Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/AKdXbgdpFxz1BSuBA2tgmS3MgFSANYNWWxyfQE6AyrBL/0/3137372e38352e3135362e302f32322d3234203d3e203532353634.roa
File:                     3137372e38352e3135362e302f32322d3234203d3e203532353634.roa (raw, json)
Hash identifier:          JwPHUe/eVdO6bAYhYAIUNqAZxpWG8GDsedsKIz7hB0Q=
Subject key identifier:   5A:43:8F:51:64:B3:71:12:FA:72:86:89:63:D5:85:0F:B0:31:86:14
Certificate issuer:       /CN=73D43FEADED592156D29C67CCC13A030541CD25A
Certificate serial:       1F211037E0AC2D8D20444BC92267F34FE11E2DF0
Authority key identifier: 73:D4:3F:EA:DE:D5:92:15:6D:29:C6:7C:CC:13:A0:30:54:1C:D2:5A
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/73D43FEADED592156D29C67CCC13A030541CD25A.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/AKdXbgdpFxz1BSuBA2tgmS3MgFSANYNWWxyfQE6AyrBL/0/3137372e38352e3135362e302f32322d3234203d3e203532353634.roa
Signing time:             Sat 17 May 2025 00:36:50 +0000
ROA not before:           Sat 17 May 2025 00:31:50 +0000
ROA not after:            Sat 16 May 2026 00:36:50 +0000
asID:                     52564
IP address blocks:        177.85.156.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/AKdXbgdpFxz1BSuBA2tgmS3MgFSANYNWWxyfQE6AyrBL/0/73D43FEADED592156D29C67CCC13A030541CD25A.crl
                          rsync://rpki-repo.registro.br/repo/AKdXbgdpFxz1BSuBA2tgmS3MgFSANYNWWxyfQE6AyrBL/0/73D43FEADED592156D29C67CCC13A030541CD25A.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/73D43FEADED592156D29C67CCC13A030541CD25A.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 23:06:25 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:21:10:37:e0:ac:2d:8d:20:44:4b:c9:22:67:f3:4f:e1:1e:2d:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=73D43FEADED592156D29C67CCC13A030541CD25A
        Validity
            Not Before: May 17 00:31:50 2025 GMT
            Not After : May 16 00:36:50 2026 GMT
        Subject: CN=5A438F5164B37112FA72868963D5850FB0318614
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:2d:86:d1:ca:06:e4:10:d8:7b:ab:3b:64:dd:
                    73:fd:2c:b4:3f:e0:5d:29:6c:bb:21:bc:a4:06:78:
                    d9:93:0d:15:8e:e9:7e:7f:11:e8:e6:80:99:3e:9f:
                    a5:cb:fb:c7:37:1b:96:4b:6c:7a:33:82:94:62:ef:
                    99:33:9e:5b:c4:0b:d2:51:9b:77:d9:14:13:c7:c0:
                    6a:7a:90:ca:89:8c:c1:03:61:3d:4b:ba:c1:89:a6:
                    e7:71:bc:82:98:c1:f9:69:c1:01:c8:70:1d:59:62:
                    79:0c:8c:e3:9b:f7:6d:e0:14:2d:81:2c:12:60:b3:
                    fe:65:30:e4:9e:cf:fc:db:c0:b4:05:17:46:1c:1d:
                    39:02:a6:ae:70:d3:67:0e:96:f9:db:d1:2b:88:77:
                    05:ca:71:1b:0f:06:3f:7e:5d:63:da:6e:f9:01:b7:
                    b0:c0:4a:21:2d:e2:8e:7c:f9:a7:6a:d5:06:d8:f4:
                    83:b3:e7:34:91:fc:d1:34:9b:7e:1c:d6:0d:bc:77:
                    40:ae:4d:ad:d2:cc:0e:a6:cf:7e:af:fc:dd:60:76:
                    e6:30:be:a8:4d:89:d2:36:2c:32:79:5c:3c:d2:9c:
                    03:aa:e5:a0:62:bb:cd:34:e3:80:71:1d:c4:d5:e5:
                    30:63:a9:87:73:20:53:27:17:8d:d4:5c:30:41:ae:
                    08:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:43:8F:51:64:B3:71:12:FA:72:86:89:63:D5:85:0F:B0:31:86:14
            X509v3 Authority Key Identifier:
                keyid:73:D4:3F:EA:DE:D5:92:15:6D:29:C6:7C:CC:13:A0:30:54:1C:D2:5A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/AKdXbgdpFxz1BSuBA2tgmS3MgFSANYNWWxyfQE6AyrBL/0/73D43FEADED592156D29C67CCC13A030541CD25A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/73D43FEADED592156D29C67CCC13A030541CD25A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/AKdXbgdpFxz1BSuBA2tgmS3MgFSANYNWWxyfQE6AyrBL/0/3137372e38352e3135362e302f32322d3234203d3e203532353634.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.85.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1d:a7:52:31:0c:c1:e2:cc:96:9e:ec:ee:5d:3c:43:5c:94:14:
         22:bf:f7:29:06:c6:34:0c:e7:5b:67:70:f6:a5:ea:74:83:bd:
         f8:9f:4f:38:aa:e3:de:84:e3:fd:20:7b:ef:91:12:e4:8e:d6:
         f9:73:46:2b:70:a9:f1:50:8a:ec:52:c1:34:34:42:5a:b1:fa:
         dd:36:f4:79:71:7f:bf:69:74:78:82:01:47:66:62:ef:cb:ab:
         b9:43:5d:86:ae:61:cc:5d:97:50:14:2b:24:2a:6f:54:f1:cb:
         8c:a7:0a:15:23:9a:8f:5f:2c:c2:8e:ff:fd:09:c8:4c:7e:00:
         5d:5b:22:23:92:38:22:37:f1:31:41:f1:a9:78:d9:75:33:e1:
         00:d6:0e:a8:02:4c:be:6a:6c:22:a0:d7:92:e3:fd:06:d6:6b:
         8d:85:7d:03:d5:32:55:2c:56:d2:da:62:91:2e:ad:f7:4c:08:
         67:2a:75:b2:40:b7:34:5d:39:c8:5f:12:0c:20:15:f7:2b:ef:
         47:f0:4c:8f:8b:4e:89:c8:50:c8:21:b9:6e:b7:d0:0a:91:77:
         43:b8:57:f9:9b:8d:2c:b3:38:fa:be:de:07:57:73:e9:4b:1c:
         05:2a:b5:90:2e:69:dd:e6:30:7c:96:59:5d:ab:c2:5e:9a:e1:
         57:a8:c3:29
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUHyEQN+CsLY0gREvJImfzT+EeLfAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzNENDNGRUFERUQ1OTIxNTZEMjlDNjdDQ0MxM0EwMzA1
NDFDRDI1QTAeFw0yNTA1MTcwMDMxNTBaFw0yNjA1MTYwMDM2NTBaMDMxMTAvBgNV
BAMTKDVBNDM4RjUxNjRCMzcxMTJGQTcyODY4OTYzRDU4NTBGQjAzMTg2MTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLLYbRygbkENh7qztk3XP9LLQ/
4F0pbLshvKQGeNmTDRWO6X5/EejmgJk+n6XL+8c3G5ZLbHozgpRi75kznlvEC9JR
m3fZFBPHwGp6kMqJjMEDYT1LusGJpudxvIKYwflpwQHIcB1ZYnkMjOOb923gFC2B
LBJgs/5lMOSez/zbwLQFF0YcHTkCpq5w02cOlvnb0SuIdwXKcRsPBj9+XWPabvkB
t7DASiEt4o58+adq1QbY9IOz5zSR/NE0m34c1g28d0CuTa3SzA6mz36v/N1gduYw
vqhNidI2LDJ5XDzSnAOq5aBiu80044BxHcTV5TBjqYdzIFMnF43UXDBBrgjfAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUWkOPUWSzcRL6coaJY9WFD7AxhhQwHwYDVR0j
BBgwFoAUc9Q/6t7VkhVtKcZ8zBOgMFQc0lowDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQUtkWGJnZHBGeHoxQlN1QkEydGdtUzNNZ0ZTQU5ZTldXeHlmUUU2QXly
QkwvMC83M0Q0M0ZFQURFRDU5MjE1NkQyOUM2N0NDQzEzQTAzMDU0MUNEMjVBLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzczRDQzRkVBREVENTkyMTU2
RDI5QzY3Q0NDMTNBMDMwNTQxQ0QyNUEuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0FLZFhiZ2RwRnh6MUJTdUJBMnRnbVMzTWdGU0FOWU5XV3h5ZlFFNkF5ckJMLzAv
MzEzNzM3MmUzODM1MmUzMTM1MzYyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNTMy
MzUzNjM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCsVWcMA0GCSqGSIb3DQEBCwUAA4IBAQAdp1IxDMHi
zJae7O5dPENclBQiv/cpBsY0DOdbZ3D2pep0g734n084quPehOP9IHvvkRLkjtb5
c0YrcKnxUIrsUsE0NEJasfrdNvR5cX+/aXR4ggFHZmLvy6u5Q12GrmHMXZdQFCsk
Km9U8cuMpwoVI5qPXyzCjv/9CchMfgBdWyIjkjgiN/ExQfGpeNl1M+EA1g6oAky+
amwioNeS4/0G1muNhX0D1TJVLFbS2mKRLq33TAhnKnWyQLc0XTnIXxIMIBX3K+9H
8EyPi06JyFDIIblut9AKkXdDuFf5m40sszj6vt4HV3PpSxwFKrWQLmnd5jB8llld
q8JemuFXqMMp
-----END CERTIFICATE-----
Generated at Wed Jun 11 01:19:48 2025 by rpki-client