Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/4Gz5UbjsKV4F1knmXiyQdq9hJnR7jBEhcyeYAHby5zn3/0/3137372e32312e3230382e302f32342d3234203d3e20323632383739.roa
File:                     3137372e32312e3230382e302f32342d3234203d3e20323632383739.roa (raw, json)
Hash identifier:          NLEz0rSDiRhDPY9pSddkoLkCojk8TxQXrO2xwDQmYfc=
Subject key identifier:   1F:D6:D0:FA:AD:D6:61:E6:5B:F1:96:E2:E2:12:CC:F2:A2:02:3F:2F
Certificate issuer:       /CN=D5185EB6AF2331AEBE136E6B92FA533A35153197
Certificate serial:       548CA85854DE8B6DEF66B84458D54E160B6A39DC
Authority key identifier: D5:18:5E:B6:AF:23:31:AE:BE:13:6E:6B:92:FA:53:3A:35:15:31:97
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D5185EB6AF2331AEBE136E6B92FA533A35153197.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/4Gz5UbjsKV4F1knmXiyQdq9hJnR7jBEhcyeYAHby5zn3/0/3137372e32312e3230382e302f32342d3234203d3e20323632383739.roa
Signing time:             Mon 26 May 2025 20:59:35 +0000
ROA not before:           Mon 26 May 2025 20:54:35 +0000
ROA not after:            Mon 25 May 2026 20:59:35 +0000
asID:                     262879
IP address blocks:        177.21.208.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/4Gz5UbjsKV4F1knmXiyQdq9hJnR7jBEhcyeYAHby5zn3/0/D5185EB6AF2331AEBE136E6B92FA533A35153197.crl
                          rsync://rpki-repo.registro.br/repo/4Gz5UbjsKV4F1knmXiyQdq9hJnR7jBEhcyeYAHby5zn3/0/D5185EB6AF2331AEBE136E6B92FA533A35153197.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D5185EB6AF2331AEBE136E6B92FA533A35153197.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 22:00:20 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:8c:a8:58:54:de:8b:6d:ef:66:b8:44:58:d5:4e:16:0b:6a:39:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D5185EB6AF2331AEBE136E6B92FA533A35153197
        Validity
            Not Before: May 26 20:54:35 2025 GMT
            Not After : May 25 20:59:35 2026 GMT
        Subject: CN=1FD6D0FAADD661E65BF196E2E212CCF2A2023F2F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:a0:dd:d6:4e:ac:51:cc:79:29:4c:48:ef:5d:
                    0d:c8:4e:af:c0:6c:b9:7d:82:6e:6a:1f:13:b5:53:
                    c6:32:01:e0:00:86:3a:54:df:4d:bf:9e:e1:10:8c:
                    21:b7:f3:86:f3:b8:41:21:bf:c3:a9:d1:e4:16:4a:
                    bd:e2:f5:99:d1:54:ef:54:1d:9c:74:86:0f:ba:c0:
                    35:5f:a0:c2:73:7f:a8:ff:e4:06:8a:55:3d:64:48:
                    bd:70:c6:89:dc:a8:e2:72:4c:e6:c8:6d:1e:25:e7:
                    a4:f3:c5:e8:9f:94:80:50:44:bc:15:17:53:6f:81:
                    ed:87:9e:ed:ce:f9:21:8a:0f:6d:6d:da:fa:bd:51:
                    8e:ae:50:6d:75:bf:f4:99:d2:ff:24:d3:b1:d2:87:
                    76:e7:c9:8a:12:f8:f0:75:0e:24:3c:45:f3:8b:bd:
                    2f:af:30:6f:d5:75:43:c4:91:64:5c:9e:e8:53:0d:
                    02:fc:43:63:a4:f2:ce:40:da:ad:a7:7e:a2:9f:10:
                    aa:f4:72:65:50:9e:a0:db:23:d8:5e:ea:41:89:f5:
                    62:2c:02:2f:f3:35:df:63:35:3b:55:d0:34:15:3b:
                    d3:5f:cc:06:9f:6e:4c:9e:65:fd:a0:13:c7:c9:b7:
                    d6:69:9e:e0:c5:37:b9:7a:a7:fa:c8:71:d0:49:54:
                    8a:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1F:D6:D0:FA:AD:D6:61:E6:5B:F1:96:E2:E2:12:CC:F2:A2:02:3F:2F
            X509v3 Authority Key Identifier:
