Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/3230302e3139322e3134372e302f32342d3234203d3e203238353732.roa
File:                     3230302e3139322e3134372e302f32342d3234203d3e203238353732.roa (raw, json)
Hash identifier:          EUaaf4Azo8g8gfcLoiOxApNh4AmNkdWX0Y9BD/G9NTw=
Subject key identifier:   1C:CE:8D:84:95:0E:C2:9B:51:E8:EB:ED:4B:C7:42:19:C5:0A:3B:9D
Certificate issuer:       /CN=19EAE38D15F5899D3609C411EB1A1C6B42DFB009
Certificate serial:       234F0007A875FCAD3CF820B2C99BC19365950246
Authority key identifier: 19:EA:E3:8D:15:F5:89:9D:36:09:C4:11:EB:1A:1C:6B:42:DF:B0:09
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/3230302e3139322e3134372e302f32342d3234203d3e203238353732.roa
Signing time:             Sat 31 May 2025 16:01:52 +0000
ROA not before:           Sat 31 May 2025 15:56:52 +0000
ROA not after:            Sat 30 May 2026 16:01:52 +0000
asID:                     28572
IP address blocks:        200.192.147.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.crl
                          rsync://rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Jun 2025 00:08:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:4f:00:07:a8:75:fc:ad:3c:f8:20:b2:c9:9b:c1:93:65:95:02:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19EAE38D15F5899D3609C411EB1A1C6B42DFB009
        Validity
            Not Before: May 31 15:56:52 2025 GMT
            Not After : May 30 16:01:52 2026 GMT
        Subject: CN=1CCE8D84950EC29B51E8EBED4BC74219C50A3B9D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:ce:52:f5:fe:8d:ab:e7:ce:a7:4e:7e:c6:bc:
                    0a:7e:8d:c5:35:60:28:5f:7b:c5:15:99:39:a1:5e:
                    a5:7f:28:ae:44:20:37:82:df:d4:51:77:89:3b:ad:
                    fa:40:59:f1:0b:bd:1a:19:9d:64:a0:d5:cd:74:c4:
                    05:9a:26:61:19:b4:f4:72:f6:5c:1f:c5:d3:01:2b:
                    5a:47:85:a9:98:cb:d3:95:e7:98:81:ed:d6:fc:31:
                    8b:07:83:e4:a9:ea:37:68:78:7e:03:ad:c1:a9:4b:
                    8c:ab:22:04:20:e9:af:2c:f6:f4:3c:41:2c:f4:31:
                    48:c5:14:de:ed:7d:24:40:d9:74:28:0f:46:0b:59:
                    28:d3:36:e2:76:58:91:99:07:a4:dc:d8:45:5e:60:
                    3d:9a:ac:88:99:3d:0a:c9:4f:ea:05:79:bf:96:8a:
                    64:10:e6:59:4f:90:19:26:61:b1:17:65:ad:f8:47:
                    49:7e:e2:72:13:57:70:3f:f9:0c:fc:cc:bf:cd:be:
                    df:33:6f:93:cb:0f:5b:60:2a:d4:6f:5d:c6:90:b4:
                    46:2f:ab:98:c7:2e:59:8a:21:af:c6:eb:21:0c:77:
                    ff:3b:f8:4c:6e:84:bd:96:6d:39:44:f7:d5:86:94:
                    2a:70:eb:d7:7a:6c:5a:c5:bd:39:37:2b:3a:c3:96:
                    8d:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1C:CE:8D:84:95:0E:C2:9B:51:E8:EB:ED:4B:C7:42:19:C5:0A:3B:9D
            X509v3 Authority Key Identifier:
                keyid:19:EA:E3:8D:15:F5:89:9D:36:09:C4:11:EB:1A:1C:6B:42:DF:B0:09

