Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/3137302e37382e3134302e302f32322d3234203d3e203532383932.roa
File:                     3137302e37382e3134302e302f32322d3234203d3e203532383932.roa (raw, json)
Hash identifier:          4vO8RB+Una5dqsaKVMKPU+nyqc7YhrgsK2xvx12737w=
Subject key identifier:   E0:73:7D:7E:17:89:D8:EB:CA:AB:89:2D:E1:3C:D5:2A:92:C5:BE:1F
Certificate issuer:       /CN=02D8A2AD531F129E21D92D275E0EFD380C93FC3C
Certificate serial:       76D72D2955CD3E110CB73BCDF3E8888D630E3B43
Authority key identifier: 02:D8:A2:AD:53:1F:12:9E:21:D9:2D:27:5E:0E:FD:38:0C:93:FC:3C
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/3137302e37382e3134302e302f32322d3234203d3e203532383932.roa
Signing time:             Tue 20 May 2025 03:52:23 +0000
ROA not before:           Tue 20 May 2025 03:47:23 +0000
ROA not after:            Tue 19 May 2026 03:52:23 +0000
asID:                     52892
IP address blocks:        170.78.140.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.crl
                          rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 12 Jun 2025 00:39:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:d7:2d:29:55:cd:3e:11:0c:b7:3b:cd:f3:e8:88:8d:63:0e:3b:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02D8A2AD531F129E21D92D275E0EFD380C93FC3C
        Validity
            Not Before: May 20 03:47:23 2025 GMT
            Not After : May 19 03:52:23 2026 GMT
        Subject: CN=E0737D7E1789D8EBCAAB892DE13CD52A92C5BE1F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:21:28:4d:6e:f2:da:f0:4b:ae:20:da:82:b8:
                    69:74:9f:d2:f9:15:3b:2c:68:b5:61:e0:cb:02:53:
                    db:dc:80:98:55:66:37:4b:f6:3f:28:59:3c:dd:a1:
                    d8:a5:58:d4:6a:a1:91:76:5a:a9:78:33:78:a4:44:
                    63:42:f8:6d:d3:6f:b6:fd:dc:6f:ac:da:75:3a:05:
                    6b:72:15:0d:c3:15:3c:a9:79:9a:3d:ad:7c:b0:7c:
                    5c:2c:11:4c:09:e8:2a:19:8a:22:dc:bd:73:af:6a:
                    9d:a8:6e:e3:01:1b:d5:26:f7:a4:2f:f8:ab:2e:47:
                    df:fb:63:e0:bc:8d:d0:36:8f:9e:36:e3:ae:2c:e7:
                    63:03:a6:4f:5e:6c:d2:f4:9b:65:66:78:2f:fb:49:
                    eb:89:e7:0f:9a:5c:28:b5:ac:ab:54:33:fe:28:94:
                    31:c6:93:76:c5:40:69:2d:48:52:30:5d:01:cd:c9:
                    ac:55:50:fe:46:21:86:33:df:d7:c5:10:80:69:20:
                    ab:2e:99:dd:b9:8a:f4:cf:e2:e5:7a:59:56:a3:52:
                    6a:e2:e5:ed:d0:0e:22:82:13:56:97:e0:6e:cf:80:
                    cc:75:67:60:8b:8e:3e:50:f6:3f:8b:8d:4e:48:f9:
                    54:27:8c:15:c6:52:61:98:a6:73:a6:dd:e7:7a:ee:
                    7b:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E0:73:7D:7E:17:89:D8:EB:CA:AB:89:2D:E1:3C:D5:2A:92:C5:BE:1F
            X509v3 Authority Key Identifier:
                keyid:02:D8:A2:AD:53:1F:12:9E:21:D9:2D:27:5E:0E:FD:38:0C:93:FC:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/3137302e37382e3134302e302f32322d3234203d3e203532383932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.78.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         74:ff:0b:02:d6:ce:f7:7c:3e:c0:c9:8b:c6:a5:d4:72:60:e7:
         bc:5c:9d:98:5a:b1:c2:a9:8e:fc:4a:43:9a:1b:4d:95:be:90:
         f0:9a:3f:f4:4e:4a:7e:c1:83:3c:98:3f:d3:dd:e5:2d:73:46:
         42:84:12:6a:08:29:f1:d0:b2:8a:cb:f9:89:48:03:35:ab:16:
         49:9f:05:ef:45:a7:95:f9:0d:62:e2:1c:d3:23:e9:c9:d4:16:
         88:fc:fd:1d:81:9b:36:ee:ba:c1:93:8e:eb:99:e5:21:30:87:
         6c:00:6c:95:55:be:9f:cf:be:5e:29:b8:0b:3c:b3:04:b8:b7:
         e8:d0:f6:33:f0:7e:63:25:05:9a:eb:76:66:b5:68:5f:1c:68:
         61:a1:b2:3a:d5:28:7c:9f:32:96:8e:c7:3d:4c:62:2b:4d:2d:
         50:cd:7b:d8:e6:86:6b:cc:06:4c:be:c2:d0:9d:65:8a:d2:2b:
         7b:dc:01:39:b7:0b:9b:cc:04:3d:e2:e6:80:b9:97:85:69:fb:
         b1:6e:22:39:36:23:dc:6d:2b:d3:ec:fc:94:ae:46:ea:ed:37:
         66:43:34:67:ca:d5:39:b9:ae:ce:51:2a:aa:e9:03:80:cd:ca:
         a4:cd:c1:0e:b8:47:b4:3b:55:36:2d:7b:94:aa:6e:13:58:f4:
         6e:94:f6:e7
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUdtctKVXNPhEMtzvN8+iIjWMOO0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDJEOEEyQUQ1MzFGMTI5RTIxRDkyRDI3NUUwRUZEMzgw
QzkzRkMzQzAeFw0yNTA1MjAwMzQ3MjNaFw0yNjA1MTkwMzUyMjNaMDMxMTAvBgNV
BAMTKEUwNzM3RDdFMTc4OUQ4RUJDQUFCODkyREUxM0NENTJBOTJDNUJFMUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfIShNbvLa8EuuINqCuGl0n9L5
FTssaLVh4MsCU9vcgJhVZjdL9j8oWTzdodilWNRqoZF2Wql4M3ikRGNC+G3Tb7b9
3G+s2nU6BWtyFQ3DFTypeZo9rXywfFwsEUwJ6CoZiiLcvXOvap2obuMBG9Um96Qv
+KsuR9/7Y+C8jdA2j542464s52MDpk9ebNL0m2VmeC/7SeuJ5w+aXCi1rKtUM/4o
lDHGk3bFQGktSFIwXQHNyaxVUP5GIYYz39fFEIBpIKsumd25ivTP4uV6WVajUmri
5e3QDiKCE1aX4G7PgMx1Z2CLjj5Q9j+LjU5I+VQnjBXGUmGYpnOm3ed67nsTAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQU4HN9fheJ2OvKq4kt4TzVKpLFvh8wHwYDVR0j
BBgwFoAUAtiirVMfEp4h2S0nXg79OAyT/DwwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQ0JwV2pFWGlQRFNMTXhYZUVLdEIyM01UdGVpcXNOdUFMUFlKdzV6V1lW
a1gvMS8wMkQ4QTJBRDUzMUYxMjlFMjFEOTJEMjc1RTBFRkQzODBDOTNGQzNDLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzAyRDhBMkFENTMxRjEyOUUy
MUQ5MkQyNzVFMEVGRDM4MEM5M0ZDM0MuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0NCcFdqRVhpUERTTE14WGVFS3RCMjNNVHRlaXFzTnVBTFBZSnc1eldZVmtYLzEv
MzEzNzMwMmUzNzM4MmUzMTM0MzAyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNTMy
MzgzOTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCqk6MMA0GCSqGSIb3DQEBCwUAA4IBAQB0/wsC1s73
fD7AyYvGpdRyYOe8XJ2YWrHCqY78SkOaG02VvpDwmj/0Tkp+wYM8mD/T3eUtc0ZC
hBJqCCnx0LKKy/mJSAM1qxZJnwXvRaeV+Q1i4hzTI+nJ1BaI/P0dgZs27rrBk47r
meUhMIdsAGyVVb6fz75eKbgLPLMEuLfo0PYz8H5jJQWa63ZmtWhfHGhhobI61Sh8
nzKWjsc9TGIrTS1QzXvY5oZrzAZMvsLQnWWK0it73AE5twubzAQ94uaAuZeFafux
biI5NiPcbSvT7PyUrkbq7TdmQzRnytU5ua7OUSqq6QOAzcqkzcEOuEe0O1U2LXuU
qm4TWPRulPbn
-----END CERTIFICATE-----
Generated at Wed Jun 11 05:40:59 2025 by rpki-client