Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3137372e36362e3139332e302f32342d3234203d3e20323632353033.roa
File:                     3137372e36362e3139332e302f32342d3234203d3e20323632353033.roa (raw, json)
Hash identifier:          pNo10BI++xZjhakdHGCl8sqzCN0brDn/oW75KE6DnYs=
Subject key identifier:   34:D7:79:F1:3F:79:C4:88:0F:59:8C:95:D7:49:AF:AB:2B:C1:81:3B
Certificate issuer:       /CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
Certificate serial:       577283E700D0AEE626C88DBF5BF83781DB197C31
Authority key identifier: AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3137372e36362e3139332e302f32342d3234203d3e20323632353033.roa
Signing time:             Thu 29 May 2025 18:50:13 +0000
ROA not before:           Thu 29 May 2025 18:45:13 +0000
ROA not after:            Thu 28 May 2026 18:50:13 +0000
asID:                     262503
IP address blocks:        177.66.193.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl
                          rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 09 Jun 2025 21:56:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:72:83:e7:00:d0:ae:e6:26:c8:8d:bf:5b:f8:37:81:db:19:7c:31
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
        Validity
            Not Before: May 29 18:45:13 2025 GMT
            Not After : May 28 18:50:13 2026 GMT
        Subject: CN=34D779F13F79C4880F598C95D749AFAB2BC1813B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:02:11:2e:88:93:72:c4:32:dd:4d:fb:5c:6f:
                    f5:52:0a:d4:f8:d3:1f:9b:90:d2:ca:d7:24:2f:c6:
                    f1:3c:b2:d6:6b:ae:b9:d7:47:ec:44:54:bb:36:f3:
                    11:89:83:2e:0a:5b:fc:21:3b:86:09:03:02:60:25:
                    f0:96:cf:ea:9d:63:e0:86:8b:a3:a1:b8:d4:e9:bb:
                    59:8d:c5:df:14:e1:8a:de:65:9a:5d:93:46:c9:e2:
                    03:4d:83:03:7e:49:fa:81:be:2b:e5:a7:40:46:02:
                    31:86:9a:2c:2d:8c:97:d1:61:a1:c4:76:ff:67:1a:
                    08:d4:cb:3b:6a:ce:16:f9:f4:20:9d:e1:25:54:d7:
                    79:ae:7f:72:7a:5b:6a:3f:2b:d8:dd:3a:08:56:50:
                    79:4a:eb:70:97:39:a1:e4:6a:49:9e:f2:0f:67:4f:
                    6d:2a:e6:3f:f0:d2:07:59:35:e7:92:0c:af:be:48:
                    42:9f:98:6f:d3:b0:7f:2d:86:4e:d7:b2:5d:99:0f:
                    d6:4b:d9:94:09:2a:2e:27:58:89:85:c2:27:6a:e5:
                    28:84:55:46:ef:15:6e:86:67:fb:94:22:f5:43:23:
                    24:3e:b9:bf:85:fe:7b:2d:5c:18:0d:dc:10:9b:2a:
                    90:b3:04:4c:29:f3:49:d5:42:00:16:52:4e:5d:f6:
                    2b:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                34:D7:79:F1:3F:79:C4:88:0F:59:8C:95:D7:49:AF:AB:2B:C1:81:3B
            X509v3 Authority Key Identifier:
                keyid:AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3137372e36362e3139332e302f32342d3234203d3e20323632353033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.66.193.0/24

