Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/4zYTqwbHakC5AZtfPbq6mEuHuQVuNZFvv77UaaF5EzTR/0/3139322e3134342e3132342e302f32322d3234203d3e20323732343833.roa
File:                     3139322e3134342e3132342e302f32322d3234203d3e20323732343833.roa (raw, json)
Hash identifier:          xB1yM8uvGqhBpUylreV+SOfIooIymRzer1Ue3ghc1C0=
Subject key identifier:   16:8F:21:98:F5:3F:74:AB:70:74:AE:4A:92:3B:14:23:8C:03:4E:6C
Certificate issuer:       /CN=5725DFB2DC2786E4FC56BA0C11567032EA389E2B
Certificate serial:       4B2051DDE6EC388C4933478D6908F3C4EDBEB4AE
Authority key identifier: 57:25:DF:B2:DC:27:86:E4:FC:56:BA:0C:11:56:70:32:EA:38:9E:2B
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5725DFB2DC2786E4FC56BA0C11567032EA389E2B.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/4zYTqwbHakC5AZtfPbq6mEuHuQVuNZFvv77UaaF5EzTR/0/3139322e3134342e3132342e302f32322d3234203d3e20323732343833.roa
Signing time:             Fri 27 Jun 2025 14:59:10 +0000
ROA not before:           Fri 27 Jun 2025 14:54:10 +0000
ROA not after:            Fri 26 Jun 2026 14:59:10 +0000
asID:                     272483
IP address blocks:        192.144.124.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/4zYTqwbHakC5AZtfPbq6mEuHuQVuNZFvv77UaaF5EzTR/0/5725DFB2DC2786E4FC56BA0C11567032EA389E2B.crl
                          rsync://rpki-repo.registro.br/repo/4zYTqwbHakC5AZtfPbq6mEuHuQVuNZFvv77UaaF5EzTR/0/5725DFB2DC2786E4FC56BA0C11567032EA389E2B.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5725DFB2DC2786E4FC56BA0C11567032EA389E2B.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 10 Aug 2025 14:15:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:20:51:dd:e6:ec:38:8c:49:33:47:8d:69:08:f3:c4:ed:be:b4:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5725DFB2DC2786E4FC56BA0C11567032EA389E2B
        Validity
            Not Before: Jun 27 14:54:10 2025 GMT
            Not After : Jun 26 14:59:10 2026 GMT
        Subject: CN=168F2198F53F74AB7074AE4A923B14238C034E6C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:34:ec:d5:e0:0d:90:36:f9:27:2b:c8:92:b7:
                    f1:9a:e2:f9:57:1f:a7:7a:b5:b8:7d:f6:23:d8:76:
                    67:3d:26:bd:ab:35:a8:5b:d4:d9:ae:a0:22:36:d2:
                    07:d4:0e:2c:79:9b:6a:ca:3c:15:a3:60:bf:3e:da:
                    59:c9:79:1c:3c:b0:02:47:08:0c:9b:6b:74:84:bf:
                    59:8e:ab:f4:95:09:cf:65:ff:71:33:d4:cf:10:64:
                    94:42:b1:d2:75:67:0d:39:8e:08:e7:00:94:4d:bf:
                    ed:ec:02:16:01:e7:65:1b:d9:d9:8f:fa:b1:1c:7a:
                    69:07:e6:5a:92:c8:17:ec:b3:e8:e2:65:b4:67:f3:
                    04:67:a2:a4:72:9a:a6:ce:4c:b6:5d:fb:38:1f:29:
                    d0:c2:dd:62:2b:0a:c5:df:46:05:d0:73:59:59:61:
                    cb:2d:49:6f:6f:91:cd:27:ce:40:a3:9f:51:09:93:
                    63:2b:a7:a9:b4:fd:87:3b:0e:da:09:de:30:f9:f2:
                    d7:99:bc:cf:fc:20:7b:3e:5a:11:25:e2:b1:50:d6:
                    2b:4a:c3:39:0d:28:65:99:ab:52:55:ad:82:ca:fd:
                    dc:d3:7b:b3:3d:28:8c:5a:88:ce:42:d1:2b:31:9c:
                    a4:2a:43:2a:e3:70:df:8e:0e:e7:ee:87:1b:e7:d6:
                    13:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:8F:21:98:F5:3F:74:AB:70:74:AE:4A:92:3B:14:23:8C:03:4E:6C
            X509v3 Authority Key Identifier:
                keyid:57:25:DF:B2:DC:27:86:E4:FC:56:BA:0C:11:56:70:32:EA:38:9E:2B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/4zYTqwbHakC5AZtfPbq6mEuHuQVuNZFvv77UaaF5EzTR/0/5725DFB2DC2786E4FC56BA0C11567032EA389E2B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5725DFB2DC2786E4FC56BA0C11567032EA389E2B.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/4zYTqwbHakC5AZtfPbq6mEuHuQVuNZFvv77UaaF5EzTR/0/3139322e3134342e3132342e302f32322d3234203d3e20323732343833.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  192.144.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         61:4f:0b:a5:15:87:88:06:df:3e:e8:cc:05:7b:c4:51:08:7d:
         01:52:85:56:eb:f3:84:3c:e3:dc:cf:96:d5:54:dc:a4:34:49:
         da:d7:20:98:0f:a0:fe:84:b9:c5:b9:89:31:2d:8e:cd:0b:96:
         30:9c:a0:fe:a1:a6:c9:7f:a6:55:86:0b:82:f0:ed:ea:a0:6e:
         b3:51:a8:83:a1:62:41:0d:64:a9:dc:f1:4a:57:a2:58:47:99:
         55:a6:3f:1f:37:50:98:aa:e2:06:90:23:82:bf:28:cb:5b:e0:
         26:d5:7c:e8:82:8a:52:dc:96:53:f3:64:da:87:ee:d6:f5:5f:
         6b:1e:47:61:27:0c:06:c8:03:10:9c:de:7b:9f:30:a5:fa:48:
         25:cb:6d:d9:32:dc:ce:87:0a:6d:70:b5:56:d9:72:86:8a:80:
         5d:a0:54:9f:7e:e4:0b:4e:e0:5b:24:72:a1:74:5e:52:cc:13:
         68:3d:02:58:98:eb:43:57:f4:5e:3f:5b:11:78:d6:d2:11:9e:
         5f:cf:1d:cb:2d:9b:3f:12:25:41:a9:1a:4c:d3:ff:c8:a4:6e:
         10:1e:a7:75:94:e2:47:66:77:ec:22:42:7e:85:e0:67:5a:e7:
         d2:50:df:a7:e6:b8:0a:b4:84:14:9d:cd:cc:52:83:5b:0f:61:
         08:e3:24:e2
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUSyBR3ebsOIxJM0eNaQjzxO2+tK4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTcyNURGQjJEQzI3ODZFNEZDNTZCQTBDMTE1NjcwMzJF
QTM4OUUyQjAeFw0yNTA2MjcxNDU0MTBaFw0yNjA2MjYxNDU5MTBaMDMxMTAvBgNV
BAMTKDE2OEYyMTk4RjUzRjc0QUI3MDc0QUU0QTkyM0IxNDIzOEMwMzRFNkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZNOzV4A2QNvknK8iSt/Ga4vlX
H6d6tbh99iPYdmc9Jr2rNahb1NmuoCI20gfUDix5m2rKPBWjYL8+2lnJeRw8sAJH
CAyba3SEv1mOq/SVCc9l/3Ez1M8QZJRCsdJ1Zw05jgjnAJRNv+3sAhYB52Ub2dmP
+rEcemkH5lqSyBfss+jiZbRn8wRnoqRymqbOTLZd+zgfKdDC3WIrCsXfRgXQc1lZ
YcstSW9vkc0nzkCjn1EJk2Mrp6m0/Yc7DtoJ3jD58teZvM/8IHs+WhEl4rFQ1itK
wzkNKGWZq1JVrYLK/dzTe7M9KIxaiM5C0SsxnKQqQyrjcN+ODufuhxvn1hM9AgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUFo8hmPU/dKtwdK5KkjsUI4wDTmwwHwYDVR0j
BBgwFoAUVyXfstwnhuT8VroMEVZwMuo4niswDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNHpZVHF3Ykhha0M1QVp0ZlBicTZtRXVIdVFWdU5aRnZ2NzdVYWFGNUV6
VFIvMC81NzI1REZCMkRDMjc4NkU0RkM1NkJBMEMxMTU2NzAzMkVBMzg5RTJCLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzU3MjVERkIyREMyNzg2RTRG
QzU2QkEwQzExNTY3MDMyRUEzODlFMkIuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzR6WVRxd2JIYWtDNUFadGZQYnE2bUV1SHVRVnVOWkZ2djc3VWFhRjVFelRSLzAv
MzEzOTMyMmUzMTM0MzQyZTMxMzIzNDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMy
MzczMjM0MzgzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAsCQfDANBgkqhkiG9w0BAQsFAAOCAQEAYU8L
pRWHiAbfPujMBXvEUQh9AVKFVuvzhDzj3M+W1VTcpDRJ2tcgmA+g/oS5xbmJMS2O
zQuWMJyg/qGmyX+mVYYLgvDt6qBus1Gog6FiQQ1kqdzxSleiWEeZVaY/HzdQmKri
BpAjgr8oy1vgJtV86IKKUtyWU/Nk2ofu1vVfax5HYScMBsgDEJzee58wpfpIJctt
2TLczocKbXC1VtlyhoqAXaBUn37kC07gWyRyoXReUswTaD0CWJjrQ1f0Xj9bEXjW
0hGeX88dyy2bPxIlQakaTNP/yKRuEB6ndZTiR2Z37CJCfoXgZ1rn0lDfp+a4CrSE
FJ3NzFKDWw9hCOMk4g==
-----END CERTIFICATE-----
Generated at Sun Aug 10 04:24:23 2025 by rpki-client