Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/3137372e38362e3136382e302f32312d3234203d3e203532353733.roa
File:                     3137372e38362e3136382e302f32312d3234203d3e203532353733.roa (raw, json)
Hash identifier:          YKUfq9pAjM0PRNguBgjWYP/T7fDhqUQqY+f0wl2g0AY=
Subject key identifier:   C7:4C:BE:16:02:46:CE:25:FC:54:7D:65:A5:91:90:9F:55:D3:CE:12
Certificate issuer:       /CN=D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7
Certificate serial:       301579316BE2FF7D6AA83F7F060FAA2FB88E51DE
Authority key identifier: D6:86:F2:D1:C8:D6:F0:E1:82:00:D7:BA:3B:4E:13:8A:86:7E:25:C7
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/3137372e38362e3136382e302f32312d3234203d3e203532353733.roa
Signing time:             Sat 31 May 2025 13:17:05 +0000
ROA not before:           Sat 31 May 2025 13:12:05 +0000
ROA not after:            Sat 30 May 2026 13:17:05 +0000
asID:                     52573
IP address blocks:        177.86.168.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.crl
                          rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 17:56:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:15:79:31:6b:e2:ff:7d:6a:a8:3f:7f:06:0f:aa:2f:b8:8e:51:de
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7
        Validity
            Not Before: May 31 13:12:05 2025 GMT
            Not After : May 30 13:17:05 2026 GMT
        Subject: CN=C74CBE160246CE25FC547D65A591909F55D3CE12
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:03:8f:eb:70:6f:5c:ec:24:84:4f:33:ab:64:
                    c8:30:3f:11:4a:67:a2:e6:8f:02:31:62:66:7f:75:
                    6a:3e:bc:56:1b:31:b6:55:46:0a:65:1f:81:7a:3b:
                    f5:1f:85:a1:cc:68:aa:f1:33:c3:39:9c:fc:60:b5:
                    19:14:bb:a1:00:90:8c:c5:51:80:94:89:ac:f2:d4:
                    7a:6b:55:52:d0:a1:3d:ee:4c:94:ad:19:4a:fe:df:
                    57:c2:65:92:bb:60:3f:74:3c:e8:32:af:90:c4:ed:
                    b8:9e:8b:74:cc:3a:a1:1f:0f:27:05:96:82:43:d6:
                    fb:2a:2a:fa:a5:c6:c2:9b:c8:02:69:e6:3a:98:f4:
                    82:0c:52:1b:0e:56:17:b7:5f:42:12:78:b2:66:56:
                    8e:44:5c:ca:03:37:06:62:41:c4:b5:bb:42:15:2a:
                    ac:10:7e:0b:3f:ae:f1:f1:dc:05:e0:20:3c:7b:24:
                    59:34:a3:6e:17:c1:7d:33:32:49:ed:3f:6d:43:e6:
                    35:27:7c:6f:ba:96:07:9f:65:01:42:2c:11:42:a0:
                    d8:a5:00:f8:d0:d0:78:66:84:2c:bc:9a:cc:5b:52:
                    4b:53:b9:9e:86:f5:e9:50:7e:c3:7f:16:c7:49:3a:
                    20:58:cf:08:f3:17:df:35:aa:6e:54:0b:0a:af:d4:
                    e7:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:4C:BE:16:02:46:CE:25:FC:54:7D:65:A5:91:90:9F:55:D3:CE:12
            X509v3 Authority Key Identifier:
                keyid:D6:86:F2:D1:C8:D6:F0:E1:82:00:D7:BA:3B:4E:13:8A:86:7E:25:C7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/3137372e38362e3136382e302f32312d3234203d3e203532353733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.86.168.0/21

