Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/33CtBvsse9zowJrQoVpUUDJgwvz4X11PrUvfo613fP8V/0/3230312e37312e3231362e302f32322d3332203d3e20323731313435.roa
File:                     3230312e37312e3231362e302f32322d3332203d3e20323731313435.roa (raw, json)
Hash identifier:          mG63Mc47zSFwxRwKXanmgpZuaoSopjNKReueiqErVF0=
Subject key identifier:   37:08:14:6C:86:CB:64:02:07:D5:ED:61:87:7F:8B:5E:19:91:CE:10
Certificate issuer:       /CN=3E77CDECC872E54CA1EBCA25516249415AF1A86B
Certificate serial:       5F5D77542833DEFED0CA606819B78948F9FC21C4
Authority key identifier: 3E:77:CD:EC:C8:72:E5:4C:A1:EB:CA:25:51:62:49:41:5A:F1:A8:6B
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3E77CDECC872E54CA1EBCA25516249415AF1A86B.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/33CtBvsse9zowJrQoVpUUDJgwvz4X11PrUvfo613fP8V/0/3230312e37312e3231362e302f32322d3332203d3e20323731313435.roa
Signing time:             Tue 27 May 2025 21:46:09 +0000
ROA not before:           Tue 27 May 2025 21:41:09 +0000
ROA not after:            Tue 26 May 2026 21:46:09 +0000
asID:                     271145
IP address blocks:        201.71.216.0/22 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/33CtBvsse9zowJrQoVpUUDJgwvz4X11PrUvfo613fP8V/0/3E77CDECC872E54CA1EBCA25516249415AF1A86B.crl
                          rsync://rpki-repo.registro.br/repo/33CtBvsse9zowJrQoVpUUDJgwvz4X11PrUvfo613fP8V/0/3E77CDECC872E54CA1EBCA25516249415AF1A86B.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3E77CDECC872E54CA1EBCA25516249415AF1A86B.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 11:21:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:5d:77:54:28:33:de:fe:d0:ca:60:68:19:b7:89:48:f9:fc:21:c4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3E77CDECC872E54CA1EBCA25516249415AF1A86B
        Validity
            Not Before: May 27 21:41:09 2025 GMT
            Not After : May 26 21:46:09 2026 GMT
        Subject: CN=3708146C86CB640207D5ED61877F8B5E1991CE10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:6b:b9:35:18:d3:1b:bc:bf:c8:39:12:73:d2:
                    48:d5:96:3f:4f:47:22:54:2b:38:51:40:9c:24:58:
                    42:ff:ba:5a:8e:90:8a:37:74:0f:98:6a:c0:44:bf:
                    5f:2a:f4:27:05:b0:8e:c9:c8:fb:b1:13:df:15:a6:
                    fe:41:b5:5f:5a:b1:0a:08:94:b9:c9:b2:b0:f2:93:
                    22:49:a9:c3:9d:d1:f5:a7:76:92:7b:7a:78:7c:df:
                    6c:ab:41:22:08:28:cb:93:ee:a0:cc:45:0c:f4:75:
                    e3:f3:8f:35:ca:f6:21:5d:2d:1a:13:9f:8a:f4:ef:
                    a0:6d:87:4c:04:da:21:71:02:d5:fb:79:e7:18:b4:
                    a7:6a:5c:29:d6:2d:e3:27:4d:53:83:bf:4d:d0:44:
                    ec:2c:f4:5d:82:62:29:b9:5e:cf:3f:9a:97:47:96:
                    d6:8c:23:f3:26:6f:e9:6e:9b:22:b6:ab:68:b6:e5:
                    f1:5d:54:00:d9:70:28:b5:b7:27:88:1f:5a:f2:93:
                    08:4c:28:39:64:7b:10:5b:6a:14:44:c0:e2:d8:0a:
                    dc:5b:6f:67:f3:7a:cc:84:39:97:2e:eb:05:74:c9:
                    c2:02:16:80:18:7c:f7:d4:28:61:dc:b0:a7:99:af:
                    da:7c:18:b4:99:c2:e7:2a:08:92:f3:87:fa:c6:2d:
                    35:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                37:08:14:6C:86:CB:64:02:07:D5:ED:61:87:7F:8B:5E:19:91:CE:10
            X509v3 Authority Key Identifier:
                keyid:3E:77:CD:EC:C8:72:E5:4C:A1:EB:CA:25:51:62:49:41:5A:F1:A8:6B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/33CtBvsse9zowJrQoVpUUDJgwvz4X11PrUvfo613fP8V/0/3E77CDECC872E54CA1EBCA25516249415AF1A86B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3E77CDECC872E54CA1EBCA25516249415AF1A86B.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/33CtBvsse9zowJrQoVpUUDJgwvz4X11PrUvfo613fP8V/0/3230312e37312e3231362e302f32322d3332203d3e20323731313435.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.71.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7f:88:53:6b:67:cc:42:76:30:e2:34:1a:e8:53:54:6f:4e:68:
         e9:01:fc:a4:d2:d8:33:6d:d2:96:fb:b5:87:2f:e7:a0:43:2e:
         35:7d:42:bf:35:5d:c8:7f:bf:bf:d1:9a:0f:00:94:df:4d:f5:
         70:33:1c:76:44:c3:69:7e:8a:bf:b9:ea:7d:28:bc:a1:e8:af:
         a0:2c:fd:df:4a:d5:25:16:fe:10:ca:61:16:a2:a4:a2:f8:1d:
         d8:47:76:d6:d2:2d:49:c4:c1:29:94:1c:55:1e:c8:66:76:c3:
         a0:cf:d0:36:14:2c:bf:bc:76:24:c5:37:d2:76:97:e4:5b:e6:
         07:74:d1:e3:72:02:95:41:d9:f4:cd:77:7c:cc:93:e1:3f:68:
         50:cf:07:22:19:b2:07:4a:e6:81:43:b5:9f:08:83:88:15:32:
         19:da:66:67:e4:ef:af:06:da:f4:9c:09:fd:f8:6a:7d:6d:a2:
         3c:76:95:e4:73:b3:93:96:c6:a5:a2:99:02:81:36:3c:8c:e9:
         bb:b4:ad:e8:37:1b:34:61:4d:cc:c5:16:7e:2c:7a:94:d5:79:
         53:5c:2f:fd:64:0a:5d:c8:49:23:fc:35:9b:32:b1:09:c1:4a:
         b1:42:ea:fc:e2:96:b8:8e:ed:5a:c4:3a:06:a7:40:77:b2:15:
         61:32:21:f4
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUX113VCgz3v7QymBoGbeJSPn8IcQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0U3N0NERUNDODcyRTU0Q0ExRUJDQTI1NTE2MjQ5NDE1
QUYxQTg2QjAeFw0yNTA1MjcyMTQxMDlaFw0yNjA1MjYyMTQ2MDlaMDMxMTAvBgNV
BAMTKDM3MDgxNDZDODZDQjY0MDIwN0Q1RUQ2MTg3N0Y4QjVFMTk5MUNFMTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDza7k1GNMbvL/IORJz0kjVlj9P
RyJUKzhRQJwkWEL/ulqOkIo3dA+YasBEv18q9CcFsI7JyPuxE98Vpv5BtV9asQoI
lLnJsrDykyJJqcOd0fWndpJ7enh832yrQSIIKMuT7qDMRQz0dePzjzXK9iFdLRoT
n4r076Bth0wE2iFxAtX7eecYtKdqXCnWLeMnTVODv03QROws9F2CYim5Xs8/mpdH
ltaMI/Mmb+lumyK2q2i25fFdVADZcCi1tyeIH1rykwhMKDlkexBbahREwOLYCtxb
b2fzesyEOZcu6wV0ycICFoAYfPfUKGHcsKeZr9p8GLSZwucqCJLzh/rGLTWbAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUNwgUbIbLZAIH1e1hh3+LXhmRzhAwHwYDVR0j
BBgwFoAUPnfN7Mhy5Uyh68olUWJJQVrxqGswDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMzNDdEJ2c3NlOXpvd0pyUW9WcFVVREpnd3Z6NFgxMVByVXZmbzYxM2ZQ
OFYvMC8zRTc3Q0RFQ0M4NzJFNTRDQTFFQkNBMjU1MTYyNDk0MTVBRjFBODZCLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzNFNzdDREVDQzg3MkU1NENB
MUVCQ0EyNTUxNjI0OTQxNUFGMUE4NkIuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzMzQ3RCdnNzZTl6b3dKclFvVnBVVURKZ3d2ejRYMTFQclV2Zm82MTNmUDhWLzAv
MzIzMDMxMmUzNzMxMmUzMjMxMzYyZTMwMmYzMjMyMmQzMzMyMjAzZDNlMjAzMjM3
MzEzMTM0MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBALJR9gwDQYJKoZIhvcNAQELBQADggEBAH+IU2tn
zEJ2MOI0GuhTVG9OaOkB/KTS2DNt0pb7tYcv56BDLjV9Qr81Xch/v7/Rmg8AlN9N
9XAzHHZEw2l+ir+56n0ovKHor6As/d9K1SUW/hDKYRaipKL4HdhHdtbSLUnEwSmU
HFUeyGZ2w6DP0DYULL+8diTFN9J2l+Rb5gd00eNyApVB2fTNd3zMk+E/aFDPByIZ
sgdK5oFDtZ8Ig4gVMhnaZmfk768G2vScCf34an1tojx2leRzs5OWxqWimQKBNjyM
6bu0reg3GzRhTczFFn4sepTVeVNcL/1kCl3ISSP8NZsysQnBSrFC6vzilriO7VrE
OganQHeyFWEyIfQ=
-----END CERTIFICATE-----
Generated at Tue Jun 10 21:59:47 2025 by rpki-client