Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/HrgJEbRsQzZPQBBHdkzxngKKapi92F7yCyDZaz9rVkFR/1/3138392e38342e3134342e302f32332d3233203d3e203238333730.roa
File:                     3138392e38342e3134342e302f32332d3233203d3e203238333730.roa (raw, json)
Hash identifier:          3eQ2O/aYaDKa7ZuZD8eRPWkEaV5a09c44fD3/j4PM2o=
Subject key identifier:   24:56:CA:63:AC:65:57:E5:83:E3:30:7A:37:3B:63:14:35:EA:60:C9
Certificate issuer:       /CN=32A915BA5A97568A877890D55DC289FFCB6FEE60
Certificate serial:       463228BD5CC13F1C194766FA1BA3454787F434DD
Authority key identifier: 32:A9:15:BA:5A:97:56:8A:87:78:90:D5:5D:C2:89:FF:CB:6F:EE:60
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32A915BA5A97568A877890D55DC289FFCB6FEE60.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/HrgJEbRsQzZPQBBHdkzxngKKapi92F7yCyDZaz9rVkFR/1/3138392e38342e3134342e302f32332d3233203d3e203238333730.roa
Signing time:             Wed 23 Jul 2025 22:45:10 +0000
ROA not before:           Wed 23 Jul 2025 22:40:10 +0000
ROA not after:            Wed 22 Jul 2026 22:45:10 +0000
asID:                     28370
IP address blocks:        189.84.144.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/HrgJEbRsQzZPQBBHdkzxngKKapi92F7yCyDZaz9rVkFR/1/32A915BA5A97568A877890D55DC289FFCB6FEE60.crl
                          rsync://rpki-repo.registro.br/repo/HrgJEbRsQzZPQBBHdkzxngKKapi92F7yCyDZaz9rVkFR/1/32A915BA5A97568A877890D55DC289FFCB6FEE60.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32A915BA5A97568A877890D55DC289FFCB6FEE60.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 10 Aug 2025 14:15:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:32:28:bd:5c:c1:3f:1c:19:47:66:fa:1b:a3:45:47:87:f4:34:dd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32A915BA5A97568A877890D55DC289FFCB6FEE60
        Validity
            Not Before: Jul 23 22:40:10 2025 GMT
            Not After : Jul 22 22:45:10 2026 GMT
        Subject: CN=2456CA63AC6557E583E3307A373B631435EA60C9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:87:b9:d7:3a:65:76:b2:31:31:eb:0d:ee:ac:
                    38:f7:4d:30:01:80:51:4f:5c:82:e3:3b:8d:75:f4:
                    47:ab:c0:1b:bf:49:f4:3d:f2:2a:f7:a3:c7:af:48:
                    20:06:dd:6e:e5:31:3c:36:16:d7:ac:df:e5:59:bc:
                    78:7b:7e:11:13:4e:e4:af:87:7e:06:54:cd:b8:3a:
                    70:42:e6:61:09:ef:66:f9:39:eb:f3:7b:63:09:87:
                    03:b8:c4:74:a3:b4:af:84:d7:48:60:b0:ac:9e:6d:
                    40:03:01:e1:0b:c3:1b:1f:fd:a9:dd:25:29:4e:ee:
                    0c:77:10:9d:09:af:72:5d:a6:3f:b1:0f:93:e8:d6:
                    04:6a:d1:a8:7f:31:37:94:c0:a4:12:a0:8a:50:92:
                    b2:19:b8:44:78:66:5b:30:02:d2:27:8b:d2:7b:ff:
                    cd:c9:60:ec:8f:88:08:aa:77:15:c0:2a:da:ac:c0:
                    76:e3:2d:ee:6d:09:b5:a1:cc:29:2c:1a:c2:f6:71:
                    00:dd:2a:82:c0:87:bf:47:72:1d:eb:4d:66:25:d6:
                    4b:dd:86:a5:5b:6a:20:b7:61:77:ba:1b:ec:34:61:
                    24:31:43:44:3f:31:23:93:59:24:1f:a0:11:87:1e:
                    12:c8:9d:95:f6:f1:b9:02:da:02:b1:27:90:40:74:
                    1a:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:56:CA:63:AC:65:57:E5:83:E3:30:7A:37:3B:63:14:35:EA:60:C9
