Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/4cG2obEUYfMKhWAX457nFgzoTXYStiLK4DaE34VDSK85/1/3137302e302e3230382e302f32322d3234203d3e20323633393139.roa
File:                     3137302e302e3230382e302f32322d3234203d3e20323633393139.roa (raw, json)
Hash identifier:          daKi2XN6iI/5shlbC2ws+WpCE+eRSaaM95sbtBClTTE=
Subject key identifier:   96:76:1A:DB:55:6A:4B:1D:A7:0D:67:FC:29:1C:14:6D:C0:80:0B:E9
Certificate issuer:       /CN=8BAE9C90EBC5082F802055EFAA6360C661BF85CE
Certificate serial:       2E048D7C6031789E80CB7DC86B9FF138179878E2
Authority key identifier: 8B:AE:9C:90:EB:C5:08:2F:80:20:55:EF:AA:63:60:C6:61:BF:85:CE
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8BAE9C90EBC5082F802055EFAA6360C661BF85CE.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/4cG2obEUYfMKhWAX457nFgzoTXYStiLK4DaE34VDSK85/1/3137302e302e3230382e302f32322d3234203d3e20323633393139.roa
Signing time:             Fri 07 Mar 2025 04:13:58 +0000
ROA not before:           Fri 07 Mar 2025 04:08:58 +0000
ROA not after:            Fri 06 Mar 2026 04:13:58 +0000
asID:                     263919
IP address blocks:        170.0.208.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/4cG2obEUYfMKhWAX457nFgzoTXYStiLK4DaE34VDSK85/1/8BAE9C90EBC5082F802055EFAA6360C661BF85CE.crl
                          rsync://rpki-repo.registro.br/repo/4cG2obEUYfMKhWAX457nFgzoTXYStiLK4DaE34VDSK85/1/8BAE9C90EBC5082F802055EFAA6360C661BF85CE.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8BAE9C90EBC5082F802055EFAA6360C661BF85CE.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 15 Jun 2025 18:16:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:04:8d:7c:60:31:78:9e:80:cb:7d:c8:6b:9f:f1:38:17:98:78:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8BAE9C90EBC5082F802055EFAA6360C661BF85CE
        Validity
            Not Before: Mar  7 04:08:58 2025 GMT
            Not After : Mar  6 04:13:58 2026 GMT
        Subject: CN=96761ADB556A4B1DA70D67FC291C146DC0800BE9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:ea:54:51:6d:9d:09:7a:f4:e2:64:c1:62:24:
                    73:5e:9f:d9:8d:db:01:ae:b2:84:5d:01:c0:26:ee:
                    bf:29:d4:70:2a:a5:5c:6b:e4:ca:d6:6f:b5:28:5c:
                    78:9c:9d:d1:e1:fd:ce:c0:f8:91:49:f4:1c:39:fb:
                    4e:36:a4:88:48:9b:07:98:e6:09:6c:bd:d9:cc:87:
                    5a:4f:bb:ae:30:4b:43:7e:a3:d8:27:93:81:1a:0d:
                    31:96:7a:3c:8d:1a:21:9e:37:ac:2d:9d:5d:13:64:
                    31:67:ef:af:27:ae:b8:ec:e6:ee:00:a6:e4:61:98:
                    c6:78:80:c7:09:26:0c:f6:47:b3:63:86:86:24:3f:
                    13:6c:3c:2f:a1:94:02:fd:fd:43:a4:f3:9d:3f:fb:
                    c3:94:46:b2:e8:aa:2b:cc:5e:af:3a:31:71:6d:50:
                    3c:95:e9:7d:63:17:72:6b:46:e6:1e:4b:ee:40:c6:
                    8d:7a:17:86:2e:8b:93:5a:1f:79:02:35:e0:e0:b5:
                    ae:c8:9f:6e:2e:6a:45:cd:87:4a:76:1d:77:3a:48:
                    30:61:a0:a0:9b:d2:9b:0d:01:c5:ff:ee:46:d4:6f:
                    da:11:3e:3e:cc:f9:ca:09:6a:56:80:d2:fb:09:ac:
                    c0:1f:18:79:49:61:b3:63:97:4e:2c:36:b9:56:84:
                    d8:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:76:1A:DB:55:6A:4B:1D:A7:0D:67:FC:29:1C:14:6D:C0:80:0B:E9
            X509v3 Authority Key Identifier:
