Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/3138312e3233322e3135322e302f32322d3234203d3e203532383932.roa
File:                     3138312e3233322e3135322e302f32322d3234203d3e203532383932.roa (raw, json)
Hash identifier:          1RqJMgTTooyMIL4Gc0eKs59fKhif64UnUqVbnFzwHHY=
Subject key identifier:   3F:CA:AC:A1:9F:2A:DF:35:B5:BD:64:76:D4:14:1B:52:38:0C:3D:C0
Certificate issuer:       /CN=02D8A2AD531F129E21D92D275E0EFD380C93FC3C
Certificate serial:       49146A4FFC257689E7E4B5D779A4070A1A42F19F
Authority key identifier: 02:D8:A2:AD:53:1F:12:9E:21:D9:2D:27:5E:0E:FD:38:0C:93:FC:3C
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/3138312e3233322e3135322e302f32322d3234203d3e203532383932.roa
Signing time:             Tue 20 May 2025 04:23:49 +0000
ROA not before:           Tue 20 May 2025 04:18:49 +0000
ROA not after:            Tue 19 May 2026 04:23:49 +0000
asID:                     52892
IP address blocks:        181.232.152.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.crl
                          rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 14:01:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:14:6a:4f:fc:25:76:89:e7:e4:b5:d7:79:a4:07:0a:1a:42:f1:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02D8A2AD531F129E21D92D275E0EFD380C93FC3C
        Validity
            Not Before: May 20 04:18:49 2025 GMT
            Not After : May 19 04:23:49 2026 GMT
        Subject: CN=3FCAACA19F2ADF35B5BD6476D4141B52380C3DC0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:cf:fd:a9:8b:32:a4:1b:4b:1e:e0:be:10:31:
                    4c:48:96:d2:63:d0:c7:df:ac:1c:ad:92:3a:7f:60:
                    79:23:03:5c:71:d6:bd:b8:c0:c4:d9:7d:ef:36:4e:
                    e2:37:f8:9b:f1:97:f9:e0:b6:00:f9:46:22:e8:c5:
                    41:80:28:2f:d7:94:85:5a:d8:84:a4:42:d1:8c:9d:
                    e0:83:e6:45:d8:8d:f1:86:e1:7f:89:84:58:da:07:
                    da:5e:46:8b:ef:86:38:25:da:a5:7f:2b:4d:51:79:
                    e1:0e:dd:d5:cb:0f:d8:db:26:57:fe:d4:51:f3:eb:
                    77:a6:b3:e0:32:1b:51:f0:01:ae:7f:34:3b:a3:2a:
                    65:22:cb:ca:ad:73:31:e8:74:cf:c5:d7:27:4e:53:
                    59:25:f2:75:0b:cd:f4:24:97:2a:06:c8:34:f1:9a:
                    a0:03:6f:f0:92:05:c8:41:21:7e:52:c9:20:61:d7:
                    40:b8:50:a5:07:5b:5c:63:54:7b:3b:f9:a9:7a:46:
                    97:9e:20:b4:02:de:d0:28:3e:7d:cc:a2:b9:81:a1:
                    b3:27:3b:22:a9:46:85:f2:85:22:5a:cf:cb:62:5c:
                    d3:31:4e:9a:34:10:28:20:e3:94:dd:7a:b0:0d:02:
                    9e:b2:c3:6a:c0:9c:b5:a8:b0:a6:d3:f8:0c:fb:79:
                    08:21
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:CA:AC:A1:9F:2A:DF:35:B5:BD:64:76:D4:14:1B:52:38:0C:3D:C0
            X509v3 Authority Key Identifier:
                keyid:02:D8:A2:AD:53:1F:12:9E:21:D9:2D:27:5E:0E:FD:38:0C:93:FC:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/3138312e3233322e3135322e302f32322d3234203d3e203532383932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  181.232.152.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2b:5a:b7:5a:7e:29:6e:74:56:96:9e:63:fd:5e:63:d7:a9:db:
         8b:6c:0c:7f:b5:a3:1f:af:5b:76:8f:89:69:3b:f5:6f:7c:f7:
         b9:c6:a3:fe:7d:5a:a0:e4:2b:a0:05:f2:71:06:16:2d:b9:9b:
         a2:65:65:fc:c6:a1:fe:82:4a:52:d3:a3:39:fc:ff:5a:ff:35:
         d7:48:0a:bf:b3:8b:c2:67:0e:e5:6a:24:ef:e3:6b:23:f9:23:
         78:83:25:b0:2e:60:72:d4:0e:69:f1:27:69:20:ed:f4:19:3b:
         0b:94:03:9a:5b:e1:76:ee:93:f2:35:8e:6c:6e:dc:3a:60:36:
         e5:62:14:02:1f:84:bb:36:26:0d:11:d9:3d:a8:43:81:11:30:
         6d:01:8c:45:24:a5:4f:e2:1a:08:a2:fe:4a:82:4e:51:d9:7d:
         b3:14:72:85:85:d4:e4:07:20:6c:ad:ce:9a:9f:6d:81:07:5d:
         45:75:98:e7:c3:e4:83:f4:12:54:c5:bf:f9:51:42:61:0e:be:
         d2:19:ac:15:14:e6:e0:76:d6:e9:7f:2a:09:2d:80:dd:dd:71:
         56:33:b0:88:e0:61:a3:b5:84:72:e3:d4:6a:30:2f:a2:9b:5f:
         ba:d4:06:7c:af:65:31:86:aa:39:3b:e2:5c:04:e1:39:6f:6d:
         32:fb:d2:60
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUSRRqT/wldonn5LXXeaQHChpC8Z8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDJEOEEyQUQ1MzFGMTI5RTIxRDkyRDI3NUUwRUZEMzgw
QzkzRkMzQzAeFw0yNTA1MjAwNDE4NDlaFw0yNjA1MTkwNDIzNDlaMDMxMTAvBgNV
BAMTKDNGQ0FBQ0ExOUYyQURGMzVCNUJENjQ3NkQ0MTQxQjUyMzgwQzNEQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaz/2pizKkG0se4L4QMUxIltJj
0MffrBytkjp/YHkjA1xx1r24wMTZfe82TuI3+Jvxl/ngtgD5RiLoxUGAKC/XlIVa
2ISkQtGMneCD5kXYjfGG4X+JhFjaB9peRovvhjgl2qV/K01ReeEO3dXLD9jbJlf+
1FHz63ems+AyG1HwAa5/NDujKmUiy8qtczHodM/F1ydOU1kl8nULzfQklyoGyDTx
mqADb/CSBchBIX5SySBh10C4UKUHW1xjVHs7+al6RpeeILQC3tAoPn3MormBobMn
OyKpRoXyhSJaz8tiXNMxTpo0ECgg45TderANAp6yw2rAnLWosKbT+Az7eQghAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUP8qsoZ8q3zW1vWR21BQbUjgMPcAwHwYDVR0j
BBgwFoAUAtiirVMfEp4h2S0nXg79OAyT/DwwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQ0JwV2pFWGlQRFNMTXhYZUVLdEIyM01UdGVpcXNOdUFMUFlKdzV6V1lW
a1gvMS8wMkQ4QTJBRDUzMUYxMjlFMjFEOTJEMjc1RTBFRkQzODBDOTNGQzNDLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzAyRDhBMkFENTMxRjEyOUUy
MUQ5MkQyNzVFMEVGRDM4MEM5M0ZDM0MuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0NCcFdqRVhpUERTTE14WGVFS3RCMjNNVHRlaXFzTnVBTFBZSnc1eldZVmtYLzEv
MzEzODMxMmUzMjMzMzIyZTMxMzUzMjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM1
MzIzODM5MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAK16JgwDQYJKoZIhvcNAQELBQADggEBACtat1p+
KW50VpaeY/1eY9ep24tsDH+1ox+vW3aPiWk79W9897nGo/59WqDkK6AF8nEGFi25
m6JlZfzGof6CSlLTozn8/1r/NddICr+zi8JnDuVqJO/jayP5I3iDJbAuYHLUDmnx
J2kg7fQZOwuUA5pb4Xbuk/I1jmxu3DpgNuViFAIfhLs2Jg0R2T2oQ4ERMG0BjEUk
pU/iGgii/kqCTlHZfbMUcoWF1OQHIGytzpqfbYEHXUV1mOfD5IP0ElTFv/lRQmEO
vtIZrBUU5uB21ul/KgktgN3dcVYzsIjgYaO1hHLj1GowL6KbX7rUBnyvZTGGqjk7
4lwE4TlvbTL70mA=
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:28:24 2025 by rpki-client