Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/ET39NSWiZg3eArKG7XYKApQTWa6BgL5DojdybajGtFUy/0/3133382e35392e34342e302f32332d3233203d3e20323634353935.roa
File:                     3133382e35392e34342e302f32332d3233203d3e20323634353935.roa (raw, json)
Hash identifier:          qOObRv9bxjmVfuQMfve4VO/qpEGZfrjNXxlewEnXmpc=
Subject key identifier:   6B:28:EA:CE:51:B3:5A:15:F5:50:32:CE:FB:E3:5D:45:CC:73:62:D7
Certificate issuer:       /CN=B0B9B934434D02C9258B1024C067D277143B182B
Certificate serial:       32C857D1185C4E437F6BF8B40A1AE344C1A94223
Authority key identifier: B0:B9:B9:34:43:4D:02:C9:25:8B:10:24:C0:67:D2:77:14:3B:18:2B
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/B0B9B934434D02C9258B1024C067D277143B182B.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/ET39NSWiZg3eArKG7XYKApQTWa6BgL5DojdybajGtFUy/0/3133382e35392e34342e302f32332d3233203d3e20323634353935.roa
Signing time:             Wed 21 May 2025 18:42:22 +0000
ROA not before:           Wed 21 May 2025 18:37:22 +0000
ROA not after:            Wed 20 May 2026 18:42:22 +0000
asID:                     264595
IP address blocks:        138.59.44.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/ET39NSWiZg3eArKG7XYKApQTWa6BgL5DojdybajGtFUy/0/B0B9B934434D02C9258B1024C067D277143B182B.crl
                          rsync://rpki-repo.registro.br/repo/ET39NSWiZg3eArKG7XYKApQTWa6BgL5DojdybajGtFUy/0/B0B9B934434D02C9258B1024C067D277143B182B.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/B0B9B934434D02C9258B1024C067D277143B182B.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 01:52:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:c8:57:d1:18:5c:4e:43:7f:6b:f8:b4:0a:1a:e3:44:c1:a9:42:23
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B0B9B934434D02C9258B1024C067D277143B182B
        Validity
            Not Before: May 21 18:37:22 2025 GMT
            Not After : May 20 18:42:22 2026 GMT
        Subject: CN=6B28EACE51B35A15F55032CEFBE35D45CC7362D7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:89:79:0c:ab:19:e5:28:2b:20:83:09:5e:fe:
                    49:38:2f:43:db:7e:3a:30:8b:b2:77:44:f4:83:ae:
                    da:fd:b9:9f:bd:f1:c0:ff:2a:a7:c7:4c:cd:b8:89:
                    09:88:a6:8d:24:5e:01:93:71:dc:a5:83:1e:ac:13:
                    95:e8:2b:af:ab:d1:9a:a2:60:86:9f:26:57:c6:a5:
                    72:67:59:ae:b0:ad:5a:8d:6b:5c:dc:0e:99:ff:dd:
                    c8:c0:ad:ae:d1:1f:81:0f:3c:c8:94:01:49:39:9c:
                    06:75:9d:d5:c2:72:38:11:00:97:2d:55:4a:85:cf:
                    34:b1:c3:d8:01:93:7b:30:7f:94:6b:bf:ae:96:ff:
                    9c:42:5d:70:bd:26:e0:6b:31:b3:f4:c5:c7:6c:e8:
                    85:e3:b9:05:da:ac:ca:f8:56:e9:b7:64:ba:59:74:
                    28:d6:54:40:9f:6a:41:4d:21:f6:ef:2e:19:8e:4d:
                    9a:80:db:22:e6:42:56:2b:14:9d:4c:15:8d:96:11:
                    61:1a:e6:61:74:a9:22:dd:b3:ab:42:a4:99:f7:a2:
                    51:a3:d2:7b:05:82:87:75:bb:19:aa:da:14:f6:3b:
                    a8:fd:71:ac:f6:09:d0:39:25:a7:78:9a:73:7a:7d:
                    9c:18:e0:ad:99:16:77:93:ba:eb:da:c8:69:5e:1f:
                    03:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:28:EA:CE:51:B3:5A:15:F5:50:32:CE:FB:E3:5D:45:CC:73:62:D7
            X509v3 Authority Key Identifier:
