Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/GeboebrzjP9zEyzzhDptkr3D5g8ekLcMp7Kktentjs2c/0/34352e372e34302e302f32332d3233203d3e20323636353635.roa
File:                     34352e372e34302e302f32332d3233203d3e20323636353635.roa (raw, json)
Hash identifier:          sPebdQOPOYWimGBUXn9SEbay5sheK5zADpCl8Swj3eI=
Subject key identifier:   FF:E2:54:7B:B5:38:BE:F6:56:D1:D2:1D:9A:A9:0D:0F:24:B1:95:34
Certificate issuer:       /CN=8D2922D358225395ABA691BA6723BAA778294D49
Certificate serial:       3D5E20303D203CAA9746EF5567B1744C9B7729C8
Authority key identifier: 8D:29:22:D3:58:22:53:95:AB:A6:91:BA:67:23:BA:A7:78:29:4D:49
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8D2922D358225395ABA691BA6723BAA778294D49.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/GeboebrzjP9zEyzzhDptkr3D5g8ekLcMp7Kktentjs2c/0/34352e372e34302e302f32332d3233203d3e20323636353635.roa
Signing time:             Sat 19 Jul 2025 18:52:35 +0000
ROA not before:           Sat 19 Jul 2025 18:47:35 +0000
ROA not after:            Sat 18 Jul 2026 18:52:35 +0000
asID:                     266565
IP address blocks:        45.7.40.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/GeboebrzjP9zEyzzhDptkr3D5g8ekLcMp7Kktentjs2c/0/8D2922D358225395ABA691BA6723BAA778294D49.crl
                          rsync://rpki-repo.registro.br/repo/GeboebrzjP9zEyzzhDptkr3D5g8ekLcMp7Kktentjs2c/0/8D2922D358225395ABA691BA6723BAA778294D49.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8D2922D358225395ABA691BA6723BAA778294D49.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 26 Jul 2025 20:11:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3d:5e:20:30:3d:20:3c:aa:97:46:ef:55:67:b1:74:4c:9b:77:29:c8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8D2922D358225395ABA691BA6723BAA778294D49
        Validity
            Not Before: Jul 19 18:47:35 2025 GMT
            Not After : Jul 18 18:52:35 2026 GMT
        Subject: CN=FFE2547BB538BEF656D1D21D9AA90D0F24B19534
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:6a:33:4f:f4:03:36:1e:7e:19:d7:e9:bc:d9:
                    d1:2a:0d:70:cc:4d:96:45:bf:e1:0d:80:41:d8:18:
                    b3:90:8b:83:1c:78:e5:15:46:55:53:96:8f:48:e5:
                    82:52:87:0f:d7:af:77:7f:22:55:29:71:f4:f3:2f:
                    b4:6c:fa:29:88:6f:c0:da:f5:b1:35:db:fc:1d:a0:
                    d4:43:e7:cc:a6:90:7e:56:1c:9f:45:a8:3a:55:d2:
                    df:fe:1f:62:6e:68:6d:86:26:d1:c8:40:b5:5e:b7:
                    c0:57:56:2d:2d:3b:05:c1:38:de:e7:a3:b3:0e:16:
                    19:28:d5:d0:31:08:df:84:7e:2c:5f:d0:08:a4:78:
                    ef:07:ea:94:89:bc:62:8c:df:ca:d6:a2:ef:63:01:
                    69:48:b3:d9:9b:ee:52:30:2f:c5:d3:d7:05:f6:b3:
                    0a:61:67:44:a4:94:cf:e7:38:09:8a:c7:45:ad:bd:
                    10:35:d5:80:69:81:71:e1:8e:91:c6:ec:09:83:74:
                    50:c2:33:95:37:5c:3b:76:3c:80:ba:7d:11:81:62:
                    ea:47:ab:e1:65:3d:d1:55:d5:9b:a1:0d:3a:85:91:
                    1c:54:e2:69:39:37:94:10:f3:dd:43:0b:5b:a3:e7:
                    1a:9e:3c:e3:a7:57:cd:de:30:63:8d:d4:c9:4c:33:
                    c3:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FF:E2:54:7B:B5:38:BE:F6:56:D1:D2:1D:9A:A9:0D:0F:24:B1:95:34
            X509v3 Authority Key Identifier:
