Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/8nXd7ng5DAKV78tnHVxwJAqDLLLhwvYnTo7E8SFvT6rV/0/3230302e37312e37322e302f32322d3234203d3e20323636323136.roa
File:                     3230302e37312e37322e302f32322d3234203d3e20323636323136.roa (raw, json)
Hash identifier:          LsdoBFPjvnCYDUIEB1OBj2TtkRawSEPatOpN+nSRJkY=
Subject key identifier:   1B:33:2E:4C:62:C8:44:09:8A:94:7E:C5:57:2A:F6:5F:BC:C0:17:A1
Certificate issuer:       /CN=8DE1EBF4EE33445E398BF55C7BFBB054E8546FFD
Certificate serial:       0618061F94504D89CA167EFC741BA5DADCF12636
Authority key identifier: 8D:E1:EB:F4:EE:33:44:5E:39:8B:F5:5C:7B:FB:B0:54:E8:54:6F:FD
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8DE1EBF4EE33445E398BF55C7BFBB054E8546FFD.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/8nXd7ng5DAKV78tnHVxwJAqDLLLhwvYnTo7E8SFvT6rV/0/3230302e37312e37322e302f32322d3234203d3e20323636323136.roa
Signing time:             Sun 08 Jun 2025 20:01:40 +0000
ROA not before:           Sun 08 Jun 2025 19:56:40 +0000
ROA not after:            Sun 07 Jun 2026 20:01:40 +0000
asID:                     266216
IP address blocks:        200.71.72.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/8nXd7ng5DAKV78tnHVxwJAqDLLLhwvYnTo7E8SFvT6rV/0/8DE1EBF4EE33445E398BF55C7BFBB054E8546FFD.crl
                          rsync://rpki-repo.registro.br/repo/8nXd7ng5DAKV78tnHVxwJAqDLLLhwvYnTo7E8SFvT6rV/0/8DE1EBF4EE33445E398BF55C7BFBB054E8546FFD.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8DE1EBF4EE33445E398BF55C7BFBB054E8546FFD.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 12:04:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:18:06:1f:94:50:4d:89:ca:16:7e:fc:74:1b:a5:da:dc:f1:26:36
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8DE1EBF4EE33445E398BF55C7BFBB054E8546FFD
        Validity
            Not Before: Jun  8 19:56:40 2025 GMT
            Not After : Jun  7 20:01:40 2026 GMT
        Subject: CN=1B332E4C62C844098A947EC5572AF65FBCC017A1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:7a:db:c6:ce:b4:9d:5b:45:6d:de:84:15:a7:
                    06:0d:fb:3e:c0:5f:c0:a7:cb:35:a2:e7:74:9d:bc:
                    97:40:d2:b4:b2:f2:fd:46:63:34:4a:5e:51:43:f8:
                    32:3d:8e:3d:87:92:47:7b:f6:55:cb:0b:d6:61:77:
                    c8:a0:cd:e4:a8:f7:d0:42:e5:dd:00:f7:3c:f0:26:
                    f7:5b:72:87:a1:d8:dc:a9:81:6d:0f:9b:40:0f:5c:
                    9e:ea:8a:80:09:aa:73:e3:f4:4b:43:46:0b:f6:e8:
                    7c:e5:e7:56:a2:1e:84:41:a8:af:1e:5f:81:53:bb:
                    7f:1e:69:c1:e6:d5:9c:82:20:02:e0:5f:b2:e5:ca:
                    9c:70:d3:dc:a0:c2:f4:71:d4:e3:aa:67:cb:f1:0d:
                    0b:df:40:2b:ce:b6:6b:36:7a:54:18:3a:13:6d:06:
                    e2:b7:08:d4:b8:fb:1f:62:f4:fd:8c:27:10:1f:9e:
                    50:f8:b5:87:b1:5d:73:04:3b:85:a3:9f:a2:24:c7:
                    8d:d1:99:a0:e2:85:e6:62:a7:e3:00:79:18:d6:db:
                    e6:5f:e8:85:36:81:2e:17:4c:54:63:89:f0:12:b4:
                    86:81:f3:4c:08:4e:a8:5d:7e:bd:bb:42:33:9b:c2:
                    51:43:94:df:e6:03:ce:c3:e0:d4:f0:98:e1:51:b5:
                    fc:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1B:33:2E:4C:62:C8:44:09:8A:94:7E:C5:57:2A:F6:5F:BC:C0:17:A1
            X509v3 Authority Key Identifier:
                keyid:8D:E1:EB:F4:EE:33:44:5E:39:8B:F5:5C:7B:FB:B0:54:E8:54:6F:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/8nXd7ng5DAKV78tnHVxwJAqDLLLhwvYnTo7E8SFvT6rV/0/8DE1EBF4EE33445E398BF55C7BFBB054E8546FFD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8DE1EBF4EE33445E398BF55C7BFBB054E8546FFD.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/8nXd7ng5DAKV78tnHVxwJAqDLLLhwvYnTo7E8SFvT6rV/0/3230302e37312e37322e302f32322d3234203d3e20323636323136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.71.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3a:23:73:07:b9:fb:1a:8e:a2:5e:06:d8:8e:c2:92:62:6d:34:
         f5:e9:75:f4:05:a8:db:9b:d3:d0:21:c8:62:68:9d:3b:32:cc:
         e1:7e:d0:e9:4d:cc:55:88:bc:0e:7d:7f:7c:4a:e1:05:54:cf:
         ac:bf:a5:d8:91:10:ca:36:ea:48:e0:0b:b4:32:79:d3:5b:25:
         26:05:06:69:d7:b8:dd:7c:e3:62:15:a7:7a:35:13:87:ad:8b:
         2a:ca:81:89:19:43:94:be:49:2f:53:62:92:cf:7c:14:56:62:
         3c:fa:be:cc:04:cc:4e:95:99:cb:53:37:67:f1:89:68:38:a7:
         29:ef:de:5e:23:89:72:be:43:95:3c:cc:6f:3e:40:a8:5f:75:
         61:e8:ba:67:6f:97:38:49:1d:4a:83:b8:b3:b5:5e:b5:5a:7d:
         58:b2:dc:2a:ab:08:b0:49:89:2a:09:44:c7:be:02:df:67:91:
         b9:34:35:0a:20:38:b9:e9:72:f8:5d:ac:6c:54:58:bb:b2:54:
         d5:df:dd:9e:59:e3:91:28:1b:70:79:4d:6c:90:cf:71:0b:18:
         3b:d3:3f:0f:04:59:99:b8:ce:6b:44:dd:0a:af:4f:86:cb:1e:
         8f:81:78:74:8f:c7:cc:83:ee:ff:cc:29:15:10:f8:f1:0c:35:
         28:1a:f8:4c
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUBhgGH5RQTYnKFn78dBul2tzxJjYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOERFMUVCRjRFRTMzNDQ1RTM5OEJGNTVDN0JGQkIwNTRF
ODU0NkZGRDAeFw0yNTA2MDgxOTU2NDBaFw0yNjA2MDcyMDAxNDBaMDMxMTAvBgNV
BAMTKDFCMzMyRTRDNjJDODQ0MDk4QTk0N0VDNTU3MkFGNjVGQkNDMDE3QTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVetvGzrSdW0Vt3oQVpwYN+z7A
X8CnyzWi53SdvJdA0rSy8v1GYzRKXlFD+DI9jj2Hkkd79lXLC9Zhd8igzeSo99BC
5d0A9zzwJvdbcoeh2NypgW0Pm0APXJ7qioAJqnPj9EtDRgv26Hzl51aiHoRBqK8e
X4FTu38eacHm1ZyCIALgX7Llypxw09ygwvRx1OOqZ8vxDQvfQCvOtms2elQYOhNt
BuK3CNS4+x9i9P2MJxAfnlD4tYexXXMEO4Wjn6Ikx43RmaDiheZip+MAeRjW2+Zf
6IU2gS4XTFRjifAStIaB80wITqhdfr27QjObwlFDlN/mA87D4NTwmOFRtfydAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUGzMuTGLIRAmKlH7FVyr2X7zAF6EwHwYDVR0j
BBgwFoAUjeHr9O4zRF45i/Vce/uwVOhUb/0wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOG5YZDduZzVEQUtWNzh0bkhWeHdKQXFETExMaHd2WW5UbzdFOFNGdlQ2
clYvMC84REUxRUJGNEVFMzM0NDVFMzk4QkY1NUM3QkZCQjA1NEU4NTQ2RkZELmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzhERTFFQkY0RUUzMzQ0NUUz
OThCRjU1QzdCRkJCMDU0RTg1NDZGRkQuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzhuWGQ3bmc1REFLVjc4dG5IVnh3SkFxRExMTGh3dlluVG83RThTRnZUNnJWLzAv
MzIzMDMwMmUzNzMxMmUzNzMyMmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM2
MzIzMTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCyEdIMA0GCSqGSIb3DQEBCwUAA4IBAQA6I3MHufsa
jqJeBtiOwpJibTT16XX0Bajbm9PQIchiaJ07MszhftDpTcxViLwOfX98SuEFVM+s
v6XYkRDKNupI4Au0MnnTWyUmBQZp17jdfONiFad6NROHrYsqyoGJGUOUvkkvU2KS
z3wUVmI8+r7MBMxOlZnLUzdn8YloOKcp795eI4lyvkOVPMxvPkCoX3Vh6Lpnb5c4
SR1Kg7iztV61Wn1YstwqqwiwSYkqCUTHvgLfZ5G5NDUKIDi56XL4XaxsVFi7slTV
392eWeORKBtweU1skM9xCxg70z8PBFmZuM5rRN0Kr0+Gyx6PgXh0j8fMg+7/zCkV
EPjxDDUoGvhM
-----END CERTIFICATE-----
Generated at Tue Jun 10 11:02:09 2025 by rpki-client