Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/0/3230302e31372e36342e302f32302d3237203d3e2031393136.roa
File:                     3230302e31372e36342e302f32302d3237203d3e2031393136.roa (raw, json)
Hash identifier:          92Xjj+RMAbYdUlfIa7KAgZE60CiN5e0mkmoGZi0oB6s=
Subject key identifier:   F7:84:E4:9B:35:92:6E:9A:EB:86:A0:A3:3E:83:92:7D:61:C9:52:06
Certificate issuer:       /CN=AEE46E32CB1462419CCCB89B5C498495E919B5CF
Certificate serial:       19357E15B7EFCBF61149E132209DFA33B67FC53C
Authority key identifier: AE:E4:6E:32:CB:14:62:41:9C:CC:B8:9B:5C:49:84:95:E9:19:B5:CF
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AEE46E32CB1462419CCCB89B5C498495E919B5CF.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/0/3230302e31372e36342e302f32302d3237203d3e2031393136.roa
Signing time:             Thu 07 Aug 2025 12:24:27 +0000
ROA not before:           Thu 07 Aug 2025 12:19:27 +0000
ROA not after:            Thu 06 Aug 2026 12:24:27 +0000
asID:                     1916
IP address blocks:        200.17.64.0/20 maxlen: 27
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/0/AEE46E32CB1462419CCCB89B5C498495E919B5CF.crl
                          rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/0/AEE46E32CB1462419CCCB89B5C498495E919B5CF.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AEE46E32CB1462419CCCB89B5C498495E919B5CF.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 10 Aug 2025 02:27:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:35:7e:15:b7:ef:cb:f6:11:49:e1:32:20:9d:fa:33:b6:7f:c5:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AEE46E32CB1462419CCCB89B5C498495E919B5CF
        Validity
            Not Before: Aug  7 12:19:27 2025 GMT
            Not After : Aug  6 12:24:27 2026 GMT
        Subject: CN=F784E49B35926E9AEB86A0A33E83927D61C95206
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:6f:8f:cc:7a:84:f9:fd:4f:c3:a3:fc:e8:86:
                    2b:86:95:af:f5:57:d4:b3:88:10:68:0b:57:21:0e:
                    4e:d1:2f:c6:f3:a5:e7:5e:45:8f:d7:e9:24:07:52:
                    a6:39:25:2d:65:b8:05:c3:cc:49:5b:c1:00:db:56:
                    6f:e9:72:63:32:1d:21:c6:7a:74:de:03:c0:3d:53:
                    a7:89:85:1f:e6:e5:8d:79:a9:b1:41:69:77:9f:f0:
                    7b:6a:b6:65:5e:4e:58:75:1d:df:b6:9a:4a:04:41:
                    44:1c:92:58:ed:68:62:07:c3:87:d1:20:a3:d6:eb:
                    1e:39:91:43:68:d9:71:1b:ec:c0:0b:db:66:e8:6f:
                    59:4c:42:b1:9d:03:e0:08:1d:67:3a:95:c0:46:62:
                    c1:6a:60:aa:08:e5:bd:11:6d:0c:e2:92:0a:a2:10:
                    70:04:5e:e7:c9:9f:e4:ae:35:16:9d:c5:0b:d8:0e:
                    8a:fc:2e:83:6b:13:9a:ea:bd:2f:f4:3a:51:8b:d1:
                    fa:d0:be:dd:63:e5:3d:66:12:d0:5b:25:74:85:e8:
                    af:a6:40:7b:ff:35:16:01:80:ec:d4:44:7c:03:af:
                    c7:65:61:fc:00:1e:bb:4c:65:2b:cf:26:4b:cb:19:
                    e1:5b:79:6e:33:07:d3:6a:a9:76:ad:e3:04:9c:19:
                    db:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:84:E4:9B:35:92:6E:9A:EB:86:A0:A3:3E:83:92:7D:61:C9:52:06
            X509v3 Authority Key Identifier:
                keyid:AE:E4:6E:32:CB:14:62:41:9C:CC:B8:9B:5C:49:84:95:E9:19:B5:CF

