Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/3137372e39322e3137362e302f32312d3234203d3e203532353733.roa
File:                     3137372e39322e3137362e302f32312d3234203d3e203532353733.roa (raw, json)
Hash identifier:          N8mbaVaEH0v0GlmByshSybLhMhV940/HDxwsWYQIGaE=
Subject key identifier:   10:F0:A4:22:B2:68:DC:77:60:A7:38:08:45:5E:5E:42:29:AD:39:6F
Certificate issuer:       /CN=D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7
Certificate serial:       78A3CA83F1CAB657470340536871CAC7AC0BB8E4
Authority key identifier: D6:86:F2:D1:C8:D6:F0:E1:82:00:D7:BA:3B:4E:13:8A:86:7E:25:C7
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/3137372e39322e3137362e302f32312d3234203d3e203532353733.roa
Signing time:             Sat 31 May 2025 14:17:05 +0000
ROA not before:           Sat 31 May 2025 14:12:05 +0000
ROA not after:            Sat 30 May 2026 14:17:05 +0000
asID:                     52573
IP address blocks:        177.92.176.0/21 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.crl
                          rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 17:56:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:a3:ca:83:f1:ca:b6:57:47:03:40:53:68:71:ca:c7:ac:0b:b8:e4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7
        Validity
            Not Before: May 31 14:12:05 2025 GMT
            Not After : May 30 14:17:05 2026 GMT
        Subject: CN=10F0A422B268DC7760A73808455E5E4229AD396F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:30:3c:40:ff:f9:d4:b3:bc:5d:c0:7a:60:eb:
                    43:4f:43:da:00:b4:bd:86:7c:4f:10:df:39:4f:52:
                    77:db:d6:95:52:d9:4b:80:bb:a6:8c:63:d6:1e:7a:
                    14:b8:07:eb:c0:49:32:d4:21:07:c2:93:a1:01:e8:
                    76:27:bf:4c:8f:15:de:ff:b5:55:6b:a3:eb:de:02:
                    ce:a6:e1:7d:a4:1f:7f:fd:e8:3a:19:97:b5:cf:21:
                    b8:cd:a1:2d:0a:3b:b5:4e:8e:d9:eb:bf:d8:a9:58:
                    03:d3:7e:36:fe:28:d7:96:3e:6a:75:47:f3:d4:84:
                    b8:62:3f:5c:21:d6:97:a8:7a:df:02:cb:4f:d6:6b:
                    84:20:67:ec:2d:f4:22:e3:21:91:e1:17:a5:50:bb:
                    44:10:7d:86:6d:53:bd:90:94:65:89:d1:67:c9:59:
                    a3:e9:4c:24:34:e1:55:2a:16:e3:9e:05:19:52:39:
                    86:bb:bc:da:a7:29:a3:cb:53:75:be:11:19:51:d9:
                    4e:d5:a4:13:54:4b:e6:a7:e3:97:a9:a9:a5:a8:7b:
                    e4:15:af:f6:95:46:9f:e0:9f:a2:97:c0:f9:28:d9:
                    ea:45:b7:17:cd:5d:6e:36:2d:19:03:c8:90:bc:46:
                    d4:27:2a:3f:7e:ba:9a:d7:6c:dc:cf:32:77:17:82:
                    54:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:F0:A4:22:B2:68:DC:77:60:A7:38:08:45:5E:5E:42:29:AD:39:6F
            X509v3 Authority Key Identifier:
                keyid:D6:86:F2:D1:C8:D6:F0:E1:82:00:D7:BA:3B:4E:13:8A:86:7E:25:C7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/3137372e39322e3137362e302f32312d3234203d3e203532353733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.92.176.0/21

    Signature Algorithm: sha256WithRSAEncryption
         a5:f1:30:b6:99:69:c5:5e:14:65:2b:78:82:98:bf:b2:71:a5:
         ba:ad:2f:06:1b:6b:0b:d9:7b:43:87:03:74:d3:48:52:7d:8e:
         59:c0:6b:13:21:d7:e5:b2:26:f0:cf:3d:b0:b7:16:68:53:e3:
         72:63:b7:19:82:ec:da:11:19:17:0c:ba:90:fa:c5:cd:e6:90:
         34:f6:3a:f0:2a:33:06:b3:62:86:67:ae:16:18:d8:63:d5:26:
         92:eb:a4:ea:ae:e9:eb:f0:cf:6e:04:69:f9:39:d2:a4:56:d5:
         5a:a5:93:f3:e3:fc:7a:c3:7f:b5:d8:65:e6:1d:51:bc:e9:48:
         a1:dd:29:a9:11:36:22:f7:c7:ad:2b:93:7e:69:38:47:d9:41:
         2c:4c:c5:43:bc:2a:60:d9:18:bb:e7:11:e7:52:0a:c8:4b:31:
         a7:9b:f7:1e:12:6a:9a:6b:57:c3:ce:e2:40:fe:bc:0e:a6:04:
         17:8c:fe:26:06:3c:69:cb:a5:81:fd:f3:98:35:d0:cc:24:19:
         42:1d:cb:bb:27:22:44:33:8b:7c:ee:45:14:6d:3a:1e:16:a3:
         a3:a7:8b:7c:e9:48:42:9c:63:21:79:73:86:01:95:55:8c:59:
         e6:7e:59:c3:4a:10:f7:03:8f:64:0a:fa:9b:9e:22:72:b5:0c:
         0f:f0:0c:ae
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUeKPKg/HKtldHA0BTaHHKx6wLuOQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDY4NkYyRDFDOEQ2RjBFMTgyMDBEN0JBM0I0RTEzOEE4
NjdFMjVDNzAeFw0yNTA1MzExNDEyMDVaFw0yNjA1MzAxNDE3MDVaMDMxMTAvBgNV
BAMTKDEwRjBBNDIyQjI2OERDNzc2MEE3MzgwODQ1NUU1RTQyMjlBRDM5NkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCXMDxA//nUs7xdwHpg60NPQ9oA
tL2GfE8Q3zlPUnfb1pVS2UuAu6aMY9YeehS4B+vASTLUIQfCk6EB6HYnv0yPFd7/
tVVro+veAs6m4X2kH3/96DoZl7XPIbjNoS0KO7VOjtnrv9ipWAPTfjb+KNeWPmp1
R/PUhLhiP1wh1peoet8Cy0/Wa4QgZ+wt9CLjIZHhF6VQu0QQfYZtU72QlGWJ0WfJ
WaPpTCQ04VUqFuOeBRlSOYa7vNqnKaPLU3W+ERlR2U7VpBNUS+an45epqaWoe+QV
r/aVRp/gn6KXwPko2epFtxfNXW42LRkDyJC8RtQnKj9+uprXbNzPMncXglRvAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUEPCkIrJo3HdgpzgIRV5eQimtOW8wHwYDVR0j
BBgwFoAU1oby0cjW8OGCANe6O04TioZ+JccwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMkpmeWJDaDRQMWZhaHZpUUNQOE5MSDloaDRxU0t1NEdqQkNWR2U4WnZF
ZVovMC9ENjg2RjJEMUM4RDZGMEUxODIwMEQ3QkEzQjRFMTM4QTg2N0UyNUM3LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0Q2ODZGMkQxQzhENkYwRTE4
MjAwRDdCQTNCNEUxMzhBODY3RTI1QzcuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJKZnliQ2g0UDFmYWh2aVFDUDhOTEg5aGg0cVNLdTRHakJDVkdlOFp2RWVaLzAv
MzEzNzM3MmUzOTMyMmUzMTM3MzYyZTMwMmYzMjMxMmQzMjM0MjAzZDNlMjAzNTMy
MzUzNzMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQDsVywMA0GCSqGSIb3DQEBCwUAA4IBAQCl8TC2mWnF
XhRlK3iCmL+ycaW6rS8GG2sL2XtDhwN000hSfY5ZwGsTIdflsibwzz2wtxZoU+Ny
Y7cZguzaERkXDLqQ+sXN5pA09jrwKjMGs2KGZ64WGNhj1SaS66Tqrunr8M9uBGn5
OdKkVtVapZPz4/x6w3+12GXmHVG86Uih3SmpETYi98etK5N+aThH2UEsTMVDvCpg
2Ri75xHnUgrISzGnm/ceEmqaa1fDzuJA/rwOpgQXjP4mBjxpy6WB/fOYNdDMJBlC
Hcu7JyJEM4t87kUUbToeFqOjp4t86UhCnGMheXOGAZVVjFnmflnDShD3A49kCvqb
niJytQwP8Ayu
-----END CERTIFICATE-----
Generated at Tue Jun 10 05:49:00 2025 by rpki-client