Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/AFhTpGBpoWALdpFyJVqtSMoukEA9tq9HYiWwHPEjCUHS/0/3133382e3235352e3233302e302f32342d3234203d3e20323633393935.roa
File:                     3133382e3235352e3233302e302f32342d3234203d3e20323633393935.roa (raw, json)
Hash identifier:          hrTST5bgnNjlrDjpbf0lCJGnqLR2K6SlUD9Qg1yjVMs=
Subject key identifier:   8F:22:05:08:4D:FC:C9:0F:FC:A6:BE:0F:B9:39:88:2C:76:FB:36:E0
Certificate issuer:       /CN=B7047B095A7C54A0D935E35C988F1A341D363E06
Certificate serial:       601547EA4E82C8CB6228EE145046290C22CC133C
Authority key identifier: B7:04:7B:09:5A:7C:54:A0:D9:35:E3:5C:98:8F:1A:34:1D:36:3E:06
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/B7047B095A7C54A0D935E35C988F1A341D363E06.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/AFhTpGBpoWALdpFyJVqtSMoukEA9tq9HYiWwHPEjCUHS/0/3133382e3235352e3233302e302f32342d3234203d3e20323633393935.roa
Signing time:             Thu 02 Jul 2026 15:54:23 +0000
ROA not before:           Thu 02 Jul 2026 15:49:23 +0000
ROA not after:            Thu 01 Jul 2027 15:54:23 +0000
asID:                     263995
IP address blocks:        138.255.230.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/AFhTpGBpoWALdpFyJVqtSMoukEA9tq9HYiWwHPEjCUHS/0/B7047B095A7C54A0D935E35C988F1A341D363E06.crl
                          rsync://rpki-repo.registro.br/repo/AFhTpGBpoWALdpFyJVqtSMoukEA9tq9HYiWwHPEjCUHS/0/B7047B095A7C54A0D935E35C988F1A341D363E06.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/B7047B095A7C54A0D935E35C988F1A341D363E06.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 09 Jul 2026 02:52:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:15:47:ea:4e:82:c8:cb:62:28:ee:14:50:46:29:0c:22:cc:13:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B7047B095A7C54A0D935E35C988F1A341D363E06
        Validity
            Not Before: Jul  2 15:49:23 2026 GMT
            Not After : Jul  1 15:54:23 2027 GMT
        Subject: CN=8F2205084DFCC90FFCA6BE0FB939882C76FB36E0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:f2:6f:90:42:8c:13:a5:b8:cb:20:f5:11:bb:
                    f4:cc:fc:51:d3:63:39:42:ba:2f:41:d7:c6:7b:dc:
                    0d:6a:ae:31:06:10:3d:08:fa:88:3f:8c:80:91:1c:
                    f1:ac:1a:a7:f6:ff:1b:33:bc:4b:95:e8:ec:3c:0d:
                    bd:97:ee:b1:43:7c:6a:16:06:7b:cb:a1:b7:98:69:
                    fa:ca:ca:ca:04:23:63:fe:62:61:c8:e0:76:b5:64:
                    98:69:d4:e1:03:ac:ce:7d:eb:f7:9a:07:48:3d:36:
                    cd:96:c6:94:24:a6:72:2e:ff:02:34:52:b3:90:94:
                    c4:f3:e8:30:58:ab:21:c3:6c:a5:0c:aa:f0:8a:07:
                    d7:8e:eb:bf:a8:52:ee:9e:14:05:b6:46:76:38:e5:
                    f0:df:07:b7:dc:3d:74:fc:9d:63:69:1c:3f:05:fb:
                    71:3d:9e:8a:9d:5c:14:82:c0:3e:c7:cc:e7:ce:9d:
                    ee:94:ed:eb:92:14:c9:2e:38:c9:4a:ab:db:84:9c:
                    ac:97:65:5f:21:6d:87:2b:a0:6d:0e:4f:98:17:8d:
                    6d:00:25:ce:87:a6:c5:5c:df:73:a2:e9:79:99:8f:
                    89:68:73:3e:9b:2e:5b:e6:8e:eb:f6:36:9c:87:35:
                    13:15:29:34:e0:69:c2:57:22:56:8a:b2:af:d2:b2:
                    c1:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:22:05:08:4D:FC:C9:0F:FC:A6:BE:0F:B9:39:88:2C:76:FB:36:E0
            X509v3 Authority Key Identifier:
                keyid:B7:04:7B:09:5A:7C:54:A0:D9:35:E3:5C:98:8F:1A:34:1D:36:3E:06

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/AFhTpGBpoWALdpFyJVqtSMoukEA9tq9HYiWwHPEjCUHS/0/B7047B095A7C54A0D935E35C988F1A341D363E06.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/B7047B095A7C54A0D935E35C988F1A341D363E06.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/AFhTpGBpoWALdpFyJVqtSMoukEA9tq9HYiWwHPEjCUHS/0/3133382e3235352e3233302e302f32342d3234203d3e20323633393935.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.255.230.0/24

    Signature Algorithm: sha256WithRSAEncryption
         dd:d1:4e:f7:1a:e7:15:ee:8a:97:21:c2:b5:e9:f2:f8:08:bd:
         d8:04:90:4d:b4:f6:5a:cf:84:ad:d5:d9:5d:a8:9e:3b:9c:09:
         55:13:d6:a4:4d:11:b5:df:29:09:b6:e4:61:08:02:b8:ee:95:
         ff:de:00:a4:12:27:78:57:d8:8a:79:e8:3b:ec:b3:93:98:48:
         36:6d:bc:6e:43:1f:b8:51:b5:fa:94:0e:13:97:34:4b:f0:50:
         b4:2f:0a:ec:9a:1b:18:5e:53:c8:cd:fc:e6:9a:45:62:cc:ce:
         80:93:e7:b0:8e:11:b3:cf:bd:f6:a6:e7:28:d8:01:4b:6f:4d:
         70:d4:8d:15:4e:f3:63:fb:fa:69:9b:99:b4:67:7c:c7:da:df:
         28:6d:ac:a0:b5:7f:9e:5a:87:62:00:b1:c9:46:e8:fd:02:1a:
         99:5c:49:38:58:a0:2a:49:7b:e7:12:66:ab:3c:c0:6d:c8:85:
         f8:86:57:bc:cd:1c:26:25:0f:9a:22:6a:b2:8a:a5:0d:6d:e8:
         f0:6d:4a:13:0c:f1:00:b0:ab:6f:98:0e:b9:f1:27:41:f8:63:
         8c:50:58:05:cc:22:ef:2b:5f:d3:eb:7b:5e:3a:b3:02:b9:63:
         a1:2d:ce:86:bd:8c:ea:23:82:e4:6f:cb:d0:08:52:5e:ab:ee:
         cb:0b:79:8d
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUYBVH6k6CyMtiKO4UUEYpDCLMEzwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQjcwNDdCMDk1QTdDNTRBMEQ5MzVFMzVDOTg4RjFBMzQx
RDM2M0UwNjAeFw0yNjA3MDIxNTQ5MjNaFw0yNzA3MDExNTU0MjNaMDMxMTAvBgNV
BAMTKDhGMjIwNTA4NERGQ0M5MEZGQ0E2QkUwRkI5Mzk4ODJDNzZGQjM2RTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDY8m+QQowTpbjLIPURu/TM/FHT
YzlCui9B18Z73A1qrjEGED0I+og/jICRHPGsGqf2/xszvEuV6Ow8Db2X7rFDfGoW
BnvLobeYafrKysoEI2P+YmHI4Ha1ZJhp1OEDrM596/eaB0g9Ns2WxpQkpnIu/wI0
UrOQlMTz6DBYqyHDbKUMqvCKB9eO67+oUu6eFAW2RnY45fDfB7fcPXT8nWNpHD8F
+3E9noqdXBSCwD7HzOfOne6U7euSFMkuOMlKq9uEnKyXZV8hbYcroG0OT5gXjW0A
Jc6HpsVc33Oi6XmZj4locz6bLlvmjuv2NpyHNRMVKTTgacJXIlaKsq/SssEnAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUjyIFCE38yQ/8pr4PuTmILHb7NuAwHwYDVR0j
BBgwFoAUtwR7CVp8VKDZNeNcmI8aNB02PgYwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQUZoVHBHQnBvV0FMZHBGeUpWcXRTTW91a0VBOXRxOUhZaVd3SFBFakNV
SFMvMC9CNzA0N0IwOTVBN0M1NEEwRDkzNUUzNUM5ODhGMUEzNDFEMzYzRTA2LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0I3MDQ3QjA5NUE3QzU0QTBE
OTM1RTM1Qzk4OEYxQTM0MUQzNjNFMDYuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0FGaFRwR0Jwb1dBTGRwRnlKVnF0U01vdWtFQTl0cTlIWWlXd0hQRWpDVUhTLzAv
MzEzMzM4MmUzMjM1MzUyZTMyMzMzMDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMy
MzYzMzM5MzkzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAIr/5jANBgkqhkiG9w0BAQsFAAOCAQEA3dFO
9xrnFe6KlyHCteny+Ai92ASQTbT2Ws+ErdXZXaieO5wJVRPWpE0Rtd8pCbbkYQgC
uO6V/94ApBIneFfYinnoO+yzk5hINm28bkMfuFG1+pQOE5c0S/BQtC8K7JobGF5T
yM385ppFYszOgJPnsI4Rs8+99qbnKNgBS29NcNSNFU7zY/v6aZuZtGd8x9rfKG2s
oLV/nlqHYgCxyUbo/QIamVxJOFigKkl75xJmqzzAbciF+IZXvM0cJiUPmiJqsoql
DW3o8G1KEwzxALCrb5gOufEnQfhjjFBYBcwi7ytf0+t7XjqzArljoS3Ohr2M6iOC
5G/L0AhSXqvuywt5jQ==
-----END CERTIFICATE-----
Generated at Wed Jul 8 19:01:58 2026 by rpki-client