Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/DV4QR1rboQjucbuLzDBEZKWLZrnjtPyYzM9kFc6mWcHU/0/3137302e3234372e36342e302f32322d3234203d3e203532353932.roa
File:                     3137302e3234372e36342e302f32322d3234203d3e203532353932.roa (raw, json)
Hash identifier:          8fyLTweS0k9O7hpJEh3lgr+BITcPp0nzYZvIMf2Fce4=
Subject key identifier:   F6:91:90:0A:F4:5C:81:B7:B5:87:8A:EC:D2:76:F1:16:27:5C:C1:FD
Certificate issuer:       /CN=CFF957416ABC451AD3955260CF69F31756051BD6
Certificate serial:       09946AD428779308F7A9889E30818A6E7EFF859F
Authority key identifier: CF:F9:57:41:6A:BC:45:1A:D3:95:52:60:CF:69:F3:17:56:05:1B:D6
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/CFF957416ABC451AD3955260CF69F31756051BD6.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/DV4QR1rboQjucbuLzDBEZKWLZrnjtPyYzM9kFc6mWcHU/0/3137302e3234372e36342e302f32322d3234203d3e203532353932.roa
Signing time:             Thu 29 May 2025 12:47:52 +0000
ROA not before:           Thu 29 May 2025 12:42:52 +0000
ROA not after:            Thu 28 May 2026 12:47:52 +0000
asID:                     52592
IP address blocks:        170.247.64.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/DV4QR1rboQjucbuLzDBEZKWLZrnjtPyYzM9kFc6mWcHU/0/CFF957416ABC451AD3955260CF69F31756051BD6.crl
                          rsync://rpki-repo.registro.br/repo/DV4QR1rboQjucbuLzDBEZKWLZrnjtPyYzM9kFc6mWcHU/0/CFF957416ABC451AD3955260CF69F31756051BD6.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/CFF957416ABC451AD3955260CF69F31756051BD6.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 20:14:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:94:6a:d4:28:77:93:08:f7:a9:88:9e:30:81:8a:6e:7e:ff:85:9f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=CFF957416ABC451AD3955260CF69F31756051BD6
        Validity
            Not Before: May 29 12:42:52 2025 GMT
            Not After : May 28 12:47:52 2026 GMT
        Subject: CN=F691900AF45C81B7B5878AECD276F116275CC1FD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:4a:ea:24:9e:11:fc:40:7d:b4:9c:ce:97:c1:
                    8c:90:6c:49:34:5e:1b:7e:74:8b:f1:5d:60:cc:b2:
                    e1:ca:b1:4e:40:b2:35:42:4e:1b:cb:3e:f5:12:5d:
                    b6:db:ee:21:83:75:42:c2:fb:cc:46:9a:b0:62:a9:
                    17:c9:1b:21:ba:a1:b3:12:67:0a:28:b8:af:ab:66:
                    ca:8c:5d:0e:47:89:7b:ba:28:02:0e:01:d5:d6:8f:
                    bc:5c:9f:70:1b:49:88:9a:6c:ba:56:87:01:60:32:
                    40:5a:11:96:d1:5e:35:6e:f0:23:6d:9b:6e:d1:75:
                    bf:f9:45:6f:4b:c7:49:50:37:1b:09:8e:d9:e2:ee:
                    26:87:5f:09:11:71:6a:47:44:6f:d9:87:e7:35:c4:
                    31:9e:31:b1:3b:15:61:3b:30:4d:85:94:89:de:44:
                    00:7f:52:e1:35:e4:b8:23:58:29:92:9d:ae:f0:37:
                    12:91:c8:69:18:fe:bb:8e:68:59:38:89:b4:89:4a:
                    b2:8f:b7:0a:6c:8b:a4:ac:fc:65:2f:37:06:68:a4:
                    12:2c:b4:25:3e:cb:d9:c3:96:15:0c:d5:18:f7:7d:
                    03:8b:de:cb:a9:91:fe:58:14:79:66:d3:a0:f4:64:
                    dc:a1:e6:59:cb:bf:bc:b9:c6:da:eb:d8:28:c2:d9:
                    a3:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:91:90:0A:F4:5C:81:B7:B5:87:8A:EC:D2:76:F1:16:27:5C:C1:FD
            X509v3 Authority Key Identifier:
                keyid:CF:F9:57:41:6A:BC:45:1A:D3:95:52:60:CF:69:F3:17:56:05:1B:D6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/DV4QR1rboQjucbuLzDBEZKWLZrnjtPyYzM9kFc6mWcHU/0/CFF957416ABC451AD3955260CF69F31756051BD6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/CFF957416ABC451AD3955260CF69F31756051BD6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/DV4QR1rboQjucbuLzDBEZKWLZrnjtPyYzM9kFc6mWcHU/0/3137302e3234372e36342e302f32322d3234203d3e203532353932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.247.64.0/22

    Signature Algorithm: sha256WithRSAEncryption
         76:56:7b:f5:19:a9:87:7d:39:8c:d1:ae:98:58:c3:e4:3f:4d:
         49:59:59:3d:0e:89:1b:17:d6:c4:83:79:39:a1:a3:22:62:12:
         ab:3e:2a:9c:6b:4d:19:50:18:ea:5a:ac:fc:af:da:9a:be:14:
         de:93:e6:47:11:0a:f9:f0:c8:57:1f:7f:f8:0f:ce:da:35:5f:
         a2:bc:a9:e9:0d:65:14:25:b9:71:da:27:a2:89:1d:1e:a0:6c:
         ed:96:f3:cd:8a:f7:13:bf:28:8b:8b:cd:5e:ae:70:a0:b2:bb:
         04:19:44:17:de:f8:8a:68:42:4e:dd:51:e8:8d:ef:0a:c0:d1:
         48:cf:8c:a2:bf:d2:4a:d2:7a:74:94:25:c8:35:2f:40:70:17:
         83:76:d9:cd:b5:b3:31:6f:1f:57:b6:61:f5:ee:fb:ee:8f:89:
         fc:8b:05:52:c8:12:0a:55:69:85:8d:67:10:c0:cd:94:58:62:
         bc:04:5a:b9:58:42:b3:83:d8:f6:6f:9c:c0:01:12:86:7c:9e:
         55:f7:2e:41:68:17:48:fe:30:62:6e:f1:b3:94:c6:19:2d:f2:
         1b:33:bf:b7:a4:4d:29:d8:03:f9:8c:24:bd:fb:e6:f7:50:0b:
         ad:fb:17:7a:74:7b:f3:18:88:11:35:b7:1b:6a:59:8c:46:35:
         2f:51:a9:98
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUCZRq1Ch3kwj3qYieMIGKbn7/hZ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQ0ZGOTU3NDE2QUJDNDUxQUQzOTU1MjYwQ0Y2OUYzMTc1
NjA1MUJENjAeFw0yNTA1MjkxMjQyNTJaFw0yNjA1MjgxMjQ3NTJaMDMxMTAvBgNV
BAMTKEY2OTE5MDBBRjQ1QzgxQjdCNTg3OEFFQ0QyNzZGMTE2Mjc1Q0MxRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVSuoknhH8QH20nM6XwYyQbEk0
Xht+dIvxXWDMsuHKsU5AsjVCThvLPvUSXbbb7iGDdULC+8xGmrBiqRfJGyG6obMS
ZwoouK+rZsqMXQ5HiXu6KAIOAdXWj7xcn3AbSYiabLpWhwFgMkBaEZbRXjVu8CNt
m27Rdb/5RW9Lx0lQNxsJjtni7iaHXwkRcWpHRG/Zh+c1xDGeMbE7FWE7ME2FlIne
RAB/UuE15LgjWCmSna7wNxKRyGkY/ruOaFk4ibSJSrKPtwpsi6Ss/GUvNwZopBIs
tCU+y9nDlhUM1Rj3fQOL3supkf5YFHlm06D0ZNyh5lnLv7y5xtrr2CjC2aMLAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQU9pGQCvRcgbe1h4rs0nbxFidcwf0wHwYDVR0j
BBgwFoAUz/lXQWq8RRrTlVJgz2nzF1YFG9YwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRFY0UVIxcmJvUWp1Y2J1THpEQkVaS1dMWnJuanRQeVl6TTlrRmM2bVdj
SFUvMC9DRkY5NTc0MTZBQkM0NTFBRDM5NTUyNjBDRjY5RjMxNzU2MDUxQkQ2LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0NGRjk1NzQxNkFCQzQ1MUFE
Mzk1NTI2MENGNjlGMzE3NTYwNTFCRDYuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0RWNFFSMXJib1FqdWNidUx6REJFWktXTFpybmp0UHlZek05a0ZjNm1XY0hVLzAv
MzEzNzMwMmUzMjM0MzcyZTM2MzQyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNTMy
MzUzOTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCqvdAMA0GCSqGSIb3DQEBCwUAA4IBAQB2Vnv1GamH
fTmM0a6YWMPkP01JWVk9DokbF9bEg3k5oaMiYhKrPiqca00ZUBjqWqz8r9qavhTe
k+ZHEQr58MhXH3/4D87aNV+ivKnpDWUUJblx2ieiiR0eoGztlvPNivcTvyiLi81e
rnCgsrsEGUQX3viKaEJO3VHoje8KwNFIz4yiv9JK0np0lCXINS9AcBeDdtnNtbMx
bx9XtmH17vvuj4n8iwVSyBIKVWmFjWcQwM2UWGK8BFq5WEKzg9j2b5zAARKGfJ5V
9y5BaBdI/jBibvGzlMYZLfIbM7+3pE0p2AP5jCS9++b3UAut+xd6dHvzGIgRNbcb
almMRjUvUamY
-----END CERTIFICATE-----
Generated at Tue Jun 10 07:29:50 2025 by rpki-client