4E
            X509v3 Authority Key Identifier:
                keyid:99:5C:E8:43:0B:49:95:72:16:B6:28:B6:73:10:D1:7E:6D:81:B4:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/5QPCjcTeqDPbVfemuSyKb268eoWUWPyA2Mk9KSoWsr55/0/995CE8430B49957216B628B67310D17E6D81B43D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/995CE8430B49957216B628B67310D17E6D81B43D.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/5QPCjcTeqDPbVfemuSyKb268eoWUWPyA2Mk9KSoWsr55/0/3137372e38352e36342e302f32312d3332203d3e20323632363030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.85.64.0/21

    Signature Algorithm: sha256WithRSAEncryption
         98:61:90:6f:e7:10:76:6e:7c:4c:e7:d8:97:08:76:38:73:3d:
         7d:bf:0b:a9:2b:4c:fb:fb:67:10:0e:af:b1:d2:c8:04:4c:95:
         dd:ab:19:c0:8a:c5:df:fe:3a:cf:a5:d3:d3:12:d1:c1:2c:5f:
         90:f6:8c:71:e7:10:ab:4f:4d:f4:c7:b5:92:0b:6d:47:d3:2d:
         65:22:16:d5:2f:ac:c6:73:46:78:54:5b:c3:c4:3d:bc:a2:b8:
         7c:08:cc:58:3e:c1:05:5d:a7:0b:7d:a4:38:cc:97:33:91:0a:
         05:7f:f2:d9:91:ca:9d:16:ce:9b:4e:7a:83:07:14:58:34:7d:
         ef:98:82:53:d6:af:5c:93:12:eb:6c:68:66:f6:09:83:8e:d3:
         cf:17:e8:6d:fb:c2:4b:fc:1a:7f:b2:24:16:58:fd:bf:1d:d0:
         2e:4b:70:26:f6:3c:b6:db:06:c6:8b:35:83:1a:a6:72:b7:e4:
         3e:36:a5:9d:cf:36:9b:f7:dc:2a:33:45:6d:ee:f8:9c:8e:91:
         c1:2a:c4:6e:e8:3a:8a:ee:54:2e:3f:4d:1d:e7:c5:d2:b7:58:
         0f:d8:7d:85:9e:57:92:7d:0e:5d:ca:2f:15:82:a0:cd:3c:4e:
         25:f8:94:1c:c1:89:40:b1:b2:b5:50:f8:22:1a:d5:29:fa:a4:
         01:e7:6d:17
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUXI9RmgMLkP84pmwYKQ+39PXJm0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTk1Q0U4NDMwQjQ5OTU3MjE2QjYyOEI2NzMxMEQxN0U2
RDgxQjQzRDAeFw0yNTA3MTQyMDMxMTRaFw0yNjA3MTMyMDM2MTRaMDMxMTAvBgNV
BAMTKEI4QkU1NEI3MUJERkMyRkNGNjY3NDcwOEVERjYyNUY1RkUyRTQxNEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCOqlK4zheoUzbCD4nWCrVGNWtc
tDfjz2PKii0p0MsXXEDVBwKNFZFObvOdcRAvS2qPraPlPy3IPC3m030wJd11/Ezp
keKK3Z+gBqpYD9u1t7J2H5aMMcOAbMN2QL0bZok4YEOnuB0GouCB7juRmn2wg11z
o6+VF6fDKzFgUz1Fq2+NRatqtyMy4DQ+dZVzmr/o+4IRtIFK+No1eNORzuuwakrz
uF0P6XPObT9Qkfvos2wagRIwoqieXdO3ZeNma5ovp7gHTrfPym9Mw+EPakrFLH5i
EUYsi91HQpDeUf1hZ4kxQZo+4kaPKG3Rkrw0UfqUWup6rw5/9kXDbj0a7qw5AgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUuL5Utxvfwvz2Z0cI7fYl9f4uQU4wHwYDVR0j
BBgwFoAUmVzoQwtJlXIWtii2cxDRfm2BtD0wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNVFQQ2pjVGVxRFBiVmZlbXVTeUtiMjY4ZW9XVVdQeUEyTWs5S1NvV3Ny
NTUvMC85OTVDRTg0MzBCNDk5NTcyMTZCNjI4QjY3MzEwRDE3RTZEODFCNDNELmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzk5NUNFODQzMEI0OTk1NzIx
NkI2MjhCNjczMTBEMTdFNkQ4MUI0M0QuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzVRUENqY1RlcURQYlZmZW11U3lLYjI2OGVvV1VXUHlBMk1rOUtTb1dzcjU1LzAv
MzEzNzM3MmUzODM1MmUzNjM0MmUzMDJmMzIzMTJkMzMzMjIwM2QzZTIwMzIzNjMy
MzYzMDMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQDsVVAMA0GCSqGSIb3DQEBCwUAA4IBAQCYYZBv5xB2
bnxM59iXCHY4cz19vwupK0z7+2cQDq+x0sgETJXdqxnAisXf/jrPpdPTEtHBLF+Q
9oxx5xCrT030x7WSC21H0y1lIhbVL6zGc0Z4VFvDxD28orh8CMxYPsEFXacLfaQ4
zJczkQoFf/LZkcqdFs6bTnqDBxRYNH3vmIJT1q9ckxLrbGhm9gmDjtPPF+ht+8JL
/Bp/siQWWP2/HdAuS3Am9jy22wbGizWDGqZyt+Q+NqWdzzab99wqM0Vt7vicjpHB
KsRu6DqK7lQuP00d58XSt1gP2H2FnleSfQ5dyi8VgqDNPE4l+JQcwYlAsbK1UPgi
GtUp+qQB520X
-----END CERTIFICATE-----
Generated at Fri Jul 25 12:59:18 2025 by rpki-client