                keyid:8B:AE:9C:90:EB:C5:08:2F:80:20:55:EF:AA:63:60:C6:61:BF:85:CE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/4cG2obEUYfMKhWAX457nFgzoTXYStiLK4DaE34VDSK85/1/8BAE9C90EBC5082F802055EFAA6360C661BF85CE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8BAE9C90EBC5082F802055EFAA6360C661BF85CE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/4cG2obEUYfMKhWAX457nFgzoTXYStiLK4DaE34VDSK85/1/3137302e302e3230382e302f32322d3234203d3e20323633393139.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.0.208.0/22

    Signature Algorithm: sha256WithRSAEncryption
         53:99:59:c8:67:31:27:ea:4a:4e:a1:98:f8:e2:a0:bf:fa:22:
         49:77:fb:27:4c:9a:5f:06:da:1a:42:8b:36:f2:ae:26:29:31:
         0f:32:b5:57:04:fb:28:4b:95:4c:e4:6d:e8:54:b2:18:af:50:
         f7:ea:fb:67:2f:96:25:04:b4:73:5e:df:c0:8f:f6:6a:24:63:
         30:a4:18:24:15:f1:0f:ab:57:8b:d1:01:56:4e:f9:c4:0b:3e:
         e2:54:dd:8f:eb:d7:09:ff:58:c2:ff:43:e9:6e:66:46:ff:1c:
         90:a8:41:f5:58:1e:b8:42:ff:da:75:13:33:99:98:98:d5:fe:
         a0:51:f3:61:22:16:21:37:91:48:bf:28:78:a6:e5:f3:a6:12:
         27:90:d6:d3:a6:0c:d5:00:5c:78:ee:f6:fe:f5:a4:78:c5:94:
         02:67:23:cd:70:3c:bf:92:48:70:90:eb:e4:28:7f:7e:84:f1:
         c5:29:36:99:9f:25:4a:af:b7:82:97:be:af:e6:b5:84:d9:10:
         51:64:aa:0a:5e:b8:86:c2:8a:46:d7:c0:bd:14:ec:df:48:72:
         42:37:ab:f4:7c:66:83:31:f4:c2:91:0d:b0:6c:f9:c8:9d:97:
         6e:65:91:d1:17:d6:3e:d0:51:01:c7:69:d1:52:bb:59:6e:55:
         1d:05:6b:ed
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIULgSNfGAxeJ6Ay33Ia5/xOBeYeOIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEJBRTlDOTBFQkM1MDgyRjgwMjA1NUVGQUE2MzYwQzY2
MUJGODVDRTAeFw0yNTAzMDcwNDA4NThaFw0yNjAzMDYwNDEzNThaMDMxMTAvBgNV
BAMTKDk2NzYxQURCNTU2QTRCMURBNzBENjdGQzI5MUMxNDZEQzA4MDBCRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk6lRRbZ0JevTiZMFiJHNen9mN
2wGusoRdAcAm7r8p1HAqpVxr5MrWb7UoXHicndHh/c7A+JFJ9Bw5+042pIhImweY
5glsvdnMh1pPu64wS0N+o9gnk4EaDTGWejyNGiGeN6wtnV0TZDFn768nrrjs5u4A
puRhmMZ4gMcJJgz2R7NjhoYkPxNsPC+hlAL9/UOk850/+8OURrLoqivMXq86MXFt
UDyV6X1jF3JrRuYeS+5Axo16F4Yui5NaH3kCNeDgta7In24uakXNh0p2HXc6SDBh
oKCb0psNAcX/7kbUb9oRPj7M+coJalaA0vsJrMAfGHlJYbNjl04sNrlWhNhZAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUlnYa21VqSx2nDWf8KRwUbcCAC+kwHwYDVR0j
BBgwFoAUi66ckOvFCC+AIFXvqmNgxmG/hc4wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNGNHMm9iRVVZZk1LaFdBWDQ1N25GZ3pvVFhZU3RpTEs0RGFFMzRWRFNL
ODUvMS84QkFFOUM5MEVCQzUwODJGODAyMDU1RUZBQTYzNjBDNjYxQkY4NUNFLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzhCQUU5QzkwRUJDNTA4MkY4
MDIwNTVFRkFBNjM2MEM2NjFCRjg1Q0UuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzRjRzJvYkVVWWZNS2hXQVg0NTduRmd6b1RYWVN0aUxLNERhRTM0VkRTSzg1LzEv
MzEzNzMwMmUzMDJlMzIzMDM4MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjMz
MzkzMTM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCqgDQMA0GCSqGSIb3DQEBCwUAA4IBAQBTmVnIZzEn
6kpOoZj44qC/+iJJd/snTJpfBtoaQos28q4mKTEPMrVXBPsoS5VM5G3oVLIYr1D3
6vtnL5YlBLRzXt/Aj/ZqJGMwpBgkFfEPq1eL0QFWTvnECz7iVN2P69cJ/1jC/0Pp
bmZG/xyQqEH1WB64Qv/adRMzmZiY1f6gUfNhIhYhN5FIvyh4puXzphInkNbTpgzV
AFx47vb+9aR4xZQCZyPNcDy/kkhwkOvkKH9+hPHFKTaZnyVKr7eCl76v5rWE2RBR
ZKoKXriGwopG18C9FOzfSHJCN6v0fGaDMfTCkQ2wbPnInZduZZHRF9Y+0FEBx2nR
UrtZblUdBWvt
-----END CERTIFICATE-----
Generated at Sat Jun 14 19:02:08 2025 by rpki-client