Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/3133382e302e3134392e302f32342d3234203d3e20323638353436.roa
File:                     3133382e302e3134392e302f32342d3234203d3e20323638353436.roa (raw, json)
Hash identifier:          pU0FuL2PIVw8Y32axvzIIlOr3iujpHABv1/DF97jQto=
Subject key identifier:   A1:C7:78:40:73:21:EA:EC:9D:F9:05:6F:38:1B:D9:03:E2:37:3F:62
Certificate issuer:       /CN=32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4
Certificate serial:       37F88A15271A95B6341C31F455FDA27D4A17641E
Authority key identifier: 32:C3:A2:0B:EB:E1:AC:7A:6C:3E:09:58:CC:B9:71:DE:A6:4D:E1:B4
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/3133382e302e3134392e302f32342d3234203d3e20323638353436.roa
Signing time:             Wed 04 Jun 2025 01:05:45 +0000
ROA not before:           Wed 04 Jun 2025 01:00:45 +0000
ROA not after:            Wed 03 Jun 2026 01:05:45 +0000
asID:                     268546
IP address blocks:        138.0.149.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.crl
                          rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 23:03:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            37:f8:8a:15:27:1a:95:b6:34:1c:31:f4:55:fd:a2:7d:4a:17:64:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4
        Validity
            Not Before: Jun  4 01:00:45 2025 GMT
            Not After : Jun  3 01:05:45 2026 GMT
        Subject: CN=A1C778407321EAEC9DF9056F381BD903E2373F62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:72:7a:66:46:7b:33:f5:2a:0a:33:d5:3e:e5:
                    f3:aa:b2:cc:9f:b3:45:ef:dc:07:24:29:ab:5d:1e:
                    58:0f:26:91:2b:9e:09:1d:52:32:56:23:e0:7d:09:
                    c5:ab:eb:4d:0a:43:95:68:aa:68:1f:c2:7e:15:7f:
                    43:0a:dd:0f:79:76:f6:f7:d8:b2:44:d3:d3:6f:d8:
                    2d:3a:09:3f:56:92:a8:c2:56:18:ad:25:3a:6c:de:
                    b6:ca:6b:ee:eb:d0:d3:86:88:c0:14:02:2a:38:a7:
                    16:58:a9:f1:c6:8b:18:20:da:09:4c:93:43:cc:ed:
                    f2:15:00:a8:ff:1f:42:9a:a2:f8:f0:42:16:e1:90:
                    27:34:5f:64:cb:40:2e:40:c6:fe:6e:2e:d5:ec:49:
                    34:44:37:0f:18:b4:1d:d8:d4:c7:7e:c9:23:08:63:
                    54:07:f8:53:a1:01:34:dd:d8:46:1e:65:fe:3b:74:
                    ec:34:45:8d:77:72:f4:22:66:e5:2b:38:4e:19:c1:
                    b4:09:cf:b8:1e:7f:03:f5:09:61:de:d3:6d:73:d6:
                    c8:8e:61:2e:d4:43:db:8d:ee:8c:e3:31:03:20:e2:
                    58:d8:ce:92:16:de:53:dc:40:a5:5e:d5:9e:f3:53:
                    f8:25:37:85:97:a0:03:e2:e1:b9:2f:1c:66:8e:4e:
                    8b:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A1:C7:78:40:73:21:EA:EC:9D:F9:05:6F:38:1B:D9:03:E2:37:3F:62
            X509v3 Authority Key Identifier:
                keyid:32:C3:A2:0B:EB:E1:AC:7A:6C:3E:09:58:CC:B9:71:DE:A6:4D:E1:B4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/3133382e302e3134392e302f32342d3234203d3e20323638353436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.0.149.0/24

