Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/3137372e37322e3233322e302f32342d3234203d3e203532383932.roa
File:                     3137372e37322e3233322e302f32342d3234203d3e203532383932.roa (raw, json)
Hash identifier:          2HM9jl6iEuKfT05iuaMnWzpzPz8KixJ1OswYdU987vo=
Subject key identifier:   D6:5D:E1:91:07:CB:93:26:6E:39:AE:24:4E:B1:4C:92:A0:4C:31:85
Certificate issuer:       /CN=02D8A2AD531F129E21D92D275E0EFD380C93FC3C
Certificate serial:       4131496A95173A17CB5462C06CFAAC9D68C26CF8
Authority key identifier: 02:D8:A2:AD:53:1F:12:9E:21:D9:2D:27:5E:0E:FD:38:0C:93:FC:3C
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/3137372e37322e3233322e302f32342d3234203d3e203532383932.roa
Signing time:             Tue 20 May 2025 03:52:39 +0000
ROA not before:           Tue 20 May 2025 03:47:39 +0000
ROA not after:            Tue 19 May 2026 03:52:39 +0000
asID:                     52892
IP address blocks:        177.72.232.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.crl
                          rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 12 Jun 2025 21:10:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:31:49:6a:95:17:3a:17:cb:54:62:c0:6c:fa:ac:9d:68:c2:6c:f8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02D8A2AD531F129E21D92D275E0EFD380C93FC3C
        Validity
            Not Before: May 20 03:47:39 2025 GMT
            Not After : May 19 03:52:39 2026 GMT
        Subject: CN=D65DE19107CB93266E39AE244EB14C92A04C3185
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:8c:1b:1b:a0:3f:d5:59:0e:32:79:5e:a9:78:
                    89:fe:e6:b5:3c:b6:82:dc:f5:76:08:3b:1d:9e:9a:
                    25:27:5f:a0:49:6c:c3:a9:b9:0c:ac:59:ab:28:2f:
                    e9:19:db:9f:60:9b:c1:a4:d2:da:dd:33:69:93:c1:
                    f6:26:a1:7c:f7:cd:c0:0f:68:eb:94:ed:e7:15:58:
                    8c:b8:f1:00:25:32:77:d1:30:e2:ac:59:55:06:f5:
                    df:ff:a5:52:13:44:05:ec:a3:19:4c:15:3f:f5:f0:
                    1b:8e:dd:d9:08:e4:37:7e:70:6d:ef:21:92:36:9c:
                    18:9c:0e:9a:4d:b7:02:48:04:95:a4:2e:1e:db:c1:
                    e9:3b:aa:ce:72:15:93:1a:39:8a:bc:64:55:06:dd:
                    0e:4d:99:34:d7:41:2f:cd:fc:ad:c5:09:77:5d:de:
                    47:8b:b6:85:36:c2:b4:4e:53:4f:58:2e:f6:3c:2b:
                    9c:92:87:0f:d3:4d:cf:fc:0f:b1:e5:cf:9e:cf:5b:
                    70:f3:db:55:1f:07:c9:7d:83:0d:74:bf:d9:b2:78:
                    19:bc:bc:8a:38:42:41:a8:71:d7:0c:62:6f:d2:30:
                    3a:92:02:be:86:a8:94:f1:1e:42:13:e7:0e:65:2b:
                    44:6e:e9:d3:8c:a1:01:7f:63:ee:e1:79:db:93:04:
                    7b:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:5D:E1:91:07:CB:93:26:6E:39:AE:24:4E:B1:4C:92:A0:4C:31:85
            X509v3 Authority Key Identifier:
                keyid:02:D8:A2:AD:53:1F:12:9E:21:D9:2D:27:5E:0E:FD:38:0C:93:FC:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/3137372e37322e3233322e302f32342d3234203d3e203532383932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.72.232.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:d7:e1:ef:f5:fa:9e:44:d1:8f:e1:75:ea:9a:ee:6e:dc:61:
         19:46:20:fb:df:4c:64:6f:ba:5a:f6:d9:d8:72:42:dc:55:a9:
         9a:fd:28:95:ea:fe:36:31:7e:bb:91:93:c5:2b:0a:8f:3f:14:
         53:a2:30:05:3e:12:3c:52:1a:e9:47:85:50:5b:95:35:be:cc:
         fb:b7:ea:09:46:40:a9:92:5a:12:5d:f7:a1:6d:82:55:9f:c0:
         b5:13:d8:58:f1:87:9b:f9:e9:1e:a4:4f:2e:f0:7c:b7:da:1d:
         71:6e:a6:82:63:16:26:40:11:3c:10:80:f2:22:85:86:48:ed:
         16:81:83:b0:38:89:aa:f1:17:8f:d4:db:84:4f:4b:e2:77:66:
         43:0b:b6:83:aa:ea:b5:8a:98:ad:db:13:b2:7c:59:67:f2:46:
         f5:df:16:5b:b3:b6:65:80:e3:c1:09:6a:07:a5:2e:8a:73:dc:
         bc:5c:b2:61:3e:37:80:86:83:b7:ce:ee:e7:37:fd:2c:ad:5e:
         56:c9:56:43:69:f5:e1:61:46:41:0b:80:ab:d4:df:8a:ab:94:
         21:0e:5c:3c:56:00:7c:e0:3b:7a:4a:0c:e7:cf:05:95:07:0e:
         01:07:39:e6:6f:fb:0b:3b:d0:d1:12:17:54:a7:18:aa:e3:e0:
         70:3b:2b:36
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUQTFJapUXOhfLVGLAbPqsnWjCbPgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDJEOEEyQUQ1MzFGMTI5RTIxRDkyRDI3NUUwRUZEMzgw
QzkzRkMzQzAeFw0yNTA1MjAwMzQ3MzlaFw0yNjA1MTkwMzUyMzlaMDMxMTAvBgNV
BAMTKEQ2NURFMTkxMDdDQjkzMjY2RTM5QUUyNDRFQjE0QzkyQTA0QzMxODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrjBsboD/VWQ4yeV6peIn+5rU8
toLc9XYIOx2emiUnX6BJbMOpuQysWasoL+kZ259gm8Gk0trdM2mTwfYmoXz3zcAP
aOuU7ecVWIy48QAlMnfRMOKsWVUG9d//pVITRAXsoxlMFT/18BuO3dkI5Dd+cG3v
IZI2nBicDppNtwJIBJWkLh7bwek7qs5yFZMaOYq8ZFUG3Q5NmTTXQS/N/K3FCXdd
3keLtoU2wrROU09YLvY8K5yShw/TTc/8D7Hlz57PW3Dz21UfB8l9gw10v9myeBm8
vIo4QkGocdcMYm/SMDqSAr6GqJTxHkIT5w5lK0Ru6dOMoQF/Y+7heduTBHubAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQU1l3hkQfLkyZuOa4kTrFMkqBMMYUwHwYDVR0j
BBgwFoAUAtiirVMfEp4h2S0nXg79OAyT/DwwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQ0JwV2pFWGlQRFNMTXhYZUVLdEIyM01UdGVpcXNOdUFMUFlKdzV6V1lW
a1gvMS8wMkQ4QTJBRDUzMUYxMjlFMjFEOTJEMjc1RTBFRkQzODBDOTNGQzNDLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzAyRDhBMkFENTMxRjEyOUUy
MUQ5MkQyNzVFMEVGRDM4MEM5M0ZDM0MuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0NCcFdqRVhpUERTTE14WGVFS3RCMjNNVHRlaXFzTnVBTFBZSnc1eldZVmtYLzEv
MzEzNzM3MmUzNzMyMmUzMjMzMzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMy
MzgzOTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAsUjoMA0GCSqGSIb3DQEBCwUAA4IBAQAf1+Hv9fqe
RNGP4XXqmu5u3GEZRiD730xkb7pa9tnYckLcVama/SiV6v42MX67kZPFKwqPPxRT
ojAFPhI8UhrpR4VQW5U1vsz7t+oJRkCpkloSXfehbYJVn8C1E9hY8Yeb+ekepE8u
8Hy32h1xbqaCYxYmQBE8EIDyIoWGSO0WgYOwOImq8ReP1NuET0vid2ZDC7aDquq1
ipit2xOyfFln8kb13xZbs7ZlgOPBCWoHpS6Kc9y8XLJhPjeAhoO3zu7nN/0srV5W
yVZDafXhYUZBC4Cr1N+Kq5QhDlw8VgB84Dt6SgznzwWVBw4BBznmb/sLO9DREhdU
pxiq4+BwOys2
-----END CERTIFICATE-----
Generated at Thu Jun 12 10:27:05 2025 by rpki-client