Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/A2XbZyVbAPDYNGk6kM85VE3r24EjGaX6wYCmQFLuZ92Q/0/3132382e3230312e3231362e302f32322d3332203d3e20323636363530.roa
File:                     3132382e3230312e3231362e302f32322d3332203d3e20323636363530.roa (raw, json)
Hash identifier:          FxlWVMnEAk1FgS1ovjov0z5sBUPXKG9Ay1g80zpcdbI=
Subject key identifier:   64:E9:7C:B6:7A:0E:0C:1E:6F:07:44:CC:AA:4E:86:83:98:53:25:27
Certificate issuer:       /CN=23ACA839ECB46CC3B5BD6C86BF6997C18E8277DA
Certificate serial:       1BE2B940E931D2CC9F4A0444AB6511E7048CC63F
Authority key identifier: 23:AC:A8:39:EC:B4:6C:C3:B5:BD:6C:86:BF:69:97:C1:8E:82:77:DA
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/23ACA839ECB46CC3B5BD6C86BF6997C18E8277DA.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/A2XbZyVbAPDYNGk6kM85VE3r24EjGaX6wYCmQFLuZ92Q/0/3132382e3230312e3231362e302f32322d3332203d3e20323636363530.roa
Signing time:             Thu 22 May 2025 17:13:06 +0000
ROA not before:           Thu 22 May 2025 17:08:06 +0000
ROA not after:            Thu 21 May 2026 17:13:06 +0000
asID:                     266650
IP address blocks:        128.201.216.0/22 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/A2XbZyVbAPDYNGk6kM85VE3r24EjGaX6wYCmQFLuZ92Q/0/23ACA839ECB46CC3B5BD6C86BF6997C18E8277DA.crl
                          rsync://rpki-repo.registro.br/repo/A2XbZyVbAPDYNGk6kM85VE3r24EjGaX6wYCmQFLuZ92Q/0/23ACA839ECB46CC3B5BD6C86BF6997C18E8277DA.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/23ACA839ECB46CC3B5BD6C86BF6997C18E8277DA.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 13:33:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:e2:b9:40:e9:31:d2:cc:9f:4a:04:44:ab:65:11:e7:04:8c:c6:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=23ACA839ECB46CC3B5BD6C86BF6997C18E8277DA
        Validity
            Not Before: May 22 17:08:06 2025 GMT
            Not After : May 21 17:13:06 2026 GMT
        Subject: CN=64E97CB67A0E0C1E6F0744CCAA4E868398532527
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:30:61:27:80:22:b5:b3:a3:55:67:59:70:4c:
                    db:c6:57:f5:67:1f:99:9f:ef:5e:1b:f4:65:48:dc:
                    27:72:dd:7a:52:4b:73:03:31:99:24:35:10:6f:61:
                    fb:e4:73:ad:06:7c:e1:47:cd:72:a9:5a:52:ef:1b:
                    4a:eb:82:c7:a0:e3:e5:73:fa:db:02:be:ea:08:a3:
                    4b:e3:ed:db:5d:e7:8f:e5:30:b8:59:7c:f7:d2:6f:
                    70:18:74:1d:d7:e1:8c:de:59:ab:95:e9:40:fe:21:
                    cb:6d:a7:df:b5:ce:3d:d4:05:65:09:72:3f:b4:a8:
                    39:ad:69:36:5d:d2:68:30:34:88:d5:19:6e:66:4a:
                    4d:5d:08:23:c2:0d:73:ca:78:a1:0d:86:88:ff:9a:
                    13:45:b6:7f:ee:be:73:61:14:a9:55:15:35:51:31:
                    33:4b:86:ec:db:7a:aa:f7:a5:47:80:4b:5b:d7:dd:
                    64:fa:ab:ef:ac:1f:0b:c7:f3:c5:88:63:62:79:ff:
                    44:9d:98:67:ea:1d:0d:98:bb:da:e1:a7:7c:df:47:
                    8c:f4:e2:0f:44:c6:a1:11:f8:b5:28:a8:dc:59:66:
                    a0:5d:6f:5f:da:ba:f2:c8:02:1f:84:f8:cd:13:5a:
                    7c:47:02:da:28:e9:dd:0f:4d:11:1b:7d:6b:af:a1:
                    50:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:E9:7C:B6:7A:0E:0C:1E:6F:07:44:CC:AA:4E:86:83:98:53:25:27
            X509v3 Authority Key Identifier:
                keyid:23:AC:A8:39:EC:B4:6C:C3:B5:BD:6C:86:BF:69:97:C1:8E:82:77:DA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/A2XbZyVbAPDYNGk6kM85VE3r24EjGaX6wYCmQFLuZ92Q/0/23ACA839ECB46CC3B5BD6C86BF6997C18E8277DA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/23ACA839ECB46CC3B5BD6C86BF6997C18E8277DA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/A2XbZyVbAPDYNGk6kM85VE3r24EjGaX6wYCmQFLuZ92Q/0/3132382e3230312e3231362e302f32322d3332203d3e20323636363530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.201.216.0/22

    Signature Algorithm: sha256WithRSAEncryption
         35:cc:b4:b7:27:3d:e7:52:0a:a9:fe:da:c2:0c:c2:d3:31:8e:
         6b:5b:7b:84:a1:87:7a:53:aa:69:f9:c1:03:57:8f:0f:a2:c4:
         3e:f5:77:9e:f6:7e:e3:78:c1:6c:9d:ea:a8:77:47:b5:cb:4d:
         75:0e:9b:8e:80:46:6e:0f:bf:bd:34:68:30:58:b0:3a:79:6a:
         49:59:d1:46:e7:84:9a:97:a1:70:7a:56:07:b0:88:ef:74:b9:
         f4:4d:90:8f:7f:6e:85:6c:5f:8f:42:00:91:6d:22:93:aa:9a:
         aa:2d:3a:b8:2f:84:53:94:d7:63:be:85:32:c9:d2:83:d6:cf:
         c1:c2:e2:ef:d0:fa:0c:4c:b2:62:50:fb:a5:9f:bc:bc:25:a5:
         66:b2:b6:04:f0:ed:a0:59:60:f0:c0:cb:a0:0b:d7:53:34:b7:
         3e:8e:3d:d3:58:59:b0:78:ff:c9:c4:ff:1d:fd:a5:30:04:49:
         90:e4:93:3a:a7:51:71:50:4d:9b:55:60:11:7a:66:69:11:86:
         70:1f:e8:36:0e:d7:74:98:23:11:02:1a:c9:05:34:01:52:cf:
         e0:80:85:04:a6:f0:39:e5:0a:b8:36:ae:a9:0c:34:4d:8f:79:
         a1:43:a1:3a:f1:50:74:2d:0f:f7:cf:96:55:1d:8c:85:1a:a3:
         d1:51:d9:e4
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUG+K5QOkx0syfSgREq2UR5wSMxj8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjNBQ0E4MzlFQ0I0NkNDM0I1QkQ2Qzg2QkY2OTk3QzE4
RTgyNzdEQTAeFw0yNTA1MjIxNzA4MDZaFw0yNjA1MjExNzEzMDZaMDMxMTAvBgNV
BAMTKDY0RTk3Q0I2N0EwRTBDMUU2RjA3NDRDQ0FBNEU4NjgzOTg1MzI1MjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1MGEngCK1s6NVZ1lwTNvGV/Vn
H5mf714b9GVI3Cdy3XpSS3MDMZkkNRBvYfvkc60GfOFHzXKpWlLvG0rrgseg4+Vz
+tsCvuoIo0vj7dtd54/lMLhZfPfSb3AYdB3X4YzeWauV6UD+Icttp9+1zj3UBWUJ
cj+0qDmtaTZd0mgwNIjVGW5mSk1dCCPCDXPKeKENhoj/mhNFtn/uvnNhFKlVFTVR
MTNLhuzbeqr3pUeAS1vX3WT6q++sHwvH88WIY2J5/0SdmGfqHQ2Yu9rhp3zfR4z0
4g9ExqER+LUoqNxZZqBdb1/auvLIAh+E+M0TWnxHAtoo6d0PTREbfWuvoVA1AgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUZOl8tnoODB5vB0TMqk6Gg5hTJScwHwYDVR0j
BBgwFoAUI6yoOey0bMO1vWyGv2mXwY6Cd9owDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQTJYYlp5VmJBUERZTkdrNmtNODVWRTNyMjRFakdhWDZ3WUNtUUZMdVo5
MlEvMC8yM0FDQTgzOUVDQjQ2Q0MzQjVCRDZDODZCRjY5OTdDMThFODI3N0RBLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzIzQUNBODM5RUNCNDZDQzNC
NUJENkM4NkJGNjk5N0MxOEU4Mjc3REEuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0EyWGJaeVZiQVBEWU5HazZrTTg1VkUzcjI0RWpHYVg2d1lDbVFGTHVaOTJRLzAv
MzEzMjM4MmUzMjMwMzEyZTMyMzEzNjJlMzAyZjMyMzIyZDMzMzIyMDNkM2UyMDMy
MzYzNjM2MzUzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAoDJ2DANBgkqhkiG9w0BAQsFAAOCAQEANcy0
tyc951IKqf7awgzC0zGOa1t7hKGHelOqafnBA1ePD6LEPvV3nvZ+43jBbJ3qqHdH
tctNdQ6bjoBGbg+/vTRoMFiwOnlqSVnRRueEmpehcHpWB7CI73S59E2Qj39uhWxf
j0IAkW0ik6qaqi06uC+EU5TXY76FMsnSg9bPwcLi79D6DEyyYlD7pZ+8vCWlZrK2
BPDtoFlg8MDLoAvXUzS3Po4901hZsHj/ycT/Hf2lMARJkOSTOqdRcVBNm1VgEXpm
aRGGcB/oNg7XdJgjEQIayQU0AVLP4ICFBKbwOeUKuDauqQw0TY95oUOhOvFQdC0P
98+WVR2MhRqj0VHZ5A==
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:42:18 2025 by rpki-client