                keyid:B0:B9:B9:34:43:4D:02:C9:25:8B:10:24:C0:67:D2:77:14:3B:18:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/ET39NSWiZg3eArKG7XYKApQTWa6BgL5DojdybajGtFUy/0/B0B9B934434D02C9258B1024C067D277143B182B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/B0B9B934434D02C9258B1024C067D277143B182B.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/ET39NSWiZg3eArKG7XYKApQTWa6BgL5DojdybajGtFUy/0/3133382e35392e34342e302f32332d3233203d3e20323634353935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.59.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         5b:21:1c:9f:ba:ef:50:c6:e9:28:c6:74:e4:c4:21:90:69:78:
         68:09:cd:d7:c6:6b:76:33:23:6d:85:96:c0:45:09:7d:ca:98:
         dc:66:8d:c7:75:30:74:58:89:ab:51:8b:00:69:91:16:68:89:
         30:8d:3a:e8:4d:d9:3e:65:12:bb:50:e0:80:21:ac:b0:8e:0c:
         f3:fa:48:96:22:e6:05:1e:ea:13:98:3d:41:98:4a:c6:62:e2:
         61:a4:9d:dd:db:d1:1e:57:75:52:5d:d6:ca:af:aa:59:1e:b6:
         46:f7:fe:52:a5:bb:96:85:e6:be:8c:4a:03:01:38:e2:ef:8f:
         2f:f7:c5:6a:5f:8a:92:5b:90:d9:f7:61:91:d7:0c:cd:10:61:
         ec:ad:6b:66:1d:be:be:f0:46:4f:f1:1c:82:90:e0:08:14:0d:
         a4:86:ec:d3:03:77:ef:ba:ee:76:b6:de:0e:ad:26:61:97:80:
         24:f1:ba:9e:70:40:af:b2:9e:1f:0a:ef:f3:d0:4e:95:97:c9:
         76:5e:8a:80:d9:df:8c:24:15:48:2c:eb:17:de:a1:6d:80:ed:
         48:c1:c0:78:5b:08:34:1c:b6:82:20:5f:52:07:30:0d:d5:df:
         f8:c1:6d:ee:75:6d:a4:1e:63:bf:3c:04:21:9d:5a:55:5c:4e:
         db:fb:f2:3b
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUMshX0RhcTkN/a/i0ChrjRMGpQiMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjBCOUI5MzQ0MzREMDJDOTI1OEIxMDI0QzA2N0QyNzcx
NDNCMTgyQjAeFw0yNTA1MjExODM3MjJaFw0yNjA1MjAxODQyMjJaMDMxMTAvBgNV
BAMTKDZCMjhFQUNFNTFCMzVBMTVGNTUwMzJDRUZCRTM1RDQ1Q0M3MzYyRDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDuiXkMqxnlKCsggwle/kk4L0Pb
fjowi7J3RPSDrtr9uZ+98cD/KqfHTM24iQmIpo0kXgGTcdylgx6sE5XoK6+r0Zqi
YIafJlfGpXJnWa6wrVqNa1zcDpn/3cjAra7RH4EPPMiUAUk5nAZ1ndXCcjgRAJct
VUqFzzSxw9gBk3swf5Rrv66W/5xCXXC9JuBrMbP0xcds6IXjuQXarMr4Vum3ZLpZ
dCjWVECfakFNIfbvLhmOTZqA2yLmQlYrFJ1MFY2WEWEa5mF0qSLds6tCpJn3olGj
0nsFgod1uxmq2hT2O6j9caz2CdA5Jad4mnN6fZwY4K2ZFneTuuvayGleHwO3AgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUayjqzlGzWhX1UDLO++NdRcxzYtcwHwYDVR0j
BBgwFoAUsLm5NENNAsklixAkwGfSdxQ7GCswDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRVQzOU5TV2laZzNlQXJLRzdYWUtBcFFUV2E2QmdMNURvamR5YmFqR3RG
VXkvMC9CMEI5QjkzNDQzNEQwMkM5MjU4QjEwMjRDMDY3RDI3NzE0M0IxODJCLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0IwQjlCOTM0NDM0RDAyQzky
NThCMTAyNEMwNjdEMjc3MTQzQjE4MkIuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0VUMzlOU1dpWmczZUFyS0c3WFlLQXBRVFdhNkJnTDVEb2pkeWJhakd0RlV5LzAv
MzEzMzM4MmUzNTM5MmUzNDM0MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzIzNjM0
MzUzOTM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQBijssMA0GCSqGSIb3DQEBCwUAA4IBAQBbIRyfuu9Q
xukoxnTkxCGQaXhoCc3Xxmt2MyNthZbARQl9ypjcZo3HdTB0WImrUYsAaZEWaIkw
jTroTdk+ZRK7UOCAIaywjgzz+kiWIuYFHuoTmD1BmErGYuJhpJ3d29EeV3VSXdbK
r6pZHrZG9/5SpbuWhea+jEoDATji748v98VqX4qSW5DZ92GR1wzNEGHsrWtmHb6+
8EZP8RyCkOAIFA2khuzTA3fvuu52tt4OrSZhl4Ak8bqecECvsp4fCu/z0E6Vl8l2
XoqA2d+MJBVILOsX3qFtgO1IwcB4Wwg0HLaCIF9SBzAN1d/4wW3udW2kHmO/PAQh
nVpVXE7b+/I7
-----END CERTIFICATE-----
Generated at Mon Jun 9 15:35:34 2025 by rpki-client