Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/4wYFcmBUnH4bQ5E8jUFGA9BHSnw2CxwHevfM3aqHFFfd/0/3137302e37392e3132302e302f32322d3234203d3e20323636323931.roa
File:                     3137302e37392e3132302e302f32322d3234203d3e20323636323931.roa (raw, json)
Hash identifier:          fuD0BdAWXKhXgKf5Buen/zOgYmhYeib7bYfuwnF4hKk=
Subject key identifier:   4B:D7:54:53:66:41:56:4B:46:36:86:BF:CE:42:46:C2:B6:23:C3:D5
Certificate issuer:       /CN=F3EED8A6EE01716F638718C9B96D754CF5CB3706
Certificate serial:       4EA2F7136BBF82F1CC9934BFB9AF10F1B21624CF
Authority key identifier: F3:EE:D8:A6:EE:01:71:6F:63:87:18:C9:B9:6D:75:4C:F5:CB:37:06
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/F3EED8A6EE01716F638718C9B96D754CF5CB3706.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/4wYFcmBUnH4bQ5E8jUFGA9BHSnw2CxwHevfM3aqHFFfd/0/3137302e37392e3132302e302f32322d3234203d3e20323636323931.roa
Signing time:             Mon 09 Jun 2025 12:09:48 +0000
ROA not before:           Mon 09 Jun 2025 12:04:48 +0000
ROA not after:            Mon 08 Jun 2026 12:09:48 +0000
asID:                     266291
IP address blocks:        170.79.120.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/4wYFcmBUnH4bQ5E8jUFGA9BHSnw2CxwHevfM3aqHFFfd/0/F3EED8A6EE01716F638718C9B96D754CF5CB3706.crl
                          rsync://rpki-repo.registro.br/repo/4wYFcmBUnH4bQ5E8jUFGA9BHSnw2CxwHevfM3aqHFFfd/0/F3EED8A6EE01716F638718C9B96D754CF5CB3706.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/F3EED8A6EE01716F638718C9B96D754CF5CB3706.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 05:23:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:a2:f7:13:6b:bf:82:f1:cc:99:34:bf:b9:af:10:f1:b2:16:24:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F3EED8A6EE01716F638718C9B96D754CF5CB3706
        Validity
            Not Before: Jun  9 12:04:48 2025 GMT
            Not After : Jun  8 12:09:48 2026 GMT
        Subject: CN=4BD754536641564B463686BFCE4246C2B623C3D5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:9f:54:08:86:26:06:6e:5e:d4:82:de:56:6b:
                    83:b1:e8:7a:0a:e2:74:04:d1:5d:ec:9a:9e:a9:c7:
                    59:11:45:8c:07:20:2f:1c:ed:9e:23:3f:ae:0b:ef:
                    4c:d6:d1:65:bf:46:c8:2d:cb:f5:83:08:09:26:7f:
                    8f:a0:92:0b:7e:2b:3f:f9:d6:75:60:0a:b8:b3:60:
                    8c:aa:d3:a0:52:39:f1:e2:03:7e:46:c7:de:39:c9:
                    51:fc:d9:62:87:f6:99:0b:ec:72:28:92:50:b4:fd:
                    9b:f7:51:69:0b:e0:7c:c6:94:52:5c:26:05:01:23:
                    7b:52:ca:43:5f:f3:7b:40:5c:7e:c0:a4:69:46:d5:
                    f1:03:2d:79:8d:36:b9:4e:b9:0e:17:4d:c3:08:46:
                    52:fb:30:66:80:72:30:8b:19:e3:8e:e7:84:ec:6d:
                    5c:a5:31:2b:a1:a5:21:91:75:58:43:3c:44:8c:f9:
                    e3:f1:3f:4a:73:d7:db:10:aa:7a:28:fb:fa:46:aa:
                    21:98:43:71:7c:83:53:22:2b:f2:66:1e:2e:85:ca:
                    af:6a:03:ef:3c:3c:7d:8e:05:66:7d:7e:a1:b5:02:
                    94:fc:af:74:49:6b:bb:d8:9b:c9:0b:76:59:03:00:
                    25:6b:2b:cf:e0:14:e5:10:3d:4c:3b:e4:86:7a:42:
                    b6:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:D7:54:53:66:41:56:4B:46:36:86:BF:CE:42:46:C2:B6:23:C3:D5
            X509v3 Authority Key Identifier:
                keyid:F3:EE:D8:A6:EE:01:71:6F:63:87:18:C9:B9:6D:75:4C:F5:CB:37:06

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/4wYFcmBUnH4bQ5E8jUFGA9BHSnw2CxwHevfM3aqHFFfd/0/F3EED8A6EE01716F638718C9B96D754CF5CB3706.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/F3EED8A6EE01716F638718C9B96D754CF5CB3706.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/4wYFcmBUnH4bQ5E8jUFGA9BHSnw2CxwHevfM3aqHFFfd/0/3137302e37392e3132302e302f32322d3234203d3e20323636323931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.79.120.0/22

    Signature Algorithm: sha256WithRSAEncryption
         58:a7:ad:3e:77:14:47:b2:f5:9c:c1:5c:aa:5c:e1:f0:4f:31:
         d1:8b:6a:7f:40:e1:97:8e:f1:fb:b7:54:01:61:27:f5:d5:f0:
         d3:f1:5f:6c:c7:20:26:bc:02:41:c2:b6:a1:65:12:c5:81:c2:
         3c:23:62:8e:0d:c0:a4:0c:9c:bc:be:e2:6c:01:66:4e:82:15:
         58:db:25:cd:8a:c8:40:07:64:19:81:01:b1:9d:50:92:9b:47:
         99:fe:ca:50:15:8c:0e:66:b3:a5:df:c4:e4:11:d9:ad:85:67:
         6a:18:15:1b:d2:ea:70:22:1b:3c:b9:1e:f9:1b:97:ed:64:d2:
         5e:5c:43:bd:bd:8e:a5:61:8b:9a:94:04:6c:8f:0e:71:5d:97:
         3d:db:96:e7:dc:83:27:15:cd:c4:fa:d1:22:a8:a6:93:cd:c3:
         5a:63:3d:34:ea:7d:5b:92:12:cc:d6:92:bb:ad:5a:88:16:1c:
         91:d9:60:d4:c6:7f:f6:b1:18:58:56:d1:08:ba:20:b1:03:d8:
         db:a8:a9:79:96:17:f0:42:b8:0c:66:a3:2a:b3:8b:ec:11:73:
         7d:6f:ca:7c:cd:15:2e:a1:e0:01:2c:d3:95:88:d4:fe:e7:e3:
         ec:f6:84:47:35:50:df:52:11:87:75:af:74:44:a7:55:de:9b:
         fb:86:b0:5b
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUTqL3E2u/gvHMmTS/ua8Q8bIWJM8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjNFRUQ4QTZFRTAxNzE2RjYzODcxOEM5Qjk2RDc1NENG
NUNCMzcwNjAeFw0yNTA2MDkxMjA0NDhaFw0yNjA2MDgxMjA5NDhaMDMxMTAvBgNV
BAMTKDRCRDc1NDUzNjY0MTU2NEI0NjM2ODZCRkNFNDI0NkMyQjYyM0MzRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4n1QIhiYGbl7Ugt5Wa4Ox6HoK
4nQE0V3smp6px1kRRYwHIC8c7Z4jP64L70zW0WW/Rsgty/WDCAkmf4+gkgt+Kz/5
1nVgCrizYIyq06BSOfHiA35Gx945yVH82WKH9pkL7HIoklC0/Zv3UWkL4HzGlFJc
JgUBI3tSykNf83tAXH7ApGlG1fEDLXmNNrlOuQ4XTcMIRlL7MGaAcjCLGeOO54Ts
bVylMSuhpSGRdVhDPESM+ePxP0pz19sQqnoo+/pGqiGYQ3F8g1MiK/JmHi6Fyq9q
A+88PH2OBWZ9fqG1ApT8r3RJa7vYm8kLdlkDACVrK8/gFOUQPUw75IZ6QrZPAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUS9dUU2ZBVktGNoa/zkJGwrYjw9UwHwYDVR0j
BBgwFoAU8+7Ypu4BcW9jhxjJuW11TPXLNwYwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNHdZRmNtQlVuSDRiUTVFOGpVRkdBOUJIU253MkN4d0hldmZNM2FxSEZG
ZmQvMC9GM0VFRDhBNkVFMDE3MTZGNjM4NzE4QzlCOTZENzU0Q0Y1Q0IzNzA2LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0YzRUVEOEE2RUUwMTcxNkY2
Mzg3MThDOUI5NkQ3NTRDRjVDQjM3MDYuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzR3WUZjbUJVbkg0YlE1RThqVUZHQTlCSFNudzJDeHdIZXZmTTNhcUhGRmZkLzAv
MzEzNzMwMmUzNzM5MmUzMTMyMzAyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2
MzYzMjM5MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAKqT3gwDQYJKoZIhvcNAQELBQADggEBAFinrT53
FEey9ZzBXKpc4fBPMdGLan9A4ZeO8fu3VAFhJ/XV8NPxX2zHICa8AkHCtqFlEsWB
wjwjYo4NwKQMnLy+4mwBZk6CFVjbJc2KyEAHZBmBAbGdUJKbR5n+ylAVjA5ms6Xf
xOQR2a2FZ2oYFRvS6nAiGzy5Hvkbl+1k0l5cQ729jqVhi5qUBGyPDnFdlz3blufc
gycVzcT60SKoppPNw1pjPTTqfVuSEszWkrutWogWHJHZYNTGf/axGFhW0Qi6ILED
2NuoqXmWF/BCuAxmoyqzi+wRc31vynzNFS6h4AEs05WI1P7n4+z2hEc1UN9SEYd1
r3REp1Xem/uGsFs=
-----END CERTIFICATE-----
Generated at Tue Jun 10 20:16:51 2025 by rpki-client