Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BcgvT9JE4ZwdxMDZQ85SEfmLJas25KyARTtBzbM4L4BA/0/3137372e38342e33382e302f32332d3233203d3e20323632353738.roa
File:                     3137372e38342e33382e302f32332d3233203d3e20323632353738.roa (raw, json)
Hash identifier:          WQpHptjd4tEPNxwZ9App0sa/zoJNAGRry113QvQ1z7g=
Subject key identifier:   D4:B0:14:76:95:8A:F4:80:9E:2F:B4:02:80:83:CD:E0:76:32:E7:9C
Certificate issuer:       /CN=A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76
Certificate serial:       600289DBE4CA7C3EE947B72124F06B1970A5F5C6
Authority key identifier: A8:04:9D:06:C9:C3:DD:09:DB:B1:A4:8A:F9:DA:94:6E:9F:57:AE:76
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BcgvT9JE4ZwdxMDZQ85SEfmLJas25KyARTtBzbM4L4BA/0/3137372e38342e33382e302f32332d3233203d3e20323632353738.roa
Signing time:             Fri 30 May 2025 17:46:25 +0000
ROA not before:           Fri 30 May 2025 17:41:25 +0000
ROA not after:            Fri 29 May 2026 17:46:25 +0000
asID:                     262578
IP address blocks:        177.84.38.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BcgvT9JE4ZwdxMDZQ85SEfmLJas25KyARTtBzbM4L4BA/0/A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76.crl
                          rsync://rpki-repo.registro.br/repo/BcgvT9JE4ZwdxMDZQ85SEfmLJas25KyARTtBzbM4L4BA/0/A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 09:14:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:02:89:db:e4:ca:7c:3e:e9:47:b7:21:24:f0:6b:19:70:a5:f5:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76
        Validity
            Not Before: May 30 17:41:25 2025 GMT
            Not After : May 29 17:46:25 2026 GMT
        Subject: CN=D4B01476958AF4809E2FB4028083CDE07632E79C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:33:2d:d4:ba:30:d3:a9:e0:30:c6:86:de:31:
                    1c:a1:ff:5e:c4:53:c5:dc:3a:52:69:78:35:77:76:
                    b2:ed:b2:b8:8c:21:51:3b:97:fe:a4:10:6f:62:d8:
                    01:0f:3b:37:64:f4:9e:99:fd:e7:4f:30:e3:be:76:
                    d7:1c:f1:71:e7:6a:84:e3:e0:7f:ef:ec:1a:4b:51:
                    36:32:79:71:83:47:82:b5:bc:ba:ab:09:5f:16:9a:
                    79:69:78:19:de:c6:98:79:ee:9d:63:f8:65:af:65:
                    ca:b8:c5:0e:83:ed:13:dc:65:87:23:f1:08:ee:fa:
                    24:0d:09:0b:f6:be:49:9e:f6:6b:31:0d:39:f5:4c:
                    ca:3d:8c:20:1e:d2:5a:88:ab:33:c2:76:3b:a7:15:
                    c5:a4:60:e8:a6:6e:44:f8:7b:fe:db:a2:2b:e4:8a:
                    6b:53:ee:32:f2:c9:e5:a1:e0:82:1c:f0:9e:79:7c:
                    a8:1f:45:44:75:26:33:85:c5:75:2d:dd:62:35:2b:
                    9a:f0:c9:04:94:08:37:a7:df:1d:aa:a8:df:0c:7a:
                    6b:bb:78:70:5c:38:8c:f0:a2:ef:96:c8:5f:5f:76:
                    29:3c:d2:d1:d6:26:bd:92:83:22:1d:c2:65:91:91:
                    a3:64:0a:be:6a:86:52:43:97:c1:d0:cd:0c:82:69:
                    b0:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:B0:14:76:95:8A:F4:80:9E:2F:B4:02:80:83:CD:E0:76:32:E7:9C
            X509v3 Authority Key Identifier:
                keyid:A8:04:9D:06:C9:C3:DD:09:DB:B1:A4:8A:F9:DA:94:6E:9F:57:AE:76

