Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/4cG2obEUYfMKhWAX457nFgzoTXYStiLK4DaE34VDSK85/1/3133382e3138352e3233362e302f32322d3234203d3e20323633393139.roa
File:                     3133382e3138352e3233362e302f32322d3234203d3e20323633393139.roa (raw, json)
Hash identifier:          9lrgdFqXcmk1aveRypR0nwRoxN6RAu5lewGudgo7m5A=
Subject key identifier:   2A:9D:EF:2F:85:35:24:E3:AC:7A:A1:FE:66:42:F6:D4:F3:6B:18:D0
Certificate issuer:       /CN=8BAE9C90EBC5082F802055EFAA6360C661BF85CE
Certificate serial:       7E2B5A9B38E28E43541B033687147DDE1EAA99D2
Authority key identifier: 8B:AE:9C:90:EB:C5:08:2F:80:20:55:EF:AA:63:60:C6:61:BF:85:CE
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8BAE9C90EBC5082F802055EFAA6360C661BF85CE.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/4cG2obEUYfMKhWAX457nFgzoTXYStiLK4DaE34VDSK85/1/3133382e3138352e3233362e302f32322d3234203d3e20323633393139.roa
Signing time:             Fri 07 Mar 2025 04:13:58 +0000
ROA not before:           Fri 07 Mar 2025 04:08:58 +0000
ROA not after:            Fri 06 Mar 2026 04:13:58 +0000
asID:                     263919
IP address blocks:        138.185.236.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/4cG2obEUYfMKhWAX457nFgzoTXYStiLK4DaE34VDSK85/1/8BAE9C90EBC5082F802055EFAA6360C661BF85CE.crl
                          rsync://rpki-repo.registro.br/repo/4cG2obEUYfMKhWAX457nFgzoTXYStiLK4DaE34VDSK85/1/8BAE9C90EBC5082F802055EFAA6360C661BF85CE.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8BAE9C90EBC5082F802055EFAA6360C661BF85CE.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 12 Jun 2025 19:25:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7e:2b:5a:9b:38:e2:8e:43:54:1b:03:36:87:14:7d:de:1e:aa:99:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8BAE9C90EBC5082F802055EFAA6360C661BF85CE
        Validity
            Not Before: Mar  7 04:08:58 2025 GMT
            Not After : Mar  6 04:13:58 2026 GMT
        Subject: CN=2A9DEF2F853524E3AC7AA1FE6642F6D4F36B18D0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:89:3e:71:2f:2b:d3:d8:84:43:38:4f:b4:94:
                    b0:15:ab:dd:e6:3a:f2:a9:85:9f:3a:56:7f:9c:26:
                    57:31:15:29:7a:cc:e5:58:fb:aa:ae:95:a6:f1:e8:
                    22:28:cd:81:07:75:43:4e:8e:5b:88:18:83:4b:4a:
                    99:59:e8:a7:b5:c5:6b:16:84:a1:6e:1a:0a:e5:3c:
                    76:9e:16:86:9d:b0:80:c6:2b:76:c1:64:4a:d0:fe:
                    47:09:c5:ea:8f:cd:02:40:de:f7:fc:e9:95:90:ff:
                    7d:dc:94:af:47:fc:1e:8c:8c:99:7d:04:f4:f6:9c:
                    c4:e4:73:ef:c2:db:29:ee:7b:a4:c8:be:f7:0a:73:
                    3a:a5:0b:3b:0b:1b:30:5d:2c:3c:82:21:04:bb:40:
                    7f:75:a7:10:8a:8b:3a:f1:b0:bf:10:47:ac:95:29:
                    35:2f:e0:72:ba:84:43:f1:40:2e:d5:95:3a:82:55:
                    fc:4f:35:c0:57:2a:08:a0:d8:73:57:d2:f7:cb:41:
                    17:74:3a:02:67:cf:63:a2:db:df:33:6f:8d:c6:b1:
                    ab:7d:25:dc:b5:27:38:39:87:89:b3:ba:68:c0:cc:
                    76:33:66:3d:66:63:64:f2:ef:83:69:ba:1d:78:3d:
                    94:86:1c:7f:f5:71:a3:78:f1:b1:d7:6c:b5:5a:93:
                    01:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2A:9D:EF:2F:85:35:24:E3:AC:7A:A1:FE:66:42:F6:D4:F3:6B:18:D0
            X509v3 Authority Key Identifier:
                keyid:8B:AE:9C:90:EB:C5:08:2F:80:20:55:EF:AA:63:60:C6:61:BF:85:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/4cG2obEUYfMKhWAX457nFgzoTXYStiLK4DaE34VDSK85/1/8BAE9C90EBC5082F802055EFAA6360C661BF85CE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8BAE9C90EBC5082F802055EFAA6360C661BF85CE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/4cG2obEUYfMKhWAX457nFgzoTXYStiLK4DaE34VDSK85/1/3133382e3138352e3233362e302f32322d3234203d3e20323633393139.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.185.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9f:de:50:c8:98:91:ce:eb:9d:5b:46:56:67:ad:32:85:3a:64:
         50:03:77:61:f9:72:86:86:37:97:58:79:1c:bb:cd:62:f6:3b:
         dc:3d:96:ca:8d:93:65:c6:e8:7b:76:31:71:02:76:a4:fe:5d:
         b0:89:98:dc:28:f7:51:e0:f5:76:13:8b:43:75:21:0f:fc:b4:
         0f:ff:9d:17:60:b9:6d:d8:18:f0:72:03:be:63:a5:f3:a2:44:
         10:9e:bc:e9:a5:31:4e:37:1c:2d:51:43:60:d6:01:54:c9:a5:
         ec:24:16:05:83:41:f2:cf:62:65:25:23:39:bc:13:7c:a1:5f:
         31:03:d8:e4:e8:ea:b4:0b:45:3f:b7:13:a0:ac:bc:f7:9f:1a:
         c7:c0:a1:50:7e:93:a5:62:bf:86:a2:34:db:36:07:84:c8:39:
         4e:71:64:9b:aa:61:80:d3:f7:ae:e9:b4:c9:4c:1c:3c:9d:66:
         43:06:af:5e:26:4a:16:81:6e:77:29:32:76:db:ef:e5:56:05:
         81:d1:91:f7:64:f7:b9:a9:5c:cd:24:4e:31:69:e9:4e:c1:fa:
         f5:dd:77:51:92:8c:7f:80:a8:ff:a8:e2:d0:b1:59:8e:0e:f3:
         a5:a0:61:74:ca:ef:df:54:e3:db:55:22:1d:15:02:c1:e0:de:
         f6:1a:c4:cf
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUfitamzjijkNUGwM2hxR93h6qmdIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEJBRTlDOTBFQkM1MDgyRjgwMjA1NUVGQUE2MzYwQzY2
MUJGODVDRTAeFw0yNTAzMDcwNDA4NThaFw0yNjAzMDYwNDEzNThaMDMxMTAvBgNV
BAMTKDJBOURFRjJGODUzNTI0RTNBQzdBQTFGRTY2NDJGNkQ0RjM2QjE4RDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgiT5xLyvT2IRDOE+0lLAVq93m
OvKphZ86Vn+cJlcxFSl6zOVY+6qulabx6CIozYEHdUNOjluIGINLSplZ6Ke1xWsW
hKFuGgrlPHaeFoadsIDGK3bBZErQ/kcJxeqPzQJA3vf86ZWQ/33clK9H/B6MjJl9
BPT2nMTkc+/C2ynue6TIvvcKczqlCzsLGzBdLDyCIQS7QH91pxCKizrxsL8QR6yV
KTUv4HK6hEPxQC7VlTqCVfxPNcBXKgig2HNX0vfLQRd0OgJnz2Oi298zb43Gsat9
Jdy1Jzg5h4mzumjAzHYzZj1mY2Ty74Npuh14PZSGHH/1caN48bHXbLVakwG7AgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUKp3vL4U1JOOseqH+ZkL21PNrGNAwHwYDVR0j
BBgwFoAUi66ckOvFCC+AIFXvqmNgxmG/hc4wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNGNHMm9iRVVZZk1LaFdBWDQ1N25GZ3pvVFhZU3RpTEs0RGFFMzRWRFNL
ODUvMS84QkFFOUM5MEVCQzUwODJGODAyMDU1RUZBQTYzNjBDNjYxQkY4NUNFLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzhCQUU5QzkwRUJDNTA4MkY4
MDIwNTVFRkFBNjM2MEM2NjFCRjg1Q0UuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzRjRzJvYkVVWWZNS2hXQVg0NTduRmd6b1RYWVN0aUxLNERhRTM0VkRTSzg1LzEv
MzEzMzM4MmUzMTM4MzUyZTMyMzMzNjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMy
MzYzMzM5MzEzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAoq57DANBgkqhkiG9w0BAQsFAAOCAQEAn95Q
yJiRzuudW0ZWZ60yhTpkUAN3YflyhoY3l1h5HLvNYvY73D2Wyo2TZcboe3YxcQJ2
pP5dsImY3Cj3UeD1dhOLQ3UhD/y0D/+dF2C5bdgY8HIDvmOl86JEEJ686aUxTjcc
LVFDYNYBVMml7CQWBYNB8s9iZSUjObwTfKFfMQPY5OjqtAtFP7cToKy8958ax8Ch
UH6TpWK/hqI02zYHhMg5TnFkm6phgNP3rum0yUwcPJ1mQwavXiZKFoFudykydtvv
5VYFgdGR92T3ualczSROMWnpTsH69d13UZKMf4Co/6ji0LFZjg7zpaBhdMrv31Tj
21UiHRUCweDe9hrEzw==
-----END CERTIFICATE-----
Generated at Thu Jun 12 09:52:03 2025 by rpki-client