Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/7xSoA4JGCxw4QQHxD2JCWYqAinnqB3eEFvqU4n3nvum3/0/3137392e3138392e3235302e302f32332d3233203d3e203238323532.roa
File:                     3137392e3138392e3235302e302f32332d3233203d3e203238323532.roa (raw, json)
Hash identifier:          AwQ+6JxALdstFE4sS/I4YQiurxtyMjS3MoixtCJpj1c=
Subject key identifier:   20:61:6C:D5:D3:AE:F9:28:12:42:50:D7:91:77:02:61:A5:B7:86:83
Certificate issuer:       /CN=168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34
Certificate serial:       17F72A33EC4F380FBC53C0A97890216C9D0A8453
Authority key identifier: 16:8E:2C:73:AA:7E:C9:DA:B3:06:D8:0B:5B:AA:4D:BE:C3:DC:AB:34
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/7xSoA4JGCxw4QQHxD2JCWYqAinnqB3eEFvqU4n3nvum3/0/3137392e3138392e3235302e302f32332d3233203d3e203238323532.roa
Signing time:             Wed 09 Apr 2025 18:48:19 +0000
ROA not before:           Wed 09 Apr 2025 18:43:19 +0000
ROA not after:            Wed 08 Apr 2026 18:48:19 +0000
asID:                     28252
IP address blocks:        179.189.250.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/7xSoA4JGCxw4QQHxD2JCWYqAinnqB3eEFvqU4n3nvum3/0/168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34.crl
                          rsync://rpki-repo.registro.br/repo/7xSoA4JGCxw4QQHxD2JCWYqAinnqB3eEFvqU4n3nvum3/0/168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 02 May 2025 09:15:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:f7:2a:33:ec:4f:38:0f:bc:53:c0:a9:78:90:21:6c:9d:0a:84:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34
        Validity
            Not Before: Apr  9 18:43:19 2025 GMT
            Not After : Apr  8 18:48:19 2026 GMT
        Subject: CN=20616CD5D3AEF928124250D791770261A5B78683
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f4:95:20:de:30:cb:f8:c3:87:82:72:f4:05:40:
                    bc:48:ae:0f:f2:4f:1c:51:62:d6:d0:fe:69:27:83:
                    f1:64:c9:3b:ff:38:d2:e4:b0:d9:49:cb:7d:88:1d:
                    c1:bc:6a:bb:82:c5:19:a7:db:82:9f:20:99:f9:af:
                    79:91:af:3f:66:c0:91:52:bc:f7:6a:f5:65:b7:5d:
                    f4:6a:aa:53:5e:a9:8e:74:a4:b5:1f:3c:d5:b8:e0:
                    20:5c:2c:95:c1:62:3b:99:24:c8:91:c7:6a:fc:78:
                    70:95:8d:fa:0d:c7:c4:b7:ec:5f:e3:90:25:5c:cf:
                    19:2e:39:e5:56:8f:96:8c:74:f0:71:b2:12:d8:99:
                    32:f9:ed:ce:50:cf:f2:5e:b2:1e:41:03:23:28:44:
                    82:c2:25:07:e7:d9:68:bd:85:f0:a3:24:96:08:7c:
                    52:50:d1:f3:ce:b9:ab:6a:d7:31:2e:b1:77:6e:0d:
                    1f:87:45:f7:b2:b6:2e:73:87:1e:43:50:b2:5b:70:
                    ee:ed:fc:85:cc:1f:22:e9:60:c5:33:67:71:73:d9:
                    df:9d:9e:d2:c9:38:5a:b5:85:bc:47:35:d5:7c:6c:
                    5c:e6:6f:4e:d7:84:de:2b:53:c3:c2:85:49:da:e0:
                    5f:ea:15:e0:7b:bf:7a:50:e5:82:52:ea:cf:8d:4a:
                    94:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:61:6C:D5:D3:AE:F9:28:12:42:50:D7:91:77:02:61:A5:B7:86:83
            X509v3 Authority Key Identifier:
                keyid:16:8E:2C:73:AA:7E:C9:DA:B3:06:D8:0B:5B:AA:4D:BE:C3:DC:AB:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/7xSoA4JGCxw4QQHxD2JCWYqAinnqB3eEFvqU4n3nvum3/0/168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/7xSoA4JGCxw4QQHxD2JCWYqAinnqB3eEFvqU4n3nvum3/0/3137392e3138392e3235302e302f32332d3233203d3e203238323532.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.189.250.0/23

    Signature Algorithm: sha256WithRSAEncryption
         52:17:4b:ae:74:c6:0c:28:66:48:5f:70:1e:be:f9:87:dc:02:
         97:36:9d:e1:eb:72:5b:03:ba:3b:1f:c2:16:cf:62:23:e7:60:
         3a:4f:e3:6d:f2:03:5e:44:23:01:f0:f9:48:ac:75:04:ce:a2:
         bd:77:ac:88:2b:bc:ba:1f:06:ac:ba:ed:50:7b:e5:ed:63:10:
         cb:57:88:05:a7:a5:4c:1f:2f:73:7c:24:cd:a6:c2:27:30:b6:
         b8:f6:83:84:ce:95:98:88:1b:7f:73:04:8a:23:91:18:93:2b:
         fc:96:29:b2:19:ba:b1:96:33:c8:15:93:9c:9d:ba:61:85:ed:
         cd:89:4e:96:e9:dd:a6:80:c5:0a:06:eb:5a:ac:14:dd:bb:aa:
         20:fb:9b:53:f2:1b:3b:cc:e0:b2:3e:e4:fa:0b:78:8b:41:42:
         d1:e2:dd:bc:01:45:4c:4f:fd:a3:48:fa:27:ff:14:c4:61:81:
         2d:ff:b3:db:73:b0:d6:8d:f6:b0:18:6e:89:93:27:3d:07:03:
         09:c4:50:cb:ad:c1:6b:b6:00:de:16:8c:e4:a8:c2:09:9b:9d:
         9c:6c:bd:e3:a8:f2:70:10:1d:1f:a7:11:1c:22:b0:2b:0c:af:
         53:c7:69:6f:81:cd:6d:37:63:42:d6:93:ab:d9:1b:de:cd:20:
         7f:b4:79:27
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUF/cqM+xPOA+8U8CpeJAhbJ0KhFMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTY4RTJDNzNBQTdFQzlEQUIzMDZEODBCNUJBQTREQkVD
M0RDQUIzNDAeFw0yNTA0MDkxODQzMTlaFw0yNjA0MDgxODQ4MTlaMDMxMTAvBgNV
BAMTKDIwNjE2Q0Q1RDNBRUY5MjgxMjQyNTBENzkxNzcwMjYxQTVCNzg2ODMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD0lSDeMMv4w4eCcvQFQLxIrg/y
TxxRYtbQ/mkng/FkyTv/ONLksNlJy32IHcG8aruCxRmn24KfIJn5r3mRrz9mwJFS
vPdq9WW3XfRqqlNeqY50pLUfPNW44CBcLJXBYjuZJMiRx2r8eHCVjfoNx8S37F/j
kCVczxkuOeVWj5aMdPBxshLYmTL57c5Qz/Jesh5BAyMoRILCJQfn2Wi9hfCjJJYI
fFJQ0fPOuatq1zEusXduDR+HRfeyti5zhx5DULJbcO7t/IXMHyLpYMUzZ3Fz2d+d
ntLJOFq1hbxHNdV8bFzmb07XhN4rU8PChUna4F/qFeB7v3pQ5YJS6s+NSpQDAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUIGFs1dOu+SgSQlDXkXcCYaW3hoMwHwYDVR0j
BBgwFoAUFo4sc6p+ydqzBtgLW6pNvsPcqzQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vN3hTb0E0SkdDeHc0UVFIeEQySkNXWXFBaW5ucUIzZUVGdnFVNG4zbnZ1
bTMvMC8xNjhFMkM3M0FBN0VDOURBQjMwNkQ4MEI1QkFBNERCRUMzRENBQjM0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzE2OEUyQzczQUE3RUM5REFC
MzA2RDgwQjVCQUE0REJFQzNEQ0FCMzQuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
Lzd4U29BNEpHQ3h3NFFRSHhEMkpDV1lxQWlubnFCM2VFRnZxVTRuM252dW0zLzAv
MzEzNzM5MmUzMTM4MzkyZTMyMzUzMDJlMzAyZjMyMzMyZDMyMzMyMDNkM2UyMDMy
MzgzMjM1MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAGzvfowDQYJKoZIhvcNAQELBQADggEBAFIXS650
xgwoZkhfcB6++YfcApc2neHrclsDujsfwhbPYiPnYDpP423yA15EIwHw+UisdQTO
or13rIgrvLofBqy67VB75e1jEMtXiAWnpUwfL3N8JM2mwicwtrj2g4TOlZiIG39z
BIojkRiTK/yWKbIZurGWM8gVk5ydumGF7c2JTpbp3aaAxQoG61qsFN27qiD7m1Py
GzvM4LI+5PoLeItBQtHi3bwBRUxP/aNI+if/FMRhgS3/s9tzsNaN9rAYbomTJz0H
AwnEUMutwWu2AN4WjOSowgmbnZxsveOo8nAQHR+nERwisCsMr1PHaW+BzW03Y0LW
k6vZG97NIH+0eSc=
-----END CERTIFICATE-----
Generated at Fri May 2 00:06:42 2025 by rpki-client