Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3136372e3234392e3137302e302f32342d3234203d3e20323632353033.roa
File:                     3136372e3234392e3137302e302f32342d3234203d3e20323632353033.roa (raw, json)
Hash identifier:          yutFqfK052GSn1tTzpmT9OSe37AqTGDEkMD5UeyZIE0=
Subject key identifier:   00:A9:16:EF:98:46:A8:1A:AE:BB:FF:0C:BD:1B:74:B3:01:B6:1F:05
Certificate issuer:       /CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
Certificate serial:       4A52758DC458BE45CBF6D6DDF1E6F7987C6CE4CF
Authority key identifier: AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3136372e3234392e3137302e302f32342d3234203d3e20323632353033.roa
Signing time:             Thu 29 May 2025 18:50:13 +0000
ROA not before:           Thu 29 May 2025 18:45:13 +0000
ROA not after:            Thu 28 May 2026 18:50:13 +0000
asID:                     262503
IP address blocks:        167.249.170.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl
                          rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 09 Jun 2025 21:56:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:52:75:8d:c4:58:be:45:cb:f6:d6:dd:f1:e6:f7:98:7c:6c:e4:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
        Validity
            Not Before: May 29 18:45:13 2025 GMT
            Not After : May 28 18:50:13 2026 GMT
        Subject: CN=00A916EF9846A81AAEBBFF0CBD1B74B301B61F05
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:35:89:92:c4:32:d5:64:76:74:4d:35:a1:7e:
                    2d:00:90:50:76:40:b8:d6:f3:46:7e:d8:b2:fc:35:
                    bc:5e:f6:82:ce:5c:e4:7c:e0:6d:7d:f7:b6:0e:98:
                    b2:8b:83:6d:6d:e8:c9:88:a2:f3:c2:4f:fd:69:01:
                    61:a8:d2:e5:98:e2:ca:58:08:b5:8a:b8:94:b1:8a:
                    56:df:86:09:3f:50:49:f0:4a:aa:ab:f7:5a:53:54:
                    fa:54:e4:e8:30:78:f1:d6:1f:52:5f:34:39:7d:c3:
                    99:72:08:dd:ce:6c:7d:12:49:30:6a:42:6c:37:41:
                    12:6c:73:42:38:2c:0c:f4:a1:75:b6:6f:13:b5:ff:
                    11:f9:9a:72:93:84:b1:13:a0:c9:f4:ea:5f:be:21:
                    97:2d:9f:02:f3:11:eb:0a:50:e7:84:1e:01:3b:9d:
                    2b:80:68:7f:84:d3:8e:ff:86:ce:77:49:70:76:11:
                    81:97:a0:d1:50:14:5c:1e:7c:52:6a:48:c0:c2:83:
                    54:5b:be:1b:85:2a:6d:45:9e:93:94:4b:ad:76:0b:
                    61:44:10:25:dc:0c:db:f7:56:71:41:16:54:7b:65:
                    ce:5a:fc:b7:1c:cd:21:15:de:b4:56:87:45:74:aa:
                    d7:ea:33:6c:76:cf:c9:e8:50:10:ed:ca:97:d9:a4:
                    71:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:A9:16:EF:98:46:A8:1A:AE:BB:FF:0C:BD:1B:74:B3:01:B6:1F:05
            X509v3 Authority Key Identifier:
