Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3136372e3234392e3137312e302f32342d3234203d3e20323632353033.roa
File:                     3136372e3234392e3137312e302f32342d3234203d3e20323632353033.roa (raw, json)
Hash identifier:          GpJFt9D272ivAgcpMEEXvLqTTJiWVGPOExVTCK6JkbY=
Subject key identifier:   BC:E1:75:4A:89:82:D0:E5:90:75:29:82:15:91:86:73:EF:5D:DF:78
Certificate issuer:       /CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
Certificate serial:       150F99734E88B9AF00A2A984F589EE62B17B9130
Authority key identifier: AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3136372e3234392e3137312e302f32342d3234203d3e20323632353033.roa
Signing time:             Thu 29 May 2025 18:50:14 +0000
ROA not before:           Thu 29 May 2025 18:45:14 +0000
ROA not after:            Thu 28 May 2026 18:50:14 +0000
asID:                     262503
IP address blocks:        167.249.171.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl
                          rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 09 Jun 2025 21:56:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:0f:99:73:4e:88:b9:af:00:a2:a9:84:f5:89:ee:62:b1:7b:91:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
        Validity
            Not Before: May 29 18:45:14 2025 GMT
            Not After : May 28 18:50:14 2026 GMT
        Subject: CN=BCE1754A8982D0E59075298215918673EF5DDF78
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:f2:87:f8:74:0d:bf:5f:70:e2:8c:59:79:f9:
                    aa:ff:0b:f2:0e:2e:e3:5b:9a:4c:e1:8e:1b:b6:67:
                    77:41:f8:7d:08:8e:d9:05:00:25:1a:80:09:f3:b6:
                    18:bd:b0:d6:5e:36:c0:dd:e2:46:10:98:11:e6:22:
                    ca:9e:52:53:ae:8f:dc:6c:c0:62:64:db:de:dc:01:
                    5b:0c:f5:79:2c:07:4e:34:21:45:05:76:4a:da:57:
                    df:2d:22:93:1c:22:67:78:68:bc:bc:9c:f6:0c:64:
                    e4:b5:0c:2d:10:78:b8:4b:c1:1e:31:fa:71:71:d4:
                    2b:06:1a:d6:b6:15:86:ff:a5:4d:8b:a2:d1:dc:6b:
                    67:b5:40:4f:c0:af:76:18:03:ee:a0:d3:e9:64:62:
                    7a:8c:bd:34:76:c4:39:08:f5:de:48:b0:5a:b2:fa:
                    b0:ca:51:a8:44:b8:9f:26:2c:8c:b3:57:0c:a5:58:
                    0a:4f:28:4f:c9:56:f7:d1:a0:29:aa:54:f9:5c:b2:
                    f8:e6:6a:d3:de:83:75:8b:8e:8a:f5:f7:7b:ba:5b:
                    ae:c0:c9:af:cb:99:95:03:1a:dc:bd:3a:c7:98:13:
                    a6:31:cf:11:53:85:97:3d:32:d3:13:78:1e:9e:69:
                    da:da:d9:09:7c:e1:6e:ba:4d:0b:51:94:97:db:c9:
                    84:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:E1:75:4A:89:82:D0:E5:90:75:29:82:15:91:86:73:EF:5D:DF:78
            X509v3 Authority Key Identifier:
                keyid:AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3136372e3234392e3137312e302f32342d3234203d3e20323632353033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  167.249.171.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:28:91:28:46:46:f2:b5:78:82:37:9c:3e:3a:5e:0d:7c:40:
         ae:04:22:74:57:60:15:a4:6b:58:ee:ff:4d:52:44:d5:2c:dd:
         13:3d:66:43:ac:59:b2:9b:e8:e1:24:7e:06:d2:38:d0:00:47:
         43:ed:16:b2:09:30:f3:4d:9d:85:f2:d3:01:9e:92:93:bf:c5:
         1e:11:0f:f6:79:95:d5:bc:6b:c3:4d:90:d2:23:bb:34:58:3d:
         d5:dd:1d:e8:17:b3:e4:ed:fc:a9:16:24:8c:0e:92:50:98:25:
         63:4c:aa:24:c0:a0:dd:07:98:47:30:c9:7d:6a:bf:b6:4b:e8:
         ff:f4:fc:0b:88:24:32:d5:64:46:6d:cc:9b:a3:36:fa:b0:5f:
         68:a2:73:9a:a3:ea:31:49:00:7b:12:23:28:e5:bd:95:c8:62:
         aa:53:28:ac:ed:cc:bd:d2:a7:c0:5d:9d:ab:3d:e1:76:5a:0a:
         3b:ad:07:97:c7:46:de:31:2d:53:21:f9:52:6f:67:b2:b4:e1:
         78:38:c0:5b:ef:5b:fd:bb:57:06:8d:bb:c7:06:d3:7d:ce:ff:
         86:01:81:4d:8a:5c:8a:36:5a:86:29:20:b5:16:a4:29:89:33:
         c3:f5:e4:ec:3c:26:84:ed:ec:4a:ae:77:7b:eb:a5:2b:c2:07:
         39:0e:2b:fd
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUFQ+Zc06Iua8AoqmE9YnuYrF7kTAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM2NEIyRDE3NzFBQjMwRTE4ODgzQ0REMTQwMDFBODJE
OTkwNUY5ODAeFw0yNTA1MjkxODQ1MTRaFw0yNjA1MjgxODUwMTRaMDMxMTAvBgNV
BAMTKEJDRTE3NTRBODk4MkQwRTU5MDc1Mjk4MjE1OTE4NjczRUY1RERGNzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDC8of4dA2/X3DijFl5+ar/C/IO
LuNbmkzhjhu2Z3dB+H0IjtkFACUagAnzthi9sNZeNsDd4kYQmBHmIsqeUlOuj9xs
wGJk297cAVsM9XksB040IUUFdkraV98tIpMcImd4aLy8nPYMZOS1DC0QeLhLwR4x
+nFx1CsGGta2FYb/pU2LotHca2e1QE/Ar3YYA+6g0+lkYnqMvTR2xDkI9d5IsFqy
+rDKUahEuJ8mLIyzVwylWApPKE/JVvfRoCmqVPlcsvjmatPeg3WLjor193u6W67A
ya/LmZUDGty9OseYE6YxzxFThZc9MtMTeB6eadra2Ql84W66TQtRlJfbyYR3AgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUvOF1SomC0OWQdSmCFZGGc+9d33gwHwYDVR0j
BBgwFoAUrGSy0Xcasw4YiDzdFAAagtmQX5gwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOEVvNVFNbXF0ZGltNGp3bzVBdFR1UEprUWl6UGNtV1NtOWZvUnVmWU1G
a0YvMC9BQzY0QjJEMTc3MUFCMzBFMTg4ODNDREQxNDAwMUE4MkQ5OTA1Rjk4LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FDNjRCMkQxNzcxQUIzMEUx
ODg4M0NERDE0MDAxQTgyRDk5MDVGOTguY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzhFbzVRTW1xdGRpbTRqd281QXRUdVBKa1FpelBjbVdTbTlmb1J1ZllNRmtGLzAv
MzEzNjM3MmUzMjM0MzkyZTMxMzczMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMy
MzYzMjM1MzAzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAKf5qzANBgkqhkiG9w0BAQsFAAOCAQEAdiiR
KEZG8rV4gjecPjpeDXxArgQidFdgFaRrWO7/TVJE1SzdEz1mQ6xZspvo4SR+BtI4
0ABHQ+0Wsgkw802dhfLTAZ6Sk7/FHhEP9nmV1bxrw02Q0iO7NFg91d0d6Bez5O38
qRYkjA6SUJglY0yqJMCg3QeYRzDJfWq/tkvo//T8C4gkMtVkRm3Mm6M2+rBfaKJz
mqPqMUkAexIjKOW9lchiqlMorO3MvdKnwF2dqz3hdloKO60Hl8dG3jEtUyH5Um9n
srTheDjAW+9b/btXBo27xwbTfc7/hgGBTYpcijZahikgtRakKYkzw/Xk7DwmhO3s
Sq53e+ulK8IHOQ4r/Q==
-----END CERTIFICATE-----
Generated at Mon Jun 9 11:16:05 2025 by rpki-client