Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3137372e36362e3139322e302f32342d3234203d3e20323632353033.roa
File:                     3137372e36362e3139322e302f32342d3234203d3e20323632353033.roa (raw, json)
Hash identifier:          psuRxjHTIiRKw+KqO0QQ64S72XRxCrs1IlAnwvOYCYQ=
Subject key identifier:   32:04:B5:FA:AD:60:E8:BB:18:BB:6C:D7:88:FD:1C:EF:EB:B9:71:05
Certificate issuer:       /CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
Certificate serial:       60DCC3EAB48588CCAB3A55276DF7CC4554784412
Authority key identifier: AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3137372e36362e3139322e302f32342d3234203d3e20323632353033.roa
Signing time:             Thu 29 May 2025 18:50:15 +0000
ROA not before:           Thu 29 May 2025 18:45:15 +0000
ROA not after:            Thu 28 May 2026 18:50:15 +0000
asID:                     262503
IP address blocks:        177.66.192.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl
                          rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 09:47:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:dc:c3:ea:b4:85:88:cc:ab:3a:55:27:6d:f7:cc:45:54:78:44:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
        Validity
            Not Before: May 29 18:45:15 2025 GMT
            Not After : May 28 18:50:15 2026 GMT
        Subject: CN=3204B5FAAD60E8BB18BB6CD788FD1CEFEBB97105
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:0c:72:12:47:20:ea:c8:d0:84:b3:9e:24:12:
                    95:9e:3b:6c:9e:ed:9a:8c:b6:e0:d7:29:a6:13:91:
                    45:14:56:e6:68:fd:d0:b9:7a:25:53:fa:ca:03:1a:
                    2d:32:ab:38:d7:af:40:50:7a:44:ca:8b:de:68:1c:
                    1f:a2:71:c8:a0:d0:7e:85:88:f5:92:b3:ba:18:04:
                    2a:74:ee:cc:80:7f:53:2e:9b:32:db:9b:a9:5a:2f:
                    69:5a:ad:8f:2a:b7:2c:41:59:7f:ae:59:34:b7:04:
                    c8:9c:e9:e5:46:d9:56:28:dd:87:bd:51:51:94:f4:
                    cf:b7:d5:c5:bb:1c:62:9c:b5:55:b4:24:cb:12:0a:
                    13:51:6f:36:6e:b0:77:82:1e:b9:f6:4b:12:5d:51:
                    2f:28:89:1f:15:d2:87:a5:9d:9b:1b:85:53:3c:23:
                    45:82:a7:80:12:5a:60:ec:d3:57:7a:a2:1e:7b:08:
                    21:cc:8d:e5:65:cf:e5:7a:44:79:26:10:f4:52:02:
                    f2:a9:fd:f7:1f:6a:d4:0e:7d:f5:68:05:d4:c6:76:
                    6d:ec:33:38:06:c8:05:84:83:61:37:24:c0:cb:a7:
                    fd:33:0f:7b:23:7e:0b:8c:31:dc:4a:35:3a:23:82:
                    3f:23:3e:c4:4d:6c:d9:7a:6b:d3:07:0c:a9:62:11:
                    79:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:04:B5:FA:AD:60:E8:BB:18:BB:6C:D7:88:FD:1C:EF:EB:B9:71:05
            X509v3 Authority Key Identifier:
                keyid:AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3137372e36362e3139322e302f32342d3234203d3e20323632353033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.66.192.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:e0:86:7b:eb:00:24:13:c6:ab:82:a9:62:54:cb:14:5c:48:
         fb:9e:e5:c6:b0:89:08:70:37:ab:00:42:57:d6:da:d1:1b:0a:
         e0:fa:99:1e:81:79:2b:50:e2:9c:8d:26:f0:52:64:08:19:4d:
         1b:fb:66:a2:c2:ed:a8:81:02:d0:14:43:52:0b:0f:d8:52:32:
         b5:7f:76:69:9a:16:89:69:7e:6c:44:0f:62:60:c4:aa:c2:a9:
         28:4b:48:a8:b4:57:77:35:9d:39:b0:e8:30:5c:b1:ea:8d:74:
         99:ff:d4:7d:9e:7a:7c:97:18:5d:8c:26:c8:03:1c:44:3a:2e:
         9a:ac:a7:1d:3c:24:6f:72:24:ef:fd:bc:6d:2f:d0:9b:49:15:
         af:76:e5:c5:56:06:53:6f:04:be:a8:37:76:d1:c6:ee:0a:47:
         e6:99:b4:d7:44:a4:1a:9e:bb:a4:d3:76:cb:4e:be:1b:05:b3:
         d5:2f:b6:ed:22:1d:f5:b5:f0:34:54:c7:4f:c9:06:cf:b2:77:
         b3:02:8f:1a:11:cb:0c:4e:6d:01:a7:85:0f:3e:14:bc:25:1b:
         b4:20:23:9e:66:05:b2:af:26:a6:eb:69:86:31:3a:0d:75:51:
         fc:3c:7e:e7:c0:88:f1:5a:4b:fb:5a:d3:ad:8a:6c:ce:3e:db:
         eb:7d:c6:b0
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUYNzD6rSFiMyrOlUnbffMRVR4RBIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM2NEIyRDE3NzFBQjMwRTE4ODgzQ0REMTQwMDFBODJE
OTkwNUY5ODAeFw0yNTA1MjkxODQ1MTVaFw0yNjA1MjgxODUwMTVaMDMxMTAvBgNV
BAMTKDMyMDRCNUZBQUQ2MEU4QkIxOEJCNkNENzg4RkQxQ0VGRUJCOTcxMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIDHISRyDqyNCEs54kEpWeO2ye
7ZqMtuDXKaYTkUUUVuZo/dC5eiVT+soDGi0yqzjXr0BQekTKi95oHB+iccig0H6F
iPWSs7oYBCp07syAf1MumzLbm6laL2larY8qtyxBWX+uWTS3BMic6eVG2VYo3Ye9
UVGU9M+31cW7HGKctVW0JMsSChNRbzZusHeCHrn2SxJdUS8oiR8V0oelnZsbhVM8
I0WCp4ASWmDs01d6oh57CCHMjeVlz+V6RHkmEPRSAvKp/fcfatQOffVoBdTGdm3s
MzgGyAWEg2E3JMDLp/0zD3sjfguMMdxKNTojgj8jPsRNbNl6a9MHDKliEXn5AgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUMgS1+q1g6LsYu2zXiP0c7+u5cQUwHwYDVR0j
BBgwFoAUrGSy0Xcasw4YiDzdFAAagtmQX5gwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOEVvNVFNbXF0ZGltNGp3bzVBdFR1UEprUWl6UGNtV1NtOWZvUnVmWU1G
a0YvMC9BQzY0QjJEMTc3MUFCMzBFMTg4ODNDREQxNDAwMUE4MkQ5OTA1Rjk4LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FDNjRCMkQxNzcxQUIzMEUx
ODg4M0NERDE0MDAxQTgyRDk5MDVGOTguY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzhFbzVRTW1xdGRpbTRqd281QXRUdVBKa1FpelBjbVdTbTlmb1J1ZllNRmtGLzAv
MzEzNzM3MmUzNjM2MmUzMTM5MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2
MzIzNTMwMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBACxQsAwDQYJKoZIhvcNAQELBQADggEBAJfghnvr
ACQTxquCqWJUyxRcSPue5cawiQhwN6sAQlfW2tEbCuD6mR6BeStQ4pyNJvBSZAgZ
TRv7ZqLC7aiBAtAUQ1ILD9hSMrV/dmmaFolpfmxED2JgxKrCqShLSKi0V3c1nTmw
6DBcseqNdJn/1H2eenyXGF2MJsgDHEQ6Lpqspx08JG9yJO/9vG0v0JtJFa925cVW
BlNvBL6oN3bRxu4KR+aZtNdEpBqeu6TTdstOvhsFs9Uvtu0iHfW18DRUx0/JBs+y
d7MCjxoRywxObQGnhQ8+FLwlG7QgI55mBbKvJqbraYYxOg11Ufw8fufAiPFaS/ta
062KbM4+2+t9xrA=
-----END CERTIFICATE-----
Generated at Tue Jun 10 18:48:28 2025 by rpki-client