Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/3137372e37322e3233352e302f32342d3234203d3e203532383932.roa
File:                     3137372e37322e3233352e302f32342d3234203d3e203532383932.roa (raw, json)
Hash identifier:          sMohRSyVieFyAKqrWdDUx/7Z53zoNO+3tjfaRbtHBbI=
Subject key identifier:   07:A1:2D:69:DC:30:8B:FE:29:38:A3:FE:35:1D:B7:62:8C:19:54:87
Certificate issuer:       /CN=02D8A2AD531F129E21D92D275E0EFD380C93FC3C
Certificate serial:       3945647C3B3D43D4EBB25D230CBE3571E9A5953F
Authority key identifier: 02:D8:A2:AD:53:1F:12:9E:21:D9:2D:27:5E:0E:FD:38:0C:93:FC:3C
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/3137372e37322e3233352e302f32342d3234203d3e203532383932.roa
Signing time:             Tue 20 May 2025 03:52:22 +0000
ROA not before:           Tue 20 May 2025 03:47:22 +0000
ROA not after:            Tue 19 May 2026 03:52:22 +0000
asID:                     52892
IP address blocks:        177.72.235.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.crl
                          rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 14 Jun 2025 06:03:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:45:64:7c:3b:3d:43:d4:eb:b2:5d:23:0c:be:35:71:e9:a5:95:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02D8A2AD531F129E21D92D275E0EFD380C93FC3C
        Validity
            Not Before: May 20 03:47:22 2025 GMT
            Not After : May 19 03:52:22 2026 GMT
        Subject: CN=07A12D69DC308BFE2938A3FE351DB7628C195487
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:1d:e3:21:e3:98:4d:49:2d:66:bd:53:ad:1d:
                    2a:a5:da:2b:50:e8:6b:1c:bc:a3:8f:f2:88:5e:32:
                    52:b7:8f:fe:8e:8f:b7:cc:1d:2e:91:c9:fd:66:ba:
                    eb:77:9c:1e:80:d2:45:f9:51:ee:df:8f:e5:d8:ae:
                    23:dc:4f:e7:bd:a7:c2:f2:28:e6:3e:46:c2:0e:6e:
                    6c:df:f4:17:06:70:3c:f6:ed:3d:72:08:82:6a:b6:
                    48:95:47:fa:48:52:77:81:71:ad:f3:cb:50:27:0a:
                    41:3f:f1:fe:1b:f9:e2:67:e8:88:37:a7:71:93:43:
                    cb:f5:ba:b6:ec:15:1a:a8:7e:ce:9b:0d:b4:7c:2e:
                    86:bf:35:2a:af:4c:9e:1c:7d:09:5b:54:0c:a3:da:
                    f3:8a:ea:01:6d:f6:0b:11:5c:f8:ec:e7:04:e1:32:
                    aa:fa:5c:08:a3:7a:d3:d1:3c:69:69:6d:bf:8d:5b:
                    48:da:1e:36:5c:6b:15:cc:f5:ce:88:d5:ec:6b:f0:
                    8f:cd:62:ae:7c:c8:8b:6f:79:ce:6e:1b:c2:b7:07:
                    4f:29:1d:59:ef:71:b5:49:a1:2d:68:71:28:b2:df:
                    f1:c9:c6:8d:17:06:09:5c:4e:dc:dc:57:43:a5:b4:
                    bd:f3:2f:28:d3:59:57:07:bb:e7:1a:17:a5:8d:ab:
                    79:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                07:A1:2D:69:DC:30:8B:FE:29:38:A3:FE:35:1D:B7:62:8C:19:54:87
            X509v3 Authority Key Identifier:
