Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/FSfoj4MNKpnaBu855MxMj3MjYhu3ovmS22Xpx4LD6SPQ/0/3137372e3133372e32312e302f32342d3332203d3e203533323235.roa
File:                     3137372e3133372e32312e302f32342d3332203d3e203533323235.roa (raw, json)
Hash identifier:          qblReT+fPzPM4EhmmtXkwOqz7ckprYjUy5VXFwO2tj4=
Subject key identifier:   87:BB:1F:0A:7D:96:D3:B1:D9:43:98:A4:DD:1A:F4:B6:9E:47:14:D8
Certificate issuer:       /CN=72D21565C0A508FC2BDEA7768D0F4AEFD6CD19F1
Certificate serial:       461B9AACA235AF39989C7092D028C4C69B893928
Authority key identifier: 72:D2:15:65:C0:A5:08:FC:2B:DE:A7:76:8D:0F:4A:EF:D6:CD:19:F1
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/72D21565C0A508FC2BDEA7768D0F4AEFD6CD19F1.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/FSfoj4MNKpnaBu855MxMj3MjYhu3ovmS22Xpx4LD6SPQ/0/3137372e3133372e32312e302f32342d3332203d3e203533323235.roa
Signing time:             Wed 07 May 2025 17:03:37 +0000
ROA not before:           Wed 07 May 2025 16:58:37 +0000
ROA not after:            Wed 06 May 2026 17:03:37 +0000
asID:                     53225
IP address blocks:        177.137.21.0/24 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/FSfoj4MNKpnaBu855MxMj3MjYhu3ovmS22Xpx4LD6SPQ/0/72D21565C0A508FC2BDEA7768D0F4AEFD6CD19F1.crl
                          rsync://rpki-repo.registro.br/repo/FSfoj4MNKpnaBu855MxMj3MjYhu3ovmS22Xpx4LD6SPQ/0/72D21565C0A508FC2BDEA7768D0F4AEFD6CD19F1.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/72D21565C0A508FC2BDEA7768D0F4AEFD6CD19F1.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 12 Jun 2025 15:45:48 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:1b:9a:ac:a2:35:af:39:98:9c:70:92:d0:28:c4:c6:9b:89:39:28
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72D21565C0A508FC2BDEA7768D0F4AEFD6CD19F1
        Validity
            Not Before: May  7 16:58:37 2025 GMT
            Not After : May  6 17:03:37 2026 GMT
        Subject: CN=87BB1F0A7D96D3B1D94398A4DD1AF4B69E4714D8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:91:9f:db:59:8a:ab:d2:36:b2:78:17:8f:d0:
                    8a:12:c6:73:66:70:71:43:ce:ae:7b:3c:0a:8d:d9:
                    19:9a:71:db:f7:99:02:41:cf:ca:a5:d8:84:e9:af:
                    01:ca:eb:5b:dc:73:d8:91:42:b1:55:2d:88:f3:f0:
                    12:60:74:e0:6b:20:ef:88:e0:c6:9b:e5:1e:30:e8:
                    c4:43:db:3a:f8:da:f1:40:16:b8:9f:af:39:e3:39:
                    8e:ed:e9:e5:a1:05:8f:e0:fa:7a:f5:a8:ea:35:f2:
                    b6:a5:cb:23:68:bc:d8:06:f4:c9:a9:7d:d2:4e:91:
                    a1:f7:5c:21:1c:2f:35:79:ca:e6:3c:2a:3e:3a:d4:
                    29:fd:31:ac:07:05:49:42:52:83:28:77:05:c1:04:
                    d3:49:4d:1a:bf:53:54:96:3c:cc:3e:d6:b6:05:c0:
                    31:94:39:b3:e7:77:ed:c0:0a:c4:7e:6f:05:38:79:
                    72:08:c8:63:05:5d:df:73:33:85:21:71:14:43:e7:
                    9b:e4:d9:d8:12:7c:10:54:1c:b4:c9:2e:ab:19:fd:
                    33:62:2f:00:19:e3:75:55:2a:41:05:e3:9c:3d:a8:
                    79:91:b0:56:ff:58:e4:81:b3:54:c5:13:fa:ab:2a:
                    e7:0e:85:da:99:4d:e9:52:35:93:4b:7d:02:b8:cb:
                    f9:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                87:BB:1F:0A:7D:96:D3:B1:D9:43:98:A4:DD:1A:F4:B6:9E:47:14:D8
            X509v3 Authority Key Identifier:
                keyid:72:D2:15:65:C0:A5:08:FC:2B:DE:A7:76:8D:0F:4A:EF:D6:CD:19:F1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/FSfoj4MNKpnaBu855MxMj3MjYhu3ovmS22Xpx4LD6SPQ/0/72D21565C0A508FC2BDEA7768D0F4AEFD6CD19F1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/72D21565C0A508FC2BDEA7768D0F4AEFD6CD19F1.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/FSfoj4MNKpnaBu855MxMj3MjYhu3ovmS22Xpx4LD6SPQ/0/3137372e3133372e32312e302f32342d3332203d3e203533323235.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.137.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1f:b3:b3:51:2a:ae:20:52:33:23:86:81:fc:6b:3f:42:1e:ce:
         2e:2d:de:88:0c:a5:ff:7d:bd:39:2e:6a:40:b3:ec:4e:b3:45:
         77:e8:72:0f:be:d3:69:55:9c:fb:b9:d7:d9:0c:d8:4a:af:44:
         84:7e:a6:36:be:8e:de:88:7f:14:63:79:47:f0:7f:ed:5b:cb:
         7d:b7:d4:98:04:33:b8:5c:8b:71:fd:da:91:0b:e9:6b:64:01:
         4b:66:c7:aa:4d:5b:ab:68:73:59:b0:9b:f0:d7:61:6d:da:79:
         b3:2b:f5:48:da:00:5a:9b:f4:97:63:0e:59:43:28:81:de:97:
         7a:9b:32:5a:6b:48:84:3a:ba:98:39:14:a2:e0:b3:a6:f5:b0:
         af:4c:84:f5:65:6c:20:71:8d:00:9c:ca:cc:f4:42:c6:31:1d:
         70:f5:12:9d:db:b5:d9:ee:a1:92:4f:28:35:43:ad:0f:0c:9e:
         05:88:b9:dc:2a:a9:a6:67:49:ff:4e:fb:b1:4d:35:dd:11:12:
         d7:9c:9b:de:e5:9b:32:3b:1c:7c:b9:70:b2:82:a9:f0:02:a7:
         35:54:95:49:dd:a6:03:99:e9:34:c8:c3:e0:77:02:85:dd:4b:
         99:cb:11:f1:81:6e:5b:3d:85:30:bf:a7:2e:46:43:e4:12:e9:
         dc:df:40:89
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIURhuarKI1rzmYnHCS0CjExpuJOSgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzJEMjE1NjVDMEE1MDhGQzJCREVBNzc2OEQwRjRBRUZE
NkNEMTlGMTAeFw0yNTA1MDcxNjU4MzdaFw0yNjA1MDYxNzAzMzdaMDMxMTAvBgNV
BAMTKDg3QkIxRjBBN0Q5NkQzQjFEOTQzOThBNEREMUFGNEI2OUU0NzE0RDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDFkZ/bWYqr0jayeBeP0IoSxnNm
cHFDzq57PAqN2Rmacdv3mQJBz8ql2ITprwHK61vcc9iRQrFVLYjz8BJgdOBrIO+I
4Mab5R4w6MRD2zr42vFAFrifrznjOY7t6eWhBY/g+nr1qOo18ralyyNovNgG9Mmp
fdJOkaH3XCEcLzV5yuY8Kj461Cn9MawHBUlCUoModwXBBNNJTRq/U1SWPMw+1rYF
wDGUObPnd+3ACsR+bwU4eXIIyGMFXd9zM4UhcRRD55vk2dgSfBBUHLTJLqsZ/TNi
LwAZ43VVKkEF45w9qHmRsFb/WOSBs1TFE/qrKucOhdqZTelSNZNLfQK4y/ktAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUh7sfCn2W07HZQ5ik3Rr0tp5HFNgwHwYDVR0j
BBgwFoAUctIVZcClCPwr3qd2jQ9K79bNGfEwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRlNmb2o0TU5LcG5hQnU4NTVNeE1qM01qWWh1M292bVMyMlhweDRMRDZT
UFEvMC83MkQyMTU2NUMwQTUwOEZDMkJERUE3NzY4RDBGNEFFRkQ2Q0QxOUYxLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzcyRDIxNTY1QzBBNTA4RkMy
QkRFQTc3NjhEMEY0QUVGRDZDRDE5RjEuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0ZTZm9qNE1OS3BuYUJ1ODU1TXhNajNNallodTNvdm1TMjJYcHg0TEQ2U1BRLzAv
MzEzNzM3MmUzMTMzMzcyZTMyMzEyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMz
MzIzMjM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAsYkVMA0GCSqGSIb3DQEBCwUAA4IBAQAfs7NRKq4g
UjMjhoH8az9CHs4uLd6IDKX/fb05LmpAs+xOs0V36HIPvtNpVZz7udfZDNhKr0SE
fqY2vo7eiH8UY3lH8H/tW8t9t9SYBDO4XItx/dqRC+lrZAFLZseqTVuraHNZsJvw
12Ft2nmzK/VI2gBam/SXYw5ZQyiB3pd6mzJaa0iEOrqYORSi4LOm9bCvTIT1ZWwg
cY0AnMrM9ELGMR1w9RKd27XZ7qGSTyg1Q60PDJ4FiLncKqmmZ0n/TvuxTTXdERLX
nJve5ZsyOxx8uXCygqnwAqc1VJVJ3aYDmek0yMPgdwKF3UuZyxHxgW5bPYUwv6cu
RkPkEunc30CJ
-----END CERTIFICATE-----
Generated at Thu Jun 12 04:08:00 2025 by rpki-client