Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/AFhTpGBpoWALdpFyJVqtSMoukEA9tq9HYiWwHPEjCUHS/0/3133382e3235352e3232382e302f32342d3234203d3e20323633393935.roa
File:                     3133382e3235352e3232382e302f32342d3234203d3e20323633393935.roa (raw, json)
Hash identifier:          SBGSKsuaMSXEpA9dOa4dPrUpjz9A51re60UusHR8eEU=
Subject key identifier:   3E:9E:00:80:F2:89:62:ED:4F:6D:5E:84:F2:E3:E0:C1:4F:40:51:6F
Certificate issuer:       /CN=B7047B095A7C54A0D935E35C988F1A341D363E06
Certificate serial:       16D7E546A1EF5F2422FC223C59A99222BC4AE12D
Authority key identifier: B7:04:7B:09:5A:7C:54:A0:D9:35:E3:5C:98:8F:1A:34:1D:36:3E:06
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/B7047B095A7C54A0D935E35C988F1A341D363E06.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/AFhTpGBpoWALdpFyJVqtSMoukEA9tq9HYiWwHPEjCUHS/0/3133382e3235352e3232382e302f32342d3234203d3e20323633393935.roa
Signing time:             Thu 02 Jul 2026 15:54:23 +0000
ROA not before:           Thu 02 Jul 2026 15:49:23 +0000
ROA not after:            Thu 01 Jul 2027 15:54:23 +0000
asID:                     263995
IP address blocks:        138.255.228.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/AFhTpGBpoWALdpFyJVqtSMoukEA9tq9HYiWwHPEjCUHS/0/B7047B095A7C54A0D935E35C988F1A341D363E06.crl
                          rsync://rpki-repo.registro.br/repo/AFhTpGBpoWALdpFyJVqtSMoukEA9tq9HYiWwHPEjCUHS/0/B7047B095A7C54A0D935E35C988F1A341D363E06.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/B7047B095A7C54A0D935E35C988F1A341D363E06.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 09 Jul 2026 02:52:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:d7:e5:46:a1:ef:5f:24:22:fc:22:3c:59:a9:92:22:bc:4a:e1:2d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B7047B095A7C54A0D935E35C988F1A341D363E06
        Validity
            Not Before: Jul  2 15:49:23 2026 GMT
            Not After : Jul  1 15:54:23 2027 GMT
        Subject: CN=3E9E0080F28962ED4F6D5E84F2E3E0C14F40516F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:34:74:c9:29:06:9b:66:75:18:50:c0:f1:d3:
                    b9:87:95:31:12:fc:5c:d3:04:fc:5c:89:63:44:e9:
                    c9:d8:b5:9f:a8:04:e8:04:a6:a9:1e:38:22:bd:df:
                    81:09:43:18:97:55:dc:89:7f:32:3c:0f:4e:2b:72:
                    a6:75:c9:b8:8a:31:c5:2e:26:14:91:fc:d7:a9:80:
                    58:1d:a2:ac:0d:7d:fb:14:5c:b5:dc:36:51:ba:0e:
                    8e:1a:c6:ea:4d:f8:c7:63:ad:d7:22:65:e1:7f:ec:
                    6b:06:d5:1b:74:49:7e:63:c7:25:78:1e:5c:9d:bd:
                    e0:13:0b:1c:3b:10:37:68:76:1e:41:30:62:82:e9:
                    b4:52:86:92:b6:09:81:12:23:9f:55:b1:20:68:ac:
                    e5:83:fb:b2:59:a0:d5:5e:5c:0f:15:23:bb:53:99:
                    b6:04:61:e6:62:76:06:6e:64:16:1f:bf:0c:0e:6f:
                    ef:29:c1:09:40:a8:b7:f5:a2:24:70:39:cf:cd:c3:
                    dd:10:6c:b3:7e:62:69:8a:c4:79:4f:63:0c:13:71:
                    78:71:c3:5d:f1:85:7c:1d:f8:e3:4e:e2:d0:2f:e9:
                    f6:f1:09:59:f0:ce:64:56:4c:68:44:cb:98:24:7e:
                    bf:bc:1f:bb:83:20:a8:8f:fe:b9:9a:0d:69:ea:49:
                    16:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:9E:00:80:F2:89:62:ED:4F:6D:5E:84:F2:E3:E0:C1:4F:40:51:6F
            X509v3 Authority Key Identifier:
                keyid:B7:04:7B:09:5A:7C:54:A0:D9:35:E3:5C:98:8F:1A:34:1D:36:3E:06

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/AFhTpGBpoWALdpFyJVqtSMoukEA9tq9HYiWwHPEjCUHS/0/B7047B095A7C54A0D935E35C988F1A341D363E06.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/B7047B095A7C54A0D935E35C988F1A341D363E06.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/AFhTpGBpoWALdpFyJVqtSMoukEA9tq9HYiWwHPEjCUHS/0/3133382e3235352e3232382e302f32342d3234203d3e20323633393935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.255.228.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4d:a0:e2:56:c9:6a:09:9c:cc:17:c7:56:c6:9e:29:ec:f0:15:
         8e:36:db:d0:3e:19:ca:82:1f:a0:49:ac:58:4c:af:02:f2:2b:
         7b:ef:1e:ae:63:0a:39:5f:2a:68:67:07:a3:47:8f:15:27:9a:
         cc:9e:66:a8:75:6b:2d:eb:d5:94:71:54:22:70:0f:7e:62:36:
         11:4a:bf:3b:3d:c3:bf:46:a7:a0:2a:5f:a6:6d:c0:11:85:2d:
         62:71:8f:23:b2:f2:f4:5b:b6:f1:13:1c:7f:29:01:fa:6a:94:
         fe:44:ab:f4:16:ab:dd:91:1a:76:82:51:9b:78:a2:1c:5b:e6:
         58:6c:f1:f2:53:ac:34:4f:b3:26:4c:8b:3d:32:41:41:4b:d2:
         ed:f2:56:73:c1:35:73:c5:88:4b:02:1d:37:d2:10:4b:f9:7f:
         ae:3c:50:f6:52:d1:5d:f7:a7:3a:17:ae:3c:d5:5b:0a:c0:53:
         19:7e:ff:b5:2b:b3:e8:52:09:ea:be:ca:26:c3:94:87:20:a6:
         2f:a6:b3:68:9a:b8:40:41:90:3c:9d:e4:59:95:da:a8:97:a6:
         d9:ce:da:3f:45:c1:af:ca:94:4f:fd:ff:3c:a6:5b:60:69:3f:
         3f:7f:48:b6:dd:cc:af:c0:39:57:e9:ef:ed:80:f9:98:10:b9:
         4a:9d:ba:84
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUFtflRqHvXyQi/CI8WamSIrxK4S0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjcwNDdCMDk1QTdDNTRBMEQ5MzVFMzVDOTg4RjFBMzQx
RDM2M0UwNjAeFw0yNjA3MDIxNTQ5MjNaFw0yNzA3MDExNTU0MjNaMDMxMTAvBgNV
BAMTKDNFOUUwMDgwRjI4OTYyRUQ0RjZENUU4NEYyRTNFMEMxNEY0MDUxNkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPNHTJKQabZnUYUMDx07mHlTES
/FzTBPxciWNE6cnYtZ+oBOgEpqkeOCK934EJQxiXVdyJfzI8D04rcqZ1ybiKMcUu
JhSR/NepgFgdoqwNffsUXLXcNlG6Do4axupN+MdjrdciZeF/7GsG1Rt0SX5jxyV4
HlydveATCxw7EDdodh5BMGKC6bRShpK2CYESI59VsSBorOWD+7JZoNVeXA8VI7tT
mbYEYeZidgZuZBYfvwwOb+8pwQlAqLf1oiRwOc/Nw90QbLN+YmmKxHlPYwwTcXhx
w13xhXwd+ONO4tAv6fbxCVnwzmRWTGhEy5gkfr+8H7uDIKiP/rmaDWnqSRYnAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUPp4AgPKJYu1PbV6E8uPgwU9AUW8wHwYDVR0j
BBgwFoAUtwR7CVp8VKDZNeNcmI8aNB02PgYwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQUZoVHBHQnBvV0FMZHBGeUpWcXRTTW91a0VBOXRxOUhZaVd3SFBFakNV
SFMvMC9CNzA0N0IwOTVBN0M1NEEwRDkzNUUzNUM5ODhGMUEzNDFEMzYzRTA2LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0I3MDQ3QjA5NUE3QzU0QTBE
OTM1RTM1Qzk4OEYxQTM0MUQzNjNFMDYuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0FGaFRwR0Jwb1dBTGRwRnlKVnF0U01vdWtFQTl0cTlIWWlXd0hQRWpDVUhTLzAv
MzEzMzM4MmUzMjM1MzUyZTMyMzIzODJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMy
MzYzMzM5MzkzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAIr/5DANBgkqhkiG9w0BAQsFAAOCAQEATaDi
VslqCZzMF8dWxp4p7PAVjjbb0D4ZyoIfoEmsWEyvAvIre+8ermMKOV8qaGcHo0eP
FSeazJ5mqHVrLevVlHFUInAPfmI2EUq/Oz3Dv0anoCpfpm3AEYUtYnGPI7Ly9Fu2
8RMcfykB+mqU/kSr9Bar3ZEadoJRm3iiHFvmWGzx8lOsNE+zJkyLPTJBQUvS7fJW
c8E1c8WISwIdN9IQS/l/rjxQ9lLRXfenOheuPNVbCsBTGX7/tSuz6FIJ6r7KJsOU
hyCmL6azaJq4QEGQPJ3kWZXaqJem2c7aP0XBr8qUT/3/PKZbYGk/P39Itt3Mr8A5
V+nv7YD5mBC5Sp26hA==
-----END CERTIFICATE-----
Generated at Wed Jul 8 19:01:56 2026 by rpki-client