Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/7oCcVbyHKkLCf95zkRt3fyisbHYcn3o9oZYZ56ZVbjJk/1/3137302e3235342e3131322e302f32322d3234203d3e20313938393439.roa
File:                     3137302e3235342e3131322e302f32322d3234203d3e20313938393439.roa (raw, json)
Hash identifier:          s1Dv4EwzaeD1Kw77m96Y2/8rHRPHssVyiyQ5oeogXyg=
Subject key identifier:   A8:B1:78:7B:35:AF:09:76:FD:14:33:23:02:64:16:51:5A:9F:95:3A
Certificate issuer:       /CN=2CAF5AD1DDD1EAC6118C9F8475506AFB2CBC2D25
Certificate serial:       52891E462F2072131DFEFC7106CF6FE009D404A3
Authority key identifier: 2C:AF:5A:D1:DD:D1:EA:C6:11:8C:9F:84:75:50:6A:FB:2C:BC:2D:25
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/2CAF5AD1DDD1EAC6118C9F8475506AFB2CBC2D25.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/7oCcVbyHKkLCf95zkRt3fyisbHYcn3o9oZYZ56ZVbjJk/1/3137302e3235342e3131322e302f32322d3234203d3e20313938393439.roa
Signing time:             Mon 15 Jun 2026 20:18:31 +0000
ROA not before:           Mon 15 Jun 2026 20:13:31 +0000
ROA not after:            Mon 14 Jun 2027 20:18:31 +0000
asID:                     198949
IP address blocks:        170.254.112.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/7oCcVbyHKkLCf95zkRt3fyisbHYcn3o9oZYZ56ZVbjJk/1/2CAF5AD1DDD1EAC6118C9F8475506AFB2CBC2D25.crl
                          rsync://rpki-repo.registro.br/repo/7oCcVbyHKkLCf95zkRt3fyisbHYcn3o9oZYZ56ZVbjJk/1/2CAF5AD1DDD1EAC6118C9F8475506AFB2CBC2D25.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/2CAF5AD1DDD1EAC6118C9F8475506AFB2CBC2D25.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 10 Jul 2026 19:38:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:89:1e:46:2f:20:72:13:1d:fe:fc:71:06:cf:6f:e0:09:d4:04:a3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2CAF5AD1DDD1EAC6118C9F8475506AFB2CBC2D25
        Validity
            Not Before: Jun 15 20:13:31 2026 GMT
            Not After : Jun 14 20:18:31 2027 GMT
        Subject: CN=A8B1787B35AF0976FD143323026416515A9F953A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:4d:74:4c:87:18:52:f7:a1:40:5a:fe:86:e3:
                    b4:2e:04:92:e8:95:2f:f1:b1:e8:f4:88:fe:97:8f:
                    4e:a7:60:f8:e5:cd:3c:cb:c6:51:55:92:9a:ef:06:
                    94:db:dd:17:c6:60:58:47:77:89:a0:c8:7b:c9:da:
                    95:75:42:54:92:0a:92:54:33:98:3e:6a:fa:84:b8:
                    45:a9:0e:74:e0:03:91:4b:7a:d0:0b:9b:5f:af:f0:
                    c7:c0:32:3e:77:dc:b4:12:4d:64:a2:df:03:76:13:
                    6d:4b:a5:4a:e4:5c:cc:e5:8c:bd:2e:4e:74:df:55:
                    93:82:b2:3e:93:94:17:c1:5f:58:8a:31:7d:15:3a:
                    0c:0e:48:c1:f7:7c:e9:75:d5:93:6a:3b:37:8e:65:
                    40:66:9e:b4:5a:ac:91:6c:48:bf:42:07:6d:3f:27:
                    61:ba:2e:ea:4d:9f:c1:f5:99:f8:93:c7:47:7a:ad:
                    c2:13:5d:92:e2:27:54:22:f6:81:6a:ab:73:45:17:
                    f1:69:90:d5:08:51:fa:a4:22:3b:30:52:ef:ef:5a:
                    49:fc:d7:25:a7:9f:f2:ab:97:b6:64:3f:80:2a:fb:
                    f7:f9:93:cd:96:fa:8b:c8:ca:80:2a:d6:ec:e3:96:
                    83:e8:8e:8a:b6:11:ad:d5:76:e6:04:c0:a3:6d:21:
                    af:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:B1:78:7B:35:AF:09:76:FD:14:33:23:02:64:16:51:5A:9F:95:3A
            X509v3 Authority Key Identifier:
                keyid:2C:AF:5A:D1:DD:D1:EA:C6:11:8C:9F:84:75:50:6A:FB:2C:BC:2D:25

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/7oCcVbyHKkLCf95zkRt3fyisbHYcn3o9oZYZ56ZVbjJk/1/2CAF5AD1DDD1EAC6118C9F8475506AFB2CBC2D25.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/2CAF5AD1DDD1EAC6118C9F8475506AFB2CBC2D25.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/7oCcVbyHKkLCf95zkRt3fyisbHYcn3o9oZYZ56ZVbjJk/1/3137302e3235342e3131322e302f32322d3234203d3e20313938393439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.254.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         9f:40:7b:bc:44:5d:89:24:7a:41:49:97:1c:f6:6b:2f:53:28:
         b6:24:6b:2e:bf:4a:d3:34:51:16:b0:40:cd:e8:63:e2:7e:0d:
         01:c7:b3:e5:f4:02:98:2d:a5:c7:a6:f3:5f:3e:a0:ae:40:08:
         b3:73:57:64:8a:6e:4e:79:75:81:bd:ac:99:c7:2d:5a:04:6a:
         5f:d0:be:23:1b:7e:d6:4b:fa:86:34:bd:af:71:50:a3:ef:2e:
         36:71:54:7c:fe:79:89:7c:19:d1:9b:9f:17:6e:92:1c:fc:6b:
         9c:91:22:bb:d8:c1:9d:2c:9b:23:e8:82:20:10:27:af:70:d1:
         be:03:c7:21:d9:06:be:d1:c7:b8:cc:41:f6:0c:63:90:2d:ed:
         95:c3:7a:40:1b:6b:42:80:a5:19:d8:ba:16:c5:1a:3e:b9:f3:
         c1:d0:82:12:c9:ea:3f:9e:3e:ae:b7:5e:02:f9:de:f4:77:0d:
         19:59:d4:54:78:66:f0:b8:5b:8b:b7:03:f1:0f:31:f0:a5:2b:
         ea:54:f9:bb:02:43:b0:f6:e9:1d:a1:09:2c:64:58:32:34:b6:
         2e:63:a0:b5:7e:89:d4:0f:a4:c9:44:06:56:a7:86:19:77:e9:
         d1:fb:a6:ec:71:cd:57:8f:ee:d1:dd:a0:e4:73:f3:2b:6c:f7:
         dc:a5:d1:ca
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUUokeRi8gchMd/vxxBs9v4AnUBKMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkNBRjVBRDFEREQxRUFDNjExOEM5Rjg0NzU1MDZBRkIy
Q0JDMkQyNTAeFw0yNjA2MTUyMDEzMzFaFw0yNzA2MTQyMDE4MzFaMDMxMTAvBgNV
BAMTKEE4QjE3ODdCMzVBRjA5NzZGRDE0MzMyMzAyNjQxNjUxNUE5Rjk1M0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoTXRMhxhS96FAWv6G47QuBJLo
lS/xsej0iP6Xj06nYPjlzTzLxlFVkprvBpTb3RfGYFhHd4mgyHvJ2pV1QlSSCpJU
M5g+avqEuEWpDnTgA5FLetALm1+v8MfAMj533LQSTWSi3wN2E21LpUrkXMzljL0u
TnTfVZOCsj6TlBfBX1iKMX0VOgwOSMH3fOl11ZNqOzeOZUBmnrRarJFsSL9CB20/
J2G6LupNn8H1mfiTx0d6rcITXZLiJ1Qi9oFqq3NFF/FpkNUIUfqkIjswUu/vWkn8
1yWnn/Krl7ZkP4Aq+/f5k82W+ovIyoAq1uzjloPojoq2Ea3VduYEwKNtIa+BAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUqLF4ezWvCXb9FDMjAmQWUVqflTowHwYDVR0j
BBgwFoAULK9a0d3R6sYRjJ+EdVBq+yy8LSUwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vN29DY1ZieUhLa0xDZjk1emtSdDNmeWlzYkhZY24zbzlvWllaNTZaVmJq
SmsvMS8yQ0FGNUFEMURERDFFQUM2MTE4QzlGODQ3NTUwNkFGQjJDQkMyRDI1LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzJDQUY1QUQxREREMUVBQzYx
MThDOUY4NDc1NTA2QUZCMkNCQzJEMjUuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzdvQ2NWYnlIS2tMQ2Y5NXprUnQzZnlpc2JIWWNuM285b1pZWjU2WlZiakprLzEv
MzEzNzMwMmUzMjM1MzQyZTMxMzEzMjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMx
MzkzODM5MzQzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAqr+cDANBgkqhkiG9w0BAQsFAAOCAQEAn0B7
vERdiSR6QUmXHPZrL1MotiRrLr9K0zRRFrBAzehj4n4NAcez5fQCmC2lx6bzXz6g
rkAIs3NXZIpuTnl1gb2smcctWgRqX9C+Ixt+1kv6hjS9r3FQo+8uNnFUfP55iXwZ
0ZufF26SHPxrnJEiu9jBnSybI+iCIBAnr3DRvgPHIdkGvtHHuMxB9gxjkC3tlcN6
QBtrQoClGdi6FsUaPrnzwdCCEsnqP54+rrdeAvne9HcNGVnUVHhm8Lhbi7cD8Q8x
8KUr6lT5uwJDsPbpHaEJLGRYMjS2LmOgtX6J1A+kyUQGVqeGGXfp0fum7HHNV4/u
0d2g5HPzK2z33KXRyg==
-----END CERTIFICATE-----
Generated at Thu Jul 9 23:21:25 2026 by rpki-client