                keyid:D5:18:5E:B6:AF:23:31:AE:BE:13:6E:6B:92:FA:53:3A:35:15:31:97

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/4Gz5UbjsKV4F1knmXiyQdq9hJnR7jBEhcyeYAHby5zn3/0/D5185EB6AF2331AEBE136E6B92FA533A35153197.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D5185EB6AF2331AEBE136E6B92FA533A35153197.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/4Gz5UbjsKV4F1knmXiyQdq9hJnR7jBEhcyeYAHby5zn3/0/3137372e32312e3230382e302f32342d3234203d3e20323632383739.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.21.208.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9b:73:40:23:71:f2:70:f0:a0:dc:d3:0c:7d:33:b4:a8:0f:05:
         66:7e:52:93:af:87:93:98:a9:36:93:6e:ce:43:bd:bf:80:af:
         e3:79:48:49:eb:70:80:6c:9c:6c:3a:53:3e:e6:0c:f9:a7:e8:
         75:8b:8a:b0:27:2a:dc:d3:88:fc:ce:d1:a7:f4:27:00:b3:10:
         75:7c:70:92:07:fb:57:54:0d:bb:5f:fd:00:98:24:56:f2:c7:
         22:c7:c0:f0:1e:7f:cf:68:63:33:8d:57:c9:7f:f2:06:e5:0a:
         99:0a:c7:04:c7:9f:a0:17:31:cf:02:b3:67:e1:e7:b5:af:9a:
         9a:9f:8d:5f:21:c1:a1:0c:16:0f:3b:af:fd:d4:74:e8:04:a8:
         e0:1e:1f:84:e0:92:f7:32:6d:0f:7f:b7:67:58:35:a8:08:7f:
         28:6e:7d:8e:d7:59:65:bb:18:0c:2e:61:40:2d:06:93:9c:a3:
         82:5a:93:b7:a6:db:07:e8:5e:00:d7:df:db:0a:4d:ed:97:d5:
         5c:a6:3f:1c:c2:a6:f9:03:70:7a:2e:75:b0:11:87:fb:7a:21:
         d5:e0:11:70:85:dd:7d:20:fa:2c:38:1c:36:52:01:a5:3e:19:
         a7:72:b3:eb:19:8f:57:a2:e8:af:a3:64:20:8a:e5:40:00:5d:
         d1:b1:e9:4a
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUVIyoWFTei23vZrhEWNVOFgtqOdwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDUxODVFQjZBRjIzMzFBRUJFMTM2RTZCOTJGQTUzM0Ez
NTE1MzE5NzAeFw0yNTA1MjYyMDU0MzVaFw0yNjA1MjUyMDU5MzVaMDMxMTAvBgNV
BAMTKDFGRDZEMEZBQURENjYxRTY1QkYxOTZFMkUyMTJDQ0YyQTIwMjNGMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0oN3WTqxRzHkpTEjvXQ3ITq/A
bLl9gm5qHxO1U8YyAeAAhjpU302/nuEQjCG384bzuEEhv8Op0eQWSr3i9ZnRVO9U
HZx0hg+6wDVfoMJzf6j/5AaKVT1kSL1wxoncqOJyTObIbR4l56TzxeiflIBQRLwV
F1Nvge2Hnu3O+SGKD21t2vq9UY6uUG11v/SZ0v8k07HSh3bnyYoS+PB1DiQ8RfOL
vS+vMG/VdUPEkWRcnuhTDQL8Q2Ok8s5A2q2nfqKfEKr0cmVQnqDbI9he6kGJ9WIs
Ai/zNd9jNTtV0DQVO9NfzAafbkyeZf2gE8fJt9ZpnuDFN7l6p/rIcdBJVIqLAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUH9bQ+q3WYeZb8Zbi4hLM8qICPy8wHwYDVR0j
BBgwFoAU1Rhetq8jMa6+E25rkvpTOjUVMZcwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNEd6NVVianNLVjRGMWtubVhpeVFkcTloSm5SN2pCRWhjeWVZQUhieTV6
bjMvMC9ENTE4NUVCNkFGMjMzMUFFQkUxMzZFNkI5MkZBNTMzQTM1MTUzMTk3LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0Q1MTg1RUI2QUYyMzMxQUVC
RTEzNkU2QjkyRkE1MzNBMzUxNTMxOTcuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzRHejVVYmpzS1Y0RjFrbm1YaXlRZHE5aEpuUjdqQkVoY3llWUFIYnk1em4zLzAv
MzEzNzM3MmUzMjMxMmUzMjMwMzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2
MzIzODM3Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBACxFdAwDQYJKoZIhvcNAQELBQADggEBAJtzQCNx
8nDwoNzTDH0ztKgPBWZ+UpOvh5OYqTaTbs5Dvb+Ar+N5SEnrcIBsnGw6Uz7mDPmn
6HWLirAnKtzTiPzO0af0JwCzEHV8cJIH+1dUDbtf/QCYJFbyxyLHwPAef89oYzON
V8l/8gblCpkKxwTHn6AXMc8Cs2fh57WvmpqfjV8hwaEMFg87r/3UdOgEqOAeH4Tg
kvcybQ9/t2dYNagIfyhufY7XWWW7GAwuYUAtBpOco4Jak7em2wfoXgDX39sKTe2X
1VymPxzCpvkDcHoudbARh/t6IdXgEXCF3X0g+iw4HDZSAaU+Gadys+sZj1ei6K+j
ZCCK5UAAXdGx6Uo=
-----END CERTIFICATE-----
Generated at Wed Jun 11 02:25:40 2025 by rpki-client