Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/3133382e3138352e3233322e302f32342d3234203d3e203532383932.roa
File:                     3133382e3138352e3233322e302f32342d3234203d3e203532383932.roa (raw, json)
Hash identifier:          qDa2C5PFQ46WGqE/j8aiFjVocLJZgZhlcsOBgLnPzeQ=
Subject key identifier:   AD:DC:E1:29:C5:DC:C2:A9:36:CA:93:79:1E:15:7B:F2:BF:FF:ED:E7
Certificate issuer:       /CN=02D8A2AD531F129E21D92D275E0EFD380C93FC3C
Certificate serial:       398FE3215DF05456BE5935A05FB3F2306828BF7D
Authority key identifier: 02:D8:A2:AD:53:1F:12:9E:21:D9:2D:27:5E:0E:FD:38:0C:93:FC:3C
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/3133382e3138352e3233322e302f32342d3234203d3e203532383932.roa
Signing time:             Tue 20 May 2025 03:52:29 +0000
ROA not before:           Tue 20 May 2025 03:47:29 +0000
ROA not after:            Tue 19 May 2026 03:52:29 +0000
asID:                     52892
IP address blocks:        138.185.232.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.crl
                          rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 14:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:8f:e3:21:5d:f0:54:56:be:59:35:a0:5f:b3:f2:30:68:28:bf:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02D8A2AD531F129E21D92D275E0EFD380C93FC3C
        Validity
            Not Before: May 20 03:47:29 2025 GMT
            Not After : May 19 03:52:29 2026 GMT
        Subject: CN=ADDCE129C5DCC2A936CA93791E157BF2BFFFEDE7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:73:22:70:c5:8e:95:a9:ed:e9:4d:a1:28:aa:
                    b2:dc:fd:18:1a:ce:c0:da:1a:17:d3:40:ce:a3:02:
                    23:65:85:11:a3:66:24:98:56:94:39:14:dc:0f:8c:
                    7d:f7:3b:40:cc:f3:9f:10:82:82:c2:8d:8c:f7:90:
                    e2:aa:af:37:5c:ff:57:f0:db:41:90:cd:e5:bc:d6:
                    34:f5:a6:ed:ba:9b:e4:ec:e6:eb:46:b9:08:cd:c3:
                    62:30:9d:ec:35:8e:38:2d:2a:85:f2:17:53:ef:ba:
                    24:77:89:1d:4b:c6:14:e7:16:fc:77:1d:92:d5:a6:
                    9e:5c:16:9c:77:f5:b8:15:72:19:cb:89:ef:61:95:
                    98:21:fb:19:43:28:41:0c:ae:fe:c5:df:98:c4:7d:
                    9e:5d:43:07:fa:f2:4b:99:c4:35:b2:0a:4f:c8:3f:
                    11:0e:70:91:1c:ea:24:bb:ad:1a:23:a3:28:05:3d:
                    8e:34:bd:30:c2:b0:8d:54:c2:bb:d9:cb:02:db:d8:
                    61:46:f9:fe:2b:f6:87:36:0e:03:72:14:9e:71:22:
                    ca:b0:b2:2e:cc:8a:29:93:f1:1d:f6:94:b1:8b:ce:
                    1e:9e:e7:a3:ad:a3:33:38:77:4e:40:82:7b:aa:8c:
                    a0:84:c1:93:63:bc:9a:42:f0:4e:26:94:66:9a:ae:
                    56:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:DC:E1:29:C5:DC:C2:A9:36:CA:93:79:1E:15:7B:F2:BF:FF:ED:E7
            X509v3 Authority Key Identifier:
                keyid:02:D8:A2:AD:53:1F:12:9E:21:D9:2D:27:5E:0E:FD:38:0C:93:FC:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/3133382e3138352e3233322e302f32342d3234203d3e203532383932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.185.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         02:31:79:0e:0a:d3:06:01:a6:10:38:5d:d4:67:de:b8:c6:93:
         b7:3f:8c:52:e8:47:4e:d5:a3:e9:3b:e2:ff:9a:38:66:a5:1b:
         bd:1b:16:83:ab:d9:4d:63:6f:36:1d:38:5a:0b:bf:30:a6:7b:
         3c:77:0f:70:d3:75:4e:f6:9d:58:a5:b0:c3:5e:f9:cb:5f:37:
         c2:3e:e4:2c:b7:e5:38:0f:7e:0b:05:ff:27:cc:d2:5f:b7:90:
         d2:2c:3a:52:52:5a:78:9d:a8:43:7c:13:56:f1:35:e5:95:47:
         fe:15:33:39:f4:a6:71:1a:2d:7a:f5:1f:80:6f:69:84:4f:58:
         64:49:b2:67:1c:e7:65:dd:ac:af:21:1f:e7:af:42:6e:f9:48:
         45:8e:79:f0:44:27:70:1b:18:ba:4c:f3:bd:2d:de:be:4c:e2:
         04:46:77:d6:c3:b6:38:61:c4:bb:fc:24:c9:d4:b7:f6:d1:85:
         20:46:7b:f2:89:48:05:d9:9e:19:f0:68:d9:65:00:47:dc:d4:
         40:95:45:c3:ad:84:20:83:4a:d3:7b:d2:80:8d:74:61:c7:71:
         12:24:a1:fe:70:ff:fa:d2:53:75:13:3f:6a:39:ff:ec:15:91:
         44:d0:65:63:a5:03:3c:fb:01:e2:86:b7:b7:3c:5c:53:58:b0:
         8b:3a:d5:07
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUOY/jIV3wVFa+WTWgX7PyMGgov30wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDJEOEEyQUQ1MzFGMTI5RTIxRDkyRDI3NUUwRUZEMzgw
QzkzRkMzQzAeFw0yNTA1MjAwMzQ3MjlaFw0yNjA1MTkwMzUyMjlaMDMxMTAvBgNV
BAMTKEFERENFMTI5QzVEQ0MyQTkzNkNBOTM3OTFFMTU3QkYyQkZGRkVERTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbcyJwxY6Vqe3pTaEoqrLc/Rga
zsDaGhfTQM6jAiNlhRGjZiSYVpQ5FNwPjH33O0DM858QgoLCjYz3kOKqrzdc/1fw
20GQzeW81jT1pu26m+Ts5utGuQjNw2Iwnew1jjgtKoXyF1PvuiR3iR1LxhTnFvx3
HZLVpp5cFpx39bgVchnLie9hlZgh+xlDKEEMrv7F35jEfZ5dQwf68kuZxDWyCk/I
PxEOcJEc6iS7rRojoygFPY40vTDCsI1UwrvZywLb2GFG+f4r9oc2DgNyFJ5xIsqw
si7MiimT8R32lLGLzh6e56OtozM4d05AgnuqjKCEwZNjvJpC8E4mlGaarlYZAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUrdzhKcXcwqk2ypN5HhV78r//7ecwHwYDVR0j
BBgwFoAUAtiirVMfEp4h2S0nXg79OAyT/DwwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQ0JwV2pFWGlQRFNMTXhYZUVLdEIyM01UdGVpcXNOdUFMUFlKdzV6V1lW
a1gvMS8wMkQ4QTJBRDUzMUYxMjlFMjFEOTJEMjc1RTBFRkQzODBDOTNGQzNDLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzAyRDhBMkFENTMxRjEyOUUy
MUQ5MkQyNzVFMEVGRDM4MEM5M0ZDM0MuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0NCcFdqRVhpUERTTE14WGVFS3RCMjNNVHRlaXFzTnVBTFBZSnc1eldZVmtYLzEv
MzEzMzM4MmUzMTM4MzUyZTMyMzMzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1
MzIzODM5MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBACKuegwDQYJKoZIhvcNAQELBQADggEBAAIxeQ4K
0wYBphA4XdRn3rjGk7c/jFLoR07Vo+k74v+aOGalG70bFoOr2U1jbzYdOFoLvzCm
ezx3D3DTdU72nVilsMNe+ctfN8I+5Cy35TgPfgsF/yfM0l+3kNIsOlJSWnidqEN8
E1bxNeWVR/4VMzn0pnEaLXr1H4BvaYRPWGRJsmcc52XdrK8hH+evQm75SEWOefBE
J3AbGLpM870t3r5M4gRGd9bDtjhhxLv8JMnUt/bRhSBGe/KJSAXZnhnwaNllAEfc
1ECVRcOthCCDStN70oCNdGHHcRIkof5w//rSU3UTP2o5/+wVkUTQZWOlAzz7AeKG
t7c8XFNYsIs61Qc=
-----END CERTIFICATE-----
Generated at Mon Jun 9 21:50:28 2025 by rpki-client