Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/7xSoA4JGCxw4QQHxD2JCWYqAinnqB3eEFvqU4n3nvum3/0/3138372e312e3136342e302f32332d3233203d3e203238323532.roa
File:                     3138372e312e3136342e302f32332d3233203d3e203238323532.roa (raw, json)
Hash identifier:          1o0986Gu5gI0oD1eyB850Z0NfBiMgoL0DjzMYxltzfw=
Subject key identifier:   39:BC:52:7D:7F:30:DB:EB:96:0A:D8:AD:0F:D1:2A:88:FF:F5:B8:5B
Certificate issuer:       /CN=168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34
Certificate serial:       7D5708489176F09D76C47A551064FBA7A5A49BB4
Authority key identifier: 16:8E:2C:73:AA:7E:C9:DA:B3:06:D8:0B:5B:AA:4D:BE:C3:DC:AB:34
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/7xSoA4JGCxw4QQHxD2JCWYqAinnqB3eEFvqU4n3nvum3/0/3138372e312e3136342e302f32332d3233203d3e203238323532.roa
Signing time:             Wed 09 Apr 2025 18:48:11 +0000
ROA not before:           Wed 09 Apr 2025 18:43:11 +0000
ROA not after:            Wed 08 Apr 2026 18:48:11 +0000
asID:                     28252
IP address blocks:        187.1.164.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/7xSoA4JGCxw4QQHxD2JCWYqAinnqB3eEFvqU4n3nvum3/0/168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34.crl
                          rsync://rpki-repo.registro.br/repo/7xSoA4JGCxw4QQHxD2JCWYqAinnqB3eEFvqU4n3nvum3/0/168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 01 May 2025 15:53:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:57:08:48:91:76:f0:9d:76:c4:7a:55:10:64:fb:a7:a5:a4:9b:b4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34
        Validity
            Not Before: Apr  9 18:43:11 2025 GMT
            Not After : Apr  8 18:48:11 2026 GMT
        Subject: CN=39BC527D7F30DBEB960AD8AD0FD12A88FFF5B85B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:09:a1:2b:2d:3c:52:80:38:3e:c3:bb:8b:85:
                    bd:1e:72:9d:cd:e2:19:a0:18:a9:f2:be:7d:e2:2a:
                    d0:b2:00:04:73:39:9d:04:da:43:ce:6e:17:a6:21:
                    ed:6b:b4:61:da:2e:a2:4c:40:a6:e8:8f:34:b9:79:
                    cf:78:a6:4f:20:96:e1:ea:07:d2:94:bd:48:e1:81:
                    fa:bd:31:f5:18:c9:b7:13:8a:5f:b0:9b:c8:43:23:
                    e9:7e:dc:eb:c2:13:80:20:4a:3c:32:b1:ae:3c:8c:
                    fb:8d:70:05:49:cf:f5:87:62:5f:72:c6:9b:bd:8e:
                    7e:bf:02:e0:4d:33:70:f8:35:1b:54:c9:26:3b:7f:
                    07:f8:72:60:b7:0c:f6:17:c1:91:af:d4:9f:98:6e:
                    8e:20:1f:36:27:0a:46:2e:08:27:3d:ec:9f:12:30:
                    5f:43:9c:54:20:ef:0e:f5:70:17:24:78:5a:a9:60:
                    bc:1d:1a:1c:41:34:53:58:b4:31:3c:02:93:83:83:
                    ca:0d:f2:3b:a2:a5:0f:c7:dc:8a:3a:be:50:5d:b2:
                    e1:5f:7a:6d:fc:73:1a:de:c6:90:be:d3:95:90:d3:
                    91:e8:f9:ee:47:66:49:b6:cb:82:62:ff:f2:35:b7:
                    43:b3:f4:f4:0b:2a:32:e9:f4:2c:b9:55:e0:d0:63:
                    a6:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:BC:52:7D:7F:30:DB:EB:96:0A:D8:AD:0F:D1:2A:88:FF:F5:B8:5B
            X509v3 Authority Key Identifier:
                keyid:16:8E:2C:73:AA:7E:C9:DA:B3:06:D8:0B:5B:AA:4D:BE:C3:DC:AB:34

