Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/7xSoA4JGCxw4QQHxD2JCWYqAinnqB3eEFvqU4n3nvum3/0/3137392e3138392e3234302e302f32312d3231203d3e203238323532.roa
File:                     3137392e3138392e3234302e302f32312d3231203d3e203238323532.roa (raw, json)
Hash identifier:          +hrGFYhkXlC/aMlWLPa3T7PkrNJ5wdTg3KS+Lv29OlU=
Subject key identifier:   AA:FC:D2:F5:DC:F7:3B:CC:0E:53:8D:06:04:75:D9:F7:E9:19:4D:EB
Certificate issuer:       /CN=168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34
Certificate serial:       772B3ED6CEE483D6ECC137B97AD5C999B2D98A7E
Authority key identifier: 16:8E:2C:73:AA:7E:C9:DA:B3:06:D8:0B:5B:AA:4D:BE:C3:DC:AB:34
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/7xSoA4JGCxw4QQHxD2JCWYqAinnqB3eEFvqU4n3nvum3/0/3137392e3138392e3234302e302f32312d3231203d3e203238323532.roa
Signing time:             Wed 09 Apr 2025 18:48:20 +0000
ROA not before:           Wed 09 Apr 2025 18:43:20 +0000
ROA not after:            Wed 08 Apr 2026 18:48:20 +0000
asID:                     28252
IP address blocks:        179.189.240.0/21 maxlen: 21
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/7xSoA4JGCxw4QQHxD2JCWYqAinnqB3eEFvqU4n3nvum3/0/168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34.crl
                          rsync://rpki-repo.registro.br/repo/7xSoA4JGCxw4QQHxD2JCWYqAinnqB3eEFvqU4n3nvum3/0/168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 03 May 2025 04:14:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            77:2b:3e:d6:ce:e4:83:d6:ec:c1:37:b9:7a:d5:c9:99:b2:d9:8a:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34
        Validity
            Not Before: Apr  9 18:43:20 2025 GMT
            Not After : Apr  8 18:48:20 2026 GMT
        Subject: CN=AAFCD2F5DCF73BCC0E538D060475D9F7E9194DEB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:e7:16:f5:21:85:91:be:07:80:72:4f:b5:41:
                    75:1b:50:e5:82:b4:b6:40:32:73:73:c9:62:97:c4:
                    8c:ec:19:7d:47:fa:ed:e6:dd:45:91:9b:1b:5c:32:
                    98:e0:4a:ec:0d:37:5f:38:f4:87:3d:92:73:27:27:
                    00:81:4d:9f:91:3a:3c:2e:d2:2d:9c:d2:d4:db:1c:
                    8a:e2:8d:79:c7:ad:8c:be:da:e7:e6:e5:ec:2c:ce:
                    35:33:ce:00:be:51:ca:16:cc:57:1a:d3:07:5c:53:
                    a0:bd:85:7d:32:27:dd:da:ce:dc:b5:66:6c:17:14:
                    01:19:00:89:73:4a:e3:3f:13:2c:a6:ce:14:c0:8a:
                    2b:61:2c:20:49:c1:73:af:28:a3:64:b1:3c:69:6d:
                    63:ba:1e:2a:70:a5:9f:93:8e:b4:41:22:0b:92:9c:
                    86:d3:9d:9b:2a:c3:98:13:ad:3a:8c:ca:2a:ac:b2:
                    c8:94:77:92:06:b6:66:bb:57:62:d1:a4:19:37:d8:
                    95:b8:50:20:5a:38:0e:18:7c:c8:d6:06:cf:64:13:
                    fd:78:41:bf:50:ca:d6:c4:c2:b3:0d:45:c3:87:95:
                    df:c9:e5:74:1f:48:1a:e0:9a:f1:c7:12:45:54:b1:
                    3f:75:2b:87:a5:0a:ed:29:a1:a9:7f:66:6c:7d:f3:
                    49:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:FC:D2:F5:DC:F7:3B:CC:0E:53:8D:06:04:75:D9:F7:E9:19:4D:EB
            X509v3 Authority Key Identifier:
                keyid:16:8E:2C:73:AA:7E:C9:DA:B3:06:D8:0B:5B:AA:4D:BE:C3:DC:AB:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/7xSoA4JGCxw4QQHxD2JCWYqAinnqB3eEFvqU4n3nvum3/0/168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/7xSoA4JGCxw4QQHxD2JCWYqAinnqB3eEFvqU4n3nvum3/0/3137392e3138392e3234302e302f32312d3231203d3e203238323532.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.189.240.0/21

    Signature Algorithm: sha256WithRSAEncryption
         3e:a2:7c:b1:1a:b0:2e:b1:f7:15:34:43:94:d6:e1:ef:50:f6:
         72:aa:dd:87:09:27:7e:e5:0c:b6:37:9b:25:03:e6:71:e6:60:
         89:9f:d3:63:42:a3:a5:6d:c8:ad:c7:09:31:db:34:66:9c:48:
         55:eb:e0:91:c1:34:32:2e:c9:52:2e:bc:21:0f:b1:25:c6:b7:
         3f:6c:02:f9:61:98:9b:1c:cb:4d:37:88:73:f5:82:58:24:02:
         15:bb:32:a0:91:86:3a:af:fa:0b:a7:64:fc:2c:38:77:2a:68:
         5f:77:60:ee:f8:62:76:02:56:c7:dc:7d:e8:bb:25:47:02:3a:
         8c:ef:cc:74:e3:66:44:ba:eb:3c:fe:a6:11:73:7a:a8:7d:d0:
         95:09:db:9b:1d:a5:e3:7e:4a:99:5d:87:02:db:21:71:21:e0:
         31:17:4b:ab:04:40:a6:6b:08:60:2e:f2:28:96:dc:c3:fb:0f:
         33:29:d2:2a:a5:0f:25:15:8c:9f:36:99:f7:ec:d0:83:5e:22:
         8d:fc:68:50:bf:f0:1d:2f:aa:d6:ed:55:94:3d:03:92:40:bb:
         11:be:b6:dd:e6:28:33:f3:f8:4d:42:13:d5:a5:6a:5d:42:ea:
         8d:94:f6:db:78:b0:ef:c5:4e:8e:5d:e1:98:29:83:89:da:c2:
         8e:a4:be:dc
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUdys+1s7kg9bswTe5etXJmbLZin4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTY4RTJDNzNBQTdFQzlEQUIzMDZEODBCNUJBQTREQkVD
M0RDQUIzNDAeFw0yNTA0MDkxODQzMjBaFw0yNjA0MDgxODQ4MjBaMDMxMTAvBgNV
BAMTKEFBRkNEMkY1RENGNzNCQ0MwRTUzOEQwNjA0NzVEOUY3RTkxOTRERUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCj5xb1IYWRvgeAck+1QXUbUOWC
tLZAMnNzyWKXxIzsGX1H+u3m3UWRmxtcMpjgSuwNN1849Ic9knMnJwCBTZ+ROjwu
0i2c0tTbHIrijXnHrYy+2ufm5ewszjUzzgC+UcoWzFca0wdcU6C9hX0yJ93azty1
ZmwXFAEZAIlzSuM/EyymzhTAiithLCBJwXOvKKNksTxpbWO6HipwpZ+TjrRBIguS
nIbTnZsqw5gTrTqMyiqsssiUd5IGtma7V2LRpBk32JW4UCBaOA4YfMjWBs9kE/14
Qb9QytbEwrMNRcOHld/J5XQfSBrgmvHHEkVUsT91K4elCu0poal/Zmx980nvAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUqvzS9dz3O8wOU40GBHXZ9+kZTeswHwYDVR0j
BBgwFoAUFo4sc6p+ydqzBtgLW6pNvsPcqzQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vN3hTb0E0SkdDeHc0UVFIeEQySkNXWXFBaW5ucUIzZUVGdnFVNG4zbnZ1
bTMvMC8xNjhFMkM3M0FBN0VDOURBQjMwNkQ4MEI1QkFBNERCRUMzRENBQjM0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzE2OEUyQzczQUE3RUM5REFC
MzA2RDgwQjVCQUE0REJFQzNEQ0FCMzQuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
Lzd4U29BNEpHQ3h3NFFRSHhEMkpDV1lxQWlubnFCM2VFRnZxVTRuM252dW0zLzAv
MzEzNzM5MmUzMTM4MzkyZTMyMzQzMDJlMzAyZjMyMzEyZDMyMzEyMDNkM2UyMDMy
MzgzMjM1MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAOzvfAwDQYJKoZIhvcNAQELBQADggEBAD6ifLEa
sC6x9xU0Q5TW4e9Q9nKq3YcJJ37lDLY3myUD5nHmYImf02NCo6VtyK3HCTHbNGac
SFXr4JHBNDIuyVIuvCEPsSXGtz9sAvlhmJscy003iHP1glgkAhW7MqCRhjqv+gun
ZPwsOHcqaF93YO74YnYCVsfcfei7JUcCOozvzHTjZkS66zz+phFzeqh90JUJ25sd
peN+SpldhwLbIXEh4DEXS6sEQKZrCGAu8iiW3MP7DzMp0iqlDyUVjJ82mffs0INe
Io38aFC/8B0vqtbtVZQ9A5JAuxG+tt3mKDPz+E1CE9Wlal1C6o2U9tt4sO/FTo5d
4Zgpg4nawo6kvtw=
-----END CERTIFICATE-----
Generated at Fri May 2 13:12:27 2025 by rpki-client