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/0/AEE46E32CB1462419CCCB89B5C498495E919B5CF.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AEE46E32CB1462419CCCB89B5C498495E919B5CF.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2H2am4H3TaGDpiTdwih6Jyw7HfpgUpMizL8i9MxVMUud/0/3230302e31372e36342e302f32302d3237203d3e2031393136.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.17.64.0/20

    Signature Algorithm: sha256WithRSAEncryption
         62:73:72:27:5a:6b:c4:ae:b8:aa:93:3d:73:68:37:50:b9:3f:
         48:d1:bf:75:f2:4d:0b:90:ee:53:aa:d9:3b:79:c9:f9:ba:29:
         3b:51:16:e6:f4:26:5d:74:1c:dd:29:ba:4e:77:b8:13:9c:59:
         2a:0d:c9:72:75:3c:67:20:39:22:cf:f2:34:36:a0:e5:18:9e:
         2a:69:4f:46:63:62:01:bd:c5:19:dc:d7:89:bd:fb:5d:5a:47:
         53:dc:fc:87:db:17:b7:70:3d:85:8b:ea:66:d0:e8:c8:04:11:
         3b:8d:8a:83:ba:e1:0e:1a:04:a9:cc:1c:a6:4e:46:d1:d6:1e:
         f0:6b:76:58:e8:fb:84:28:c8:e6:2c:8b:ed:02:b8:8b:3f:41:
         91:30:8b:f5:d2:0f:64:85:f2:77:fb:1c:7c:ef:12:c9:79:db:
         e0:30:f9:b9:d0:81:e3:db:5c:ed:f9:e8:e8:80:31:86:af:36:
         ee:27:2d:de:18:7c:cb:9e:78:e2:d6:7f:bf:8b:34:03:15:41:
         14:0a:c1:f8:f8:27:b7:50:36:c1:8c:03:34:da:d4:a9:58:f3:
         e1:16:f1:01:2a:b8:33:dc:72:ff:ec:38:33:e7:de:19:24:48:
         ff:fe:9a:c4:2b:50:d1:29:9d:b3:44:86:d8:29:d2:96:2e:1d:
         c7:a6:c4:4f
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUGTV+Fbfvy/YRSeEyIJ36M7Z/xTwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUVFNDZFMzJDQjE0NjI0MTlDQ0NCODlCNUM0OTg0OTVF
OTE5QjVDRjAeFw0yNTA4MDcxMjE5MjdaFw0yNjA4MDYxMjI0MjdaMDMxMTAvBgNV
BAMTKEY3ODRFNDlCMzU5MjZFOUFFQjg2QTBBMzNFODM5MjdENjFDOTUyMDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDab4/MeoT5/U/Do/zohiuGla/1
V9SziBBoC1chDk7RL8bzpedeRY/X6SQHUqY5JS1luAXDzElbwQDbVm/pcmMyHSHG
enTeA8A9U6eJhR/m5Y15qbFBaXef8HtqtmVeTlh1Hd+2mkoEQUQckljtaGIHw4fR
IKPW6x45kUNo2XEb7MAL22bob1lMQrGdA+AIHWc6lcBGYsFqYKoI5b0RbQzikgqi
EHAEXufJn+SuNRadxQvYDor8LoNrE5rqvS/0OlGL0frQvt1j5T1mEtBbJXSF6K+m
QHv/NRYBgOzURHwDr8dlYfwAHrtMZSvPJkvLGeFbeW4zB9NqqXat4wScGdvHAgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQU94TkmzWSbprrhqCjPoOSfWHJUgYwHwYDVR0j
BBgwFoAUruRuMssUYkGczLibXEmElekZtc8wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMkgyYW00SDNUYUdEcGlUZHdpaDZKeXc3SGZwZ1VwTWl6TDhpOU14Vk1V
dWQvMC9BRUU0NkUzMkNCMTQ2MjQxOUNDQ0I4OUI1QzQ5ODQ5NUU5MTlCNUNGLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FFRTQ2RTMyQ0IxNDYyNDE5
Q0NDQjg5QjVDNDk4NDk1RTkxOUI1Q0YuY2VyMIGoBggrBgEFBQcBCwSBmzCBmDCB
lQYIKwYBBQUHMAuGgYhyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJIMmFtNEgzVGFHRHBpVGR3aWg2Snl3N0hmcGdVcE1pekw4aTlNeFZNVXVkLzAv
MzIzMDMwMmUzMTM3MmUzNjM0MmUzMDJmMzIzMDJkMzIzNzIwM2QzZTIwMzEzOTMx
MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBATIEUAwDQYJKoZIhvcNAQELBQADggEBAGJzcidaa8SuuKqT
PXNoN1C5P0jRv3XyTQuQ7lOq2Tt5yfm6KTtRFub0Jl10HN0puk53uBOcWSoNyXJ1
PGcgOSLP8jQ2oOUYnippT0ZjYgG9xRnc14m9+11aR1Pc/IfbF7dwPYWL6mbQ6MgE
ETuNioO64Q4aBKnMHKZORtHWHvBrdljo+4QoyOYsi+0CuIs/QZEwi/XSD2SF8nf7
HHzvEsl52+Aw+bnQgePbXO356OiAMYavNu4nLd4YfMueeOLWf7+LNAMVQRQKwfj4
J7dQNsGMAzTa1KlY8+EW8QEquDPccv/sODPn3hkkSP/+msQrUNEpnbNEhtgp0pYu
HcemxE8=
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:38:22 2025 by rpki-client