                keyid:8D:29:22:D3:58:22:53:95:AB:A6:91:BA:67:23:BA:A7:78:29:4D:49

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/GeboebrzjP9zEyzzhDptkr3D5g8ekLcMp7Kktentjs2c/0/8D2922D358225395ABA691BA6723BAA778294D49.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8D2922D358225395ABA691BA6723BAA778294D49.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/GeboebrzjP9zEyzzhDptkr3D5g8ekLcMp7Kktentjs2c/0/34352e372e34302e302f32332d3233203d3e20323636353635.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.7.40.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ac:fc:6c:37:a6:d0:cb:6c:0b:8b:ec:d1:c4:fe:38:e6:37:48:
         0e:7a:94:88:8f:36:45:22:cc:8e:3a:7e:cd:f2:34:ca:ed:11:
         0a:06:23:ec:36:c1:17:7d:8b:89:46:7b:e7:0b:f9:98:25:a2:
         eb:7b:8c:f6:bd:2f:6b:67:a2:37:4d:e4:84:2e:ef:81:64:27:
         e3:b5:b8:cf:90:ee:23:de:67:1d:3c:30:1d:8b:9a:16:97:d8:
         48:4f:e3:be:c3:44:c6:0c:9a:f1:9e:0c:08:df:86:b4:f2:fb:
         73:b5:9f:eb:f3:5b:f6:c0:40:49:b2:4a:06:17:36:d5:51:70:
         b4:9e:a9:37:d4:ad:0d:ea:c9:b7:b1:12:bb:69:29:04:2a:d6:
         3c:81:6c:96:a0:a3:4a:a8:5c:5b:c0:6d:af:00:58:fb:5b:e1:
         6c:53:68:4d:49:fe:58:37:09:6b:58:5d:bd:12:3e:80:ec:3c:
         8d:74:6b:06:0d:f1:87:6c:ee:1c:e6:29:39:0f:4f:61:88:97:
         0c:63:57:52:cc:a2:7d:d4:53:d3:88:64:86:41:d5:39:b2:df:
         60:5d:19:1f:93:ba:ee:64:20:42:c0:57:e3:ef:0a:b0:84:b9:
         60:d2:1e:7f:86:ea:b3:c9:3d:8b:0a:93:7d:43:0d:31:c5:1d:
         b0:1c:7b:67
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUPV4gMD0gPKqXRu9VZ7F0TJt3KcgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEQyOTIyRDM1ODIyNTM5NUFCQTY5MUJBNjcyM0JBQTc3
ODI5NEQ0OTAeFw0yNTA3MTkxODQ3MzVaFw0yNjA3MTgxODUyMzVaMDMxMTAvBgNV
BAMTKEZGRTI1NDdCQjUzOEJFRjY1NkQxRDIxRDlBQTkwRDBGMjRCMTk1MzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFajNP9AM2Hn4Z1+m82dEqDXDM
TZZFv+ENgEHYGLOQi4MceOUVRlVTlo9I5YJShw/Xr3d/IlUpcfTzL7Rs+imIb8Da
9bE12/wdoNRD58ymkH5WHJ9FqDpV0t/+H2JuaG2GJtHIQLVet8BXVi0tOwXBON7n
o7MOFhko1dAxCN+Efixf0AikeO8H6pSJvGKM38rWou9jAWlIs9mb7lIwL8XT1wX2
swphZ0SklM/nOAmKx0WtvRA11YBpgXHhjpHG7AmDdFDCM5U3XDt2PIC6fRGBYupH
q+FlPdFV1ZuhDTqFkRxU4mk5N5QQ891DC1uj5xqePOOnV83eMGON1MlMM8PzAgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQU/+JUe7U4vvZW0dIdmqkNDySxlTQwHwYDVR0j
BBgwFoAUjSki01giU5WrppG6ZyO6p3gpTUkwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vR2Vib2VicnpqUDl6RXl6emhEcHRrcjNENWc4ZWtMY01wN0trdGVudGpz
MmMvMC84RDI5MjJEMzU4MjI1Mzk1QUJBNjkxQkE2NzIzQkFBNzc4Mjk0RDQ5LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzhEMjkyMkQzNTgyMjUzOTVB
QkE2OTFCQTY3MjNCQUE3NzgyOTRENDkuY2VyMIGoBggrBgEFBQcBCwSBmzCBmDCB
lQYIKwYBBQUHMAuGgYhyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0dlYm9lYnJ6alA5ekV5enpoRHB0a3IzRDVnOGVrTGNNcDdLa3RlbnRqczJjLzAv
MzQzNTJlMzcyZTM0MzAyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjM2MzYzNTM2
MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAEtBygwDQYJKoZIhvcNAQELBQADggEBAKz8bDem0MtsC4vs
0cT+OOY3SA56lIiPNkUizI46fs3yNMrtEQoGI+w2wRd9i4lGe+cL+Zglout7jPa9
L2tnojdN5IQu74FkJ+O1uM+Q7iPeZx08MB2LmhaX2EhP477DRMYMmvGeDAjfhrTy
+3O1n+vzW/bAQEmySgYXNtVRcLSeqTfUrQ3qybexErtpKQQq1jyBbJago0qoXFvA
ba8AWPtb4WxTaE1J/lg3CWtYXb0SPoDsPI10awYN8Yds7hzmKTkPT2GIlwxjV1LM
on3UU9OIZIZB1Tmy32BdGR+Tuu5kIELAV+PvCrCEuWDSHn+G6rPJPYsKk31DDTHF
HbAce2c=
-----END CERTIFICATE-----
Generated at Sat Jul 26 06:55:16 2025 by rpki-client