Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/DxnXiRB3zsCLBGcsZgaRsKLb7s3swHx3voVx4yTkJqrs/0/3133382e302e3230342e302f32322d3234203d3e20323634353536.roa
File:                     3133382e302e3230342e302f32322d3234203d3e20323634353536.roa (raw, json)
Hash identifier:          Bp/MXpC4FvWK4Yo9ZUl+rpN/2KDLvDApID7I3LrdZiw=
Subject key identifier:   5C:23:CC:FB:65:C3:2B:4E:36:52:79:75:07:61:04:CC:F6:30:01:DD
Certificate issuer:       /CN=D23F9BF77CC1B32DE1FEEA208F14CD3438A4DCBE
Certificate serial:       4A6534B60B0E46D75AD6095F15433951B43AFAFB
Authority key identifier: D2:3F:9B:F7:7C:C1:B3:2D:E1:FE:EA:20:8F:14:CD:34:38:A4:DC:BE
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D23F9BF77CC1B32DE1FEEA208F14CD3438A4DCBE.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/DxnXiRB3zsCLBGcsZgaRsKLb7s3swHx3voVx4yTkJqrs/0/3133382e302e3230342e302f32322d3234203d3e20323634353536.roa
Signing time:             Mon 19 May 2025 14:53:16 +0000
ROA not before:           Mon 19 May 2025 14:48:16 +0000
ROA not after:            Mon 18 May 2026 14:53:16 +0000
asID:                     264556
IP address blocks:        138.0.204.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/DxnXiRB3zsCLBGcsZgaRsKLb7s3swHx3voVx4yTkJqrs/0/D23F9BF77CC1B32DE1FEEA208F14CD3438A4DCBE.crl
                          rsync://rpki-repo.registro.br/repo/DxnXiRB3zsCLBGcsZgaRsKLb7s3swHx3voVx4yTkJqrs/0/D23F9BF77CC1B32DE1FEEA208F14CD3438A4DCBE.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D23F9BF77CC1B32DE1FEEA208F14CD3438A4DCBE.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 18:23:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4a:65:34:b6:0b:0e:46:d7:5a:d6:09:5f:15:43:39:51:b4:3a:fa:fb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D23F9BF77CC1B32DE1FEEA208F14CD3438A4DCBE
        Validity
            Not Before: May 19 14:48:16 2025 GMT
            Not After : May 18 14:53:16 2026 GMT
        Subject: CN=5C23CCFB65C32B4E36527975076104CCF63001DD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:80:5f:2e:c1:04:f1:94:a7:e6:75:06:04:52:
                    83:fe:15:07:16:67:15:3c:94:1a:55:dd:6e:fb:50:
                    fb:df:92:39:ba:9a:b5:e5:2e:f0:e4:58:b1:39:b3:
                    78:4b:a6:f8:32:c7:a0:34:f0:a7:72:54:2e:1c:57:
                    96:47:68:17:64:46:3f:c6:0d:c0:b9:c3:2e:86:42:
                    ed:f5:58:19:d2:53:9e:16:84:18:e3:4e:e2:01:12:
                    af:b1:2d:81:fb:17:f0:c7:3c:a8:b9:6a:61:27:bf:
                    f4:38:21:0a:ed:61:ac:dc:f2:85:c7:1e:6e:07:9e:
                    3d:fc:5e:33:72:d2:aa:b9:26:b3:f1:a8:2e:c2:62:
                    43:4b:38:08:82:b9:f6:12:30:e6:39:a9:fc:23:de:
                    fe:47:27:a4:5c:63:58:a4:67:d5:fc:72:fd:59:ca:
                    98:ca:98:06:f2:a8:5e:19:98:c3:31:ac:45:87:e2:
                    61:ce:1c:e5:1a:49:72:5c:df:22:06:7a:80:30:f7:
                    d6:d4:66:fa:16:b9:95:a7:e2:1c:1e:2a:9f:85:e5:
                    0b:94:31:1a:16:87:21:79:75:f8:4f:1c:97:f6:2c:
                    d3:1b:c9:62:57:7e:60:cf:c8:78:a6:d8:3d:fd:7f:
                    f0:c6:7b:2d:37:99:1d:00:19:78:ea:91:f2:2a:da:
                    0d:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5C:23:CC:FB:65:C3:2B:4E:36:52:79:75:07:61:04:CC:F6:30:01:DD
            X509v3 Authority Key Identifier:
                keyid:D2:3F:9B:F7:7C:C1:B3:2D:E1:FE:EA:20:8F:14:CD:34:38:A4:DC:BE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/DxnXiRB3zsCLBGcsZgaRsKLb7s3swHx3voVx4yTkJqrs/0/D23F9BF77CC1B32DE1FEEA208F14CD3438A4DCBE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D23F9BF77CC1B32DE1FEEA208F14CD3438A4DCBE.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/DxnXiRB3zsCLBGcsZgaRsKLb7s3swHx3voVx4yTkJqrs/0/3133382e302e3230342e302f32322d3234203d3e20323634353536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.0.204.0/22

    Signature Algorithm: sha256WithRSAEncryption
         99:7b:95:6e:c3:a7:80:c6:e4:31:ed:8e:bd:e4:1b:74:52:88:
         38:57:a5:14:a8:d0:34:87:31:b2:b0:8b:36:47:23:2d:d7:35:
         37:32:f3:a0:78:c8:c6:7a:71:df:63:d7:bb:80:69:4d:0a:fc:
         25:77:4b:8c:ca:3c:1e:92:4a:f1:26:f0:b3:7f:a5:01:fb:2d:
         e7:e8:60:9b:e2:09:da:81:f7:69:34:15:da:bb:bf:55:79:3a:
         cb:be:67:28:aa:b8:75:1c:83:33:1b:07:eb:4c:4b:bc:3e:7f:
         a5:5b:fc:c8:80:cc:f3:1f:36:d4:65:e4:e5:41:f6:2e:f2:4d:
         dc:34:10:92:20:64:b7:e2:5e:2c:88:09:92:6c:90:c8:ea:9f:
         79:18:c9:f0:84:0b:2a:47:3c:b8:06:78:8d:80:5c:48:e0:7d:
         a6:83:fb:52:8d:a3:e2:3d:53:b6:65:63:19:ac:81:6b:67:79:
         61:13:bf:b6:c2:3a:e5:f0:03:5b:23:3f:e2:c5:d0:b7:16:2c:
         70:4b:d6:0f:0b:a6:ac:c8:67:c8:b7:ad:5e:00:10:32:b4:4f:
         3e:b0:f7:c1:0e:77:5a:16:69:4a:a7:ee:1a:a8:dd:31:28:5f:
         8f:72:95:91:10:83:59:96:7a:01:96:77:89:be:b1:8c:82:e5:
         16:00:d7:bf
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUSmU0tgsORtda1glfFUM5UbQ6+vswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDIzRjlCRjc3Q0MxQjMyREUxRkVFQTIwOEYxNENEMzQz
OEE0RENCRTAeFw0yNTA1MTkxNDQ4MTZaFw0yNjA1MTgxNDUzMTZaMDMxMTAvBgNV
BAMTKDVDMjNDQ0ZCNjVDMzJCNEUzNjUyNzk3NTA3NjEwNENDRjYzMDAxREQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZgF8uwQTxlKfmdQYEUoP+FQcW
ZxU8lBpV3W77UPvfkjm6mrXlLvDkWLE5s3hLpvgyx6A08KdyVC4cV5ZHaBdkRj/G
DcC5wy6GQu31WBnSU54WhBjjTuIBEq+xLYH7F/DHPKi5amEnv/Q4IQrtYazc8oXH
Hm4Hnj38XjNy0qq5JrPxqC7CYkNLOAiCufYSMOY5qfwj3v5HJ6RcY1ikZ9X8cv1Z
ypjKmAbyqF4ZmMMxrEWH4mHOHOUaSXJc3yIGeoAw99bUZvoWuZWn4hweKp+F5QuU
MRoWhyF5dfhPHJf2LNMbyWJXfmDPyHim2D39f/DGey03mR0AGXjqkfIq2g0zAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUXCPM+2XDK042Unl1B2EEzPYwAd0wHwYDVR0j
BBgwFoAU0j+b93zBsy3h/uogjxTNNDik3L4wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRHhuWGlSQjN6c0NMQkdjc1pnYVJzS0xiN3Mzc3dIeDN2b1Z4NHlUa0px
cnMvMC9EMjNGOUJGNzdDQzFCMzJERTFGRUVBMjA4RjE0Q0QzNDM4QTREQ0JFLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0QyM0Y5QkY3N0NDMUIzMkRF
MUZFRUEyMDhGMTRDRDM0MzhBNERDQkUuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0R4blhpUkIzenNDTEJHY3NaZ2FSc0tMYjdzM3N3SHgzdm9WeDR5VGtKcXJzLzAv
MzEzMzM4MmUzMDJlMzIzMDM0MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM0
MzUzNTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCigDMMA0GCSqGSIb3DQEBCwUAA4IBAQCZe5Vuw6eA
xuQx7Y695Bt0Uog4V6UUqNA0hzGysIs2RyMt1zU3MvOgeMjGenHfY9e7gGlNCvwl
d0uMyjwekkrxJvCzf6UB+y3n6GCb4gnagfdpNBXau79VeTrLvmcoqrh1HIMzGwfr
TEu8Pn+lW/zIgMzzHzbUZeTlQfYu8k3cNBCSIGS34l4siAmSbJDI6p95GMnwhAsq
Rzy4BniNgFxI4H2mg/tSjaPiPVO2ZWMZrIFrZ3lhE7+2wjrl8ANbIz/ixdC3Fixw
S9YPC6asyGfIt61eABAytE8+sPfBDndaFmlKp+4aqN0xKF+PcpWREINZlnoBlneJ
vrGMguUWANe/
-----END CERTIFICATE-----
Generated at Mon Jun 9 21:13:48 2025 by rpki-client