Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3136372e3234392e3137302e302f32342d3234203d3e20323632353033.roa
File:                     3136372e3234392e3137302e302f32342d3234203d3e20323632353033.roa (raw, json)
Hash identifier:          ynvxWF05+juoLJizEakI+Ae/UBeiHJPCNsdXQIg+B4g=
Subject key identifier:   DB:0A:2E:BD:D6:77:81:CA:A9:63:1F:4A:19:C7:EB:A6:1F:FF:09:0C
Certificate issuer:       /CN=123B03D46660DEE9B32E2712342EB4F48591C7B6
Certificate serial:       32216EBB66C024FAB445756B90D5E60622780AB1
Authority key identifier: 12:3B:03:D4:66:60:DE:E9:B3:2E:27:12:34:2E:B4:F4:85:91:C7:B6
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/123B03D46660DEE9B32E2712342EB4F48591C7B6.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3136372e3234392e3137302e302f32342d3234203d3e20323632353033.roa
Signing time:             Tue 19 Aug 2025 20:06:21 +0000
ROA not before:           Tue 19 Aug 2025 20:01:21 +0000
ROA not after:            Tue 18 Aug 2026 20:06:21 +0000
asID:                     262503
IP address blocks:        167.249.170.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/123B03D46660DEE9B32E2712342EB4F48591C7B6.crl
                          rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/123B03D46660DEE9B32E2712342EB4F48591C7B6.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/123B03D46660DEE9B32E2712342EB4F48591C7B6.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 21 Aug 2025 16:17:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            32:21:6e:bb:66:c0:24:fa:b4:45:75:6b:90:d5:e6:06:22:78:0a:b1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=123B03D46660DEE9B32E2712342EB4F48591C7B6
        Validity
            Not Before: Aug 19 20:01:21 2025 GMT
            Not After : Aug 18 20:06:21 2026 GMT
        Subject: CN=DB0A2EBDD67781CAA9631F4A19C7EBA61FFF090C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:73:e6:63:f3:b5:06:3c:5a:77:ba:e2:24:ec:
                    c7:ec:62:02:d2:c6:04:80:7a:64:8f:26:82:1f:5a:
                    66:79:2d:39:de:cf:97:a6:d7:a7:1f:00:96:2b:6a:
                    fd:b3:00:3f:85:e3:41:06:0b:0d:e7:4b:92:97:21:
                    e1:91:75:e8:b9:cc:66:bd:ba:bc:4a:e4:eb:27:39:
                    76:1d:35:6f:28:0f:70:4c:52:5c:b3:92:35:f5:0c:
                    5d:63:b1:da:62:d7:62:10:86:ea:31:3a:02:89:4d:
                    52:ed:07:f2:f5:a2:1c:7c:21:f5:3d:b7:50:35:b1:
                    e2:ea:15:81:a0:bd:f8:3d:a7:24:b6:4b:d9:ed:36:
                    f5:75:72:5f:63:30:d2:78:41:cb:d3:e6:5f:4b:0b:
                    ae:30:ab:2c:98:63:a9:c1:52:d5:a9:d1:db:31:08:
                    b2:d6:e0:b2:31:3b:4f:7b:58:8e:8e:bf:d0:f4:0f:
                    b7:e6:d2:3f:4c:dc:03:bd:5f:ad:3f:8f:df:b9:58:
                    bb:38:06:e7:9d:a9:c9:80:83:e8:28:b3:0e:b0:61:
                    6e:85:ba:a1:0d:9d:aa:c1:b4:27:8c:8b:58:17:a5:
                    7a:a5:72:75:81:42:be:b1:15:ca:4f:a0:d1:9f:d3:
                    1b:9b:54:b6:36:65:20:b7:8b:88:78:de:81:95:c0:
                    63:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:0A:2E:BD:D6:77:81:CA:A9:63:1F:4A:19:C7:EB:A6:1F:FF:09:0C
            X509v3 Authority Key Identifier:
