Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/HmfJiU8uRvjo5iJYQpRxK1eZ6k4xxJ5W2sQMF81Hf2nZ/2/3137372e3232332e33322e302f32302d3234203d3e20323636353339.roa
File:                     3137372e3232332e33322e302f32302d3234203d3e20323636353339.roa (raw, json)
Hash identifier:          9rNjQfR82W+oS90D8d3ALwDPX0Y2XfhUQX8gBYC9pwI=
Subject key identifier:   BF:EE:11:80:55:5F:24:40:EA:E8:7E:1C:86:A8:1C:E9:4E:EE:4E:08
Certificate issuer:       /CN=ACECAAD29AAF75126D8D2F594FC43AB0E7B3A10D
Certificate serial:       46DEEB2A4349007EC8A4299D04DD20669DF3230B
Authority key identifier: AC:EC:AA:D2:9A:AF:75:12:6D:8D:2F:59:4F:C4:3A:B0:E7:B3:A1:0D
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/ACECAAD29AAF75126D8D2F594FC43AB0E7B3A10D.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/HmfJiU8uRvjo5iJYQpRxK1eZ6k4xxJ5W2sQMF81Hf2nZ/2/3137372e3232332e33322e302f32302d3234203d3e20323636353339.roa
Signing time:             Mon 28 Apr 2025 19:15:54 +0000
ROA not before:           Mon 28 Apr 2025 19:10:54 +0000
ROA not after:            Mon 27 Apr 2026 19:15:54 +0000
asID:                     266539
IP address blocks:        177.223.32.0/20 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/HmfJiU8uRvjo5iJYQpRxK1eZ6k4xxJ5W2sQMF81Hf2nZ/2/ACECAAD29AAF75126D8D2F594FC43AB0E7B3A10D.crl
                          rsync://rpki-repo.registro.br/repo/HmfJiU8uRvjo5iJYQpRxK1eZ6k4xxJ5W2sQMF81Hf2nZ/2/ACECAAD29AAF75126D8D2F594FC43AB0E7B3A10D.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/ACECAAD29AAF75126D8D2F594FC43AB0E7B3A10D.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 02 May 2025 21:59:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:de:eb:2a:43:49:00:7e:c8:a4:29:9d:04:dd:20:66:9d:f3:23:0b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=ACECAAD29AAF75126D8D2F594FC43AB0E7B3A10D
        Validity
            Not Before: Apr 28 19:10:54 2025 GMT
            Not After : Apr 27 19:15:54 2026 GMT
        Subject: CN=BFEE1180555F2440EAE87E1C86A81CE94EEE4E08
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:43:cf:f7:29:48:8a:72:67:57:74:b3:50:57:
                    70:b2:a4:43:6b:20:ab:d4:61:93:14:27:87:46:e5:
                    3e:4b:28:28:86:15:6a:73:50:dc:6d:48:51:bd:be:
                    c6:15:a2:54:38:bd:da:10:29:04:b8:b6:63:27:95:
                    0e:8b:4a:54:e9:ad:0a:37:b2:76:41:32:bf:a3:fc:
                    51:9e:c9:14:db:d6:a6:29:4f:3b:d5:c8:dc:25:b6:
                    fc:24:fc:a5:31:80:96:5b:b7:c1:82:73:b4:08:63:
                    c9:6e:78:26:4a:cf:f9:cf:13:d0:e8:dd:d6:f0:b7:
                    e4:2a:15:17:13:a0:4e:6d:fa:1b:c1:0c:43:aa:df:
                    6e:a0:a9:67:8d:be:93:61:2d:0a:fc:55:ff:24:17:
                    d4:37:b0:b2:03:85:5c:60:3c:39:c7:e4:15:f0:6a:
                    8c:61:76:49:ef:82:97:32:41:ac:23:29:17:9b:41:
                    3a:0d:51:9a:e3:a9:e8:a8:42:cd:a5:db:25:ae:75:
                    5d:79:ca:d7:23:71:3f:4e:67:3b:a1:44:32:cf:81:
                    a1:25:d6:e7:4f:b2:be:6c:de:41:2f:d2:31:e7:ba:
                    f5:7e:d2:b3:f0:f7:2e:cc:23:5b:99:1e:54:d2:e1:
                    7f:e7:d3:1a:31:8e:ee:00:3d:4e:ca:b4:4d:b5:78:
                    85:b7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:EE:11:80:55:5F:24:40:EA:E8:7E:1C:86:A8:1C:E9:4E:EE:4E:08
            X509v3 Authority Key Identifier:
                keyid:AC:EC:AA:D2:9A:AF:75:12:6D:8D:2F:59:4F:C4:3A:B0:E7:B3:A1:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/HmfJiU8uRvjo5iJYQpRxK1eZ6k4xxJ5W2sQMF81Hf2nZ/2/ACECAAD29AAF75126D8D2F594FC43AB0E7B3A10D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/ACECAAD29AAF75126D8D2F594FC43AB0E7B3A10D.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/HmfJiU8uRvjo5iJYQpRxK1eZ6k4xxJ5W2sQMF81Hf2nZ/2/3137372e3232332e33322e302f32302d3234203d3e20323636353339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.223.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         1e:47:c3:eb:a7:8d:e6:c7:46:a2:d7:a9:f5:e1:ef:2c:0e:15:
         f1:f0:68:fb:89:ce:d5:64:7c:8e:45:c1:a3:3d:42:00:6b:3e:
         45:1b:3c:66:a8:4c:ce:50:91:ec:52:1f:76:9f:56:12:90:3b:
         2f:6e:20:16:dd:8b:ad:ec:c3:68:95:d3:13:17:54:63:98:6f:
         3a:c2:fd:c7:49:b4:3c:00:eb:f4:90:76:0f:0c:46:6b:c4:b3:
         db:cd:9f:79:e6:94:e1:e0:83:bc:09:90:30:e1:6b:7d:29:03:
         4a:b0:ee:60:b7:fa:fb:e7:53:8e:06:19:e8:29:5a:b0:f9:50:
         43:b7:f4:f7:28:3a:ff:0a:80:90:d1:e4:01:05:10:e9:63:2e:
         3f:4f:48:23:ce:37:b5:ea:4f:ef:b3:f1:fe:6f:34:93:12:fc:
         48:c1:12:8d:56:98:ca:9a:44:a3:3d:7c:67:49:f5:c2:65:cd:
         97:53:c1:9b:ef:c5:f8:5a:e1:91:64:cd:1f:a9:e1:3b:96:72:
         ef:ba:0d:9f:c0:65:e4:e8:e8:e1:59:5e:85:1d:bf:d6:a2:0d:
         4e:53:ad:70:b9:3f:55:b8:80:aa:c1:cb:cd:da:aa:2e:86:15:
         35:d7:1b:95:58:71:4d:28:96:7f:ec:b3:b4:bd:c1:93:6f:0e:
         99:43:e0:55
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIURt7rKkNJAH7IpCmdBN0gZp3zIwswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUNFQ0FBRDI5QUFGNzUxMjZEOEQyRjU5NEZDNDNBQjBF
N0IzQTEwRDAeFw0yNTA0MjgxOTEwNTRaFw0yNjA0MjcxOTE1NTRaMDMxMTAvBgNV
BAMTKEJGRUUxMTgwNTU1RjI0NDBFQUU4N0UxQzg2QTgxQ0U5NEVFRTRFMDgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChQ8/3KUiKcmdXdLNQV3CypENr
IKvUYZMUJ4dG5T5LKCiGFWpzUNxtSFG9vsYVolQ4vdoQKQS4tmMnlQ6LSlTprQo3
snZBMr+j/FGeyRTb1qYpTzvVyNwltvwk/KUxgJZbt8GCc7QIY8lueCZKz/nPE9Do
3dbwt+QqFRcToE5t+hvBDEOq326gqWeNvpNhLQr8Vf8kF9Q3sLIDhVxgPDnH5BXw
aoxhdknvgpcyQawjKRebQToNUZrjqeioQs2l2yWudV15ytcjcT9OZzuhRDLPgaEl
1udPsr5s3kEv0jHnuvV+0rPw9y7MI1uZHlTS4X/n0xoxju4APU7KtE21eIW3AgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUv+4RgFVfJEDq6H4chqgc6U7uTggwHwYDVR0j
BBgwFoAUrOyq0pqvdRJtjS9ZT8Q6sOezoQ0wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vSG1mSmlVOHVSdmpvNWlKWVFwUnhLMWVaNms0eHhKNVcyc1FNRjgxSGYy
blovMi9BQ0VDQUFEMjlBQUY3NTEyNkQ4RDJGNTk0RkM0M0FCMEU3QjNBMTBELmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FDRUNBQUQyOUFBRjc1MTI2
RDhEMkY1OTRGQzQzQUIwRTdCM0ExMEQuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0htZkppVTh1UnZqbzVpSllRcFJ4SzFlWjZrNHh4SjVXMnNRTUY4MUhmMm5aLzIv
MzEzNzM3MmUzMjMyMzMyZTMzMzIyZTMwMmYzMjMwMmQzMjM0MjAzZDNlMjAzMjM2
MzYzNTMzMzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBASx3yAwDQYJKoZIhvcNAQELBQADggEBAB5Hw+un
jebHRqLXqfXh7ywOFfHwaPuJztVkfI5FwaM9QgBrPkUbPGaoTM5QkexSH3afVhKQ
Oy9uIBbdi63sw2iV0xMXVGOYbzrC/cdJtDwA6/SQdg8MRmvEs9vNn3nmlOHgg7wJ
kDDha30pA0qw7mC3+vvnU44GGegpWrD5UEO39PcoOv8KgJDR5AEFEOljLj9PSCPO
N7XqT++z8f5vNJMS/EjBEo1WmMqaRKM9fGdJ9cJlzZdTwZvvxfha4ZFkzR+p4TuW
cu+6DZ/AZeTo6OFZXoUdv9aiDU5TrXC5P1W4gKrBy83aqi6GFTXXG5VYcU0oln/s
s7S9wZNvDplD4FU=
-----END CERTIFICATE-----
Generated at Fri May 2 08:34:29 2025 by rpki-client