Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/3137372e37322e3233322e302f32312d3233203d3e203532383932.roa
File:                     3137372e37322e3233322e302f32312d3233203d3e203532383932.roa (raw, json)
Hash identifier:          8ni1z7Rt3aURX85KSGwpV5k9Db7a2a/528+ewCGAwOU=
Subject key identifier:   09:FF:C6:AE:23:8D:A6:C4:BF:B5:5C:0F:E6:1D:BD:E8:48:0D:A5:01
Certificate issuer:       /CN=02D8A2AD531F129E21D92D275E0EFD380C93FC3C
Certificate serial:       6CF5C0253BC623E50BC22F221B4E969D16B2891C
Authority key identifier: 02:D8:A2:AD:53:1F:12:9E:21:D9:2D:27:5E:0E:FD:38:0C:93:FC:3C
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/3137372e37322e3233322e302f32312d3233203d3e203532383932.roa
Signing time:             Tue 20 May 2025 03:52:23 +0000
ROA not before:           Tue 20 May 2025 03:47:23 +0000
ROA not after:            Tue 19 May 2026 03:52:23 +0000
asID:                     52892
IP address blocks:        177.72.232.0/21 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.crl
                          rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 09:09:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:f5:c0:25:3b:c6:23:e5:0b:c2:2f:22:1b:4e:96:9d:16:b2:89:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02D8A2AD531F129E21D92D275E0EFD380C93FC3C
        Validity
            Not Before: May 20 03:47:23 2025 GMT
            Not After : May 19 03:52:23 2026 GMT
        Subject: CN=09FFC6AE238DA6C4BFB55C0FE61DBDE8480DA501
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:ed:f6:f3:4b:f8:2d:0b:78:6f:f5:3d:d2:fa:
                    ce:24:84:c3:99:1b:de:f3:52:03:0f:e9:44:59:b2:
                    5e:34:a7:21:e6:41:65:51:1c:ee:1c:c3:75:d7:e7:
                    1c:b7:f4:81:f2:a0:6a:28:0d:d6:b9:a3:e2:d7:8a:
                    2c:b4:a0:a2:b8:2b:d2:b2:a0:f0:2a:a1:78:38:27:
                    28:73:ea:b4:21:14:8b:25:28:b2:12:d8:2b:dd:34:
                    af:ac:35:40:dc:9b:51:0d:54:f0:33:b9:7f:b0:1c:
                    6e:b3:e1:45:78:e6:ca:d6:5b:ae:60:3b:e6:3f:88:
                    75:4f:05:76:3b:70:ff:e6:1f:0b:22:73:b2:9c:37:
                    eb:89:f8:ce:46:3b:a1:bf:d9:dd:bd:16:66:18:ee:
                    86:83:b6:e0:57:24:4c:b6:41:d8:ee:b3:b8:d7:21:
                    b5:d7:57:ba:5f:2d:69:3d:3c:13:da:6e:d4:de:bf:
                    7e:60:8d:30:c4:6c:27:84:8f:87:d4:d4:9f:2b:bb:
                    ff:a6:53:f0:a1:bb:77:11:5a:b5:dd:e8:de:03:63:
                    78:05:3d:5c:7b:c9:c0:51:78:f1:21:c0:a4:97:16:
                    f7:be:1d:31:59:93:33:d7:8e:0a:0e:30:a7:2a:aa:
                    dd:27:35:fb:5b:fa:18:cf:ee:c0:2a:0d:ab:01:3b:
                    87:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:FF:C6:AE:23:8D:A6:C4:BF:B5:5C:0F:E6:1D:BD:E8:48:0D:A5:01
            X509v3 Authority Key Identifier:
                keyid:02:D8:A2:AD:53:1F:12:9E:21:D9:2D:27:5E:0E:FD:38:0C:93:FC:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/3137372e37322e3233322e302f32312d3233203d3e203532383932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.72.232.0/21

    Signature Algorithm: sha256WithRSAEncryption
         0a:9b:7e:1a:66:40:30:5f:98:cf:e0:0b:03:76:ba:a8:ba:06:
         ca:6c:b9:d1:55:dd:8e:0d:cf:dc:ce:c4:2a:c5:05:6d:64:81:
         2d:0c:ca:a4:4f:76:27:af:9c:bd:29:fd:9d:46:16:fc:6d:f9:
         6d:80:c5:c3:c5:5f:0a:29:ca:67:0c:a8:92:e7:86:08:2f:2a:
         0c:92:82:08:57:c8:3d:c9:d4:d9:4d:b1:6a:e1:b7:bb:90:47:
         9f:3d:6b:51:02:a2:83:a9:5e:fd:c2:1e:d0:e3:55:5c:4e:55:
         19:01:42:11:eb:0a:9c:1a:cc:32:af:a6:a2:bc:c4:9c:ce:1f:
         e7:4a:d4:38:a3:a6:b6:6d:6d:cc:30:bc:bd:07:0b:95:ac:7a:
         83:ac:84:9f:b0:26:ae:6a:f9:f2:3a:79:a6:b7:ac:9c:3a:b9:
         fa:65:06:64:f4:2e:6c:73:65:fe:1e:ab:d7:1c:ce:cd:85:f9:
         e9:9f:bd:1f:82:4d:ca:d2:d0:a4:1d:36:0d:0f:93:72:13:e3:
         49:1e:7f:90:7d:22:5d:0c:eb:be:30:e3:6c:c5:03:a1:fd:73:
         f4:4e:d4:c8:53:06:2c:31:dc:cd:bc:f1:84:62:c9:10:57:e2:
         48:57:05:69:a6:af:0d:d5:10:68:84:12:c0:bc:07:0f:75:56:
         dd:0d:e5:68
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUbPXAJTvGI+ULwi8iG06WnRayiRwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDJEOEEyQUQ1MzFGMTI5RTIxRDkyRDI3NUUwRUZEMzgw
QzkzRkMzQzAeFw0yNTA1MjAwMzQ3MjNaFw0yNjA1MTkwMzUyMjNaMDMxMTAvBgNV
BAMTKDA5RkZDNkFFMjM4REE2QzRCRkI1NUMwRkU2MURCREU4NDgwREE1MDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF7fbzS/gtC3hv9T3S+s4khMOZ
G97zUgMP6URZsl40pyHmQWVRHO4cw3XX5xy39IHyoGooDda5o+LXiiy0oKK4K9Ky
oPAqoXg4Jyhz6rQhFIslKLIS2CvdNK+sNUDcm1ENVPAzuX+wHG6z4UV45srWW65g
O+Y/iHVPBXY7cP/mHwsic7KcN+uJ+M5GO6G/2d29FmYY7oaDtuBXJEy2Qdjus7jX
IbXXV7pfLWk9PBPabtTev35gjTDEbCeEj4fU1J8ru/+mU/Chu3cRWrXd6N4DY3gF
PVx7ycBRePEhwKSXFve+HTFZkzPXjgoOMKcqqt0nNftb+hjP7sAqDasBO4f1AgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUCf/GriONpsS/tVwP5h296EgNpQEwHwYDVR0j
BBgwFoAUAtiirVMfEp4h2S0nXg79OAyT/DwwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQ0JwV2pFWGlQRFNMTXhYZUVLdEIyM01UdGVpcXNOdUFMUFlKdzV6V1lW
a1gvMS8wMkQ4QTJBRDUzMUYxMjlFMjFEOTJEMjc1RTBFRkQzODBDOTNGQzNDLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzAyRDhBMkFENTMxRjEyOUUy
MUQ5MkQyNzVFMEVGRDM4MEM5M0ZDM0MuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0NCcFdqRVhpUERTTE14WGVFS3RCMjNNVHRlaXFzTnVBTFBZSnc1eldZVmtYLzEv
MzEzNzM3MmUzNzMyMmUzMjMzMzIyZTMwMmYzMjMxMmQzMjMzMjAzZDNlMjAzNTMy
MzgzOTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQDsUjoMA0GCSqGSIb3DQEBCwUAA4IBAQAKm34aZkAw
X5jP4AsDdrqougbKbLnRVd2ODc/czsQqxQVtZIEtDMqkT3Ynr5y9Kf2dRhb8bflt
gMXDxV8KKcpnDKiS54YILyoMkoIIV8g9ydTZTbFq4be7kEefPWtRAqKDqV79wh7Q
41VcTlUZAUIR6wqcGswyr6aivMSczh/nStQ4o6a2bW3MMLy9BwuVrHqDrISfsCau
avnyOnmmt6ycOrn6ZQZk9C5sc2X+HqvXHM7Nhfnpn70fgk3K0tCkHTYND5NyE+NJ
Hn+QfSJdDOu+MONsxQOh/XP0TtTIUwYsMdzNvPGEYskQV+JIVwVppq8N1RBohBLA
vAcPdVbdDeVo
-----END CERTIFICATE-----
Generated at Tue Jun 10 10:53:24 2025 by rpki-client