Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/3137372e38362e37322e302f32322d3234203d3e203532353733.roa
File:                     3137372e38362e37322e302f32322d3234203d3e203532353733.roa (raw, json)
Hash identifier:          PjZzRg0lavxRk29Uhak1W3mpMWB6MMFhAqqLRHk4ZP8=
Subject key identifier:   14:10:2D:F3:71:AF:97:0D:A7:DA:9D:34:44:3A:6B:46:B4:44:BC:3A
Certificate issuer:       /CN=D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7
Certificate serial:       229BF74B8CBFAF90049C9DD363B6B867FB03FD35
Authority key identifier: D6:86:F2:D1:C8:D6:F0:E1:82:00:D7:BA:3B:4E:13:8A:86:7E:25:C7
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/3137372e38362e37322e302f32322d3234203d3e203532353733.roa
Signing time:             Sat 31 May 2025 14:17:06 +0000
ROA not before:           Sat 31 May 2025 14:12:06 +0000
ROA not after:            Sat 30 May 2026 14:17:06 +0000
asID:                     52573
IP address blocks:        177.86.72.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.crl
                          rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Jun 2025 19:18:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:9b:f7:4b:8c:bf:af:90:04:9c:9d:d3:63:b6:b8:67:fb:03:fd:35
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7
        Validity
            Not Before: May 31 14:12:06 2025 GMT
            Not After : May 30 14:17:06 2026 GMT
        Subject: CN=14102DF371AF970DA7DA9D34443A6B46B444BC3A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:b3:b9:df:1d:3b:8b:2e:79:72:4b:06:94:e6:
                    8f:07:50:74:fe:d2:4b:4b:80:c8:f4:bf:21:59:3a:
                    7b:9e:29:81:49:53:2b:7a:b6:88:f0:e4:01:be:18:
                    f6:85:d6:72:89:4f:f7:a0:b3:a6:5c:87:80:b0:80:
                    e1:90:fa:aa:85:53:5c:29:16:be:cd:71:8b:f0:83:
                    31:73:bd:b1:87:86:d2:53:a2:e6:2e:55:d2:73:e0:
                    b4:08:ef:46:62:b7:eb:d0:f4:ed:df:8e:0a:3d:1a:
                    88:82:3a:d3:55:9d:db:33:23:81:80:27:6c:14:67:
                    b5:fe:11:9b:ff:ad:1c:87:52:86:0e:8b:3b:3d:5a:
                    d4:a7:cd:aa:94:8b:d9:77:d2:22:74:d0:3f:ea:39:
                    fc:aa:63:f8:20:63:35:44:d5:5a:22:07:af:8c:72:
                    f9:7d:7b:77:cf:f6:35:41:c2:84:67:2d:14:6c:0b:
                    b5:b7:bd:68:d4:cb:f8:65:4d:5b:5d:38:75:00:9f:
                    65:29:07:73:07:29:57:a4:fe:ee:92:27:0c:51:53:
                    84:d1:49:17:76:70:f5:6e:4c:ce:6b:41:99:61:d9:
                    58:79:a8:06:20:ef:8d:08:7d:4d:0d:1d:7f:a8:ed:
                    ba:b6:11:2b:64:2a:c9:88:e9:6c:a3:40:9a:aa:74:
                    77:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:10:2D:F3:71:AF:97:0D:A7:DA:9D:34:44:3A:6B:46:B4:44:BC:3A
            X509v3 Authority Key Identifier:
                keyid:D6:86:F2:D1:C8:D6:F0:E1:82:00:D7:BA:3B:4E:13:8A:86:7E:25:C7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/3137372e38362e37322e302f32322d3234203d3e203532353733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.86.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1e:54:ed:9a:92:ad:fb:e2:51:5e:79:15:b8:1b:f6:d5:bd:b6:
         d6:95:68:ef:c7:85:e1:ac:d8:e4:3d:b5:12:91:99:86:4c:21:
         80:1f:d4:f4:97:6a:18:4d:39:ff:f5:fd:e1:dc:31:17:5c:55:
         81:a8:7e:c2:0f:a5:45:5b:2a:05:b2:22:f4:28:98:43:9c:89:
         94:3d:92:cb:1b:8e:57:71:35:32:3a:94:f7:a5:1a:cb:dc:a3:
         9c:3a:4f:ef:91:f1:cb:3a:b6:75:57:dc:3c:f6:ce:22:34:02:
         0c:74:88:56:47:3a:ad:e0:b5:ea:7b:7b:05:9f:60:c8:d2:10:
         d6:46:c4:59:8c:e3:18:97:f5:ce:c9:70:30:31:e9:6f:a2:1b:
         ba:1e:aa:cf:54:bf:fe:a6:df:fe:31:68:25:97:cb:06:c8:63:
         1a:8a:d0:6d:f1:d1:ed:88:8a:87:94:f0:46:f8:6f:e9:b6:e4:
         a9:c4:89:f3:f8:c7:7d:33:85:0e:89:ab:78:f4:e7:bb:fa:3b:
         99:fc:10:9a:0d:2a:1f:8c:7f:f1:07:d9:64:ea:12:b1:c9:ef:
         65:ab:a1:b7:d5:31:1b:17:94:ca:54:34:20:b7:00:2a:a7:87:
         da:78:4a:2d:d6:a5:47:b6:18:27:f6:90:66:3e:70:7c:84:90:
         11:89:0c:7a
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUIpv3S4y/r5AEnJ3TY7a4Z/sD/TUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDY4NkYyRDFDOEQ2RjBFMTgyMDBEN0JBM0I0RTEzOEE4
NjdFMjVDNzAeFw0yNTA1MzExNDEyMDZaFw0yNjA1MzAxNDE3MDZaMDMxMTAvBgNV
BAMTKDE0MTAyREYzNzFBRjk3MERBN0RBOUQzNDQ0M0E2QjQ2QjQ0NEJDM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+s7nfHTuLLnlySwaU5o8HUHT+
0ktLgMj0vyFZOnueKYFJUyt6tojw5AG+GPaF1nKJT/egs6Zch4CwgOGQ+qqFU1wp
Fr7NcYvwgzFzvbGHhtJTouYuVdJz4LQI70Zit+vQ9O3fjgo9GoiCOtNVndszI4GA
J2wUZ7X+EZv/rRyHUoYOizs9WtSnzaqUi9l30iJ00D/qOfyqY/ggYzVE1VoiB6+M
cvl9e3fP9jVBwoRnLRRsC7W3vWjUy/hlTVtdOHUAn2UpB3MHKVek/u6SJwxRU4TR
SRd2cPVuTM5rQZlh2Vh5qAYg740IfU0NHX+o7bq2EStkKsmI6WyjQJqqdHcdAgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUFBAt83Gvlw2n2p00RDprRrREvDowHwYDVR0j
BBgwFoAU1oby0cjW8OGCANe6O04TioZ+JccwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMkpmeWJDaDRQMWZhaHZpUUNQOE5MSDloaDRxU0t1NEdqQkNWR2U4WnZF
ZVovMC9ENjg2RjJEMUM4RDZGMEUxODIwMEQ3QkEzQjRFMTM4QTg2N0UyNUM3LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0Q2ODZGMkQxQzhENkYwRTE4
MjAwRDdCQTNCNEUxMzhBODY3RTI1QzcuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJKZnliQ2g0UDFmYWh2aVFDUDhOTEg5aGg0cVNLdTRHakJDVkdlOFp2RWVaLzAv
MzEzNzM3MmUzODM2MmUzNzMyMmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzUzMjM1
MzczMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB
/wQQMA4wDAQCAAEwBgMEArFWSDANBgkqhkiG9w0BAQsFAAOCAQEAHlTtmpKt++JR
XnkVuBv21b221pVo78eF4azY5D21EpGZhkwhgB/U9JdqGE05//X94dwxF1xVgah+
wg+lRVsqBbIi9CiYQ5yJlD2SyxuOV3E1MjqU96Uay9yjnDpP75Hxyzq2dVfcPPbO
IjQCDHSIVkc6reC16nt7BZ9gyNIQ1kbEWYzjGJf1zslwMDHpb6Ibuh6qz1S//qbf
/jFoJZfLBshjGorQbfHR7YiKh5TwRvhv6bbkqcSJ8/jHfTOFDomrePTnu/o7mfwQ
mg0qH4x/8QfZZOoSscnvZauht9UxGxeUylQ0ILcAKqeH2nhKLdalR7YYJ/aQZj5w
fISQEYkMeg==
-----END CERTIFICATE-----
Generated at Fri Jun 13 06:11:03 2025 by rpki-client