Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/Bra7ynZxBgwvGg9EZLPZS6dp8RaRhJKUEMg2E1pXqkZc/0/37322e34342e32302e302f32322d3234203d3e20323636313636.roa
File:                     37322e34342e32302e302f32322d3234203d3e20323636313636.roa (raw, json)
Hash identifier:          i+qflXspNtgxqc/ip6aCA2Szsfx+Ap4TTWmuCOddegs=
Subject key identifier:   B9:4A:05:80:8D:BE:B2:54:55:D9:B7:3B:94:15:A8:0F:C5:2B:38:E2
Certificate issuer:       /CN=A0E7817C46BAB014CC0A8EB2B6DCC3C0D72C6E63
Certificate serial:       76EE50C661B8AF711D7FEA78D7C5094165F6D6D1
Authority key identifier: A0:E7:81:7C:46:BA:B0:14:CC:0A:8E:B2:B6:DC:C3:C0:D7:2C:6E:63
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A0E7817C46BAB014CC0A8EB2B6DCC3C0D72C6E63.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/Bra7ynZxBgwvGg9EZLPZS6dp8RaRhJKUEMg2E1pXqkZc/0/37322e34342e32302e302f32322d3234203d3e20323636313636.roa
Signing time:             Thu 29 May 2025 17:14:42 +0000
ROA not before:           Thu 29 May 2025 17:09:42 +0000
ROA not after:            Thu 28 May 2026 17:14:42 +0000
asID:                     266166
IP address blocks:        72.44.20.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/Bra7ynZxBgwvGg9EZLPZS6dp8RaRhJKUEMg2E1pXqkZc/0/A0E7817C46BAB014CC0A8EB2B6DCC3C0D72C6E63.crl
                          rsync://rpki-repo.registro.br/repo/Bra7ynZxBgwvGg9EZLPZS6dp8RaRhJKUEMg2E1pXqkZc/0/A0E7817C46BAB014CC0A8EB2B6DCC3C0D72C6E63.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A0E7817C46BAB014CC0A8EB2B6DCC3C0D72C6E63.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 00:12:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:ee:50:c6:61:b8:af:71:1d:7f:ea:78:d7:c5:09:41:65:f6:d6:d1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0E7817C46BAB014CC0A8EB2B6DCC3C0D72C6E63
        Validity
            Not Before: May 29 17:09:42 2025 GMT
            Not After : May 28 17:14:42 2026 GMT
        Subject: CN=B94A05808DBEB25455D9B73B9415A80FC52B38E2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:7e:b5:0e:3b:00:db:f2:9d:26:bc:33:e7:08:
                    6d:d2:7d:fe:8a:ab:c5:d0:50:40:d3:3c:c2:2e:8d:
                    b6:4a:59:dc:a2:83:05:9c:ad:e5:da:37:41:96:06:
                    c2:06:a4:04:2d:e4:13:3a:0c:6c:a7:06:8d:1a:b8:
                    3a:43:9c:63:8f:9d:87:e2:b3:0b:97:9e:85:8d:77:
                    ec:3d:3f:95:b8:75:4e:c9:67:f8:cf:a0:20:d3:cb:
                    a1:26:f5:81:21:3d:15:17:c9:41:a7:43:d5:f3:7f:
                    f1:0e:99:ac:fe:dd:93:33:53:bf:8f:fc:24:9a:81:
                    9a:8c:1f:2b:eb:87:ea:1e:17:95:ef:51:dd:1a:1e:
                    fa:cf:19:db:42:55:3d:32:82:76:b0:f8:8a:67:b6:
                    31:1a:0d:cc:77:9b:d6:ec:91:19:ee:32:d0:5a:9a:
                    a4:c6:dd:71:f7:48:f6:2a:2d:13:7b:e8:06:9a:d7:
                    73:77:dc:0c:90:4c:33:f8:ff:3a:93:f6:1f:97:9e:
                    3d:36:bc:51:a8:5e:f7:65:94:b7:bf:ac:31:47:80:
                    a9:df:7c:c1:8a:84:7f:bc:00:cf:0b:83:3b:bd:01:
                    ad:72:ef:f7:77:5b:a6:3a:8b:27:1f:04:9c:0c:bc:
                    a5:28:77:e8:63:28:ab:d3:33:0c:27:1d:4d:71:84:
                    d8:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B9:4A:05:80:8D:BE:B2:54:55:D9:B7:3B:94:15:A8:0F:C5:2B:38:E2
            X509v3 Authority Key Identifier:
                keyid:A0:E7:81:7C:46:BA:B0:14:CC:0A:8E:B2:B6:DC:C3:C0:D7:2C:6E:63

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/Bra7ynZxBgwvGg9EZLPZS6dp8RaRhJKUEMg2E1pXqkZc/0/A0E7817C46BAB014CC0A8EB2B6DCC3C0D72C6E63.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A0E7817C46BAB014CC0A8EB2B6DCC3C0D72C6E63.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/Bra7ynZxBgwvGg9EZLPZS6dp8RaRhJKUEMg2E1pXqkZc/0/37322e34342e32302e302f32322d3234203d3e20323636313636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  72.44.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         60:16:62:19:6c:e3:ca:18:3a:7e:41:59:71:7d:f7:d8:d3:74:
         e0:82:cd:ea:4e:b9:4f:14:55:61:14:27:1a:04:e0:e4:d7:9c:
         a1:c4:df:da:75:49:51:bd:39:ad:cc:e5:45:43:95:b4:63:8a:
         ad:4a:95:f4:00:fd:34:80:39:0a:7a:5f:32:7f:32:ae:d5:e9:
         d2:18:f2:88:44:27:fe:32:24:5d:ba:49:ae:c5:51:3f:f4:98:
         10:7f:3f:f2:ea:43:df:ab:b4:42:d2:a7:f7:53:19:3a:27:8a:
         fd:4c:0a:60:43:65:35:6b:0f:e5:73:d9:18:42:4f:f2:66:b0:
         f4:4a:b3:a0:86:54:d5:e7:7f:f5:97:4a:86:ad:f7:d3:9d:03:
         0e:e5:cb:3b:a0:e8:91:2f:55:99:cf:7e:61:fa:d0:33:96:e0:
         23:f3:e0:89:ab:35:a9:3b:e0:7b:cf:f2:0a:a9:76:cb:7d:91:
         aa:a2:86:4b:46:03:19:ef:59:52:d8:7f:e1:cf:fd:69:e7:7f:
         5f:6b:91:90:ea:d4:a6:d9:42:cf:97:7e:25:ef:60:b3:6c:df:
         03:54:e1:0e:4e:10:d3:f2:e5:46:b6:61:fb:30:35:2b:70:a6:
         a1:cc:a7:47:d8:9f:f4:66:07:5e:d5:17:b7:f4:e9:31:12:3d:
         87:73:b3:88
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUdu5QxmG4r3Edf+p418UJQWX21tEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBFNzgxN0M0NkJBQjAxNENDMEE4RUIyQjZEQ0MzQzBE
NzJDNkU2MzAeFw0yNTA1MjkxNzA5NDJaFw0yNjA1MjgxNzE0NDJaMDMxMTAvBgNV
BAMTKEI5NEEwNTgwOERCRUIyNTQ1NUQ5QjczQjk0MTVBODBGQzUyQjM4RTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrfrUOOwDb8p0mvDPnCG3Sff6K
q8XQUEDTPMIujbZKWdyigwWcreXaN0GWBsIGpAQt5BM6DGynBo0auDpDnGOPnYfi
swuXnoWNd+w9P5W4dU7JZ/jPoCDTy6Em9YEhPRUXyUGnQ9Xzf/EOmaz+3ZMzU7+P
/CSagZqMHyvrh+oeF5XvUd0aHvrPGdtCVT0ygnaw+IpntjEaDcx3m9bskRnuMtBa
mqTG3XH3SPYqLRN76Aaa13N33AyQTDP4/zqT9h+Xnj02vFGoXvdllLe/rDFHgKnf
fMGKhH+8AM8Lgzu9Aa1y7/d3W6Y6iycfBJwMvKUod+hjKKvTMwwnHU1xhNj/AgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUuUoFgI2+slRV2bc7lBWoD8UrOOIwHwYDVR0j
BBgwFoAUoOeBfEa6sBTMCo6yttzDwNcsbmMwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQnJhN3luWnhCZ3d2R2c5RVpMUFpTNmRwOFJhUmhKS1VFTWcyRTFwWHFr
WmMvMC9BMEU3ODE3QzQ2QkFCMDE0Q0MwQThFQjJCNkRDQzNDMEQ3MkM2RTYzLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0EwRTc4MTdDNDZCQUIwMTRD
QzBBOEVCMkI2RENDM0MwRDcyQzZFNjMuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JyYTd5blp4Qmd3dkdnOUVaTFBaUzZkcDhSYVJoSktVRU1nMkUxcFhxa1pjLzAv
MzczMjJlMzQzNDJlMzIzMDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzYzNjMx
MzYzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB
/wQQMA4wDAQCAAEwBgMEAkgsFDANBgkqhkiG9w0BAQsFAAOCAQEAYBZiGWzjyhg6
fkFZcX332NN04ILN6k65TxRVYRQnGgTg5NecocTf2nVJUb05rczlRUOVtGOKrUqV
9AD9NIA5CnpfMn8yrtXp0hjyiEQn/jIkXbpJrsVRP/SYEH8/8upD36u0QtKn91MZ
OieK/UwKYENlNWsP5XPZGEJP8maw9EqzoIZU1ed/9ZdKhq33050DDuXLO6DokS9V
mc9+YfrQM5bgI/Pgias1qTvge8/yCql2y32RqqKGS0YDGe9ZUth/4c/9aed/X2uR
kOrUptlCz5d+Je9gs2zfA1ThDk4Q0/LlRrZh+zA1K3CmocynR9if9GYHXtUXt/Tp
MRI9h3OziA==
-----END CERTIFICATE-----
Generated at Tue Jun 10 05:28:52 2025 by rpki-client