Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/Hj8eBDfQrFhV8Cu6XqLY7xD47Wy2VJ5iYmEsi8wzB496/0/3136382e3139372e3138332e302f32342d3234203d3e20323731323637.roa
File:                     3136382e3139372e3138332e302f32342d3234203d3e20323731323637.roa (raw, json)
Hash identifier:          Wb+WuvHROnn98V+DXmZg5GpY86IRJxhSib+jCecdO8k=
Subject key identifier:   6F:59:99:ED:7D:82:1B:25:66:E5:DD:4B:C7:7D:56:F7:1D:BC:6E:25
Certificate issuer:       /CN=8BAF9C211E3CB74E1F1681A900A74E3AF81D715E
Certificate serial:       42C211ABEA8EF41408C2973F4479C53A2739D6B3
Authority key identifier: 8B:AF:9C:21:1E:3C:B7:4E:1F:16:81:A9:00:A7:4E:3A:F8:1D:71:5E
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8BAF9C211E3CB74E1F1681A900A74E3AF81D715E.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/Hj8eBDfQrFhV8Cu6XqLY7xD47Wy2VJ5iYmEsi8wzB496/0/3136382e3139372e3138332e302f32342d3234203d3e20323731323637.roa
Signing time:             Wed 12 Feb 2025 19:52:23 +0000
ROA not before:           Wed 12 Feb 2025 19:47:23 +0000
ROA not after:            Wed 11 Feb 2026 19:52:23 +0000
asID:                     271267
IP address blocks:        168.197.183.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/Hj8eBDfQrFhV8Cu6XqLY7xD47Wy2VJ5iYmEsi8wzB496/0/8BAF9C211E3CB74E1F1681A900A74E3AF81D715E.crl
                          rsync://rpki-repo.registro.br/repo/Hj8eBDfQrFhV8Cu6XqLY7xD47Wy2VJ5iYmEsi8wzB496/0/8BAF9C211E3CB74E1F1681A900A74E3AF81D715E.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8BAF9C211E3CB74E1F1681A900A74E3AF81D715E.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 21:27:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:c2:11:ab:ea:8e:f4:14:08:c2:97:3f:44:79:c5:3a:27:39:d6:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8BAF9C211E3CB74E1F1681A900A74E3AF81D715E
        Validity
            Not Before: Feb 12 19:47:23 2025 GMT
            Not After : Feb 11 19:52:23 2026 GMT
        Subject: CN=6F5999ED7D821B2566E5DD4BC77D56F71DBC6E25
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:e0:4e:e0:e0:14:42:42:e1:b7:45:75:e8:39:
                    47:6b:af:81:70:ea:d4:38:bd:82:47:7e:f4:4d:49:
                    b6:d1:a7:ea:a7:81:27:1c:34:72:dc:a5:87:f5:0c:
                    12:d5:0c:6b:38:2b:59:1d:2c:60:40:b8:5a:2f:51:
                    47:9b:84:68:93:ae:96:df:49:24:e0:52:90:7b:2f:
                    6b:30:90:c0:36:f6:13:ce:02:d5:4d:8c:07:8c:6b:
                    d4:fd:7e:61:d2:4e:26:8b:36:b6:4e:d3:bb:3b:e2:
                    74:0c:52:ca:7f:81:80:6a:18:7c:d7:8f:22:c5:05:
                    88:82:d2:65:9d:58:d0:67:1c:5b:fb:30:ba:41:28:
                    06:c9:94:5a:71:b5:0b:c1:90:6e:cf:c5:a5:a2:c9:
                    9b:4e:11:9b:14:f3:79:08:ca:b7:e3:44:49:be:31:
                    6f:67:3c:ac:01:42:ff:0a:39:a0:f4:bc:a5:01:12:
                    5f:b4:0d:bc:3d:40:8a:58:12:ab:7f:61:ea:15:b0:
                    78:9e:99:34:e2:0b:82:7a:3c:b9:a7:70:26:20:53:
                    8f:e7:98:a7:60:ee:94:2d:2f:8a:42:8a:38:45:c6:
                    76:db:7f:60:88:04:d6:43:ce:a0:f7:bc:6b:68:57:
                    97:19:5f:67:72:b6:59:06:c9:0b:16:46:71:16:a2:
                    9b:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:59:99:ED:7D:82:1B:25:66:E5:DD:4B:C7:7D:56:F7:1D:BC:6E:25
            X509v3 Authority Key Identifier:
                keyid:8B:AF:9C:21:1E:3C:B7:4E:1F:16:81:A9:00:A7:4E:3A:F8:1D:71:5E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/Hj8eBDfQrFhV8Cu6XqLY7xD47Wy2VJ5iYmEsi8wzB496/0/8BAF9C211E3CB74E1F1681A900A74E3AF81D715E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8BAF9C211E3CB74E1F1681A900A74E3AF81D715E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/Hj8eBDfQrFhV8Cu6XqLY7xD47Wy2VJ5iYmEsi8wzB496/0/3136382e3139372e3138332e302f32342d3234203d3e20323731323637.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.197.183.0/24

    Signature Algorithm: sha256WithRSAEncryption
         77:7b:cf:46:bb:5c:8d:43:fa:4d:d9:59:e0:cd:25:36:4c:27:
         82:30:e7:69:49:d6:02:f0:85:21:8f:5f:4f:54:50:c5:00:66:
         0f:98:17:7e:24:e6:a2:d7:08:21:bf:2c:4c:8e:e2:e6:ff:d8:
         6a:b6:4a:7d:fa:18:32:f5:84:17:5a:9d:40:18:ff:c4:f8:64:
         1d:8d:13:d4:5d:9e:a1:17:f8:d2:52:25:a7:99:08:f0:5b:0a:
         5f:0a:aa:12:86:8a:48:1c:79:2c:61:b2:41:e5:36:65:ca:23:
         99:f0:e4:e5:62:bb:f0:66:48:4b:49:39:dc:30:f7:90:30:64:
         a2:e1:ff:27:1d:d3:cb:cf:30:dc:4e:e1:c1:82:a8:12:dc:85:
         84:67:ee:5f:6b:03:4e:29:7b:40:54:65:b8:3d:bf:45:de:1e:
         e7:c0:f3:3e:0e:5f:2f:87:63:e9:eb:34:5d:5f:6f:58:30:dc:
         a5:6a:91:3a:9f:d1:21:2a:8e:f6:6c:48:43:18:3a:e2:96:e7:
         9a:4a:15:60:c1:de:04:84:00:2c:97:46:4f:78:32:d3:5c:45:
         21:08:d0:bb:e0:e3:8f:4e:98:f8:fd:9d:32:b8:13:a0:bc:05:
         46:34:d7:44:96:74:23:b6:c3:ee:c7:ab:a4:db:0f:11:34:87:
         72:e7:61:1f
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUQsIRq+qO9BQIwpc/RHnFOic51rMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEJBRjlDMjExRTNDQjc0RTFGMTY4MUE5MDBBNzRFM0FG
ODFENzE1RTAeFw0yNTAyMTIxOTQ3MjNaFw0yNjAyMTExOTUyMjNaMDMxMTAvBgNV
BAMTKDZGNTk5OUVEN0Q4MjFCMjU2NkU1REQ0QkM3N0Q1NkY3MURCQzZFMjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDl4E7g4BRCQuG3RXXoOUdrr4Fw
6tQ4vYJHfvRNSbbRp+qngSccNHLcpYf1DBLVDGs4K1kdLGBAuFovUUebhGiTrpbf
SSTgUpB7L2swkMA29hPOAtVNjAeMa9T9fmHSTiaLNrZO07s74nQMUsp/gYBqGHzX
jyLFBYiC0mWdWNBnHFv7MLpBKAbJlFpxtQvBkG7PxaWiyZtOEZsU83kIyrfjREm+
MW9nPKwBQv8KOaD0vKUBEl+0Dbw9QIpYEqt/YeoVsHiemTTiC4J6PLmncCYgU4/n
mKdg7pQtL4pCijhFxnbbf2CIBNZDzqD3vGtoV5cZX2dytlkGyQsWRnEWoptRAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUb1mZ7X2CGyVm5d1Lx31W9x28biUwHwYDVR0j
BBgwFoAUi6+cIR48t04fFoGpAKdOOvgdcV4wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vSGo4ZUJEZlFyRmhWOEN1NlhxTFk3eEQ0N1d5MlZKNWlZbUVzaTh3ekI0
OTYvMC84QkFGOUMyMTFFM0NCNzRFMUYxNjgxQTkwMEE3NEUzQUY4MUQ3MTVFLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzhCQUY5QzIxMUUzQ0I3NEUx
RjE2ODFBOTAwQTc0RTNBRjgxRDcxNUUuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0hqOGVCRGZRckZoVjhDdTZYcUxZN3hENDdXeTJWSjVpWW1Fc2k4d3pCNDk2LzAv
MzEzNjM4MmUzMTM5MzcyZTMxMzgzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMy
MzczMTMyMzYzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAKjFtzANBgkqhkiG9w0BAQsFAAOCAQEAd3vP
RrtcjUP6TdlZ4M0lNkwngjDnaUnWAvCFIY9fT1RQxQBmD5gXfiTmotcIIb8sTI7i
5v/YarZKffoYMvWEF1qdQBj/xPhkHY0T1F2eoRf40lIlp5kI8FsKXwqqEoaKSBx5
LGGyQeU2ZcojmfDk5WK78GZIS0k53DD3kDBkouH/Jx3Ty88w3E7hwYKoEtyFhGfu
X2sDTil7QFRluD2/Rd4e58DzPg5fL4dj6es0XV9vWDDcpWqROp/RISqO9mxIQxg6
4pbnmkoVYMHeBIQALJdGT3gy01xFIQjQu+Djj06Y+P2dMrgToLwFRjTXRJZ0I7bD
7serpNsPETSHcudhHw==
-----END CERTIFICATE-----
Generated at Wed Jun 11 06:02:57 2025 by rpki-client