Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3137372e39312e35322e302f32342d3234203d3e20323632353033.roa
File:                     3137372e39312e35322e302f32342d3234203d3e20323632353033.roa (raw, json)
Hash identifier:          TqRLACAPDCZO1UhDv5IzY32MLdxT3hQwlfxOgbcedeg=
Subject key identifier:   8F:60:95:46:CB:BF:98:14:ED:9E:AB:05:40:EF:F3:38:6D:8F:1A:72
Certificate issuer:       /CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
Certificate serial:       109D14426385C2D2D9B4E61CAC43941D7B07E011
Authority key identifier: AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3137372e39312e35322e302f32342d3234203d3e20323632353033.roa
Signing time:             Thu 29 May 2025 18:50:12 +0000
ROA not before:           Thu 29 May 2025 18:45:12 +0000
ROA not after:            Thu 28 May 2026 18:50:12 +0000
asID:                     262503
IP address blocks:        177.91.52.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl
                          rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 09:47:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:9d:14:42:63:85:c2:d2:d9:b4:e6:1c:ac:43:94:1d:7b:07:e0:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
        Validity
            Not Before: May 29 18:45:12 2025 GMT
            Not After : May 28 18:50:12 2026 GMT
        Subject: CN=8F609546CBBF9814ED9EAB0540EFF3386D8F1A72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:d9:06:75:50:53:ab:fa:dd:a1:20:2a:ab:f0:
                    d4:29:31:49:d7:7c:5b:c2:61:d8:ec:3b:3a:d1:72:
                    9a:f3:fe:85:93:97:9e:70:8e:35:bd:1a:dd:8e:ae:
                    e3:f1:c9:ce:c4:60:49:a8:f4:9e:49:48:a0:c4:aa:
                    d1:14:dc:11:58:ca:5a:ee:33:80:d9:2b:b6:5e:7a:
                    42:de:66:be:90:f9:5d:72:a0:06:88:b5:eb:03:24:
                    28:bb:ec:d5:d2:23:bb:05:f5:fc:34:46:a1:78:98:
                    5e:2d:9e:01:cc:c0:7e:9a:ea:f0:ef:d8:4f:71:28:
                    0b:cd:3b:33:dd:04:a3:cf:ae:21:98:6b:8b:ae:5a:
                    72:a1:0f:9a:a9:53:5f:1d:74:96:2e:41:9a:9d:5c:
                    23:f3:4c:8f:f2:b3:67:6b:57:e2:09:ea:18:4c:18:
                    82:9e:17:08:1c:2b:32:14:18:93:2a:bf:88:a0:c7:
                    92:e7:5d:b2:07:37:4c:34:96:02:93:34:b3:94:d2:
                    85:6f:60:16:c6:98:26:aa:53:92:48:5d:84:4a:70:
                    c1:1e:8c:12:60:32:a5:4a:3d:a6:4d:89:33:54:e6:
                    3d:48:9d:47:8c:bb:0a:a9:de:1e:13:70:48:3a:98:
                    4d:c4:ad:97:b0:f9:36:80:80:a7:d7:43:33:67:dd:
                    3e:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:60:95:46:CB:BF:98:14:ED:9E:AB:05:40:EF:F3:38:6D:8F:1A:72
            X509v3 Authority Key Identifier:
                keyid:AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/3137372e39312e35322e302f32342d3234203d3e20323632353033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.91.52.0/24