    Signature Algorithm: sha256WithRSAEncryption
         44:66:9d:50:93:3c:7b:95:81:b2:b5:4b:dd:4b:63:fc:ed:a1:
         e3:d7:d1:c2:05:91:be:01:b0:5a:b3:14:d4:5d:67:05:07:77:
         ae:5e:b3:c0:6b:f4:72:19:b2:15:74:c7:98:00:f4:ca:df:7d:
         fb:2d:87:a0:54:ef:c1:94:57:84:93:b8:0f:1f:9c:ec:6e:49:
         17:ff:3c:4b:8d:f7:3f:fc:e1:24:97:8d:4e:1c:66:3a:b7:0c:
         47:78:7f:88:6f:3f:99:10:d2:f6:d2:b3:82:74:9e:1b:eb:8d:
         5e:2e:da:13:fd:ba:2f:d5:9e:71:80:e8:5f:83:fd:19:ed:99:
         a3:2f:24:dc:8e:81:6e:ff:df:3f:bc:e5:27:93:be:b2:93:59:
         dd:6b:92:65:dd:9b:30:d7:a7:d4:dc:f4:56:76:4c:40:f7:2a:
         57:41:5b:73:09:06:d2:4e:fb:4a:d1:b5:57:2a:ed:7e:d4:10:
         c3:ca:0b:b7:dd:b5:fb:56:cb:e4:24:ff:dc:71:ea:55:62:47:
         dd:dc:87:12:cd:2d:a8:22:81:fa:cf:58:5d:ef:ba:1f:ff:7d:
         d8:eb:a1:c3:3b:20:b1:f8:c6:5b:6d:7f:78:e6:e3:ce:dd:fb:
         aa:7e:17:54:44:1e:f8:f7:cc:60:da:12:b9:6e:f7:59:d5:2b:
         d7:ee:25:6c
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUN/iKFScalbY0HDH0Vf2ifUoXZB4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzJDM0EyMEJFQkUxQUM3QTZDM0UwOTU4Q0NCOTcxREVB
NjRERTFCNDAeFw0yNTA2MDQwMTAwNDVaFw0yNjA2MDMwMTA1NDVaMDMxMTAvBgNV
BAMTKEExQzc3ODQwNzMyMUVBRUM5REY5MDU2RjM4MUJEOTAzRTIzNzNGNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCucnpmRnsz9SoKM9U+5fOqssyf
s0Xv3AckKatdHlgPJpErngkdUjJWI+B9CcWr600KQ5Voqmgfwn4Vf0MK3Q95dvb3
2LJE09Nv2C06CT9WkqjCVhitJTps3rbKa+7r0NOGiMAUAio4pxZYqfHGixgg2glM
k0PM7fIVAKj/H0KaovjwQhbhkCc0X2TLQC5Axv5uLtXsSTRENw8YtB3Y1Md+ySMI
Y1QH+FOhATTd2EYeZf47dOw0RY13cvQiZuUrOE4ZwbQJz7gefwP1CWHe021z1siO
YS7UQ9uN7ozjMQMg4ljYzpIW3lPcQKVe1Z7zU/glN4WXoAPi4bkvHGaOTotDAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUocd4QHMh6uyd+QVvOBvZA+I3P2IwHwYDVR0j
BBgwFoAUMsOiC+vhrHpsPglYzLlx3qZN4bQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQkhrR1ZkQjJoUm96ZHFoSkZmZkduTmRpY0I4aG5wdDZKclJvWG1jZ0hn
NTMvMC8zMkMzQTIwQkVCRTFBQzdBNkMzRTA5NThDQ0I5NzFERUE2NERFMUI0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzMyQzNBMjBCRUJFMUFDN0E2
QzNFMDk1OENDQjk3MURFQTY0REUxQjQuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JIa0dWZEIyaFJvemRxaEpGZmZHbk5kaWNCOGhucHQ2SnJSb1htY2dIZzUzLzAv
MzEzMzM4MmUzMDJlMzEzNDM5MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNjM4
MzUzNDM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAigCVMA0GCSqGSIb3DQEBCwUAA4IBAQBEZp1Qkzx7
lYGytUvdS2P87aHj19HCBZG+AbBasxTUXWcFB3euXrPAa/RyGbIVdMeYAPTK3337
LYegVO/BlFeEk7gPH5zsbkkX/zxLjfc//OEkl41OHGY6twxHeH+Ibz+ZENL20rOC
dJ4b641eLtoT/bov1Z5xgOhfg/0Z7ZmjLyTcjoFu/98/vOUnk76yk1nda5Jl3Zsw
16fU3PRWdkxA9ypXQVtzCQbSTvtK0bVXKu1+1BDDygu33bX7VsvkJP/ccepVYkfd
3IcSzS2oIoH6z1hd77of/33Y66HDOyCx+MZbbX945uPO3fuqfhdURB7498xg2hK5
bvdZ1SvX7iVs
-----END CERTIFICATE-----
Generated at Wed Jun 11 02:09:57 2025 by rpki-client