Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/CKqabSxJDm9Kdkh3y3FM3VFUTKYAQHUb5XVsFqpnwiSb/0/3137302e38302e3235322e302f32322d3234203d3e203533303738.roa
File:                     3137302e38302e3235322e302f32322d3234203d3e203533303738.roa (raw, json)
Hash identifier:          Dn+/PSrC0aLbCMBvDobQlUZlQxDmr2gl84WB0YnYW5U=
Subject key identifier:   14:92:B0:BD:FB:FF:78:81:DC:CB:F6:1A:B5:6C:35:A8:87:C5:55:50
Certificate issuer:       /CN=3C8E5F41F3AF740E9427F8ED235C120098AA0C21
Certificate serial:       01E02DB2C8701C7871C8F34C5830B541D14F00DA
Authority key identifier: 3C:8E:5F:41:F3:AF:74:0E:94:27:F8:ED:23:5C:12:00:98:AA:0C:21
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3C8E5F41F3AF740E9427F8ED235C120098AA0C21.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/CKqabSxJDm9Kdkh3y3FM3VFUTKYAQHUb5XVsFqpnwiSb/0/3137302e38302e3235322e302f32322d3234203d3e203533303738.roa
Signing time:             Tue 27 May 2025 15:04:33 +0000
ROA not before:           Tue 27 May 2025 14:59:33 +0000
ROA not after:            Tue 26 May 2026 15:04:33 +0000
asID:                     53078
IP address blocks:        170.80.252.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/CKqabSxJDm9Kdkh3y3FM3VFUTKYAQHUb5XVsFqpnwiSb/0/3C8E5F41F3AF740E9427F8ED235C120098AA0C21.crl
                          rsync://rpki-repo.registro.br/repo/CKqabSxJDm9Kdkh3y3FM3VFUTKYAQHUb5XVsFqpnwiSb/0/3C8E5F41F3AF740E9427F8ED235C120098AA0C21.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3C8E5F41F3AF740E9427F8ED235C120098AA0C21.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 19:44:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:e0:2d:b2:c8:70:1c:78:71:c8:f3:4c:58:30:b5:41:d1:4f:00:da
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3C8E5F41F3AF740E9427F8ED235C120098AA0C21
        Validity
            Not Before: May 27 14:59:33 2025 GMT
            Not After : May 26 15:04:33 2026 GMT
        Subject: CN=1492B0BDFBFF7881DCCBF61AB56C35A887C55550
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:d2:2d:ca:38:ef:4e:fa:7a:15:8d:c9:46:49:
                    92:a0:e1:a8:a0:3f:56:43:23:35:1d:69:7e:bc:da:
                    96:d5:58:41:19:ce:0d:fd:97:ba:c2:b5:85:73:2c:
                    c5:64:81:63:8f:64:07:17:fb:bf:4b:2e:f8:cc:0f:
                    f5:c9:88:a3:60:9d:ac:e9:de:d5:41:2a:15:3d:6f:
                    09:fe:77:81:50:8a:26:bb:ec:70:eb:01:83:1a:75:
                    85:fc:3f:69:15:f3:a1:4b:20:f8:d4:5c:50:4f:7f:
                    a1:e2:4c:66:00:19:07:3d:73:3b:2a:5e:46:c0:5a:
                    5a:d1:76:8d:37:40:4a:85:59:2d:f1:1f:05:b0:e4:
                    cc:6a:f9:1c:c5:d0:86:e5:81:df:76:a5:26:39:12:
                    a2:b5:9f:dd:d5:ba:8a:e7:9f:58:66:5c:38:da:8e:
                    cd:7c:cb:c5:a4:80:9e:47:cb:cd:61:39:eb:c7:08:
                    c7:96:b7:69:a8:62:24:de:49:d6:9f:e3:94:75:da:
                    cc:4b:d2:82:9a:f5:60:79:c8:eb:8b:98:0e:4a:ca:
                    69:15:c5:b5:6d:9e:59:a3:5f:5e:32:2c:51:a7:b0:
                    c2:35:d0:a7:e8:9f:61:2d:b2:94:27:00:64:87:99:
                    9d:ee:2d:05:6d:55:bd:2c:22:1d:f8:47:df:03:86:
                    de:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:92:B0:BD:FB:FF:78:81:DC:CB:F6:1A:B5:6C:35:A8:87:C5:55:50
            X509v3 Authority Key Identifier:
                keyid:3C:8E:5F:41:F3:AF:74:0E:94:27:F8:ED:23:5C:12:00:98:AA:0C:21

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/CKqabSxJDm9Kdkh3y3FM3VFUTKYAQHUb5XVsFqpnwiSb/0/3C8E5F41F3AF740E9427F8ED235C120098AA0C21.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3C8E5F41F3AF740E9427F8ED235C120098AA0C21.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/CKqabSxJDm9Kdkh3y3FM3VFUTKYAQHUb5XVsFqpnwiSb/0/3137302e38302e3235322e302f32322d3234203d3e203533303738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.80.252.0/22

    Signature Algorithm: sha256WithRSAEncryption
         af:27:20:26:30:b5:6b:87:00:33:54:b9:0a:74:dd:77:fe:cf:
         ce:3a:70:cb:47:65:27:82:f4:4d:5f:90:dd:49:6b:32:a6:2f:
         42:03:5a:f7:b1:3b:d1:d6:a4:c2:49:72:f3:65:5f:4b:c3:95:
         9e:22:b2:a3:8c:d3:44:61:64:b2:2a:78:0a:cf:55:98:6a:71:
         a4:8c:62:cf:26:27:2e:79:47:1f:03:90:af:a3:a1:30:07:16:
         47:49:ea:9b:e4:87:f9:c8:c7:c5:90:e0:49:40:03:2b:75:c4:
         98:12:3b:89:ee:ba:42:3a:af:05:d0:38:95:79:bb:13:26:77:
         70:7c:c3:86:b4:a0:44:35:41:4b:24:e0:48:d5:4a:3a:25:31:
         de:84:ad:39:2d:6c:54:03:77:9a:6b:5e:73:11:2a:a9:06:da:
         e4:b9:db:bc:f8:2c:98:9a:ef:37:e1:6d:69:61:c9:b5:ee:9b:
         51:35:5a:ee:ac:26:bf:8d:e7:a7:39:42:b1:1a:e6:40:34:35:
         12:30:00:04:77:e1:32:6c:74:6a:de:68:22:65:ba:ec:d5:2c:
         72:47:a8:19:c1:5d:fc:6f:e2:c6:f3:0d:c8:cf:98:1d:e3:7d:
         00:ef:87:f3:be:1c:bf:87:a7:05:10:4a:78:a5:61:ff:7e:87:
         46:0b:b9:e3
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUAeAtsshwHHhxyPNMWDC1QdFPANowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0M4RTVGNDFGM0FGNzQwRTk0MjdGOEVEMjM1QzEyMDA5
OEFBMEMyMTAeFw0yNTA1MjcxNDU5MzNaFw0yNjA1MjYxNTA0MzNaMDMxMTAvBgNV
BAMTKDE0OTJCMEJERkJGRjc4ODFEQ0NCRjYxQUI1NkMzNUE4ODdDNTU1NTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv0i3KOO9O+noVjclGSZKg4aig
P1ZDIzUdaX682pbVWEEZzg39l7rCtYVzLMVkgWOPZAcX+79LLvjMD/XJiKNgnazp
3tVBKhU9bwn+d4FQiia77HDrAYMadYX8P2kV86FLIPjUXFBPf6HiTGYAGQc9czsq
XkbAWlrRdo03QEqFWS3xHwWw5Mxq+RzF0Iblgd92pSY5EqK1n93Vuornn1hmXDja
js18y8WkgJ5Hy81hOevHCMeWt2moYiTeSdaf45R12sxL0oKa9WB5yOuLmA5KymkV
xbVtnlmjX14yLFGnsMI10Kfon2EtspQnAGSHmZ3uLQVtVb0sIh34R98Dht4BAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUFJKwvfv/eIHcy/YatWw1qIfFVVAwHwYDVR0j
BBgwFoAUPI5fQfOvdA6UJ/jtI1wSAJiqDCEwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQ0txYWJTeEpEbTlLZGtoM3kzRk0zVkZVVEtZQVFIVWI1WFZzRnFwbndp
U2IvMC8zQzhFNUY0MUYzQUY3NDBFOTQyN0Y4RUQyMzVDMTIwMDk4QUEwQzIxLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzNDOEU1RjQxRjNBRjc0MEU5
NDI3RjhFRDIzNUMxMjAwOThBQTBDMjEuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0NLcWFiU3hKRG05S2RraDN5M0ZNM1ZGVVRLWUFRSFViNVhWc0ZxcG53aVNiLzAv
MzEzNzMwMmUzODMwMmUzMjM1MzIyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNTMz
MzAzNzM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCqlD8MA0GCSqGSIb3DQEBCwUAA4IBAQCvJyAmMLVr
hwAzVLkKdN13/s/OOnDLR2UngvRNX5DdSWsypi9CA1r3sTvR1qTCSXLzZV9Lw5We
IrKjjNNEYWSyKngKz1WYanGkjGLPJicueUcfA5Cvo6EwBxZHSeqb5If5yMfFkOBJ
QAMrdcSYEjuJ7rpCOq8F0DiVebsTJndwfMOGtKBENUFLJOBI1Uo6JTHehK05LWxU
A3eaa15zESqpBtrkudu8+CyYmu834W1pYcm17ptRNVrurCa/jeenOUKxGuZANDUS
MAAEd+EybHRq3mgiZbrs1SxyR6gZwV38b+LG8w3Iz5gd430A74fzvhy/h6cFEEp4
pWH/fodGC7nj
-----END CERTIFICATE-----
Generated at Mon Jun 9 18:56:04 2025 by rpki-client