Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/9XFzedyrYLLAHmXBafK7CK3jptMofo7H1mSCWQPR5MaC/0/3133382e3235352e37322e302f32322d3332203d3e20323633393539.roa
File:                     3133382e3235352e37322e302f32322d3332203d3e20323633393539.roa (raw, json)
Hash identifier:          waEFhBe+SjRSqQswDzUJGqZm7m+XO9yIfZZm4YTlyYw=
Subject key identifier:   27:D6:12:82:64:0B:52:31:7F:80:89:A2:34:9A:AB:55:42:35:72:5F
Certificate issuer:       /CN=8CB5A2516F713CFFE9D1504E79A4BD3B9AFB0A0F
Certificate serial:       73488B784661355F26DE2D8BCAF6EA9FFE10579C
Authority key identifier: 8C:B5:A2:51:6F:71:3C:FF:E9:D1:50:4E:79:A4:BD:3B:9A:FB:0A:0F
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8CB5A2516F713CFFE9D1504E79A4BD3B9AFB0A0F.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/9XFzedyrYLLAHmXBafK7CK3jptMofo7H1mSCWQPR5MaC/0/3133382e3235352e37322e302f32322d3332203d3e20323633393539.roa
Signing time:             Mon 12 May 2025 14:38:37 +0000
ROA not before:           Mon 12 May 2025 14:33:37 +0000
ROA not after:            Mon 11 May 2026 14:38:37 +0000
asID:                     263959
IP address blocks:        138.255.72.0/22 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/9XFzedyrYLLAHmXBafK7CK3jptMofo7H1mSCWQPR5MaC/0/8CB5A2516F713CFFE9D1504E79A4BD3B9AFB0A0F.crl
                          rsync://rpki-repo.registro.br/repo/9XFzedyrYLLAHmXBafK7CK3jptMofo7H1mSCWQPR5MaC/0/8CB5A2516F713CFFE9D1504E79A4BD3B9AFB0A0F.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8CB5A2516F713CFFE9D1504E79A4BD3B9AFB0A0F.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 11:03:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:48:8b:78:46:61:35:5f:26:de:2d:8b:ca:f6:ea:9f:fe:10:57:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8CB5A2516F713CFFE9D1504E79A4BD3B9AFB0A0F
        Validity
            Not Before: May 12 14:33:37 2025 GMT
            Not After : May 11 14:38:37 2026 GMT
        Subject: CN=27D61282640B52317F8089A2349AAB554235725F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:f3:da:f6:45:29:5c:54:8e:44:88:01:dd:59:
                    47:a6:d9:b0:33:67:04:91:8b:37:90:a8:49:44:49:
                    86:54:fc:e3:5b:c5:b4:60:35:78:3d:95:98:19:28:
                    58:63:8b:73:bd:8f:20:4a:e1:8a:6c:8a:3a:8e:e3:
                    40:31:60:9b:d5:5d:cf:5c:62:1e:8a:31:4d:ba:c7:
                    76:04:27:5e:7a:f0:b5:43:bf:c7:55:f8:b9:13:13:
                    89:52:bb:f3:8b:4b:16:a1:cf:91:25:34:f9:2f:34:
                    94:02:77:dd:91:a2:3a:87:70:4e:11:2f:8b:f1:aa:
                    b3:5c:20:04:e6:5f:89:c2:cf:b2:b7:e9:a7:cd:0f:
                    f7:bb:e7:75:a3:dd:cd:0c:1a:bb:46:dd:02:9d:d7:
                    be:ab:4e:c1:6d:74:12:2f:62:d4:09:99:e9:a1:72:
                    79:33:b6:dd:2b:fa:f7:18:d1:f6:ba:3b:df:73:36:
                    c4:38:39:34:77:ad:13:76:2a:c5:fc:d3:bb:a4:62:
                    1a:89:33:2b:c9:cd:b1:7f:14:8e:5d:d7:3a:08:76:
                    36:db:7d:cf:24:65:34:14:e2:f8:ed:2f:80:e7:85:
                    83:3d:11:ba:6e:37:0d:77:bb:87:9a:de:d9:28:04:
                    85:65:95:45:c0:7d:06:2b:25:9b:da:73:4c:7a:48:
                    4d:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:D6:12:82:64:0B:52:31:7F:80:89:A2:34:9A:AB:55:42:35:72:5F
            X509v3 Authority Key Identifier:
                keyid:8C:B5:A2:51:6F:71:3C:FF:E9:D1:50:4E:79:A4:BD:3B:9A:FB:0A:0F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/9XFzedyrYLLAHmXBafK7CK3jptMofo7H1mSCWQPR5MaC/0/8CB5A2516F713CFFE9D1504E79A4BD3B9AFB0A0F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8CB5A2516F713CFFE9D1504E79A4BD3B9AFB0A0F.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/9XFzedyrYLLAHmXBafK7CK3jptMofo7H1mSCWQPR5MaC/0/3133382e3235352e37322e302f32322d3332203d3e20323633393539.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.255.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         86:2a:af:17:27:74:e8:09:ac:57:47:19:68:3e:e1:45:32:83:
         7a:38:6d:ef:f7:07:e3:e4:fd:ed:74:10:ce:70:99:89:c1:74:
         8a:ef:21:3d:44:7c:70:80:5c:ed:27:cf:cf:6c:bf:4f:24:de:
         33:2f:c0:8e:b3:fc:b3:d9:5a:4b:62:93:9a:b8:dd:9f:9e:38:
         03:3e:ea:4f:44:cb:9a:a4:54:bb:4d:5b:cd:2a:1b:46:c9:45:
         c4:b5:bc:87:20:d4:a8:55:bd:62:e7:e4:29:f2:70:68:1f:7f:
         8a:f3:33:85:7f:87:3a:84:d6:a6:fb:30:16:f8:4b:20:6d:0c:
         0c:9a:67:f6:c5:9d:02:0b:93:c0:b8:8f:ad:ca:45:2c:f8:d1:
         c2:d3:a0:bd:8b:c6:44:3d:c4:4c:03:e6:e0:ad:42:10:58:a7:
         7e:c4:de:c5:0d:82:b6:85:87:dc:74:2b:2e:75:57:a8:26:9a:
         7a:06:9f:4e:9f:0a:3a:36:be:b4:05:d3:c6:aa:8a:97:11:a7:
         b5:a3:c3:07:9e:6d:6b:40:55:f8:91:62:15:7e:6d:d5:65:e5:
         30:9a:cf:54:3a:8b:2a:fb:96:e7:ac:64:f2:b6:b0:0a:51:b9:
         15:1b:dd:28:73:45:27:80:8b:ae:8d:3f:75:15:63:05:11:47:
         0e:ad:af:71
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUc0iLeEZhNV8m3i2Lyvbqn/4QV5wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOENCNUEyNTE2RjcxM0NGRkU5RDE1MDRFNzlBNEJEM0I5
QUZCMEEwRjAeFw0yNTA1MTIxNDMzMzdaFw0yNjA1MTExNDM4MzdaMDMxMTAvBgNV
BAMTKDI3RDYxMjgyNjQwQjUyMzE3RjgwODlBMjM0OUFBQjU1NDIzNTcyNUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX89r2RSlcVI5EiAHdWUem2bAz
ZwSRizeQqElESYZU/ONbxbRgNXg9lZgZKFhji3O9jyBK4YpsijqO40AxYJvVXc9c
Yh6KMU26x3YEJ1568LVDv8dV+LkTE4lSu/OLSxahz5ElNPkvNJQCd92RojqHcE4R
L4vxqrNcIATmX4nCz7K36afND/e753Wj3c0MGrtG3QKd176rTsFtdBIvYtQJmemh
cnkztt0r+vcY0fa6O99zNsQ4OTR3rRN2KsX807ukYhqJMyvJzbF/FI5d1zoIdjbb
fc8kZTQU4vjtL4DnhYM9EbpuNw13u4ea3tkoBIVllUXAfQYrJZvac0x6SE3rAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUJ9YSgmQLUjF/gImiNJqrVUI1cl8wHwYDVR0j
BBgwFoAUjLWiUW9xPP/p0VBOeaS9O5r7Cg8wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOVhGemVkeXJZTExBSG1YQmFmSzdDSzNqcHRNb2ZvN0gxbVNDV1FQUjVN
YUMvMC84Q0I1QTI1MTZGNzEzQ0ZGRTlEMTUwNEU3OUE0QkQzQjlBRkIwQTBGLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzhDQjVBMjUxNkY3MTNDRkZF
OUQxNTA0RTc5QTRCRDNCOUFGQjBBMEYuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzlYRnplZHlyWUxMQUhtWEJhZks3Q0szanB0TW9mbzdIMW1TQ1dRUFI1TWFDLzAv
MzEzMzM4MmUzMjM1MzUyZTM3MzIyZTMwMmYzMjMyMmQzMzMyMjAzZDNlMjAzMjM2
MzMzOTM1Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAKK/0gwDQYJKoZIhvcNAQELBQADggEBAIYqrxcn
dOgJrFdHGWg+4UUyg3o4be/3B+Pk/e10EM5wmYnBdIrvIT1EfHCAXO0nz89sv08k
3jMvwI6z/LPZWktik5q43Z+eOAM+6k9Ey5qkVLtNW80qG0bJRcS1vIcg1KhVvWLn
5CnycGgff4rzM4V/hzqE1qb7MBb4SyBtDAyaZ/bFnQILk8C4j63KRSz40cLToL2L
xkQ9xEwD5uCtQhBYp37E3sUNgraFh9x0Ky51V6gmmnoGn06fCjo2vrQF08aqipcR
p7WjwweebWtAVfiRYhV+bdVl5TCaz1Q6iyr7luesZPK2sApRuRUb3ShzRSeAi66N
P3UVYwURRw6tr3E=
-----END CERTIFICATE-----
Generated at Tue Jun 10 04:05:24 2025 by rpki-client