Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/KiEkP5zy2dnvxp3ZeGdG1aPAhA6s5ZYxjuJYh8vCVBx/0/3230302e3231352e3136302e302f32322d3234203d3e20323633363536.roa
File:                     3230302e3231352e3136302e302f32322d3234203d3e20323633363536.roa (raw, json)
Hash identifier:          agAzEIBQii/fLQBWlK1tw3q7jO7PA4TV/yVcX5UOKXY=
Subject key identifier:   C7:86:E3:8F:1D:CD:7E:87:21:A2:8B:94:16:92:17:DD:28:97:60:84
Certificate issuer:       /CN=E1D88A3412BFA4DB8D3C7F3CE9BDCA998F42B150
Certificate serial:       217A9860F6894C2F517979F5941BA88903405DCF
Authority key identifier: E1:D8:8A:34:12:BF:A4:DB:8D:3C:7F:3C:E9:BD:CA:99:8F:42:B1:50
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/E1D88A3412BFA4DB8D3C7F3CE9BDCA998F42B150.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/KiEkP5zy2dnvxp3ZeGdG1aPAhA6s5ZYxjuJYh8vCVBx/0/3230302e3231352e3136302e302f32322d3234203d3e20323633363536.roa
Signing time:             Tue 30 Jun 2026 14:35:12 +0000
ROA not before:           Tue 30 Jun 2026 14:30:12 +0000
ROA not after:            Tue 29 Jun 2027 14:35:12 +0000
asID:                     263656
IP address blocks:        200.215.160.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/KiEkP5zy2dnvxp3ZeGdG1aPAhA6s5ZYxjuJYh8vCVBx/0/E1D88A3412BFA4DB8D3C7F3CE9BDCA998F42B150.crl
                          rsync://rpki-repo.registro.br/repo/KiEkP5zy2dnvxp3ZeGdG1aPAhA6s5ZYxjuJYh8vCVBx/0/E1D88A3412BFA4DB8D3C7F3CE9BDCA998F42B150.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/E1D88A3412BFA4DB8D3C7F3CE9BDCA998F42B150.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 09 Jul 2026 19:52:16 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            21:7a:98:60:f6:89:4c:2f:51:79:79:f5:94:1b:a8:89:03:40:5d:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E1D88A3412BFA4DB8D3C7F3CE9BDCA998F42B150
        Validity
            Not Before: Jun 30 14:30:12 2026 GMT
            Not After : Jun 29 14:35:12 2027 GMT
        Subject: CN=C786E38F1DCD7E8721A28B94169217DD28976084
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:73:4e:e0:d9:9e:75:f5:f2:59:24:3d:ce:02:
                    ec:fc:e9:64:d2:08:9f:8c:72:22:0f:9f:a4:f3:d2:
                    90:22:0a:b6:1d:ba:7c:fd:c7:74:df:18:3f:12:43:
                    87:3b:4a:f9:90:38:77:ef:a5:14:30:27:02:b8:b1:
                    dc:5f:e7:6d:6d:aa:2f:ea:bf:de:08:a7:48:3c:26:
                    92:50:4f:c5:07:eb:f6:33:b9:59:ea:cb:48:07:dd:
                    72:09:16:db:ae:99:c1:e2:f1:47:d7:9e:5d:7d:48:
                    47:7a:d7:58:6f:3f:b4:0b:d9:42:18:6b:5c:b2:22:
                    fd:3f:e1:0d:48:04:77:c7:2c:b8:97:27:72:fb:12:
                    b0:c1:23:7e:54:9e:91:23:fc:6e:44:db:1a:75:78:
                    c9:2f:c4:74:53:e3:25:c5:fb:00:5e:76:5a:35:c9:
                    09:31:af:5b:31:70:30:2d:cd:89:ef:a6:fe:01:e3:
                    11:cf:d1:f1:2f:6a:3c:08:6c:63:41:43:a0:c7:3c:
                    51:0b:b8:b5:a7:b1:8a:ae:70:f6:e1:43:29:50:0e:
                    78:32:59:ea:ad:bd:9c:11:fa:04:1e:9f:15:ae:36:
                    fe:85:c9:25:56:59:5d:fe:a9:de:2c:db:32:43:93:
                    53:ae:33:c3:48:bd:20:5b:b4:27:85:ca:b0:59:e8:
                    45:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:86:E3:8F:1D:CD:7E:87:21:A2:8B:94:16:92:17:DD:28:97:60:84
            X509v3 Authority Key Identifier:
                keyid:E1:D8:8A:34:12:BF:A4:DB:8D:3C:7F:3C:E9:BD:CA:99:8F:42:B1:50

