Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/1/3230302e31382e32302e302f32322d3237203d3e2031393136.roa
File:                     3230302e31382e32302e302f32322d3237203d3e2031393136.roa (raw, json)
Hash identifier:          Uzph4xAJAXNQLrFgxrNrg8EbYDRek6604Xi84v26dGg=
Subject key identifier:   78:22:A2:3C:9C:94:30:4D:6F:56:DA:8F:9E:A4:5C:6E:2A:15:AA:50
Certificate issuer:       /CN=9C26395E84B6168CD893F95EDAC6D4BDC4C7C9FD
Certificate serial:       0114EEC92417938389C2AF1FA0483398A7D023C3
Authority key identifier: 9C:26:39:5E:84:B6:16:8C:D8:93:F9:5E:DA:C6:D4:BD:C4:C7:C9:FD
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/9C26395E84B6168CD893F95EDAC6D4BDC4C7C9FD.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/1/3230302e31382e32302e302f32322d3237203d3e2031393136.roa
Signing time:             Fri 19 Jun 2026 20:01:03 +0000
ROA not before:           Fri 19 Jun 2026 19:56:03 +0000
ROA not after:            Fri 18 Jun 2027 20:01:03 +0000
asID:                     1916
IP address blocks:        200.18.20.0/22 maxlen: 27
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/1/9C26395E84B6168CD893F95EDAC6D4BDC4C7C9FD.crl
                          rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/1/9C26395E84B6168CD893F95EDAC6D4BDC4C7C9FD.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/9C26395E84B6168CD893F95EDAC6D4BDC4C7C9FD.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 02 Jul 2026 01:56:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:14:ee:c9:24:17:93:83:89:c2:af:1f:a0:48:33:98:a7:d0:23:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9C26395E84B6168CD893F95EDAC6D4BDC4C7C9FD
        Validity
            Not Before: Jun 19 19:56:03 2026 GMT
            Not After : Jun 18 20:01:03 2027 GMT
        Subject: CN=7822A23C9C94304D6F56DA8F9EA45C6E2A15AA50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:88:32:38:c2:8e:7c:91:e6:18:eb:24:ed:d0:
                    97:dc:ad:a6:23:0a:99:55:37:97:e0:6b:3c:7f:c2:
                    a1:7d:09:13:3b:b1:60:43:a3:d1:07:21:1a:7d:08:
                    93:63:e8:ff:88:30:f3:6f:91:d4:42:85:ac:b3:65:
                    3f:ae:57:d3:78:b9:cc:1c:7c:ea:27:8f:f1:54:b4:
                    1e:32:30:18:03:67:d6:81:0a:dc:4c:05:dc:51:2e:
                    69:fd:a0:a0:58:9d:fc:da:ad:6b:b2:e7:58:22:78:
                    7f:2e:07:c7:d1:04:ea:51:fb:1d:cb:d1:f3:01:d0:
                    0e:63:6e:2a:e8:73:36:19:0f:a8:a0:5c:39:c0:47:
                    32:81:57:f4:53:e7:aa:39:f6:30:4c:9b:09:8f:0e:
                    e9:2b:38:9a:e6:6c:2a:ed:51:53:c2:90:56:72:d6:
                    a9:99:2f:ef:e2:a8:2f:40:f3:3e:1e:33:3b:d6:dc:
                    e6:78:91:73:ce:aa:93:14:60:14:ec:c1:ec:e8:82:
                    35:83:2b:a1:1f:c4:52:d4:ec:a3:65:a8:d3:3a:8b:
                    7c:b3:fe:a4:4a:7e:23:ae:07:9c:6e:07:ed:3c:46:
                    dc:08:c5:81:65:8d:68:8e:d4:58:ee:d1:42:a0:95:
                    66:6c:d4:30:50:dd:79:15:f4:c5:be:b7:e2:16:93:
                    cb:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                78:22:A2:3C:9C:94:30:4D:6F:56:DA:8F:9E:A4:5C:6E:2A:15:AA:50
            X509v3 Authority Key Identifier:
