Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2NP8cPD44TjwfPWPDvpRU3zSxgYJ9YVEWCjaigfceQpt/0/3137302e3235342e3234302e302f32322d3232203d3e20323635333834.roa
File:                     3137302e3235342e3234302e302f32322d3232203d3e20323635333834.roa (raw, json)
Hash identifier:          MGzLl5Q69e5V48DIXCvsjtyByr7LzeoG3xWixw5tsPg=
Subject key identifier:   6F:C0:34:B1:AA:89:A1:0F:C0:9F:BF:44:CC:5B:C7:7B:CF:00:93:67
Certificate issuer:       /CN=1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5
Certificate serial:       4303B3B58CC8597C065E33FBD9B42494951D437E
Authority key identifier: 1B:7A:42:89:6A:4F:BF:2E:2E:2B:04:94:30:0A:B6:F0:09:4E:F9:E5
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2NP8cPD44TjwfPWPDvpRU3zSxgYJ9YVEWCjaigfceQpt/0/3137302e3235342e3234302e302f32322d3232203d3e20323635333834.roa
Signing time:             Tue 29 Apr 2025 22:36:59 +0000
ROA not before:           Tue 29 Apr 2025 22:31:59 +0000
ROA not after:            Tue 28 Apr 2026 22:36:59 +0000
asID:                     265384
IP address blocks:        170.254.240.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/2NP8cPD44TjwfPWPDvpRU3zSxgYJ9YVEWCjaigfceQpt/0/1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5.crl
                          rsync://rpki-repo.registro.br/repo/2NP8cPD44TjwfPWPDvpRU3zSxgYJ9YVEWCjaigfceQpt/0/1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 14 Jun 2025 18:23:06 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:03:b3:b5:8c:c8:59:7c:06:5e:33:fb:d9:b4:24:94:95:1d:43:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5
        Validity
            Not Before: Apr 29 22:31:59 2025 GMT
            Not After : Apr 28 22:36:59 2026 GMT
        Subject: CN=6FC034B1AA89A10FC09FBF44CC5BC77BCF009367
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:8d:10:90:82:2b:1f:f6:ac:eb:62:11:f2:18:
                    2e:a1:4a:e3:f8:cd:56:d5:9c:ad:35:a2:a7:51:64:
                    4c:aa:7a:29:26:09:c1:bb:80:d9:c8:f0:66:36:ff:
                    84:02:b3:01:60:ba:65:c3:0a:b4:34:f8:77:ef:57:
                    91:d9:38:d2:b5:3b:17:b1:c1:2c:c7:a7:1f:f3:45:
                    18:2c:50:e1:c8:35:26:e4:b7:f7:58:7a:a6:93:64:
                    5f:6b:40:e9:df:55:49:64:17:58:49:2b:20:d2:71:
                    35:e9:45:43:60:2b:42:94:1b:4a:87:1b:66:a8:aa:
                    a9:0f:7d:17:a3:5d:67:1b:59:73:83:c1:5b:a7:ec:
                    15:f7:42:ae:22:bb:14:b3:d9:4a:8c:ce:49:a9:f0:
                    13:b3:85:ff:01:c9:0f:02:bd:b9:a3:35:28:d3:44:
                    02:04:0c:4f:4f:ae:6d:36:e1:00:3f:b1:c6:56:12:
                    e7:43:f1:d7:5a:5b:67:01:c4:70:01:86:f1:74:1e:
                    5c:61:e5:59:0e:a2:f4:13:d5:97:d7:42:b8:94:75:
                    e5:96:95:32:39:ce:60:77:16:a7:5b:56:c2:17:1a:
                    fa:cd:8a:af:9c:60:64:78:8e:05:f9:27:c4:4b:da:
                    8f:4a:d6:09:51:d9:7b:63:b7:d7:45:3f:62:b6:66:
                    55:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:C0:34:B1:AA:89:A1:0F:C0:9F:BF:44:CC:5B:C7:7B:CF:00:93:67
            X509v3 Authority Key Identifier:
                keyid:1B:7A:42:89:6A:4F:BF:2E:2E:2B:04:94:30:0A:B6:F0:09:4E:F9:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2NP8cPD44TjwfPWPDvpRU3zSxgYJ9YVEWCjaigfceQpt/0/1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2NP8cPD44TjwfPWPDvpRU3zSxgYJ9YVEWCjaigfceQpt/0/3137302e3235342e3234302e302f32322d3232203d3e20323635333834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.254.240.0/22

    Signature Algorithm: sha256WithRSAEncryption
         77:3e:45:3b:c7:0c:40:a7:ed:8c:1c:d4:27:61:90:6f:c2:ed:
         1e:6b:fc:95:72:bd:6a:b8:dd:8c:48:91:8b:90:c9:34:c9:94:
         c3:92:54:66:2a:6d:2e:09:f7:a7:21:d1:21:ef:fa:d5:89:de:
         4a:b8:7c:de:a2:b5:00:84:3e:65:e5:f0:29:37:67:56:24:e5:
         37:71:59:46:64:65:43:2a:35:83:f0:ad:0a:98:d6:44:bd:e2:
         cd:03:cc:95:4a:ee:2a:a3:a5:9f:31:49:c9:92:ff:27:c3:eb:
         3c:74:ca:5c:bc:bf:70:1b:91:6d:09:71:30:be:cb:29:98:da:
         88:f9:a2:6e:c2:a7:83:68:58:5b:d2:f7:d6:a4:1c:51:68:34:
         42:f9:5e:b6:45:5f:e1:4b:47:47:9e:dc:b8:08:7e:a0:db:40:
         05:81:9e:35:13:30:d5:a1:f0:ed:6f:1e:64:28:98:7d:ec:34:
         6a:95:cf:3a:4b:1b:66:e4:9a:86:cc:4b:c1:49:74:0c:c3:8e:
         3f:10:77:2a:2e:c1:4b:62:13:db:f0:eb:5d:40:63:d5:70:0b:
         54:49:3f:47:6a:66:25:eb:f3:17:bb:bf:62:3b:a3:6f:92:bf:
         4b:43:f1:e2:81:0f:7a:a8:ff:e8:42:bf:ff:c8:31:99:eb:3c:
         ca:d3:f5:94
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUQwOztYzIWXwGXjP72bQklJUdQ34wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUI3QTQyODk2QTRGQkYyRTJFMkIwNDk0MzAwQUI2RjAw
OTRFRjlFNTAeFw0yNTA0MjkyMjMxNTlaFw0yNjA0MjgyMjM2NTlaMDMxMTAvBgNV
BAMTKDZGQzAzNEIxQUE4OUExMEZDMDlGQkY0NENDNUJDNzdCQ0YwMDkzNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtjRCQgisf9qzrYhHyGC6hSuP4
zVbVnK01oqdRZEyqeikmCcG7gNnI8GY2/4QCswFgumXDCrQ0+HfvV5HZONK1Oxex
wSzHpx/zRRgsUOHINSbkt/dYeqaTZF9rQOnfVUlkF1hJKyDScTXpRUNgK0KUG0qH
G2aoqqkPfRejXWcbWXODwVun7BX3Qq4iuxSz2UqMzkmp8BOzhf8ByQ8CvbmjNSjT
RAIEDE9Prm024QA/scZWEudD8ddaW2cBxHABhvF0Hlxh5VkOovQT1ZfXQriUdeWW
lTI5zmB3FqdbVsIXGvrNiq+cYGR4jgX5J8RL2o9K1glR2Xtjt9dFP2K2ZlU3AgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUb8A0saqJoQ/An79EzFvHe88Ak2cwHwYDVR0j
BBgwFoAUG3pCiWpPvy4uKwSUMAq28AlO+eUwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMk5QOGNQRDQ0VGp3ZlBXUER2cFJVM3pTeGdZSjlZVkVXQ2phaWdmY2VR
cHQvMC8xQjdBNDI4OTZBNEZCRjJFMkUyQjA0OTQzMDBBQjZGMDA5NEVGOUU1LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzFCN0E0Mjg5NkE0RkJGMkUy
RTJCMDQ5NDMwMEFCNkYwMDk0RUY5RTUuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJOUDhjUEQ0NFRqd2ZQV1BEdnBSVTN6U3hnWUo5WVZFV0NqYWlnZmNlUXB0LzAv
MzEzNzMwMmUzMjM1MzQyZTMyMzQzMDJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMy
MzYzNTMzMzgzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAqr+8DANBgkqhkiG9w0BAQsFAAOCAQEAdz5F
O8cMQKftjBzUJ2GQb8LtHmv8lXK9arjdjEiRi5DJNMmUw5JUZiptLgn3pyHRIe/6
1YneSrh83qK1AIQ+ZeXwKTdnViTlN3FZRmRlQyo1g/CtCpjWRL3izQPMlUruKqOl
nzFJyZL/J8PrPHTKXLy/cBuRbQlxML7LKZjaiPmibsKng2hYW9L31qQcUWg0Qvle
tkVf4UtHR57cuAh+oNtABYGeNRMw1aHw7W8eZCiYfew0apXPOksbZuSahsxLwUl0
DMOOPxB3Ki7BS2IT2/DrXUBj1XALVEk/R2pmJevzF7u/Yjujb5K/S0Px4oEPeqj/
6EK//8gxmes8ytP1lA==
-----END CERTIFICATE-----
Generated at Fri Jun 13 21:33:00 2025 by rpki-client