                keyid:12:3B:03:D4:66:60:DE:E9:B3:2E:27:12:34:2E:B4:F4:85:91:C7:B6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/123B03D46660DEE9B32E2712342EB4F48591C7B6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/123B03D46660DEE9B32E2712342EB4F48591C7B6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3136372e3234392e3137302e302f32342d3234203d3e20323632353033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.249.170.0/24

    Signature Algorithm: sha256WithRSAEncryption
         17:b7:ea:3a:59:bb:4a:1c:57:c6:8f:48:ed:b3:81:b1:07:84:
         70:a2:1a:94:d1:24:ce:9b:a1:0f:c6:5a:99:da:7f:f0:39:3d:
         fe:10:a6:31:3d:37:bf:f3:b7:66:2e:91:15:7d:2a:5e:7c:5c:
         ed:01:7b:ed:b4:b6:13:3a:d8:f3:9c:42:e6:e1:2c:c6:38:f0:
         90:63:27:f9:13:50:26:82:05:17:a4:88:dc:8c:4e:17:9e:9a:
         52:26:33:5d:97:c0:64:fd:2a:d4:06:50:cf:0f:58:60:bc:80:
         8b:b3:e5:b2:b6:b1:37:b1:e9:c9:aa:22:fa:6f:07:4f:2d:9d:
         aa:c4:12:ec:97:52:8d:59:f1:2f:87:15:a6:99:62:89:1d:87:
         95:1a:70:e6:87:d1:aa:16:81:13:a7:50:c4:53:d0:70:38:11:
         4a:a5:b5:9a:46:d2:6e:12:52:a2:5f:76:90:6c:50:64:98:36:
         71:92:80:c2:9b:07:e2:d8:09:ae:e3:69:cc:ea:96:e3:14:6c:
         e2:5b:e3:d6:3d:59:d2:26:5f:92:e7:c6:f5:dc:49:a7:cb:22:
         f6:d3:5b:4a:4d:de:87:94:3d:ea:90:7c:47:66:53:08:a0:7a:
         60:60:7d:07:fc:ee:d9:d1:3e:3d:e8:b0:3d:18:20:52:6a:03:
         65:01:58:07
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUMiFuu2bAJPq0RXVrkNXmBiJ4CrEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTIzQjAzRDQ2NjYwREVFOUIzMkUyNzEyMzQyRUI0RjQ4
NTkxQzdCNjAeFw0yNTA4MTkyMDAxMjFaFw0yNjA4MTgyMDA2MjFaMDMxMTAvBgNV
BAMTKERCMEEyRUJERDY3NzgxQ0FBOTYzMUY0QTE5QzdFQkE2MUZGRjA5MEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwc+Zj87UGPFp3uuIk7MfsYgLS
xgSAemSPJoIfWmZ5LTnez5em16cfAJYrav2zAD+F40EGCw3nS5KXIeGRdei5zGa9
urxK5OsnOXYdNW8oD3BMUlyzkjX1DF1jsdpi12IQhuoxOgKJTVLtB/L1ohx8IfU9
t1A1seLqFYGgvfg9pyS2S9ntNvV1cl9jMNJ4QcvT5l9LC64wqyyYY6nBUtWp0dsx
CLLW4LIxO097WI6Ov9D0D7fm0j9M3AO9X60/j9+5WLs4BuedqcmAg+gosw6wYW6F
uqENnarBtCeMi1gXpXqlcnWBQr6xFcpPoNGf0xubVLY2ZSC3i4h43oGVwGMPAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQU2wouvdZ3gcqpYx9KGcfrph//CQwwHwYDVR0j
BBgwFoAUEjsD1GZg3umzLicSNC609IWRx7YwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOEVvNVFNbXF0ZGltNGp3bzVBdFR1UEprUWl6UGNtV1NtOWZvUnVmWU1G
a0YvMC8xMjNCMDNENDY2NjBERUU5QjMyRTI3MTIzNDJFQjRGNDg1OTFDN0I2LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzEyM0IwM0Q0NjY2MERFRTlC
MzJFMjcxMjM0MkVCNEY0ODU5MUM3QjYuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzhFbzVRTW1xdGRpbTRqd281QXRUdVBKa1FpelBjbVdTbTlmb1J1ZllNRmtGLzAv
MzEzNjM3MmUzMjM0MzkyZTMxMzczMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMy
MzYzMjM1MzAzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAKf5qjANBgkqhkiG9w0BAQsFAAOCAQEAF7fq
Olm7ShxXxo9I7bOBsQeEcKIalNEkzpuhD8Zamdp/8Dk9/hCmMT03v/O3Zi6RFX0q
Xnxc7QF77bS2EzrY85xC5uEsxjjwkGMn+RNQJoIFF6SI3IxOF56aUiYzXZfAZP0q
1AZQzw9YYLyAi7PlsraxN7Hpyaoi+m8HTy2dqsQS7JdSjVnxL4cVppliiR2HlRpw
5ofRqhaBE6dQxFPQcDgRSqW1mkbSbhJSol92kGxQZJg2cZKAwpsH4tgJruNpzOqW
4xRs4lvj1j1Z0iZfkufG9dxJp8si9tNbSk3eh5Q96pB8R2ZTCKB6YGB9B/zu2dE+
PeiwPRggUmoDZQFYBw==
-----END CERTIFICATE-----
Generated at Thu Aug 21 07:24:11 2025 by rpki-client