Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/884CcEVgc8vvCBg4CUA181vaxZpscLtA3tpBsBfr6woy/0/3230312e372e3136352e302f32342d3234203d3e20323633323930.roa
File:                     3230312e372e3136352e302f32342d3234203d3e20323633323930.roa (raw, json)
Hash identifier:          1mlX9H/fi/I0aTCzuHW72oe+/7eiZqmxSRM++ml2v5A=
Subject key identifier:   96:47:F0:55:AD:AF:91:D1:F5:FE:08:98:99:65:E2:41:0D:F0:3F:4D
Certificate issuer:       /CN=665361CB3ACA4197B4ACFD257ECFEA3E0D21C9B7
Certificate serial:       07064714316E48D78EFDD571718216FA1EA65D57
Authority key identifier: 66:53:61:CB:3A:CA:41:97:B4:AC:FD:25:7E:CF:EA:3E:0D:21:C9:B7
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/665361CB3ACA4197B4ACFD257ECFEA3E0D21C9B7.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/884CcEVgc8vvCBg4CUA181vaxZpscLtA3tpBsBfr6woy/0/3230312e372e3136352e302f32342d3234203d3e20323633323930.roa
Signing time:             Tue 03 Jun 2025 13:54:13 +0000
ROA not before:           Tue 03 Jun 2025 13:49:13 +0000
ROA not after:            Tue 02 Jun 2026 13:54:13 +0000
asID:                     263290
IP address blocks:        201.7.165.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/884CcEVgc8vvCBg4CUA181vaxZpscLtA3tpBsBfr6woy/0/665361CB3ACA4197B4ACFD257ECFEA3E0D21C9B7.crl
                          rsync://rpki-repo.registro.br/repo/884CcEVgc8vvCBg4CUA181vaxZpscLtA3tpBsBfr6woy/0/665361CB3ACA4197B4ACFD257ECFEA3E0D21C9B7.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/665361CB3ACA4197B4ACFD257ECFEA3E0D21C9B7.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 16 Jun 2025 05:06:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:06:47:14:31:6e:48:d7:8e:fd:d5:71:71:82:16:fa:1e:a6:5d:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=665361CB3ACA4197B4ACFD257ECFEA3E0D21C9B7
        Validity
            Not Before: Jun  3 13:49:13 2025 GMT
            Not After : Jun  2 13:54:13 2026 GMT
        Subject: CN=9647F055ADAF91D1F5FE08989965E2410DF03F4D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:f4:d2:b8:98:55:2d:df:eb:11:b2:3c:b4:a8:
                    f1:b6:15:d7:98:31:82:bc:14:7c:43:61:b3:f0:81:
                    ed:39:53:0e:ac:d4:51:5c:7b:28:b7:3d:9d:1b:81:
                    8e:8f:f6:53:f0:4f:fe:50:99:13:71:b7:94:fb:f8:
                    ee:98:dd:e9:88:8a:3b:82:39:63:46:80:de:16:5f:
                    e3:13:4f:15:76:ad:95:a1:f3:11:a5:9e:de:c5:ee:
                    29:62:44:04:44:e5:8c:9c:09:37:40:bb:a4:6f:71:
                    d3:4e:9e:b8:46:36:66:11:84:45:ba:c1:42:15:21:
                    8d:d1:44:4b:dc:31:7e:79:c0:b3:d6:b3:2d:9e:cf:
                    15:d4:d3:82:dc:00:45:c1:ca:78:74:57:0a:c8:85:
                    26:82:5f:2b:6c:83:a2:b2:ac:59:21:f4:a9:ac:70:
                    c2:5b:82:5a:fc:85:50:af:e1:12:9d:f6:66:7e:74:
                    1f:cf:13:e7:d8:e1:36:c3:7c:d9:88:d3:7a:dc:f7:
                    29:3f:41:d3:0c:27:74:42:47:fd:cf:67:ec:12:0e:
                    36:6b:a0:68:00:5a:fb:16:4b:be:25:40:a2:fc:e6:
                    e6:13:c0:32:a8:08:99:e1:31:cf:ac:94:8b:30:bc:
                    28:b7:91:e9:a0:9d:4a:f3:9a:a8:45:0d:b9:ea:8b:
                    f4:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:47:F0:55:AD:AF:91:D1:F5:FE:08:98:99:65:E2:41:0D:F0:3F:4D
            X509v3 Authority Key Identifier:
                keyid:66:53:61:CB:3A:CA:41:97:B4:AC:FD:25:7E:CF:EA:3E:0D:21:C9:B7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/884CcEVgc8vvCBg4CUA181vaxZpscLtA3tpBsBfr6woy/0/665361CB3ACA4197B4ACFD257ECFEA3E0D21C9B7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/665361CB3ACA4197B4ACFD257ECFEA3E0D21C9B7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/884CcEVgc8vvCBg4CUA181vaxZpscLtA3tpBsBfr6woy/0/3230312e372e3136352e302f32342d3234203d3e20323633323930.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  201.7.165.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:e0:5b:96:db:a5:9f:ec:4c:8a:7d:95:a7:c0:5f:d6:80:4e:
         d2:ba:68:74:8a:5d:28:70:fa:84:fa:0e:39:11:7d:6f:24:b2:
         e0:04:15:fb:53:b6:92:44:aa:55:f2:95:90:dc:82:ff:96:79:
         18:47:e4:06:ce:f8:39:19:a7:bd:2a:ce:c7:37:76:43:0d:9e:
         4b:94:a4:bc:a0:72:60:86:44:78:16:01:1c:8d:6d:90:ea:b4:
         93:50:b0:de:c5:d3:d5:d2:75:ff:bf:7d:fe:9d:d3:1e:50:7e:
         88:19:84:45:4b:38:90:c8:74:01:b4:86:c1:8a:1a:e8:b3:ea:
         e7:5f:ec:80:bd:2d:0e:65:ca:c6:88:b1:b9:ba:b8:a2:1d:a8:
         6f:a5:1c:79:a1:6b:c9:d5:d0:62:8a:19:4e:8d:cb:09:49:fb:
         fc:d5:b9:9b:b0:8c:08:ef:7d:e8:02:1f:ac:4d:cc:44:21:bb:
         b6:ae:55:3e:b2:6c:bc:fb:d9:fe:ac:63:f9:9c:26:d7:b0:c2:
         6a:a6:b1:c2:c8:c7:2c:4b:9e:4d:b4:6a:ea:3f:de:c6:be:c4:
         a8:10:5e:af:27:08:2f:c4:6d:45:e3:24:fb:d4:5b:4d:ec:c3:
         36:33:48:46:9a:7c:cb:c1:4d:dc:99:e6:e1:15:79:a1:7f:36:
         2c:e0:40:68
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUBwZHFDFuSNeO/dVxcYIW+h6mXVcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjY1MzYxQ0IzQUNBNDE5N0I0QUNGRDI1N0VDRkVBM0Uw
RDIxQzlCNzAeFw0yNTA2MDMxMzQ5MTNaFw0yNjA2MDIxMzU0MTNaMDMxMTAvBgNV
BAMTKDk2NDdGMDU1QURBRjkxRDFGNUZFMDg5ODk5NjVFMjQxMERGMDNGNEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz9NK4mFUt3+sRsjy0qPG2FdeY
MYK8FHxDYbPwge05Uw6s1FFceyi3PZ0bgY6P9lPwT/5QmRNxt5T7+O6Y3emIijuC
OWNGgN4WX+MTTxV2rZWh8xGlnt7F7iliRARE5YycCTdAu6RvcdNOnrhGNmYRhEW6
wUIVIY3RREvcMX55wLPWsy2ezxXU04LcAEXBynh0VwrIhSaCXytsg6KyrFkh9Kms
cMJbglr8hVCv4RKd9mZ+dB/PE+fY4TbDfNmI03rc9yk/QdMMJ3RCR/3PZ+wSDjZr
oGgAWvsWS74lQKL85uYTwDKoCJnhMc+slIswvCi3kemgnUrzmqhFDbnqi/RXAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUlkfwVa2vkdH1/giYmWXiQQ3wP00wHwYDVR0j
BBgwFoAUZlNhyzrKQZe0rP0lfs/qPg0hybcwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vODg0Q2NFVmdjOHZ2Q0JnNENVQTE4MXZheFpwc2NMdEEzdHBCc0JmcjZ3
b3kvMC82NjUzNjFDQjNBQ0E0MTk3QjRBQ0ZEMjU3RUNGRUEzRTBEMjFDOUI3LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzY2NTM2MUNCM0FDQTQxOTdC
NEFDRkQyNTdFQ0ZFQTNFMEQyMUM5QjcuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
Lzg4NENjRVZnYzh2dkNCZzRDVUExODF2YXhacHNjTHRBM3RwQnNCZnI2d295LzAv
MzIzMDMxMmUzNzJlMzEzNjM1MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjMz
MzIzOTMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAyQelMA0GCSqGSIb3DQEBCwUAA4IBAQCd4FuW26Wf
7EyKfZWnwF/WgE7Sumh0il0ocPqE+g45EX1vJLLgBBX7U7aSRKpV8pWQ3IL/lnkY
R+QGzvg5Gae9Ks7HN3ZDDZ5LlKS8oHJghkR4FgEcjW2Q6rSTULDexdPV0nX/v33+
ndMeUH6IGYRFSziQyHQBtIbBihros+rnX+yAvS0OZcrGiLG5uriiHahvpRx5oWvJ
1dBiihlOjcsJSfv81bmbsIwI733oAh+sTcxEIbu2rlU+smy8+9n+rGP5nCbXsMJq
prHCyMcsS55NtGrqP97GvsSoEF6vJwgvxG1F4yT71FtN7MM2M0hGmnzLwU3cmebh
FXmhfzYs4EBo
-----END CERTIFICATE-----
Generated at Sun Jun 15 18:29:16 2025 by rpki-client