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/3230302e3139322e3134372e302f32342d3234203d3e203238353732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.192.147.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2a:03:f9:77:61:74:a0:c6:1d:1a:cf:6d:88:a8:95:83:99:5d:
         bb:53:da:59:7d:50:39:b4:0b:ce:e5:09:90:5f:12:4d:82:af:
         5e:85:70:4c:b0:98:6f:c7:73:37:3b:63:0d:1c:2b:09:b0:ab:
         ba:dd:57:d0:d2:50:9f:00:bc:47:e8:93:d4:40:04:ea:7e:76:
         44:0d:d7:12:6a:92:a9:9f:de:69:dd:ec:9c:25:a8:ad:6a:1b:
         be:d2:56:49:b5:a3:24:69:fa:35:8b:c1:40:55:75:b9:4a:96:
         22:5c:dc:d8:9d:8e:a8:da:b4:c4:42:13:1a:10:36:b5:da:fe:
         22:ce:6a:41:d9:21:a0:f0:62:43:72:cf:2c:50:33:ed:3c:ba:
         94:f6:1f:ad:59:fd:55:cc:ed:9e:9f:ba:96:cd:46:d7:40:27:
         81:0a:b4:2d:14:23:21:60:4b:fa:ea:c0:45:94:87:63:ab:7c:
         cc:c8:0b:b4:83:38:c3:23:26:60:40:62:69:d7:70:64:32:e2:
         e8:2e:53:58:86:c6:55:5f:fd:86:90:9f:c4:8e:dd:0c:9f:aa:
         d0:4b:04:7b:78:b0:98:f6:eb:10:0c:4b:e5:bd:8f:0c:da:ab:
         27:ae:b8:58:b8:ed:4c:f4:40:0f:d6:cb:c7:86:3e:ca:39:50:
         27:80:45:91
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUI08AB6h1/K08+CCyyZvBk2WVAkYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTlFQUUzOEQxNUY1ODk5RDM2MDlDNDExRUIxQTFDNkI0
MkRGQjAwOTAeFw0yNTA1MzExNTU2NTJaFw0yNjA1MzAxNjAxNTJaMDMxMTAvBgNV
BAMTKDFDQ0U4RDg0OTUwRUMyOUI1MUU4RUJFRDRCQzc0MjE5QzUwQTNCOUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNzlL1/o2r586nTn7GvAp+jcU1
YChfe8UVmTmhXqV/KK5EIDeC39RRd4k7rfpAWfELvRoZnWSg1c10xAWaJmEZtPRy
9lwfxdMBK1pHhamYy9OV55iB7db8MYsHg+Sp6jdoeH4DrcGpS4yrIgQg6a8s9vQ8
QSz0MUjFFN7tfSRA2XQoD0YLWSjTNuJ2WJGZB6Tc2EVeYD2arIiZPQrJT+oFeb+W
imQQ5llPkBkmYbEXZa34R0l+4nITV3A/+Qz8zL/Nvt8zb5PLD1tgKtRvXcaQtEYv
q5jHLlmKIa/G6yEMd/87+ExuhL2WbTlE99WGlCpw69d6bFrFvTk3KzrDlo1lAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUHM6NhJUOwptR6OvtS8dCGcUKO50wHwYDVR0j
BBgwFoAUGerjjRX1iZ02CcQR6xoca0LfsAkwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQk5abWZjelg4eExwVUxDQVhXQnhhamt3QkhESkprc0poSks0UG9hd3hB
U1EvMC8xOUVBRTM4RDE1RjU4OTlEMzYwOUM0MTFFQjFBMUM2QjQyREZCMDA5LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzE5RUFFMzhEMTVGNTg5OUQz
NjA5QzQxMUVCMUExQzZCNDJERkIwMDkuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JOWm1mY3pYOHhMcFVMQ0FYV0J4YWprd0JIREpKa3NKaEpLNFBvYXd4QVNRLzAv
MzIzMDMwMmUzMTM5MzIyZTMxMzQzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMy
MzgzNTM3MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBADIwJMwDQYJKoZIhvcNAQELBQADggEBACoD+Xdh
dKDGHRrPbYiolYOZXbtT2ll9UDm0C87lCZBfEk2Cr16FcEywmG/Hczc7Yw0cKwmw
q7rdV9DSUJ8AvEfok9RABOp+dkQN1xJqkqmf3mnd7JwlqK1qG77SVkm1oyRp+jWL
wUBVdblKliJc3NidjqjatMRCExoQNrXa/iLOakHZIaDwYkNyzyxQM+08upT2H61Z
/VXM7Z6fupbNRtdAJ4EKtC0UIyFgS/rqwEWUh2OrfMzIC7SDOMMjJmBAYmnXcGQy
4uguU1iGxlVf/YaQn8SO3QyfqtBLBHt4sJj26xAMS+W9jwzaqyeuuFi47Uz0QA/W
y8eGPso5UCeARZE=
-----END CERTIFICATE-----
Generated at Thu Jun 12 11:06:27 2025 by rpki-client