Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/Yo8QeTbuKZ259i5qSYjeeU8okKAKU6L8ZFu1G5WLT1H/0/3133382e3138352e3235322e302f32342d3234203d3e20323633393430.roa
File:                     3133382e3138352e3235322e302f32342d3234203d3e20323633393430.roa (raw, json)
Hash identifier:          +2k2bVUxl0L7hxGBKu+9pL4HJLKBhba6qF30jBeePJ0=
Subject key identifier:   6B:51:AB:17:AE:34:06:A7:18:61:25:98:B1:CD:EA:27:57:AE:C4:A4
Certificate issuer:       /CN=A00894A4159E2748ED3F950641ECEA8A9D01128D
Certificate serial:       66B899616BEEC8549491CFC58B991E014ADE9341
Authority key identifier: A0:08:94:A4:15:9E:27:48:ED:3F:95:06:41:EC:EA:8A:9D:01:12:8D
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A00894A4159E2748ED3F950641ECEA8A9D01128D.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/Yo8QeTbuKZ259i5qSYjeeU8okKAKU6L8ZFu1G5WLT1H/0/3133382e3138352e3235322e302f32342d3234203d3e20323633393430.roa
Signing time:             Mon 10 Feb 2025 19:20:54 +0000
ROA not before:           Mon 10 Feb 2025 19:15:54 +0000
ROA not after:            Mon 09 Feb 2026 19:20:54 +0000
asID:                     263940
IP address blocks:        138.185.252.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/Yo8QeTbuKZ259i5qSYjeeU8okKAKU6L8ZFu1G5WLT1H/0/A00894A4159E2748ED3F950641ECEA8A9D01128D.crl
                          rsync://rpki-repo.registro.br/repo/Yo8QeTbuKZ259i5qSYjeeU8okKAKU6L8ZFu1G5WLT1H/0/A00894A4159E2748ED3F950641ECEA8A9D01128D.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A00894A4159E2748ED3F950641ECEA8A9D01128D.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 17 Feb 2025 19:39:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:b8:99:61:6b:ee:c8:54:94:91:cf:c5:8b:99:1e:01:4a:de:93:41
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A00894A4159E2748ED3F950641ECEA8A9D01128D
        Validity
            Not Before: Feb 10 19:15:54 2025 GMT
            Not After : Feb  9 19:20:54 2026 GMT
        Subject: CN=6B51AB17AE3406A718612598B1CDEA2757AEC4A4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:83:e8:0b:56:82:43:2e:02:e7:e0:8d:ce:a1:
                    3b:d2:a3:65:04:60:5e:45:a0:31:85:d2:a4:af:d9:
                    ef:b2:d8:08:99:4f:24:cf:c1:24:90:27:56:0e:46:
                    d0:da:48:b1:5a:77:df:aa:79:a9:f9:95:e1:89:9a:
                    f3:df:29:3c:79:01:28:ff:62:a8:39:21:2c:92:93:
                    cc:53:94:4f:be:cd:f9:56:b4:df:03:fa:18:98:21:
                    9a:ef:8d:e1:e4:c2:0c:7f:25:48:69:7d:d0:68:03:
                    14:75:cc:dd:07:30:42:25:af:f9:0b:02:78:dd:ef:
                    e0:b8:66:15:44:5e:b7:df:91:f4:f0:ca:e3:f2:99:
                    5f:51:94:5b:20:9f:b5:80:b4:90:b8:80:84:92:5e:
                    59:dc:cf:25:4a:d7:34:5f:9b:f2:d8:33:7b:14:d9:
                    9f:b0:d6:91:b8:0e:d5:70:fe:c7:cc:aa:27:a9:b0:
                    b8:2f:82:14:76:db:f9:84:2d:80:0d:6d:0b:4f:89:
                    de:c7:15:ad:96:9e:4e:43:a2:0c:b7:f8:4e:76:68:
                    59:19:55:5b:d0:01:df:62:0d:81:83:d1:72:e6:54:
                    e9:e1:21:bd:6e:d2:42:91:ce:36:81:64:ee:d3:8e:
                    08:19:af:a9:5f:00:48:00:7b:3f:2d:0a:4f:55:7e:
                    37:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:51:AB:17:AE:34:06:A7:18:61:25:98:B1:CD:EA:27:57:AE:C4:A4
            X509v3 Authority Key Identifier:
                keyid:A0:08:94:A4:15:9E:27:48:ED:3F:95:06:41:EC:EA:8A:9D:01:12:8D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/Yo8QeTbuKZ259i5qSYjeeU8okKAKU6L8ZFu1G5WLT1H/0/A00894A4159E2748ED3F950641ECEA8A9D01128D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A00894A4159E2748ED3F950641ECEA8A9D01128D.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/Yo8QeTbuKZ259i5qSYjeeU8okKAKU6L8ZFu1G5WLT1H/0/3133382e3138352e3235322e302f32342d3234203d3e20323633393430.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.185.252.0/24

    Signature Algorithm: sha256WithRSAEncryption
         75:9f:45:9b:e0:d8:c0:25:48:c5:93:50:a7:d3:71:ab:bf:10:
         69:23:87:46:3f:f3:57:de:60:d0:97:de:22:c7:78:92:0d:57:
         35:36:5d:3e:67:93:86:af:c8:f7:30:d9:2e:ef:a2:98:5f:ac:
         68:30:d1:c9:8c:1d:27:76:49:bb:e8:a9:29:d6:83:ab:a5:8e:
         4c:b1:5a:87:33:9c:25:18:fc:f8:c7:af:8d:84:73:8c:c3:66:
         23:4a:97:55:0d:37:6e:4e:83:bc:26:fc:1f:64:00:fe:21:d2:
         7c:fd:0e:fd:46:19:0e:ea:e2:22:25:b3:47:40:49:5b:22:d0:
         0b:1d:f2:35:92:3e:18:81:dc:c8:e0:12:d6:1e:82:c4:74:ed:
         ed:1a:bc:d3:9b:42:db:f7:0f:71:bc:58:15:86:ba:d9:2a:aa:
         23:1f:76:b2:69:91:2c:3c:cf:10:d8:2c:76:96:2a:be:92:a6:
         63:19:05:84:d6:f8:66:07:32:ea:c8:b9:74:e8:ef:f3:76:71:
         48:89:c2:c9:25:32:5b:22:ef:23:cb:49:4e:d9:eb:b8:95:24:
         35:3a:45:41:2f:c9:ce:4b:c7:21:00:2e:5d:c9:7d:18:08:9a:
         ed:6a:72:c3:a1:c8:40:fc:a0:16:38:e1:03:e0:74:b0:61:7c:
         a1:c7:c5:b1
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUZriZYWvuyFSUkc/Fi5keAUrek0EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTAwODk0QTQxNTlFMjc0OEVEM0Y5NTA2NDFFQ0VBOEE5
RDAxMTI4RDAeFw0yNTAyMTAxOTE1NTRaFw0yNjAyMDkxOTIwNTRaMDMxMTAvBgNV
BAMTKDZCNTFBQjE3QUUzNDA2QTcxODYxMjU5OEIxQ0RFQTI3NTdBRUM0QTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdg+gLVoJDLgLn4I3OoTvSo2UE
YF5FoDGF0qSv2e+y2AiZTyTPwSSQJ1YORtDaSLFad9+qean5leGJmvPfKTx5ASj/
Yqg5ISySk8xTlE++zflWtN8D+hiYIZrvjeHkwgx/JUhpfdBoAxR1zN0HMEIlr/kL
Anjd7+C4ZhVEXrffkfTwyuPymV9RlFsgn7WAtJC4gISSXlnczyVK1zRfm/LYM3sU
2Z+w1pG4DtVw/sfMqiepsLgvghR22/mELYANbQtPid7HFa2Wnk5Dogy3+E52aFkZ
VVvQAd9iDYGD0XLmVOnhIb1u0kKRzjaBZO7TjggZr6lfAEgAez8tCk9Vfje1AgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUa1GrF640BqcYYSWYsc3qJ1euxKQwHwYDVR0j
BBgwFoAUoAiUpBWeJ0jtP5UGQezqip0BEo0wDgYDVR0PAQH/BAQDAgeAMIGSBgNV
HR8EgYowgYcwgYSggYGgf4Z9cnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIv
cmVwby9ZbzhRZVRidUtaMjU5aTVxU1lqZWVVOG9rS0FLVTZMOFpGdTFHNVdMVDFI
LzAvQTAwODk0QTQxNTlFMjc0OEVEM0Y5NTA2NDFFQ0VBOEE5RDAxMTI4RC5jcmww
eAYIKwYBBQUHAQEEbDBqMGgGCCsGAQUFBzAChlxyc3luYzovL3Jwa2ktcmVwby5y
ZWdpc3Ryby5ici9yZXBvL25pY2JyX3JlcG8vMS9BMDA4OTRBNDE1OUUyNzQ4RUQz
Rjk1MDY0MUVDRUE4QTlEMDExMjhELmNlcjCBrwYIKwYBBQUHAQsEgaIwgZ8wgZwG
CCsGAQUFBzALhoGPcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby9Z
bzhRZVRidUtaMjU5aTVxU1lqZWVVOG9rS0FLVTZMOFpGdTFHNVdMVDFILzAvMzEz
MzM4MmUzMTM4MzUyZTMyMzUzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYz
MzM5MzQzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEAIq5/DANBgkqhkiG9w0BAQsFAAOCAQEAdZ9Fm+DY
wCVIxZNQp9Nxq78QaSOHRj/zV95g0JfeIsd4kg1XNTZdPmeThq/I9zDZLu+imF+s
aDDRyYwdJ3ZJu+ipKdaDq6WOTLFahzOcJRj8+MevjYRzjMNmI0qXVQ03bk6DvCb8
H2QA/iHSfP0O/UYZDuriIiWzR0BJWyLQCx3yNZI+GIHcyOAS1h6CxHTt7Rq805tC
2/cPcbxYFYa62SqqIx92smmRLDzPENgsdpYqvpKmYxkFhNb4Zgcy6si5dOjv83Zx
SInCySUyWyLvI8tJTtnruJUkNTpFQS/JzkvHIQAuXcl9GAia7Wpyw6HIQPygFjjh
A+B0sGF8ocfFsQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:32:34 2025 by rpki-client