Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/0/3230302e3233352e302e302f31372d3237203d3e2031393136.roa
File:                     3230302e3233352e302e302f31372d3237203d3e2031393136.roa (raw, json)
Hash identifier:          en0Z5NxD6rtflVSSu4U4srBwTS9umc/Vztl9QTdDamo=
Subject key identifier:   4C:F9:AA:9B:21:DB:75:C8:64:38:8F:6E:29:28:9F:EC:B6:A6:61:37
Certificate issuer:       /CN=AEE46E32CB1462419CCCB89B5C498495E919B5CF
Certificate serial:       448073C18C954896861D42E911BF6419C7772954
Authority key identifier: AE:E4:6E:32:CB:14:62:41:9C:CC:B8:9B:5C:49:84:95:E9:19:B5:CF
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AEE46E32CB1462419CCCB89B5C498495E919B5CF.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/0/3230302e3233352e302e302f31372d3237203d3e2031393136.roa
Signing time:             Fri 18 Jul 2025 20:15:24 +0000
ROA not before:           Fri 18 Jul 2025 20:10:24 +0000
ROA not after:            Fri 17 Jul 2026 20:15:24 +0000
asID:                     1916
IP address blocks:        200.235.0.0/17 maxlen: 27
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/0/AEE46E32CB1462419CCCB89B5C498495E919B5CF.crl
                          rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/0/AEE46E32CB1462419CCCB89B5C498495E919B5CF.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AEE46E32CB1462419CCCB89B5C498495E919B5CF.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 28 Jul 2025 17:37:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:80:73:c1:8c:95:48:96:86:1d:42:e9:11:bf:64:19:c7:77:29:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AEE46E32CB1462419CCCB89B5C498495E919B5CF
        Validity
            Not Before: Jul 18 20:10:24 2025 GMT
            Not After : Jul 17 20:15:24 2026 GMT
        Subject: CN=4CF9AA9B21DB75C864388F6E29289FECB6A66137
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:d3:0f:59:cd:d4:3e:de:35:19:5b:4c:ca:74:
                    50:72:7e:9a:68:86:5f:00:1a:f6:0b:54:09:f5:3a:
                    38:04:f9:45:b7:43:09:a7:23:0a:3d:be:8b:9e:19:
                    5a:32:02:50:9f:bc:a3:cd:e8:54:1f:1b:d5:7a:ca:
                    24:e6:b7:a1:53:0f:5b:86:72:55:be:45:16:63:6c:
                    48:89:c7:5c:5a:24:d1:e5:1c:2e:a6:bf:00:bf:a0:
                    5e:b0:58:37:ba:ea:5b:a1:2b:07:3f:02:93:e6:89:
                    2b:4a:f3:bd:28:41:9a:9b:51:f1:bf:6f:00:45:73:
                    0b:94:e1:cc:c3:c8:f3:58:63:3c:f7:ed:61:b9:dc:
                    d0:43:34:48:a7:4c:90:70:da:31:9d:06:fd:3a:79:
                    19:2b:0e:2a:74:55:7d:b8:9c:66:e2:aa:8c:70:81:
                    53:e8:2a:23:4f:b2:d5:83:a0:c8:e9:04:20:32:af:
                    42:57:24:d3:1a:60:88:27:ed:a7:ae:18:90:45:1c:
                    16:0b:b6:33:af:ae:b7:c7:5c:c6:2b:27:71:1b:3f:
                    5a:1b:4e:08:d4:6e:10:c3:38:5e:80:5a:91:0a:23:
                    d5:78:f2:30:7d:e9:50:f7:27:bf:4d:d8:c7:25:f8:
                    68:d4:96:76:40:09:38:44:96:56:cf:ef:aa:b4:5b:
                    55:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:F9:AA:9B:21:DB:75:C8:64:38:8F:6E:29:28:9F:EC:B6:A6:61:37
            X509v3 Authority Key Identifier:
                keyid:AE:E4:6E:32:CB:14:62:41:9C:CC:B8:9B:5C:49:84:95:E9:19:B5:CF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/0/AEE46E32CB1462419CCCB89B5C498495E919B5CF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AEE46E32CB1462419CCCB89B5C498495E919B5CF.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/0/3230302e3233352e302e302f31372d3237203d3e2031393136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.235.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         53:e7:b5:24:31:da:5a:b3:36:20:c0:54:0d:76:a6:f1:40:09:
         15:c6:87:d7:90:6a:0e:39:72:03:00:c6:dc:a2:4c:0b:26:07:
         ee:e1:66:1d:e4:13:ca:ba:a7:fd:24:5d:7b:73:8b:8c:df:60:
         69:87:21:b3:00:6a:7b:e6:2c:4f:e9:9f:69:37:81:c5:90:75:
         06:c9:54:e1:eb:8e:14:eb:7b:e3:05:1b:28:c6:4e:68:8c:48:
         1d:06:20:0a:30:ad:0b:b9:d8:33:0b:8d:8e:05:0a:9d:f7:c3:
         d1:71:5b:d7:92:9a:9b:4f:00:08:8e:63:fc:87:1a:d5:d8:37:
         0f:d9:89:47:f9:16:9d:2a:7d:28:f2:61:3d:75:3d:f0:23:8e:
         34:1e:32:33:87:f9:f9:e1:66:c2:cc:83:42:a5:46:91:55:ec:
         d4:eb:04:f7:ee:8d:d8:f0:de:2e:d1:3c:c2:e6:62:6a:8f:08:
         33:c8:75:4a:62:00:0b:3a:b9:f8:c9:a4:07:eb:c2:e1:83:92:
         ea:b4:8e:ad:ef:47:1a:ab:ac:39:ef:aa:1b:3c:4e:d4:d8:cf:
         98:25:c7:b4:2b:0f:aa:62:ce:b7:04:8c:c1:52:4c:fe:86:f4:
         da:f6:ac:ac:2b:2a:55:f4:2e:da:f6:67:54:99:c1:6c:30:07:
         05:0f:9c:ce
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIURIBzwYyVSJaGHULpEb9kGcd3KVQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUVFNDZFMzJDQjE0NjI0MTlDQ0NCODlCNUM0OTg0OTVF
OTE5QjVDRjAeFw0yNTA3MTgyMDEwMjRaFw0yNjA3MTcyMDE1MjRaMDMxMTAvBgNV
BAMTKDRDRjlBQTlCMjFEQjc1Qzg2NDM4OEY2RTI5Mjg5RkVDQjZBNjYxMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/0w9ZzdQ+3jUZW0zKdFByfppo
hl8AGvYLVAn1OjgE+UW3QwmnIwo9voueGVoyAlCfvKPN6FQfG9V6yiTmt6FTD1uG
clW+RRZjbEiJx1xaJNHlHC6mvwC/oF6wWDe66luhKwc/ApPmiStK870oQZqbUfG/
bwBFcwuU4czDyPNYYzz37WG53NBDNEinTJBw2jGdBv06eRkrDip0VX24nGbiqoxw
gVPoKiNPstWDoMjpBCAyr0JXJNMaYIgn7aeuGJBFHBYLtjOvrrfHXMYrJ3EbP1ob
TgjUbhDDOF6AWpEKI9V48jB96VD3J79N2Mcl+GjUlnZACThEllbP76q0W1UjAgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUTPmqmyHbdchkOI9uKSif7LamYTcwHwYDVR0j
BBgwFoAUruRuMssUYkGczLibXEmElekZtc8wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMkgyYW00SDNUYUdEcGlUZHdpaDZKeXc3SGZwZ1VwTWl6TDhpOU14Vk1V
dWQvMC9BRUU0NkUzMkNCMTQ2MjQxOUNDQ0I4OUI1QzQ5ODQ5NUU5MTlCNUNGLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FFRTQ2RTMyQ0IxNDYyNDE5
Q0NDQjg5QjVDNDk4NDk1RTkxOUI1Q0YuY2VyMIGoBggrBgEFBQcBCwSBmzCBmDCB
lQYIKwYBBQUHMAuGgYhyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJIMmFtNEgzVGFHRHBpVGR3aWg2Snl3N0hmcGdVcE1pekw4aTlNeFZNVXVkLzAv
MzIzMDMwMmUzMjMzMzUyZTMwMmUzMDJmMzEzNzJkMzIzNzIwM2QzZTIwMzEzOTMx
MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAfI6wAwDQYJKoZIhvcNAQELBQADggEBAFPntSQx2lqzNiDA
VA12pvFACRXGh9eQag45cgMAxtyiTAsmB+7hZh3kE8q6p/0kXXtzi4zfYGmHIbMA
anvmLE/pn2k3gcWQdQbJVOHrjhTre+MFGyjGTmiMSB0GIAowrQu52DMLjY4FCp33
w9FxW9eSmptPAAiOY/yHGtXYNw/ZiUf5Fp0qfSjyYT11PfAjjjQeMjOH+fnhZsLM
g0KlRpFV7NTrBPfujdjw3i7RPMLmYmqPCDPIdUpiAAs6ufjJpAfrwuGDkuq0jq3v
RxqrrDnvqhs8TtTYz5glx7QrD6pizrcEjMFSTP6G9Nr2rKwrKlX0Ltr2Z1SZwWww
BwUPnM4=
-----END CERTIFICATE-----
Generated at Mon Jul 28 06:45:04 2025 by rpki-client