Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/HhpbtAJ7rnPWLCrz2MMKGHU7XGZoUqWJ9pu1JGCfDvBf/0/3137302e3234352e31362e302f32322d3234203d3e20323633393931.roa
File:                     3137302e3234352e31362e302f32322d3234203d3e20323633393931.roa (raw, json)
Hash identifier:          HNUicqn6qSyWi2Wt9BIpemmTw/fvvp5aztIUAfpMo90=
Subject key identifier:   67:86:78:D2:AF:BE:8E:26:89:F3:C9:13:E5:21:2E:F6:AE:03:6D:D1
Certificate issuer:       /CN=971334C1223E510A2C0DAA6AC00F2D40330D6C48
Certificate serial:       130CF6EEB0614EA58EEC36BC9A7C070F0CB8D0DD
Authority key identifier: 97:13:34:C1:22:3E:51:0A:2C:0D:AA:6A:C0:0F:2D:40:33:0D:6C:48
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/971334C1223E510A2C0DAA6AC00F2D40330D6C48.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/HhpbtAJ7rnPWLCrz2MMKGHU7XGZoUqWJ9pu1JGCfDvBf/0/3137302e3234352e31362e302f32322d3234203d3e20323633393931.roa
Signing time:             Tue 06 May 2025 18:31:13 +0000
ROA not before:           Tue 06 May 2025 18:26:13 +0000
ROA not after:            Tue 05 May 2026 18:31:13 +0000
asID:                     263991
IP address blocks:        170.245.16.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/HhpbtAJ7rnPWLCrz2MMKGHU7XGZoUqWJ9pu1JGCfDvBf/0/971334C1223E510A2C0DAA6AC00F2D40330D6C48.crl
                          rsync://rpki-repo.registro.br/repo/HhpbtAJ7rnPWLCrz2MMKGHU7XGZoUqWJ9pu1JGCfDvBf/0/971334C1223E510A2C0DAA6AC00F2D40330D6C48.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/971334C1223E510A2C0DAA6AC00F2D40330D6C48.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 23:01:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:0c:f6:ee:b0:61:4e:a5:8e:ec:36:bc:9a:7c:07:0f:0c:b8:d0:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=971334C1223E510A2C0DAA6AC00F2D40330D6C48
        Validity
            Not Before: May  6 18:26:13 2025 GMT
            Not After : May  5 18:31:13 2026 GMT
        Subject: CN=678678D2AFBE8E2689F3C913E5212EF6AE036DD1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:d2:7a:ec:ac:0c:22:09:30:f1:03:ac:e3:c2:
                    ce:dc:1d:d7:f2:50:d5:d9:28:6a:09:86:7c:9c:27:
                    2b:5f:52:ff:a7:62:a6:10:ee:b8:74:d1:37:43:0f:
                    83:c8:46:41:7b:f8:77:a6:95:7b:04:bd:c4:5d:e2:
                    48:29:74:02:3d:45:b8:fa:b3:7a:60:1a:eb:12:5e:
                    f2:7d:f1:3c:fa:ec:b0:f7:c1:da:bf:89:25:b4:0a:
                    d5:44:c5:85:83:5f:de:c0:31:58:4b:31:b1:9e:62:
                    15:7c:5f:a6:be:a7:97:b5:32:6b:0c:15:e1:3c:2a:
                    b2:77:0d:ad:03:4b:16:0e:8a:4e:c7:e5:ee:d2:7a:
                    a9:1c:55:9b:91:85:ba:af:da:8b:77:24:9c:c8:71:
                    41:2d:9c:12:74:8a:24:04:39:5f:ae:3e:5a:d4:da:
                    35:ad:c3:c0:ce:57:af:45:c7:67:0d:8b:02:3e:b6:
                    3b:0d:b6:ba:df:f8:83:77:69:5c:d7:ff:a6:67:24:
                    17:c6:2f:b8:b7:76:d6:69:b8:e9:8a:6d:23:91:58:
                    f3:4f:e2:55:2e:4a:90:a7:e5:8c:99:fd:f2:f3:cc:
                    fd:c8:a5:02:40:47:2d:3d:20:f0:32:8d:17:f9:d3:
                    3a:c6:ed:a0:7a:7f:e1:14:d6:63:c5:c6:58:c4:2a:
                    16:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:86:78:D2:AF:BE:8E:26:89:F3:C9:13:E5:21:2E:F6:AE:03:6D:D1
            X509v3 Authority Key Identifier:
                keyid:97:13:34:C1:22:3E:51:0A:2C:0D:AA:6A:C0:0F:2D:40:33:0D:6C:48

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/HhpbtAJ7rnPWLCrz2MMKGHU7XGZoUqWJ9pu1JGCfDvBf/0/971334C1223E510A2C0DAA6AC00F2D40330D6C48.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/971334C1223E510A2C0DAA6AC00F2D40330D6C48.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/HhpbtAJ7rnPWLCrz2MMKGHU7XGZoUqWJ9pu1JGCfDvBf/0/3137302e3234352e31362e302f32322d3234203d3e20323633393931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.245.16.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6c:94:bd:a9:44:0d:d1:92:d5:98:6e:3d:62:41:0c:ed:f1:96:
         22:df:1f:a4:d0:cf:da:2f:6a:91:19:8c:1d:4c:9a:78:df:9f:
         10:f3:6d:27:e1:73:46:f7:7b:df:c1:84:0f:e5:a3:90:51:dd:
         42:09:64:20:e9:d9:6e:52:de:44:39:43:26:68:32:9a:4a:51:
         82:49:a4:d8:8e:0e:f7:d7:a1:d3:99:f1:90:78:27:f9:a1:99:
         52:35:eb:66:20:b8:ae:11:b5:b8:15:e4:8e:52:3e:7a:3c:45:
         16:39:4b:45:98:46:9f:5e:5b:3b:6a:ce:ab:ef:1b:5b:37:55:
         ca:a3:7b:90:c9:24:90:23:a0:fb:27:96:be:5e:2f:8a:8d:51:
         40:20:46:05:ea:3b:19:88:ff:3d:2c:14:99:4e:ef:47:52:b0:
         7b:cf:f4:65:01:49:ca:6a:9c:4a:8b:4e:71:de:04:1f:13:20:
         66:a7:b1:af:5d:09:53:65:30:8b:66:38:14:c1:11:f6:db:9c:
         da:57:ca:15:ce:71:d9:83:55:fd:04:27:51:8c:78:3d:41:ac:
         b3:23:a1:06:d0:0f:76:97:fe:05:ce:ff:f9:3d:7c:70:9b:c7:
         d4:b4:76:ab:87:fd:28:1f:81:f7:7c:f1:03:85:62:64:88:e9:
         67:8d:82:5a
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUEwz27rBhTqWO7Da8mnwHDwy40N0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTcxMzM0QzEyMjNFNTEwQTJDMERBQTZBQzAwRjJENDAz
MzBENkM0ODAeFw0yNTA1MDYxODI2MTNaFw0yNjA1MDUxODMxMTNaMDMxMTAvBgNV
BAMTKDY3ODY3OEQyQUZCRThFMjY4OUYzQzkxM0U1MjEyRUY2QUUwMzZERDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx0nrsrAwiCTDxA6zjws7cHdfy
UNXZKGoJhnycJytfUv+nYqYQ7rh00TdDD4PIRkF7+HemlXsEvcRd4kgpdAI9Rbj6
s3pgGusSXvJ98Tz67LD3wdq/iSW0CtVExYWDX97AMVhLMbGeYhV8X6a+p5e1MmsM
FeE8KrJ3Da0DSxYOik7H5e7SeqkcVZuRhbqv2ot3JJzIcUEtnBJ0iiQEOV+uPlrU
2jWtw8DOV69Fx2cNiwI+tjsNtrrf+IN3aVzX/6ZnJBfGL7i3dtZpuOmKbSORWPNP
4lUuSpCn5YyZ/fLzzP3IpQJARy09IPAyjRf50zrG7aB6f+EU1mPFxljEKhbjAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUZ4Z40q++jiaJ88kT5SEu9q4DbdEwHwYDVR0j
BBgwFoAUlxM0wSI+UQosDapqwA8tQDMNbEgwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vSGhwYnRBSjdyblBXTENyejJNTUtHSFU3WEdab1VxV0o5cHUxSkdDZkR2
QmYvMC85NzEzMzRDMTIyM0U1MTBBMkMwREFBNkFDMDBGMkQ0MDMzMEQ2QzQ4LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzk3MTMzNEMxMjIzRTUxMEEy
QzBEQUE2QUMwMEYyRDQwMzMwRDZDNDguY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0hocGJ0QUo3cm5QV0xDcnoyTU1LR0hVN1hHWm9VcVdKOXB1MUpHQ2ZEdkJmLzAv
MzEzNzMwMmUzMjM0MzUyZTMxMzYyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzMjM2
MzMzOTM5MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAKq9RAwDQYJKoZIhvcNAQELBQADggEBAGyUvalE
DdGS1ZhuPWJBDO3xliLfH6TQz9ovapEZjB1MmnjfnxDzbSfhc0b3e9/BhA/lo5BR
3UIJZCDp2W5S3kQ5QyZoMppKUYJJpNiODvfXodOZ8ZB4J/mhmVI162YguK4RtbgV
5I5SPno8RRY5S0WYRp9eWztqzqvvG1s3Vcqje5DJJJAjoPsnlr5eL4qNUUAgRgXq
OxmI/z0sFJlO70dSsHvP9GUBScpqnEqLTnHeBB8TIGansa9dCVNlMItmOBTBEfbb
nNpXyhXOcdmDVf0EJ1GMeD1BrLMjoQbQD3aX/gXO//k9fHCbx9S0dquH/Sgfgfd8
8QOFYmSI6WeNglo=
-----END CERTIFICATE-----
Generated at Tue Jun 10 12:38:06 2025 by rpki-client