                keyid:AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3136372e3234392e3137302e302f32342d3234203d3e20323632353033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.249.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:39:bb:fd:d3:3f:b3:1a:32:4d:9d:ec:3a:4e:dd:4b:f9:89:
         f0:ea:31:92:37:a8:da:20:f8:82:ea:19:c6:7b:c6:a9:ae:b5:
         0a:cc:b9:75:91:2e:13:e0:c1:46:b6:53:99:95:e1:9f:0d:18:
         1f:6d:80:2c:fc:07:63:69:28:a4:45:fd:c1:fb:45:b5:6d:1e:
         f5:ae:de:4c:87:48:bc:ca:04:bd:24:0a:b5:53:82:3e:a3:7c:
         fd:a5:99:6b:7c:f1:83:8c:5e:b5:7d:27:fa:8f:b0:11:0d:d2:
         60:37:9e:0a:04:92:fc:a5:bb:06:ab:5a:04:58:f0:c6:50:ae:
         71:b9:64:4d:15:a9:a2:93:fc:43:8c:63:c6:95:17:78:6a:18:
         bc:12:89:85:f3:62:a3:e8:80:95:86:3f:21:57:9c:dc:ad:2d:
         3f:f9:e5:fa:d0:07:10:cf:c0:01:4f:b5:81:86:da:bc:ad:94:
         fa:e1:02:5a:10:25:26:b0:5f:5a:af:e1:57:62:2c:6c:fb:1c:
         0d:c8:47:71:c4:64:0e:8b:c4:75:94:71:44:c6:f9:ec:3f:f1:
         e5:4e:6f:a6:96:63:2c:64:6f:e1:7a:2b:ba:82:aa:f2:75:b8:
         04:b8:d3:00:90:f0:a1:1a:60:86:6b:38:ab:da:29:b0:12:2e:
         56:ed:7b:3e
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUSlJ1jcRYvkXL9tbd8eb3mHxs5M8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM2NEIyRDE3NzFBQjMwRTE4ODgzQ0REMTQwMDFBODJE
OTkwNUY5ODAeFw0yNTA1MjkxODQ1MTNaFw0yNjA1MjgxODUwMTNaMDMxMTAvBgNV
BAMTKDAwQTkxNkVGOTg0NkE4MUFBRUJCRkYwQ0JEMUI3NEIzMDFCNjFGMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBNYmSxDLVZHZ0TTWhfi0AkFB2
QLjW80Z+2LL8Nbxe9oLOXOR84G1997YOmLKLg21t6MmIovPCT/1pAWGo0uWY4spY
CLWKuJSxilbfhgk/UEnwSqqr91pTVPpU5OgwePHWH1JfNDl9w5lyCN3ObH0SSTBq
Qmw3QRJsc0I4LAz0oXW2bxO1/xH5mnKThLEToMn06l++IZctnwLzEesKUOeEHgE7
nSuAaH+E047/hs53SXB2EYGXoNFQFFwefFJqSMDCg1RbvhuFKm1FnpOUS612C2FE
ECXcDNv3VnFBFlR7Zc5a/LcczSEV3rRWh0V0qtfqM2x2z8noUBDtypfZpHGVAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUAKkW75hGqBquu/8MvRt0swG2HwUwHwYDVR0j
BBgwFoAUrGSy0Xcasw4YiDzdFAAagtmQX5gwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOEVvNVFNbXF0ZGltNGp3bzVBdFR1UEprUWl6UGNtV1NtOWZvUnVmWU1G
a0YvMC9BQzY0QjJEMTc3MUFCMzBFMTg4ODNDREQxNDAwMUE4MkQ5OTA1Rjk4LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FDNjRCMkQxNzcxQUIzMEUx
ODg4M0NERDE0MDAxQTgyRDk5MDVGOTguY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzhFbzVRTW1xdGRpbTRqd281QXRUdVBKa1FpelBjbVdTbTlmb1J1ZllNRmtGLzAv
MzEzNjM3MmUzMjM0MzkyZTMxMzczMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMy
MzYzMjM1MzAzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAKf5qjANBgkqhkiG9w0BAQsFAAOCAQEANzm7
/dM/sxoyTZ3sOk7dS/mJ8Ooxkjeo2iD4guoZxnvGqa61Csy5dZEuE+DBRrZTmZXh
nw0YH22ALPwHY2kopEX9wftFtW0e9a7eTIdIvMoEvSQKtVOCPqN8/aWZa3zxg4xe
tX0n+o+wEQ3SYDeeCgSS/KW7BqtaBFjwxlCucblkTRWpopP8Q4xjxpUXeGoYvBKJ
hfNio+iAlYY/IVec3K0tP/nl+tAHEM/AAU+1gYbavK2U+uECWhAlJrBfWq/hV2Is
bPscDchHccRkDovEdZRxRMb57D/x5U5vppZjLGRv4XoruoKq8nW4BLjTAJDwoRpg
hms4q9opsBIuVu17Pg==
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:20:08 2025 by rpki-client