    Signature Algorithm: sha256WithRSAEncryption
         60:60:fb:3e:e6:ac:c4:db:04:b6:9a:e8:ab:55:d1:15:56:31:
         01:05:58:f6:9e:31:32:c1:33:a2:65:64:44:6d:b0:d4:8f:fd:
         ea:e8:a6:e0:f5:14:1f:aa:66:79:cf:cc:be:bd:34:c8:90:27:
         95:33:46:32:69:83:51:77:53:cb:27:fd:0c:af:98:a1:65:42:
         5e:c9:91:d2:49:bc:38:fb:45:5f:ac:86:d1:e3:3c:c5:f2:f9:
         c9:6c:a3:f7:f9:2a:80:c5:c7:30:05:b5:73:13:69:72:c8:41:
         b4:e2:eb:d8:0c:8f:2f:d2:a1:65:98:3c:bf:20:2a:3e:f3:82:
         38:cd:30:ba:b5:91:8c:9a:c2:83:69:cf:8e:3e:4c:67:5e:c4:
         fa:50:10:df:ce:29:46:c6:6d:eb:46:81:4b:f9:a2:a6:e4:4b:
         64:ff:d9:b9:6c:de:7d:97:20:9d:a4:b4:98:cc:e9:fd:c2:3a:
         96:6a:c6:d2:51:22:9d:b3:d1:72:f8:0f:2c:21:1a:3e:97:f4:
         db:a2:9a:1c:4e:96:91:2e:ce:e8:3d:82:a0:a5:12:db:69:18:
         4c:78:93:37:1e:bb:3a:4a:b6:80:54:32:05:b2:12:f6:fa:f4:
         cb:8f:d0:a2:04:fa:6c:48:72:10:28:1c:4c:b2:d1:8f:73:62:
         f8:96:5e:06
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUMBV5MWvi/31qqD9/Bg+qL7iOUd4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDY4NkYyRDFDOEQ2RjBFMTgyMDBEN0JBM0I0RTEzOEE4
NjdFMjVDNzAeFw0yNTA1MzExMzEyMDVaFw0yNjA1MzAxMzE3MDVaMDMxMTAvBgNV
BAMTKEM3NENCRTE2MDI0NkNFMjVGQzU0N0Q2NUE1OTE5MDlGNTVEM0NFMTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9A4/rcG9c7CSETzOrZMgwPxFK
Z6LmjwIxYmZ/dWo+vFYbMbZVRgplH4F6O/UfhaHMaKrxM8M5nPxgtRkUu6EAkIzF
UYCUiazy1HprVVLQoT3uTJStGUr+31fCZZK7YD90POgyr5DE7biei3TMOqEfDycF
loJD1vsqKvqlxsKbyAJp5jqY9IIMUhsOVhe3X0ISeLJmVo5EXMoDNwZiQcS1u0IV
KqwQfgs/rvHx3AXgIDx7JFk0o24XwX0zMkntP21D5jUnfG+6lgefZQFCLBFCoNil
APjQ0HhmhCy8msxbUktTuZ6G9elQfsN/FsdJOiBYzwjzF981qm5UCwqv1OfRAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUx0y+FgJGziX8VH1lpZGQn1XTzhIwHwYDVR0j
BBgwFoAU1oby0cjW8OGCANe6O04TioZ+JccwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMkpmeWJDaDRQMWZhaHZpUUNQOE5MSDloaDRxU0t1NEdqQkNWR2U4WnZF
ZVovMC9ENjg2RjJEMUM4RDZGMEUxODIwMEQ3QkEzQjRFMTM4QTg2N0UyNUM3LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0Q2ODZGMkQxQzhENkYwRTE4
MjAwRDdCQTNCNEUxMzhBODY3RTI1QzcuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJKZnliQ2g0UDFmYWh2aVFDUDhOTEg5aGg0cVNLdTRHakJDVkdlOFp2RWVaLzAv
MzEzNzM3MmUzODM2MmUzMTM2MzgyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzNTMy
MzUzNzMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQDsVaoMA0GCSqGSIb3DQEBCwUAA4IBAQBgYPs+5qzE
2wS2muirVdEVVjEBBVj2njEywTOiZWREbbDUj/3q6Kbg9RQfqmZ5z8y+vTTIkCeV
M0YyaYNRd1PLJ/0Mr5ihZUJeyZHSSbw4+0VfrIbR4zzF8vnJbKP3+SqAxccwBbVz
E2lyyEG04uvYDI8v0qFlmDy/ICo+84I4zTC6tZGMmsKDac+OPkxnXsT6UBDfzilG
xm3rRoFL+aKm5Etk/9m5bN59lyCdpLSYzOn9wjqWasbSUSKds9Fy+A8sIRo+l/Tb
opocTpaRLs7oPYKgpRLbaRhMeJM3Hrs6SraAVDIFshL2+vTLj9CiBPpsSHIQKBxM
stGPc2L4ll4G
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:28:35 2025 by rpki-client