                keyid:9C:26:39:5E:84:B6:16:8C:D8:93:F9:5E:DA:C6:D4:BD:C4:C7:C9:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/1/9C26395E84B6168CD893F95EDAC6D4BDC4C7C9FD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/9C26395E84B6168CD893F95EDAC6D4BDC4C7C9FD.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/1/3230302e31382e32302e302f32322d3237203d3e2031393136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.18.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         31:89:32:d7:8e:eb:3d:10:55:30:96:ec:ed:95:12:72:af:a5:
         4a:93:a7:e6:2c:4c:1b:5a:9d:94:3f:47:e5:47:5a:4d:70:78:
         f3:05:50:91:9e:03:45:5f:51:b8:7c:e3:79:3a:bf:c3:fd:7a:
         3e:ef:8d:a1:f4:da:45:49:5e:8d:d7:da:2b:c1:bc:c6:f0:b4:
         03:4e:b9:dc:d4:a8:2d:09:fd:75:42:4b:de:2f:d1:1b:9b:66:
         c4:f9:89:54:88:7b:77:7b:06:4e:a5:93:ed:c9:b3:8c:cd:58:
         ca:54:e0:ec:7d:c9:22:2c:87:88:1f:2f:39:79:5f:4e:8a:74:
         c2:19:b4:f5:66:55:b9:7d:0e:08:c2:66:b7:fc:9d:ca:38:c6:
         18:7d:af:ae:3c:e2:99:e7:72:e2:07:08:75:f4:55:09:e7:50:
         f0:f4:ae:27:9a:4e:56:f7:02:d6:4b:d8:fc:37:9e:12:90:e9:
         99:c1:80:9e:e8:0a:7b:8c:e4:c0:2f:96:a5:50:8a:67:95:77:
         ed:9c:75:54:47:6a:97:d9:7c:c4:55:0b:7d:fd:5f:bb:e8:88:
         46:ad:4d:5b:c7:e9:50:22:90:91:32:25:62:40:32:32:44:6c:
         d6:e7:a9:49:e3:d4:10:84:02:80:19:a3:f5:b0:9c:dc:59:35:
         d4:e1:cc:fe
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUARTuySQXk4OJwq8foEgzmKfQI8MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUMyNjM5NUU4NEI2MTY4Q0Q4OTNGOTVFREFDNkQ0QkRD
NEM3QzlGRDAeFw0yNjA2MTkxOTU2MDNaFw0yNzA2MTgyMDAxMDNaMDMxMTAvBgNV
BAMTKDc4MjJBMjNDOUM5NDMwNEQ2RjU2REE4RjlFQTQ1QzZFMkExNUFBNTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWiDI4wo58keYY6yTt0JfcraYj
CplVN5fgazx/wqF9CRM7sWBDo9EHIRp9CJNj6P+IMPNvkdRChayzZT+uV9N4ucwc
fOonj/FUtB4yMBgDZ9aBCtxMBdxRLmn9oKBYnfzarWuy51gieH8uB8fRBOpR+x3L
0fMB0A5jbiroczYZD6igXDnARzKBV/RT56o59jBMmwmPDukrOJrmbCrtUVPCkFZy
1qmZL+/iqC9A8z4eMzvW3OZ4kXPOqpMUYBTswezogjWDK6EfxFLU7KNlqNM6i3yz
/qRKfiOuB5xuB+08RtwIxYFljWiO1Fju0UKglWZs1DBQ3XkV9MW+t+IWk8sJAgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUeCKiPJyUME1vVtqPnqRcbioVqlAwHwYDVR0j
BBgwFoAUnCY5XoS2FozYk/le2sbUvcTHyf0wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMkgyYW00SDNUYUdEcGlUZHdpaDZKeXc3SGZwZ1VwTWl6TDhpOU14Vk1V
dWQvMS85QzI2Mzk1RTg0QjYxNjhDRDg5M0Y5NUVEQUM2RDRCREM0QzdDOUZELmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzlDMjYzOTVFODRCNjE2OENE
ODkzRjk1RURBQzZENEJEQzRDN0M5RkQuY2VyMIGoBggrBgEFBQcBCwSBmzCBmDCB
lQYIKwYBBQUHMAuGgYhyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJIMmFtNEgzVGFHRHBpVGR3aWg2Snl3N0hmcGdVcE1pekw4aTlNeFZNVXVkLzEv
MzIzMDMwMmUzMTM4MmUzMjMwMmUzMDJmMzIzMjJkMzIzNzIwM2QzZTIwMzEzOTMx
MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBALIEhQwDQYJKoZIhvcNAQELBQADggEBADGJMteO6z0QVTCW
7O2VEnKvpUqTp+YsTBtanZQ/R+VHWk1wePMFUJGeA0VfUbh843k6v8P9ej7vjaH0
2kVJXo3X2ivBvMbwtANOudzUqC0J/XVCS94v0RubZsT5iVSIe3d7Bk6lk+3Js4zN
WMpU4Ox9ySIsh4gfLzl5X06KdMIZtPVmVbl9DgjCZrf8nco4xhh9r6484pnncuIH
CHX0VQnnUPD0rieaTlb3AtZL2Pw3nhKQ6ZnBgJ7oCnuM5MAvlqVQimeVd+2cdVRH
apfZfMRVC339X7voiEatTVvH6VAikJEyJWJAMjJEbNbnqUnj1BCEAoAZo/WwnNxZ
NdThzP4=
-----END CERTIFICATE-----
Generated at Wed Jul 1 08:21:20 2026 by rpki-client