    Signature Algorithm: sha256WithRSAEncryption
         73:bb:55:77:dd:1b:95:13:9b:c3:46:26:d4:65:51:7c:d8:42:
         7d:fe:9d:84:b9:81:32:a9:20:62:d2:83:fb:d7:a9:dd:2b:39:
         c9:2d:81:d0:12:59:e2:6d:c9:4f:5e:9c:04:ec:e9:59:ae:23:
         90:6b:d0:7b:5a:09:f2:f8:ca:0a:39:f7:16:3b:3a:07:48:3f:
         f1:89:59:32:8e:42:2e:21:36:d0:d2:5e:dc:8b:79:6c:5f:4f:
         09:83:b7:80:1c:1c:d0:e3:37:a7:44:98:65:11:b3:ad:f8:78:
         08:c6:74:75:83:30:04:ba:20:18:71:35:38:fa:76:ea:64:5b:
         07:0b:fb:2c:65:7d:68:b9:7f:02:ef:14:14:de:b4:3a:98:28:
         e6:1d:0e:6b:41:42:8b:48:ab:31:82:56:80:02:0b:df:51:29:
         12:b7:a8:5d:b7:fc:d0:f7:b4:0f:36:70:7b:f5:cb:c3:6b:21:
         13:e9:85:e3:46:00:06:39:56:53:9f:15:92:19:d1:76:1f:7b:
         ef:6b:2f:bc:32:3c:4e:7f:17:d2:f3:df:a0:16:33:c2:ea:bf:
         a7:90:8a:0b:88:27:73:37:4f:0e:be:ac:ca:62:85:6c:01:3d:
         0c:86:ec:0a:50:6f:0f:14:ff:34:9d:77:11:e1:82:29:3c:10:
         7d:2d:25:8f
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUEJ0UQmOFwtLZtOYcrEOUHXsH4BEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM2NEIyRDE3NzFBQjMwRTE4ODgzQ0REMTQwMDFBODJE
OTkwNUY5ODAeFw0yNTA1MjkxODQ1MTJaFw0yNjA1MjgxODUwMTJaMDMxMTAvBgNV
BAMTKDhGNjA5NTQ2Q0JCRjk4MTRFRDlFQUIwNTQwRUZGMzM4NkQ4RjFBNzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM2QZ1UFOr+t2hICqr8NQpMUnX
fFvCYdjsOzrRcprz/oWTl55wjjW9Gt2OruPxyc7EYEmo9J5JSKDEqtEU3BFYylru
M4DZK7ZeekLeZr6Q+V1yoAaItesDJCi77NXSI7sF9fw0RqF4mF4tngHMwH6a6vDv
2E9xKAvNOzPdBKPPriGYa4uuWnKhD5qpU18ddJYuQZqdXCPzTI/ys2drV+IJ6hhM
GIKeFwgcKzIUGJMqv4igx5LnXbIHN0w0lgKTNLOU0oVvYBbGmCaqU5JIXYRKcMEe
jBJgMqVKPaZNiTNU5j1InUeMuwqp3h4TcEg6mE3ErZew+TaAgKfXQzNn3T7lAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUj2CVRsu/mBTtnqsFQO/zOG2PGnIwHwYDVR0j
BBgwFoAUrGSy0Xcasw4YiDzdFAAagtmQX5gwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOEVvNVFNbXF0ZGltNGp3bzVBdFR1UEprUWl6UGNtV1NtOWZvUnVmWU1G
a0YvMC9BQzY0QjJEMTc3MUFCMzBFMTg4ODNDREQxNDAwMUE4MkQ5OTA1Rjk4LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FDNjRCMkQxNzcxQUIzMEUx
ODg4M0NERDE0MDAxQTgyRDk5MDVGOTguY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzhFbzVRTW1xdGRpbTRqd281QXRUdVBKa1FpelBjbVdTbTlmb1J1ZllNRmtGLzAv
MzEzNzM3MmUzOTMxMmUzNTMyMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjMy
MzUzMDMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAsVs0MA0GCSqGSIb3DQEBCwUAA4IBAQBzu1V33RuV
E5vDRibUZVF82EJ9/p2EuYEyqSBi0oP716ndKznJLYHQElnibclPXpwE7OlZriOQ
a9B7Wgny+MoKOfcWOzoHSD/xiVkyjkIuITbQ0l7ci3lsX08Jg7eAHBzQ4zenRJhl
EbOt+HgIxnR1gzAEuiAYcTU4+nbqZFsHC/ssZX1ouX8C7xQU3rQ6mCjmHQ5rQUKL
SKsxglaAAgvfUSkSt6hdt/zQ97QPNnB79cvDayET6YXjRgAGOVZTnxWSGdF2H3vv
ay+8MjxOfxfS89+gFjPC6r+nkIoLiCdzN08OvqzKYoVsAT0MhuwKUG8PFP80nXcR
4YIpPBB9LSWP
-----END CERTIFICATE-----
Generated at Tue Jun 10 15:12:10 2025 by rpki-client