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/7xSoA4JGCxw4QQHxD2JCWYqAinnqB3eEFvqU4n3nvum3/0/168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/168E2C73AA7EC9DAB306D80B5BAA4DBEC3DCAB34.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/7xSoA4JGCxw4QQHxD2JCWYqAinnqB3eEFvqU4n3nvum3/0/3138372e312e3136342e302f32332d3233203d3e203238323532.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  187.1.164.0/23

    Signature Algorithm: sha256WithRSAEncryption
         81:ed:84:d8:0f:ca:e4:a4:20:47:48:12:70:cb:c5:a3:a3:ad:
         bc:ad:43:ca:f5:9b:2f:6f:c4:70:bf:77:d2:85:8c:c5:2b:15:
         8b:af:1b:f8:d4:23:3b:58:17:ce:75:1d:d9:ab:f6:4f:f5:02:
         f6:e0:dc:c2:83:4d:a0:41:c9:cd:65:62:32:a9:9e:3b:a6:ea:
         2b:37:52:76:dc:64:27:b7:eb:18:9e:b9:b8:07:28:78:9a:6d:
         18:6f:0b:b4:18:43:7c:19:5f:3a:0b:ea:3b:cb:6a:9b:00:79:
         59:52:05:00:7f:0a:32:78:50:d7:76:e6:55:70:29:92:9a:7f:
         04:be:c7:4e:ab:1e:1a:30:7f:b5:b9:30:72:28:95:e4:df:97:
         d8:74:fe:f8:11:4c:93:56:17:da:48:44:d6:69:6a:2a:0a:55:
         1d:f8:1a:46:9b:f2:ee:d6:de:50:bf:f2:41:0f:22:8d:45:ac:
         11:0c:22:4c:7c:eb:d2:db:c6:ca:91:e7:51:cb:19:0d:97:19:
         6a:b3:a3:99:02:a4:56:f3:51:e0:4b:2e:32:b4:43:9d:54:ff:
         72:87:ee:82:10:ac:6a:5a:e5:ad:19:c4:81:7c:3e:db:ee:30:
         aa:c9:8b:74:c6:5e:4b:6c:2c:a6:00:ed:bd:0c:9f:af:d1:fb:
         c5:20:23:d8
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUfVcISJF28J12xHpVEGT7p6Wkm7QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTY4RTJDNzNBQTdFQzlEQUIzMDZEODBCNUJBQTREQkVD
M0RDQUIzNDAeFw0yNTA0MDkxODQzMTFaFw0yNjA0MDgxODQ4MTFaMDMxMTAvBgNV
BAMTKDM5QkM1MjdEN0YzMERCRUI5NjBBRDhBRDBGRDEyQTg4RkZGNUI4NUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeCaErLTxSgDg+w7uLhb0ecp3N
4hmgGKnyvn3iKtCyAARzOZ0E2kPObhemIe1rtGHaLqJMQKbojzS5ec94pk8gluHq
B9KUvUjhgfq9MfUYybcTil+wm8hDI+l+3OvCE4AgSjwysa48jPuNcAVJz/WHYl9y
xpu9jn6/AuBNM3D4NRtUySY7fwf4cmC3DPYXwZGv1J+Ybo4gHzYnCkYuCCc97J8S
MF9DnFQg7w71cBckeFqpYLwdGhxBNFNYtDE8ApODg8oN8juipQ/H3Io6vlBdsuFf
em38cxrexpC+05WQ05Ho+e5HZkm2y4Ji//I1t0Oz9PQLKjLp9Cy5VeDQY6aTAgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUObxSfX8w2+uWCtitD9EqiP/1uFswHwYDVR0j
BBgwFoAUFo4sc6p+ydqzBtgLW6pNvsPcqzQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vN3hTb0E0SkdDeHc0UVFIeEQySkNXWXFBaW5ucUIzZUVGdnFVNG4zbnZ1
bTMvMC8xNjhFMkM3M0FBN0VDOURBQjMwNkQ4MEI1QkFBNERCRUMzRENBQjM0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzE2OEUyQzczQUE3RUM5REFC
MzA2RDgwQjVCQUE0REJFQzNEQ0FCMzQuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
Lzd4U29BNEpHQ3h3NFFRSHhEMkpDV1lxQWlubnFCM2VFRnZxVTRuM252dW0zLzAv
MzEzODM3MmUzMTJlMzEzNjM0MmUzMDJmMzIzMzJkMzIzMzIwM2QzZTIwMzIzODMy
MzUzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB
/wQQMA4wDAQCAAEwBgMEAbsBpDANBgkqhkiG9w0BAQsFAAOCAQEAge2E2A/K5KQg
R0gScMvFo6OtvK1DyvWbL2/EcL930oWMxSsVi68b+NQjO1gXznUd2av2T/UC9uDc
woNNoEHJzWViMqmeO6bqKzdSdtxkJ7frGJ65uAcoeJptGG8LtBhDfBlfOgvqO8tq
mwB5WVIFAH8KMnhQ13bmVXApkpp/BL7HTqseGjB/tbkwciiV5N+X2HT++BFMk1YX
2khE1mlqKgpVHfgaRpvy7tbeUL/yQQ8ijUWsEQwiTHzr0tvGypHnUcsZDZcZarOj
mQKkVvNR4EsuMrRDnVT/cofughCsalrlrRnEgXw+2+4wqsmLdMZeS2wspgDtvQyf
r9H7xSAj2A==
-----END CERTIFICATE-----
Generated at Thu May 1 00:33:17 2025 by rpki-client