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BcgvT9JE4ZwdxMDZQ85SEfmLJas25KyARTtBzbM4L4BA/0/A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BcgvT9JE4ZwdxMDZQ85SEfmLJas25KyARTtBzbM4L4BA/0/3137372e38342e33382e302f32332d3233203d3e20323632353738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.84.38.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b2:77:37:63:e8:5e:bc:d5:b1:29:f5:03:c0:82:ff:a6:62:d1:
         93:23:ac:e2:04:8c:d3:a0:17:ea:b7:91:9b:b3:41:26:1c:6f:
         92:4a:8d:d7:51:7d:84:0e:fb:4b:b8:02:26:57:24:2f:e3:4f:
         dd:3e:dd:f5:f3:a4:e4:af:41:ef:a7:fa:b5:45:48:40:f0:18:
         8f:f8:cb:8e:bb:32:22:51:6e:c6:d5:6a:05:90:38:58:60:2d:
         01:a1:af:fa:1d:bf:e6:bc:ce:f7:6f:09:e0:7e:67:4f:f8:c7:
         b8:52:cd:38:8c:bd:e4:c9:0c:16:be:46:23:01:e4:91:47:7d:
         30:bd:59:27:67:0f:7d:a1:2b:b5:45:b7:9b:f3:62:4f:41:39:
         f5:47:8b:74:ac:56:53:ef:35:f2:8e:15:37:a7:4e:9d:28:89:
         91:48:7b:ac:49:80:80:3b:bb:84:13:43:34:c6:ff:c4:2d:f7:
         71:d4:a6:74:08:ae:e5:09:26:b5:c1:84:ff:90:07:b5:f5:e1:
         eb:75:88:7e:6f:55:51:68:c9:cc:b1:56:72:b8:b7:95:d3:31:
         04:22:88:21:51:eb:89:d6:1d:ab:c6:d1:7b:22:40:d1:08:ca:
         d1:b0:b9:de:49:ac:54:3c:09:46:5e:8a:5d:01:a1:36:d4:d2:
         6b:58:eb:b5
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUYAKJ2+TKfD7pR7chJPBrGXCl9cYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTgwNDlEMDZDOUMzREQwOURCQjFBNDhBRjlEQTk0NkU5
RjU3QUU3NjAeFw0yNTA1MzAxNzQxMjVaFw0yNjA1MjkxNzQ2MjVaMDMxMTAvBgNV
BAMTKEQ0QjAxNDc2OTU4QUY0ODA5RTJGQjQwMjgwODNDREUwNzYzMkU3OUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgMy3UujDTqeAwxobeMRyh/17E
U8XcOlJpeDV3drLtsriMIVE7l/6kEG9i2AEPOzdk9J6Z/edPMOO+dtcc8XHnaoTj
4H/v7BpLUTYyeXGDR4K1vLqrCV8WmnlpeBnexph57p1j+GWvZcq4xQ6D7RPcZYcj
8Qju+iQNCQv2vkme9msxDTn1TMo9jCAe0lqIqzPCdjunFcWkYOimbkT4e/7boivk
imtT7jLyyeWh4IIc8J55fKgfRUR1JjOFxXUt3WI1K5rwyQSUCDen3x2qqN8Memu7
eHBcOIzwou+WyF9fdik80tHWJr2SgyIdwmWRkaNkCr5qhlJDl8HQzQyCabBtAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQU1LAUdpWK9ICeL7QCgIPN4HYy55wwHwYDVR0j
BBgwFoAUqASdBsnD3QnbsaSK+dqUbp9XrnYwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQmNndlQ5SkU0WndkeE1EWlE4NVNFZm1MSmFzMjVLeUFSVHRCemJNNEw0
QkEvMC9BODA0OUQwNkM5QzNERDA5REJCMUE0OEFGOURBOTQ2RTlGNTdBRTc2LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0E4MDQ5RDA2QzlDM0REMDlE
QkIxQTQ4QUY5REE5NDZFOUY1N0FFNzYuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JjZ3ZUOUpFNFp3ZHhNRFpRODVTRWZtTEphczI1S3lBUlR0QnpiTTRMNEJBLzAv
MzEzNzM3MmUzODM0MmUzMzM4MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzIzNjMy
MzUzNzM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQBsVQmMA0GCSqGSIb3DQEBCwUAA4IBAQCydzdj6F68
1bEp9QPAgv+mYtGTI6ziBIzToBfqt5Gbs0EmHG+SSo3XUX2EDvtLuAImVyQv40/d
Pt3186Tkr0Hvp/q1RUhA8BiP+MuOuzIiUW7G1WoFkDhYYC0Boa/6Hb/mvM73bwng
fmdP+Me4Us04jL3kyQwWvkYjAeSRR30wvVknZw99oSu1Rbeb82JPQTn1R4t0rFZT
7zXyjhU3p06dKImRSHusSYCAO7uEE0M0xv/ELfdx1KZ0CK7lCSa1wYT/kAe19eHr
dYh+b1VRaMnMsVZyuLeV0zEEIoghUeuJ1h2rxtF7IkDRCMrRsLneSaxUPAlGXopd
AaE21NJrWOu1
-----END CERTIFICATE-----
Generated at Tue Jun 10 16:57:06 2025 by rpki-client