Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3137372e39312e35322e302f32322d3232203d3e20323632353033.roa
File:                     3137372e39312e35322e302f32322d3232203d3e20323632353033.roa (raw, json)
Hash identifier:          cSOVIOOFdJ+avHZaEuSs40Mw/RezmCDPtGGhEygH1VM=
Subject key identifier:   4C:E2:B8:6B:CA:94:52:94:35:F4:78:FE:8D:9F:C0:9E:54:98:C2:77
Certificate issuer:       /CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
Certificate serial:       3EB64AF27A7B4AB784D70204BC00E86A95562772
Authority key identifier: AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3137372e39312e35322e302f32322d3232203d3e20323632353033.roa
Signing time:             Thu 29 May 2025 18:50:15 +0000
ROA not before:           Thu 29 May 2025 18:45:15 +0000
ROA not after:            Thu 28 May 2026 18:50:15 +0000
asID:                     262503
IP address blocks:        177.91.52.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl
                          rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 14:51:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:b6:4a:f2:7a:7b:4a:b7:84:d7:02:04:bc:00:e8:6a:95:56:27:72
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
        Validity
            Not Before: May 29 18:45:15 2025 GMT
            Not After : May 28 18:50:15 2026 GMT
        Subject: CN=4CE2B86BCA94529435F478FE8D9FC09E5498C277
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:e8:e3:72:bc:44:eb:40:3f:7d:54:f1:4e:6b:
                    8b:5b:58:95:90:a3:b9:1f:23:30:78:e1:da:53:69:
                    19:d4:f3:39:af:b1:7e:03:30:f7:43:be:55:0c:a6:
                    df:93:85:15:e6:87:8f:73:0f:46:85:95:d0:65:05:
                    f3:b2:1d:14:6c:67:d8:62:55:f0:c0:05:e0:5d:94:
                    90:bf:5b:a3:d9:65:52:9b:30:e0:d6:af:2a:13:d2:
                    e7:bf:bb:89:ee:cc:d3:31:64:c1:bb:6a:bd:27:c7:
                    62:1d:db:25:74:92:0c:61:1e:16:a6:57:06:1c:68:
                    e4:d0:5c:78:82:ca:63:99:1b:c8:cf:f2:cc:ff:d5:
                    51:b2:d9:68:76:b4:98:31:3e:65:92:e6:a7:fb:8f:
                    42:ca:cf:89:1d:7b:d0:41:f1:ff:e5:a7:5f:8c:d0:
                    ff:e3:53:c2:7c:98:0e:43:5d:f2:81:a2:5f:0c:a2:
                    d5:d7:93:17:57:8e:90:d9:91:51:ea:2c:55:e5:e7:
                    51:9e:ee:0c:ef:d5:a7:7b:bc:55:f2:c6:09:9a:27:
                    39:3e:5b:c8:2e:55:db:0f:35:77:e4:68:06:84:e6:
                    02:2f:fb:f5:46:62:75:b9:4c:90:a9:54:90:3a:0f:
                    12:53:0f:64:5d:f4:7e:96:d5:ef:a7:74:6a:a7:64:
                    09:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:E2:B8:6B:CA:94:52:94:35:F4:78:FE:8D:9F:C0:9E:54:98:C2:77
            X509v3 Authority Key Identifier:
                keyid:AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3137372e39312e35322e302f32322d3232203d3e20323632353033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.91.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         28:2e:b6:7c:66:78:c0:ec:25:91:6d:b2:29:dc:2f:54:de:e9:
         96:6c:7e:83:00:95:15:d2:63:d0:dd:b2:91:1c:b9:74:b9:e7:
         d3:c0:53:cf:db:6a:87:32:42:5a:a7:ff:6b:f0:e8:3e:bc:e4:
         1f:2c:ef:36:ba:9a:f5:43:53:dc:1b:f2:d0:42:18:58:3b:ac:
         c4:07:bd:85:4b:a9:b4:59:36:64:af:04:30:8e:3a:83:cd:0f:
         a8:8d:c3:76:ed:c1:d1:5c:c3:a8:11:94:e5:6e:ee:80:6d:c9:
         89:61:4f:c8:42:68:fd:99:71:95:97:40:bc:78:66:49:7e:6f:
         26:e0:77:65:fe:86:63:65:e2:82:94:54:78:91:06:53:d3:39:
         03:cd:c3:af:a8:35:a8:97:a6:0e:5f:e7:ad:73:ce:cc:ab:e2:
         9f:0d:03:91:35:b7:f8:78:25:87:94:db:1e:1d:a4:c2:c1:de:
         2a:84:0f:44:82:ee:54:b4:2d:90:b4:96:00:2f:36:c3:f9:14:
         27:d3:fd:e7:83:d2:09:f9:4c:1c:6b:38:88:fa:2e:2a:58:f1:
         b3:b6:8a:0f:ff:72:d9:9e:4c:c1:10:00:a3:37:5c:2e:96:88:
         87:d7:53:b1:8c:81:09:18:18:e9:20:b6:8b:72:41:03:f3:06:
         cd:cd:cf:78
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUPrZK8np7SreE1wIEvADoapVWJ3IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM2NEIyRDE3NzFBQjMwRTE4ODgzQ0REMTQwMDFBODJE
OTkwNUY5ODAeFw0yNTA1MjkxODQ1MTVaFw0yNjA1MjgxODUwMTVaMDMxMTAvBgNV
BAMTKDRDRTJCODZCQ0E5NDUyOTQzNUY0NzhGRThEOUZDMDlFNTQ5OEMyNzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV6ONyvETrQD99VPFOa4tbWJWQ
o7kfIzB44dpTaRnU8zmvsX4DMPdDvlUMpt+ThRXmh49zD0aFldBlBfOyHRRsZ9hi
VfDABeBdlJC/W6PZZVKbMODWryoT0ue/u4nuzNMxZMG7ar0nx2Id2yV0kgxhHham
VwYcaOTQXHiCymOZG8jP8sz/1VGy2Wh2tJgxPmWS5qf7j0LKz4kde9BB8f/lp1+M
0P/jU8J8mA5DXfKBol8MotXXkxdXjpDZkVHqLFXl51Ge7gzv1ad7vFXyxgmaJzk+
W8guVdsPNXfkaAaE5gIv+/VGYnW5TJCpVJA6DxJTD2Rd9H6W1e+ndGqnZAmZAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUTOK4a8qUUpQ19Hj+jZ/AnlSYwncwHwYDVR0j
BBgwFoAUrGSy0Xcasw4YiDzdFAAagtmQX5gwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOEVvNVFNbXF0ZGltNGp3bzVBdFR1UEprUWl6UGNtV1NtOWZvUnVmWU1G
a0YvMC9BQzY0QjJEMTc3MUFCMzBFMTg4ODNDREQxNDAwMUE4MkQ5OTA1Rjk4LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FDNjRCMkQxNzcxQUIzMEUx
ODg4M0NERDE0MDAxQTgyRDk5MDVGOTguY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzhFbzVRTW1xdGRpbTRqd281QXRUdVBKa1FpelBjbVdTbTlmb1J1ZllNRmtGLzAv
MzEzNzM3MmUzOTMxMmUzNTMyMmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzNjMy
MzUzMDMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCsVs0MA0GCSqGSIb3DQEBCwUAA4IBAQAoLrZ8ZnjA
7CWRbbIp3C9U3umWbH6DAJUV0mPQ3bKRHLl0uefTwFPP22qHMkJap/9r8Og+vOQf
LO82upr1Q1PcG/LQQhhYO6zEB72FS6m0WTZkrwQwjjqDzQ+ojcN27cHRXMOoEZTl
bu6AbcmJYU/IQmj9mXGVl0C8eGZJfm8m4Hdl/oZjZeKClFR4kQZT0zkDzcOvqDWo
l6YOX+etc87Mq+KfDQORNbf4eCWHlNseHaTCwd4qhA9Egu5UtC2QtJYALzbD+RQn
0/3ng9IJ+UwcaziI+i4qWPGztooP/3LZnkzBEACjN1wuloiH11OxjIEJGBjpILaL
ckED8wbNzc94
-----END CERTIFICATE-----
Generated at Mon Jun 9 18:33:20 2025 by rpki-client