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/KiEkP5zy2dnvxp3ZeGdG1aPAhA6s5ZYxjuJYh8vCVBx/0/E1D88A3412BFA4DB8D3C7F3CE9BDCA998F42B150.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/E1D88A3412BFA4DB8D3C7F3CE9BDCA998F42B150.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/KiEkP5zy2dnvxp3ZeGdG1aPAhA6s5ZYxjuJYh8vCVBx/0/3230302e3231352e3136302e302f32322d3234203d3e20323633363536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.215.160.0/22

    Signature Algorithm: sha256WithRSAEncryption
         94:f0:c6:f1:b8:de:d9:56:a6:06:65:71:ef:34:c7:9f:d8:b3:
         74:e5:49:a5:a4:3e:58:9a:b4:13:fd:84:b3:79:68:5e:3b:07:
         13:53:ee:10:fb:64:fa:2b:52:fc:87:0e:6f:ed:93:78:f2:2a:
         0a:39:99:31:24:5c:55:3d:16:7c:de:b6:9a:e5:ea:01:8b:2b:
         58:da:74:c1:e5:b5:bb:b1:aa:e1:c8:fd:f2:25:d3:00:5a:d7:
         e7:41:43:5c:e0:2a:c2:d5:ad:b2:e6:fa:f2:22:9d:66:ec:72:
         b6:40:4f:11:21:c1:63:8d:d5:cf:ed:9e:58:0c:fc:e6:23:fc:
         19:bf:48:e0:1b:84:ce:80:ee:f7:e0:35:de:d3:90:eb:44:ab:
         62:56:d5:11:5d:be:4a:29:6f:b3:4f:45:67:e7:e3:8a:f5:02:
         b2:c5:40:51:be:e0:77:4d:90:00:17:b4:06:e0:36:36:d7:4f:
         19:c2:c6:b1:f2:1d:ef:6a:7f:29:4a:df:92:1c:ab:86:13:64:
         6a:17:ae:6d:39:d5:0f:6d:c2:dc:f2:cd:fc:db:ee:f7:1a:21:
         a0:bb:d4:be:7f:03:4f:ca:b1:cd:90:99:3e:c6:7a:5c:c9:56:
         5c:1d:78:dc:fc:5c:0a:93:30:32:a9:a0:eb:ec:86:eb:cd:ac:
         04:86:96:a6
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUIXqYYPaJTC9ReXn1lBuoiQNAXc8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTFEODhBMzQxMkJGQTREQjhEM0M3RjNDRTlCRENBOTk4
RjQyQjE1MDAeFw0yNjA2MzAxNDMwMTJaFw0yNzA2MjkxNDM1MTJaMDMxMTAvBgNV
BAMTKEM3ODZFMzhGMURDRDdFODcyMUEyOEI5NDE2OTIxN0REMjg5NzYwODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8c07g2Z519fJZJD3OAuz86WTS
CJ+MciIPn6Tz0pAiCrYdunz9x3TfGD8SQ4c7SvmQOHfvpRQwJwK4sdxf521tqi/q
v94Ip0g8JpJQT8UH6/YzuVnqy0gH3XIJFtuumcHi8UfXnl19SEd611hvP7QL2UIY
a1yyIv0/4Q1IBHfHLLiXJ3L7ErDBI35UnpEj/G5E2xp1eMkvxHRT4yXF+wBedlo1
yQkxr1sxcDAtzYnvpv4B4xHP0fEvajwIbGNBQ6DHPFELuLWnsYqucPbhQylQDngy
WeqtvZwR+gQenxWuNv6FySVWWV3+qd4s2zJDk1OuM8NIvSBbtCeFyrBZ6EWhAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUx4bjjx3NfochoouUFpIX3SiXYIQwHwYDVR0j
BBgwFoAU4diKNBK/pNuNPH886b3KmY9CsVAwDgYDVR0PAQH/BAQDAgeAMIGSBgNV
HR8EgYowgYcwgYSggYGgf4Z9cnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIv
cmVwby9LaUVrUDV6eTJkbnZ4cDNaZUdkRzFhUEFoQTZzNVpZeGp1SlloOHZDVkJ4
LzAvRTFEODhBMzQxMkJGQTREQjhEM0M3RjNDRTlCRENBOTk4RjQyQjE1MC5jcmww
eAYIKwYBBQUHAQEEbDBqMGgGCCsGAQUFBzAChlxyc3luYzovL3Jwa2ktcmVwby5y
ZWdpc3Ryby5ici9yZXBvL25pY2JyX3JlcG8vMS9FMUQ4OEEzNDEyQkZBNERCOEQz
QzdGM0NFOUJEQ0E5OThGNDJCMTUwLmNlcjCBrwYIKwYBBQUHAQsEgaIwgZ8wgZwG
CCsGAQUFBzALhoGPcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby9L
aUVrUDV6eTJkbnZ4cDNaZUdkRzFhUEFoQTZzNVpZeGp1SlloOHZDVkJ4LzAvMzIz
MDMwMmUzMjMxMzUyZTMxMzYzMDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMyMzYz
MzM2MzUzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEAsjXoDANBgkqhkiG9w0BAQsFAAOCAQEAlPDG8bje
2VamBmVx7zTHn9izdOVJpaQ+WJq0E/2Es3loXjsHE1PuEPtk+itS/IcOb+2TePIq
CjmZMSRcVT0WfN62muXqAYsrWNp0weW1u7Gq4cj98iXTAFrX50FDXOAqwtWtsub6
8iKdZuxytkBPESHBY43Vz+2eWAz85iP8Gb9I4BuEzoDu9+A13tOQ60SrYlbVEV2+
Silvs09FZ+fjivUCssVAUb7gd02QABe0BuA2NtdPGcLGsfId72p/KUrfkhyrhhNk
aheubTnVD23C3PLN/Nvu9xohoLvUvn8DT8qxzZCZPsZ6XMlWXB143PxcCpMwMqmg
6+yG682sBIaWpg==
-----END CERTIFICATE-----
Generated at Wed Jul 8 21:06:08 2026 by rpki-client