Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2NP8cPD44TjwfPWPDvpRU3zSxgYJ9YVEWCjaigfceQpt/0/3137302e3235342e3234332e302f32342d3234203d3e20323635333834.roa
File:                     3137302e3235342e3234332e302f32342d3234203d3e20323635333834.roa (raw, json)
Hash identifier:          lr1AQk1lsKg0hRF6wOH9PxXUn0vwVQ518r+73GZL5SI=
Subject key identifier:   35:77:18:3E:F5:0C:8E:CE:AF:FC:EB:B9:31:A5:7A:B0:8B:F1:24:08
Certificate issuer:       /CN=1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5
Certificate serial:       29DAC1D744B9F4A5C6D6DB96640D074F282D6B31
Authority key identifier: 1B:7A:42:89:6A:4F:BF:2E:2E:2B:04:94:30:0A:B6:F0:09:4E:F9:E5
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2NP8cPD44TjwfPWPDvpRU3zSxgYJ9YVEWCjaigfceQpt/0/3137302e3235342e3234332e302f32342d3234203d3e20323635333834.roa
Signing time:             Thu 01 May 2025 01:35:19 +0000
ROA not before:           Thu 01 May 2025 01:30:19 +0000
ROA not after:            Thu 30 Apr 2026 01:35:19 +0000
asID:                     265384
IP address blocks:        170.254.243.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/2NP8cPD44TjwfPWPDvpRU3zSxgYJ9YVEWCjaigfceQpt/0/1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5.crl
                          rsync://rpki-repo.registro.br/repo/2NP8cPD44TjwfPWPDvpRU3zSxgYJ9YVEWCjaigfceQpt/0/1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 22:47:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:da:c1:d7:44:b9:f4:a5:c6:d6:db:96:64:0d:07:4f:28:2d:6b:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5
        Validity
            Not Before: May  1 01:30:19 2025 GMT
            Not After : Apr 30 01:35:19 2026 GMT
        Subject: CN=3577183EF50C8ECEAFFCEBB931A57AB08BF12408
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:ae:08:3e:74:c5:19:b0:c8:6f:94:94:0e:96:
                    93:8d:73:f5:bb:22:76:57:98:67:fe:57:3d:9f:2d:
                    e1:aa:40:a1:e3:ea:26:79:0c:e5:7e:c2:96:22:4a:
                    38:2c:ba:34:88:16:17:5b:1b:18:d8:e5:83:10:26:
                    b3:38:ad:99:0c:cd:71:5c:e7:49:83:05:e3:ca:77:
                    c4:c3:79:71:23:55:d5:b3:3d:d8:4b:3c:42:7b:e4:
                    82:d1:62:08:ba:bc:c8:cd:83:68:49:e5:6f:54:d4:
                    7f:e1:ea:e3:fd:c9:05:3c:ea:1c:c6:b6:f7:db:6c:
                    e0:9a:b4:1f:85:8a:50:87:5c:4a:a8:8a:8f:c8:f9:
                    60:6e:46:ed:1c:a5:b1:5c:4f:06:59:0d:5e:87:56:
                    56:c5:76:20:2e:0c:8d:ca:26:fe:0a:37:6a:db:88:
                    ff:c7:51:5f:80:4a:a3:c3:ab:29:b7:cf:48:b8:d4:
                    2b:82:ed:16:a9:0f:eb:cf:07:21:bc:72:82:60:69:
                    f4:91:cd:e4:d0:17:84:4d:e9:30:c3:f4:d4:fe:02:
                    a6:2b:57:ea:9e:44:9b:b0:9d:e3:cd:a7:d4:01:ee:
                    d5:89:c3:a6:3f:3f:6d:45:c2:79:0e:79:77:85:a7:
                    9b:53:c9:bb:d1:49:8a:5a:5f:5f:f9:ef:10:d5:a7:
                    27:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                35:77:18:3E:F5:0C:8E:CE:AF:FC:EB:B9:31:A5:7A:B0:8B:F1:24:08
            X509v3 Authority Key Identifier:
                keyid:1B:7A:42:89:6A:4F:BF:2E:2E:2B:04:94:30:0A:B6:F0:09:4E:F9:E5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2NP8cPD44TjwfPWPDvpRU3zSxgYJ9YVEWCjaigfceQpt/0/1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/1B7A42896A4FBF2E2E2B0494300AB6F0094EF9E5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2NP8cPD44TjwfPWPDvpRU3zSxgYJ9YVEWCjaigfceQpt/0/3137302e3235342e3234332e302f32342d3234203d3e20323635333834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.254.243.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:44:88:b0:0d:2c:04:0e:00:0e:2a:39:50:53:fb:65:40:b3:
         7c:bd:db:59:43:8d:95:e0:72:79:01:fc:02:56:5d:c1:c1:09:
         53:f8:8b:bf:1f:c0:26:76:d4:de:d5:77:2b:9e:eb:90:56:12:
         12:5c:5d:27:49:1d:d2:0e:b5:98:2f:5a:a0:18:66:54:91:66:
         22:60:9b:1d:9a:b6:bf:a1:3a:dc:f4:50:0a:5f:12:55:04:cb:
         fc:9f:08:f7:a4:34:2d:82:cb:54:e5:a4:95:e7:9d:90:4b:d2:
         cf:ec:34:ea:5c:18:a9:0a:ef:85:24:86:75:0d:78:df:50:c5:
         ae:d0:77:ed:bd:9c:9d:78:09:ae:03:b9:4f:0e:aa:64:6c:be:
         71:f6:4a:48:96:8f:ac:75:5b:ad:73:9e:be:50:54:d9:f5:58:
         c7:5f:1f:e4:b7:47:76:f7:99:2a:3f:c7:a4:15:24:de:31:5f:
         f8:d2:a2:e5:a3:7d:0c:ef:87:f6:be:47:77:42:2c:c4:4c:9a:
         fb:0b:e0:41:6b:29:4a:70:99:ed:72:ba:b2:d7:89:f8:ad:d3:
         f1:c6:12:60:cd:77:57:a7:cd:ad:13:7a:dc:ed:0a:73:b5:d6:
         73:f3:64:1e:ad:a6:72:ae:9d:e0:df:48:0d:fc:1e:67:ce:4e:
         0e:1f:46:74
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUKdrB10S59KXG1tuWZA0HTygtazEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUI3QTQyODk2QTRGQkYyRTJFMkIwNDk0MzAwQUI2RjAw
OTRFRjlFNTAeFw0yNTA1MDEwMTMwMTlaFw0yNjA0MzAwMTM1MTlaMDMxMTAvBgNV
BAMTKDM1NzcxODNFRjUwQzhFQ0VBRkZDRUJCOTMxQTU3QUIwOEJGMTI0MDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjrgg+dMUZsMhvlJQOlpONc/W7
InZXmGf+Vz2fLeGqQKHj6iZ5DOV+wpYiSjgsujSIFhdbGxjY5YMQJrM4rZkMzXFc
50mDBePKd8TDeXEjVdWzPdhLPEJ75ILRYgi6vMjNg2hJ5W9U1H/h6uP9yQU86hzG
tvfbbOCatB+FilCHXEqoio/I+WBuRu0cpbFcTwZZDV6HVlbFdiAuDI3KJv4KN2rb
iP/HUV+ASqPDqym3z0i41CuC7RapD+vPByG8coJgafSRzeTQF4RN6TDD9NT+AqYr
V+qeRJuwnePNp9QB7tWJw6Y/P21FwnkOeXeFp5tTybvRSYpaX1/57xDVpyehAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUNXcYPvUMjs6v/Ou5MaV6sIvxJAgwHwYDVR0j
BBgwFoAUG3pCiWpPvy4uKwSUMAq28AlO+eUwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMk5QOGNQRDQ0VGp3ZlBXUER2cFJVM3pTeGdZSjlZVkVXQ2phaWdmY2VR
cHQvMC8xQjdBNDI4OTZBNEZCRjJFMkUyQjA0OTQzMDBBQjZGMDA5NEVGOUU1LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzFCN0E0Mjg5NkE0RkJGMkUy
RTJCMDQ5NDMwMEFCNkYwMDk0RUY5RTUuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJOUDhjUEQ0NFRqd2ZQV1BEdnBSVTN6U3hnWUo5WVZFV0NqYWlnZmNlUXB0LzAv
MzEzNzMwMmUzMjM1MzQyZTMyMzQzMzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMy
MzYzNTMzMzgzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAKr+8zANBgkqhkiG9w0BAQsFAAOCAQEAm0SI
sA0sBA4ADio5UFP7ZUCzfL3bWUONleByeQH8AlZdwcEJU/iLvx/AJnbU3tV3K57r
kFYSElxdJ0kd0g61mC9aoBhmVJFmImCbHZq2v6E63PRQCl8SVQTL/J8I96Q0LYLL
VOWkleedkEvSz+w06lwYqQrvhSSGdQ1431DFrtB37b2cnXgJrgO5Tw6qZGy+cfZK
SJaPrHVbrXOevlBU2fVYx18f5LdHdveZKj/HpBUk3jFf+NKi5aN9DO+H9r5Hd0Is
xEya+wvgQWspSnCZ7XK6steJ+K3T8cYSYM13V6fNrRN63O0Kc7XWc/NkHq2mcq6d
4N9IDfweZ85ODh9GdA==
-----END CERTIFICATE-----
Generated at Wed Jun 11 00:28:39 2025 by rpki-client