    Signature Algorithm: sha256WithRSAEncryption
         61:c2:2b:cb:d2:c6:18:7d:49:d9:cb:8e:11:bc:7f:73:1c:ee:
         b0:bb:fc:3a:02:c3:ae:49:c1:37:49:74:0a:5f:d7:79:d8:f0:
         a4:36:1e:40:f0:04:c9:12:93:f9:1c:37:65:89:c1:63:a0:1e:
         89:04:20:81:cb:63:b3:7e:e0:ac:29:35:c7:b3:fa:ca:4a:8c:
         77:91:ae:eb:cf:09:b2:cc:82:72:42:55:dd:38:4f:55:f6:41:
         bb:0c:11:82:8e:fd:c3:cf:de:53:8f:e4:0a:da:73:29:71:63:
         75:ed:7a:fb:d9:d0:94:3f:a1:66:11:b3:57:56:20:42:e3:f5:
         e7:1d:ab:76:13:af:b1:5a:ef:e1:74:ee:2f:6b:b0:b4:02:db:
         bb:d4:63:d8:c7:b8:30:72:39:57:eb:fa:5d:10:13:2a:76:93:
         0f:0d:d6:ef:26:42:4f:d1:26:6e:23:48:31:42:21:e7:7e:f9:
         4b:cc:56:91:0d:77:41:37:79:92:63:3b:fe:b0:40:51:f6:8c:
         30:f4:cf:8b:36:5c:be:a4:e4:e8:f0:2f:f8:ae:8e:b6:01:ef:
         3b:e2:85:b5:56:61:22:19:91:17:38:db:7e:a2:63:97:78:ed:
         dd:e0:c0:16:05:4c:37:05:a9:63:2e:6e:2e:20:4f:d3:af:fa:
         01:29:6f:3e
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUV3KD5wDQruYmyI2/W/g3gdsZfDEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM2NEIyRDE3NzFBQjMwRTE4ODgzQ0REMTQwMDFBODJE
OTkwNUY5ODAeFw0yNTA1MjkxODQ1MTNaFw0yNjA1MjgxODUwMTNaMDMxMTAvBgNV
BAMTKDM0RDc3OUYxM0Y3OUM0ODgwRjU5OEM5NUQ3NDlBRkFCMkJDMTgxM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuAhEuiJNyxDLdTftcb/VSCtT4
0x+bkNLK1yQvxvE8stZrrrnXR+xEVLs28xGJgy4KW/whO4YJAwJgJfCWz+qdY+CG
i6OhuNTpu1mNxd8U4YreZZpdk0bJ4gNNgwN+SfqBvivlp0BGAjGGmiwtjJfRYaHE
dv9nGgjUyztqzhb59CCd4SVU13muf3J6W2o/K9jdOghWUHlK63CXOaHkakme8g9n
T20q5j/w0gdZNeeSDK++SEKfmG/TsH8thk7Xsl2ZD9ZL2ZQJKi4nWImFwidq5SiE
VUbvFW6GZ/uUIvVDIyQ+ub+F/nstXBgN3BCbKpCzBEwp80nVQgAWUk5d9isZAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUNNd58T95xIgPWYyV10mvqyvBgTswHwYDVR0j
BBgwFoAUrGSy0Xcasw4YiDzdFAAagtmQX5gwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOEVvNVFNbXF0ZGltNGp3bzVBdFR1UEprUWl6UGNtV1NtOWZvUnVmWU1G
a0YvMC9BQzY0QjJEMTc3MUFCMzBFMTg4ODNDREQxNDAwMUE4MkQ5OTA1Rjk4LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FDNjRCMkQxNzcxQUIzMEUx
ODg4M0NERDE0MDAxQTgyRDk5MDVGOTguY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzhFbzVRTW1xdGRpbTRqd281QXRUdVBKa1FpelBjbVdTbTlmb1J1ZllNRmtGLzAv
MzEzNzM3MmUzNjM2MmUzMTM5MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2
MzIzNTMwMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBACxQsEwDQYJKoZIhvcNAQELBQADggEBAGHCK8vS
xhh9SdnLjhG8f3Mc7rC7/DoCw65JwTdJdApf13nY8KQ2HkDwBMkSk/kcN2WJwWOg
HokEIIHLY7N+4KwpNcez+spKjHeRruvPCbLMgnJCVd04T1X2QbsMEYKO/cPP3lOP
5AracylxY3XtevvZ0JQ/oWYRs1dWIELj9ecdq3YTr7Fa7+F07i9rsLQC27vUY9jH
uDByOVfr+l0QEyp2kw8N1u8mQk/RJm4jSDFCIed++UvMVpENd0E3eZJjO/6wQFH2
jDD0z4s2XL6k5OjwL/iujrYB7zvihbVWYSIZkRc4236iY5d47d3gwBYFTDcFqWMu
bi4gT9Ov+gEpbz4=
-----END CERTIFICATE-----
Generated at Mon Jun 9 11:37:40 2025 by rpki-client