Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2NP8cPD44TjwfPWPDvpRU3zSxgYJ9YVEWCjaigfceQpt/0/3137302e3235342e3234312e302f32342d3234203d3e20323635333834.roa
File:                     3137302e3235342e3234312e302f32342d3234203d3e20323635333834.roa (raw, json)
Hash identifier:          OnaHjVE8LBR+ViTWscLt/2ylgBhkQCooiBqyUxk/8xE=
Subject key identifier:   47:52:F1:BB:A9:CC:6C:7D:7D:3B:87:2E:34:6A:FD:F3:9F:F2:72:A0
Certificate issuer:       /CN=1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5
Certificate serial:       173822D1DCC04C1CAECD6A4B0F4F04B8B09996F9
Authority key identifier: 1B:7A:42:89:6A:4F:BF:2E:2E:2B:04:94:30:0A:B6:F0:09:4E:F9:E5
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2NP8cPD44TjwfPWPDvpRU3zSxgYJ9YVEWCjaigfceQpt/0/3137302e3235342e3234312e302f32342d3234203d3e20323635333834.roa
Signing time:             Thu 01 May 2025 01:34:15 +0000
ROA not before:           Thu 01 May 2025 01:29:15 +0000
ROA not after:            Thu 30 Apr 2026 01:34:15 +0000
asID:                     265384
IP address blocks:        170.254.241.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/2NP8cPD44TjwfPWPDvpRU3zSxgYJ9YVEWCjaigfceQpt/0/1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5.crl
                          rsync://rpki-repo.registro.br/repo/2NP8cPD44TjwfPWPDvpRU3zSxgYJ9YVEWCjaigfceQpt/0/1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 09:48:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:38:22:d1:dc:c0:4c:1c:ae:cd:6a:4b:0f:4f:04:b8:b0:99:96:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5
        Validity
            Not Before: May  1 01:29:15 2025 GMT
            Not After : Apr 30 01:34:15 2026 GMT
        Subject: CN=4752F1BBA9CC6C7D7D3B872E346AFDF39FF272A0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:5a:e1:64:70:90:34:16:7e:27:f5:d4:d2:a0:
                    15:5a:e5:27:9c:45:ca:70:cb:e1:bd:a7:eb:02:73:
                    87:a1:e5:ee:ad:6d:b9:5e:ee:f3:a5:8b:af:58:ec:
                    ae:97:d1:8b:b9:d1:ca:b3:95:7d:ac:a5:5f:bd:00:
                    e1:58:2e:38:9f:bc:32:f0:06:25:eb:2e:37:13:b0:
                    0a:92:9c:c2:82:89:2a:bf:02:f5:ed:f6:f2:30:a0:
                    9c:36:ea:07:38:e3:8e:03:b8:13:5b:05:69:0a:69:
                    e0:be:8f:fb:88:78:67:8b:17:2a:97:ea:d2:17:ea:
                    2e:44:3b:22:1d:d2:a4:58:9f:84:25:68:39:05:76:
                    35:ab:4c:ec:1d:16:da:9a:28:7b:1e:d1:7e:d0:63:
                    1d:af:a0:4b:ba:2d:eb:0d:c8:4d:7a:68:ea:41:64:
                    75:12:e1:28:62:09:ae:6f:5f:22:7b:50:e2:a3:e6:
                    bd:e7:28:03:ca:ac:42:28:bd:61:ff:81:4c:4d:1d:
                    c3:7b:a0:55:09:85:01:39:b6:0c:c1:f3:4e:ce:07:
                    a4:7f:d2:82:d3:65:23:d0:da:a9:f2:37:b4:cd:87:
                    5a:ff:dd:b6:37:b4:ac:57:6f:9b:e1:bc:17:19:6a:
                    a9:a4:31:ad:a2:3b:df:4f:cc:51:8c:74:c8:46:1e:
                    85:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:52:F1:BB:A9:CC:6C:7D:7D:3B:87:2E:34:6A:FD:F3:9F:F2:72:A0
            X509v3 Authority Key Identifier:
                keyid:1B:7A:42:89:6A:4F:BF:2E:2E:2B:04:94:30:0A:B6:F0:09:4E:F9:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2NP8cPD44TjwfPWPDvpRU3zSxgYJ9YVEWCjaigfceQpt/0/1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2NP8cPD44TjwfPWPDvpRU3zSxgYJ9YVEWCjaigfceQpt/0/3137302e3235342e3234312e302f32342d3234203d3e20323635333834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.254.241.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a6:aa:30:2a:79:2b:ae:90:e5:ee:4f:fd:fe:bc:13:99:67:9f:
         d4:ba:74:05:dc:d2:05:50:2b:3a:a8:cd:b6:7a:5d:2c:fa:10:
         ae:7d:3a:7f:a7:3e:8e:2a:5e:c8:b1:55:88:5a:db:0f:2a:2b:
         c3:8e:14:f6:ea:51:d3:d7:e0:d7:55:c7:bd:92:f8:80:d2:f8:
         b3:b5:60:1b:17:76:a0:f9:ca:16:49:5a:65:fb:a3:30:8e:91:
         b9:cd:e8:7d:9f:ce:71:e7:2c:85:94:0c:40:4d:43:2d:f3:93:
         88:ce:a5:40:c7:bd:fe:4d:be:38:e6:ef:e6:f3:5a:7a:5f:b0:
         41:f1:90:4e:39:d1:d7:ab:c4:de:01:f0:a5:85:37:31:64:37:
         21:dc:c2:4d:a2:8b:f6:d5:f1:75:45:cb:4f:c4:42:a5:33:5f:
         ed:d0:ed:0f:38:b4:a1:e0:6f:6c:ee:0d:be:4b:73:e5:fb:d1:
         35:0a:e3:1f:14:30:a6:98:d9:e3:95:8e:4a:fc:8e:3f:7a:a2:
         2e:13:15:86:bc:6a:18:af:9a:59:aa:f2:5b:a5:51:7e:83:be:
         71:26:ea:6d:ad:c9:15:68:5c:01:3f:15:71:df:fd:a1:63:2b:
         28:b6:9c:27:51:6a:1c:c8:33:d3:9e:9f:8e:dd:f1:54:52:46:
         31:c7:6b:ab
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUFzgi0dzATByuzWpLD08EuLCZlvkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUI3QTQyODk2QTRGQkYyRTJFMkIwNDk0MzAwQUI2RjAw
OTRFRjlFNTAeFw0yNTA1MDEwMTI5MTVaFw0yNjA0MzAwMTM0MTVaMDMxMTAvBgNV
BAMTKDQ3NTJGMUJCQTlDQzZDN0Q3RDNCODcyRTM0NkFGREYzOUZGMjcyQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpWuFkcJA0Fn4n9dTSoBVa5Sec
Rcpwy+G9p+sCc4eh5e6tbble7vOli69Y7K6X0Yu50cqzlX2spV+9AOFYLjifvDLw
BiXrLjcTsAqSnMKCiSq/AvXt9vIwoJw26gc4444DuBNbBWkKaeC+j/uIeGeLFyqX
6tIX6i5EOyId0qRYn4QlaDkFdjWrTOwdFtqaKHse0X7QYx2voEu6LesNyE16aOpB
ZHUS4ShiCa5vXyJ7UOKj5r3nKAPKrEIovWH/gUxNHcN7oFUJhQE5tgzB807OB6R/
0oLTZSPQ2qnyN7TNh1r/3bY3tKxXb5vhvBcZaqmkMa2iO99PzFGMdMhGHoV5AgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUR1Lxu6nMbH19O4cuNGr985/ycqAwHwYDVR0j
BBgwFoAUG3pCiWpPvy4uKwSUMAq28AlO+eUwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMk5QOGNQRDQ0VGp3ZlBXUER2cFJVM3pTeGdZSjlZVkVXQ2phaWdmY2VR
cHQvMC8xQjdBNDI4OTZBNEZCRjJFMkUyQjA0OTQzMDBBQjZGMDA5NEVGOUU1LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzFCN0E0Mjg5NkE0RkJGMkUy
RTJCMDQ5NDMwMEFCNkYwMDk0RUY5RTUuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJOUDhjUEQ0NFRqd2ZQV1BEdnBSVTN6U3hnWUo5WVZFV0NqYWlnZmNlUXB0LzAv
MzEzNzMwMmUzMjM1MzQyZTMyMzQzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMy
MzYzNTMzMzgzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAKr+8TANBgkqhkiG9w0BAQsFAAOCAQEApqow
KnkrrpDl7k/9/rwTmWef1Lp0BdzSBVArOqjNtnpdLPoQrn06f6c+jipeyLFViFrb
Dyorw44U9upR09fg11XHvZL4gNL4s7VgGxd2oPnKFklaZfujMI6Ruc3ofZ/Ocecs
hZQMQE1DLfOTiM6lQMe9/k2+OObv5vNael+wQfGQTjnR16vE3gHwpYU3MWQ3IdzC
TaKL9tXxdUXLT8RCpTNf7dDtDzi0oeBvbO4Nvktz5fvRNQrjHxQwppjZ45WOSvyO
P3qiLhMVhrxqGK+aWaryW6VRfoO+cSbqba3JFWhcAT8Vcd/9oWMrKLacJ1FqHMgz
056fjt3xVFJGMcdrqw==
-----END CERTIFICATE-----
Generated at Mon Jun 9 15:37:58 2025 by rpki-client