Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/3KyhStDUELmgmeEdfL97nv3dikuQxfC8pMAM5v4kVfVA/0/3138392e3132362e38352e302f32342d3234203d3e20323730353739.roa
File:                     3138392e3132362e38352e302f32342d3234203d3e20323730353739.roa (raw, json)
Hash identifier:          zi+VqknKmAdMJ6coG4nUB0j/aHIOHyq4lAhL+V//djY=
Subject key identifier:   02:8E:3B:1F:A3:4E:DB:16:B1:79:20:E8:03:9B:84:94:74:77:BC:86
Certificate issuer:       /CN=F462BB2524D88C109A78F223DCBD42C0C97609EB
Certificate serial:       2BE35B4C73F55B76A181D01BEA048ED5DEC1A89D
Authority key identifier: F4:62:BB:25:24:D8:8C:10:9A:78:F2:23:DC:BD:42:C0:C9:76:09:EB
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/F462BB2524D88C109A78F223DCBD42C0C97609EB.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/3KyhStDUELmgmeEdfL97nv3dikuQxfC8pMAM5v4kVfVA/0/3138392e3132362e38352e302f32342d3234203d3e20323730353739.roa
Signing time:             Fri 23 May 2025 23:25:28 +0000
ROA not before:           Fri 23 May 2025 23:20:28 +0000
ROA not after:            Fri 22 May 2026 23:25:28 +0000
asID:                     270579
IP address blocks:        189.126.85.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/3KyhStDUELmgmeEdfL97nv3dikuQxfC8pMAM5v4kVfVA/0/F462BB2524D88C109A78F223DCBD42C0C97609EB.crl
                          rsync://rpki-repo.registro.br/repo/3KyhStDUELmgmeEdfL97nv3dikuQxfC8pMAM5v4kVfVA/0/F462BB2524D88C109A78F223DCBD42C0C97609EB.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/F462BB2524D88C109A78F223DCBD42C0C97609EB.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 20:19:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:e3:5b:4c:73:f5:5b:76:a1:81:d0:1b:ea:04:8e:d5:de:c1:a8:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F462BB2524D88C109A78F223DCBD42C0C97609EB
        Validity
            Not Before: May 23 23:20:28 2025 GMT
            Not After : May 22 23:25:28 2026 GMT
        Subject: CN=028E3B1FA34EDB16B17920E8039B84947477BC86
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:5c:f3:b3:8f:4a:6e:18:f9:ec:32:54:d1:91:
                    db:f8:68:03:68:54:ed:da:95:54:0b:e7:de:29:a5:
                    b1:7f:37:55:79:82:76:a6:b8:37:21:c6:89:47:02:
                    cf:37:ba:0d:d9:bb:15:1a:18:7a:84:36:a5:ad:1d:
                    86:f6:25:a1:3a:9b:bd:90:4e:a1:ad:56:2d:9c:3f:
                    6c:3a:01:da:43:54:33:fa:2f:b9:83:ea:c8:d5:2c:
                    78:38:a0:ef:8d:90:13:07:b2:c1:49:26:9e:75:e6:
                    59:5a:a9:5c:48:a0:2f:92:5b:41:d1:c2:c3:c7:e5:
                    0c:68:3c:e8:81:0b:0d:45:d3:a6:11:7f:a3:7b:14:
                    23:c6:49:12:99:ce:ad:8f:5b:f1:d4:1c:21:4f:0b:
                    23:e7:bc:e8:10:2f:44:f0:da:9d:7e:e9:e7:a3:83:
                    e4:76:5b:db:a8:b6:12:38:e0:15:bb:e2:83:2c:aa:
                    f0:28:08:91:f5:28:23:0d:ce:e3:eb:eb:3a:f9:34:
                    46:6d:a4:ca:c9:a6:1d:fd:9f:cd:49:e2:64:be:3e:
                    0a:79:6e:51:7d:21:9c:f0:75:2a:dc:e2:b0:bf:54:
                    3b:ff:a6:e0:a9:52:a7:da:45:c0:29:16:71:17:24:
                    24:7c:43:65:4b:d4:5f:85:4c:dc:0a:65:d1:f6:c9:
                    1d:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:8E:3B:1F:A3:4E:DB:16:B1:79:20:E8:03:9B:84:94:74:77:BC:86
            X509v3 Authority Key Identifier:
                keyid:F4:62:BB:25:24:D8:8C:10:9A:78:F2:23:DC:BD:42:C0:C9:76:09:EB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/3KyhStDUELmgmeEdfL97nv3dikuQxfC8pMAM5v4kVfVA/0/F462BB2524D88C109A78F223DCBD42C0C97609EB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/F462BB2524D88C109A78F223DCBD42C0C97609EB.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/3KyhStDUELmgmeEdfL97nv3dikuQxfC8pMAM5v4kVfVA/0/3138392e3132362e38352e302f32342d3234203d3e20323730353739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  189.126.85.0/24

    Signature Algorithm: sha256WithRSAEncryption
         42:de:c0:c1:d5:e5:99:fb:7f:2f:68:a8:02:79:40:6e:d8:b9:
         39:80:7c:3c:62:81:b4:76:95:3b:c8:f7:de:a4:b1:4c:57:d7:
         bc:6d:5b:fe:54:03:32:c9:3e:63:0b:f8:e4:ed:2e:d1:3a:bc:
         1f:b7:01:4e:17:d8:2b:a0:b9:9a:c0:61:34:13:1a:24:58:fe:
         14:e6:a8:0e:3f:92:8c:30:99:26:59:67:a3:cd:5f:f2:b2:d7:
         0f:93:ef:3b:bb:70:78:08:83:f7:d1:f8:d1:f9:4a:07:c6:73:
         0c:23:09:e3:c9:81:02:6a:fe:03:11:3d:f0:8c:fe:e3:eb:17:
         0e:60:52:14:97:0b:13:02:e3:18:68:5d:9e:d4:81:68:2e:3c:
         42:db:32:75:92:94:35:58:31:6a:25:7c:35:5e:ac:2c:e2:56:
         82:0a:d2:a4:67:3e:b0:c6:d1:9d:2b:ca:26:fb:1e:f1:0a:d6:
         86:7c:22:f7:02:d4:83:02:14:11:8d:94:7a:0f:65:e9:08:9a:
         80:8c:96:b0:79:b3:d4:78:16:30:c4:ca:be:b9:71:39:60:31:
         5a:9f:d0:38:c0:bf:32:38:45:4f:ee:b9:65:be:c7:0d:8f:00:
         e4:da:7d:68:76:e1:ea:97:36:63:09:5e:f9:71:26:4e:9a:41:
         5b:23:26:4c
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUK+NbTHP1W3ahgdAb6gSO1d7BqJ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjQ2MkJCMjUyNEQ4OEMxMDlBNzhGMjIzRENCRDQyQzBD
OTc2MDlFQjAeFw0yNTA1MjMyMzIwMjhaFw0yNjA1MjIyMzI1MjhaMDMxMTAvBgNV
BAMTKDAyOEUzQjFGQTM0RURCMTZCMTc5MjBFODAzOUI4NDk0NzQ3N0JDODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1XPOzj0puGPnsMlTRkdv4aANo
VO3alVQL594ppbF/N1V5gnamuDchxolHAs83ug3ZuxUaGHqENqWtHYb2JaE6m72Q
TqGtVi2cP2w6AdpDVDP6L7mD6sjVLHg4oO+NkBMHssFJJp515llaqVxIoC+SW0HR
wsPH5QxoPOiBCw1F06YRf6N7FCPGSRKZzq2PW/HUHCFPCyPnvOgQL0Tw2p1+6eej
g+R2W9uothI44BW74oMsqvAoCJH1KCMNzuPr6zr5NEZtpMrJph39n81J4mS+Pgp5
blF9IZzwdSrc4rC/VDv/puCpUqfaRcApFnEXJCR8Q2VL1F+FTNwKZdH2yR3PAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUAo47H6NO2xaxeSDoA5uElHR3vIYwHwYDVR0j
BBgwFoAU9GK7JSTYjBCaePIj3L1CwMl2CeswDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vM0t5aFN0RFVFTG1nbWVFZGZMOTdudjNkaWt1UXhmQzhwTUFNNXY0a1Zm
VkEvMC9GNDYyQkIyNTI0RDg4QzEwOUE3OEYyMjNEQ0JENDJDMEM5NzYwOUVCLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0Y0NjJCQjI1MjREODhDMTA5
QTc4RjIyM0RDQkQ0MkMwQzk3NjA5RUIuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzNLeWhTdERVRUxtZ21lRWRmTDk3bnYzZGlrdVF4ZkM4cE1BTTV2NGtWZlZBLzAv
MzEzODM5MmUzMTMyMzYyZTM4MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3
MzAzNTM3Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAC9flUwDQYJKoZIhvcNAQELBQADggEBAELewMHV
5Zn7fy9oqAJ5QG7YuTmAfDxigbR2lTvI996ksUxX17xtW/5UAzLJPmML+OTtLtE6
vB+3AU4X2CuguZrAYTQTGiRY/hTmqA4/kowwmSZZZ6PNX/Ky1w+T7zu7cHgIg/fR
+NH5SgfGcwwjCePJgQJq/gMRPfCM/uPrFw5gUhSXCxMC4xhoXZ7UgWguPELbMnWS
lDVYMWolfDVerCziVoIK0qRnPrDG0Z0ryib7HvEK1oZ8IvcC1IMCFBGNlHoPZekI
moCMlrB5s9R4FjDEyr65cTlgMVqf0DjAvzI4RU/uuWW+xw2PAOTafWh24eqXNmMJ
XvlxJk6aQVsjJkw=
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:31:44 2025 by rpki-client