                keyid:02:D8:A2:AD:53:1F:12:9E:21:D9:2D:27:5E:0E:FD:38:0C:93:FC:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/3137372e37322e3233352e302f32342d3234203d3e203532383932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.72.235.0/24

    Signature Algorithm: sha256WithRSAEncryption
         56:7b:52:02:d5:0e:54:67:8c:8a:5f:a5:8c:dc:41:ad:ac:ac:
         49:79:9e:c7:2b:ee:da:b1:75:e8:46:dd:1d:82:73:62:b6:bd:
         a4:c5:9d:cd:d4:b7:82:8f:26:a7:91:66:b6:4f:4d:f9:9b:6d:
         10:81:a7:c2:f3:9c:66:2e:2d:e0:be:7f:df:61:df:b2:d8:44:
         eb:1d:0c:d4:5b:6c:bf:2f:23:14:bd:24:5a:18:c0:2d:a5:a8:
         78:03:1b:a5:6b:e1:74:a9:60:d8:c5:0a:b6:0f:85:45:c6:8e:
         1a:1d:05:58:e8:ed:21:cd:0e:7e:cd:f9:6f:c1:94:36:72:aa:
         c3:94:1d:5f:0f:f5:c9:16:d9:b7:56:e3:08:90:fd:1d:a6:16:
         35:75:67:4e:b6:82:3d:4a:7c:46:c3:5c:9f:bf:a4:fb:09:c2:
         c1:af:14:62:60:81:9d:32:e9:8a:79:82:15:27:d4:7d:45:68:
         fc:4b:62:45:2f:ea:af:f1:41:39:c3:ff:b0:50:e4:98:48:8c:
         1b:7e:96:85:85:5b:21:9a:31:64:4b:82:24:71:92:03:69:1d:
         0b:11:ba:8c:78:48:43:b1:30:5b:e7:6f:67:49:c0:58:3d:30:
         47:ca:6b:51:df:d0:ae:3e:16:d9:ac:08:17:de:eb:67:24:6d:
         ba:4e:02:ee
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUOUVkfDs9Q9Trsl0jDL41cemllT8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDJEOEEyQUQ1MzFGMTI5RTIxRDkyRDI3NUUwRUZEMzgw
QzkzRkMzQzAeFw0yNTA1MjAwMzQ3MjJaFw0yNjA1MTkwMzUyMjJaMDMxMTAvBgNV
BAMTKDA3QTEyRDY5REMzMDhCRkUyOTM4QTNGRTM1MURCNzYyOEMxOTU0ODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpHeMh45hNSS1mvVOtHSql2itQ
6GscvKOP8oheMlK3j/6Oj7fMHS6Ryf1muut3nB6A0kX5Ue7fj+XYriPcT+e9p8Ly
KOY+RsIObmzf9BcGcDz27T1yCIJqtkiVR/pIUneBca3zy1AnCkE/8f4b+eJn6Ig3
p3GTQ8v1urbsFRqofs6bDbR8Loa/NSqvTJ4cfQlbVAyj2vOK6gFt9gsRXPjs5wTh
Mqr6XAijetPRPGlpbb+NW0jaHjZcaxXM9c6I1exr8I/NYq58yItvec5uG8K3B08p
HVnvcbVJoS1ocSiy3/HJxo0XBglcTtzcV0OltL3zLyjTWVcHu+caF6WNq3nDAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUB6Etadwwi/4pOKP+NR23YowZVIcwHwYDVR0j
BBgwFoAUAtiirVMfEp4h2S0nXg79OAyT/DwwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQ0JwV2pFWGlQRFNMTXhYZUVLdEIyM01UdGVpcXNOdUFMUFlKdzV6V1lW
a1gvMS8wMkQ4QTJBRDUzMUYxMjlFMjFEOTJEMjc1RTBFRkQzODBDOTNGQzNDLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzAyRDhBMkFENTMxRjEyOUUy
MUQ5MkQyNzVFMEVGRDM4MEM5M0ZDM0MuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0NCcFdqRVhpUERTTE14WGVFS3RCMjNNVHRlaXFzTnVBTFBZSnc1eldZVmtYLzEv
MzEzNzM3MmUzNzMyMmUzMjMzMzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMy
MzgzOTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAsUjrMA0GCSqGSIb3DQEBCwUAA4IBAQBWe1IC1Q5U
Z4yKX6WM3EGtrKxJeZ7HK+7asXXoRt0dgnNitr2kxZ3N1LeCjyankWa2T035m20Q
gafC85xmLi3gvn/fYd+y2ETrHQzUW2y/LyMUvSRaGMAtpah4Axula+F0qWDYxQq2
D4VFxo4aHQVY6O0hzQ5+zflvwZQ2cqrDlB1fD/XJFtm3VuMIkP0dphY1dWdOtoI9
SnxGw1yfv6T7CcLBrxRiYIGdMumKeYIVJ9R9RWj8S2JFL+qv8UE5w/+wUOSYSIwb
fpaFhVshmjFkS4IkcZIDaR0LEbqMeEhDsTBb529nScBYPTBHymtR39CuPhbZrAgX
3utnJG26TgLu
-----END CERTIFICATE-----
Generated at Fri Jun 13 09:48:12 2025 by rpki-client