            X509v3 Authority Key Identifier:
                keyid:32:A9:15:BA:5A:97:56:8A:87:78:90:D5:5D:C2:89:FF:CB:6F:EE:60

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/HrgJEbRsQzZPQBBHdkzxngKKapi92F7yCyDZaz9rVkFR/1/32A915BA5A97568A877890D55DC289FFCB6FEE60.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32A915BA5A97568A877890D55DC289FFCB6FEE60.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/HrgJEbRsQzZPQBBHdkzxngKKapi92F7yCyDZaz9rVkFR/1/3138392e38342e3134342e302f32332d3233203d3e203238333730.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  189.84.144.0/23

    Signature Algorithm: sha256WithRSAEncryption
         65:83:d0:31:82:27:1d:ad:32:ad:5e:f6:fd:ee:08:64:95:20:
         00:79:de:21:f9:94:8a:64:3c:fc:cf:10:14:4e:54:d5:e6:ff:
         26:a4:d8:b2:9e:0b:ae:4e:52:16:bd:d5:fa:4d:6f:a7:1a:39:
         7c:b2:7c:ed:7c:9f:a5:e3:3f:eb:40:f5:09:3c:92:ff:4e:2f:
         ba:ae:f5:58:1c:74:3a:a5:e7:dc:26:8c:8a:c7:17:1b:4e:76:
         3f:f3:d5:56:46:03:25:b6:d0:4e:3d:78:6a:5a:e0:ed:fe:6f:
         b8:5b:5c:29:12:1a:91:f1:3b:da:8f:0e:26:ad:5a:db:97:bf:
         e3:b7:85:86:88:25:78:0d:a7:35:ff:94:1a:71:ea:22:7e:68:
         1c:55:ba:98:79:c1:e3:c7:4e:27:a7:be:46:fc:3b:a7:51:07:
         e9:f9:2c:0d:6b:38:87:b2:ce:2f:2d:15:f2:b3:0b:e2:48:b1:
         74:97:df:15:a1:dc:ed:52:6e:f4:64:74:bc:d4:95:6d:71:72:
         37:ca:67:56:7c:24:e9:e1:74:7e:1e:e7:d3:55:ad:e7:23:a9:
         30:ed:f0:74:7d:c4:1c:5c:c2:6d:84:19:20:e6:d2:cd:8d:ae:
         52:bb:c1:dc:0a:a4:48:92:d8:ee:c8:ae:4d:b8:82:fb:fc:6e:
         25:ca:ec:a5
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIURjIovVzBPxwZR2b6G6NFR4f0NN0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzJBOTE1QkE1QTk3NTY4QTg3Nzg5MEQ1NURDMjg5RkZD
QjZGRUU2MDAeFw0yNTA3MjMyMjQwMTBaFw0yNjA3MjIyMjQ1MTBaMDMxMTAvBgNV
BAMTKDI0NTZDQTYzQUM2NTU3RTU4M0UzMzA3QTM3M0I2MzE0MzVFQTYwQzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIh7nXOmV2sjEx6w3urDj3TTAB
gFFPXILjO4119EerwBu/SfQ98ir3o8evSCAG3W7lMTw2Ftes3+VZvHh7fhETTuSv
h34GVM24OnBC5mEJ72b5Oevze2MJhwO4xHSjtK+E10hgsKyebUADAeELwxsf/and
JSlO7gx3EJ0Jr3Jdpj+xD5Po1gRq0ah/MTeUwKQSoIpQkrIZuER4ZlswAtIni9J7
/83JYOyPiAiqdxXAKtqswHbjLe5tCbWhzCksGsL2cQDdKoLAh79Hch3rTWYl1kvd
hqVbaiC3YXe6G+w0YSQxQ0Q/MSOTWSQfoBGHHhLInZX28bkC2gKxJ5BAdBpjAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUJFbKY6xlV+WD4zB6NztjFDXqYMkwHwYDVR0j
BBgwFoAUMqkVulqXVoqHeJDVXcKJ/8tv7mAwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vSHJnSkViUnNRelpQUUJCSGRrenhuZ0tLYXBpOTJGN3lDeURaYXo5clZr
RlIvMS8zMkE5MTVCQTVBOTc1NjhBODc3ODkwRDU1REMyODlGRkNCNkZFRTYwLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzMyQTkxNUJBNUE5NzU2OEE4
Nzc4OTBENTVEQzI4OUZGQ0I2RkVFNjAuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0hyZ0pFYlJzUXpaUFFCQkhka3p4bmdLS2FwaTkyRjd5Q3lEWmF6OXJWa0ZSLzEv
MzEzODM5MmUzODM0MmUzMTM0MzQyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjM4
MzMzNzMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQBvVSQMA0GCSqGSIb3DQEBCwUAA4IBAQBlg9Axgicd
rTKtXvb97ghklSAAed4h+ZSKZDz8zxAUTlTV5v8mpNiynguuTlIWvdX6TW+nGjl8
snztfJ+l4z/rQPUJPJL/Ti+6rvVYHHQ6pefcJoyKxxcbTnY/89VWRgMlttBOPXhq
WuDt/m+4W1wpEhqR8Tvajw4mrVrbl7/jt4WGiCV4Dac1/5QaceoifmgcVbqYecHj
x04np75G/DunUQfp+SwNaziHss4vLRXyswviSLF0l98VodztUm70ZHS81JVtcXI3
ymdWfCTp4XR+HufTVa3nI6kw7fB0fcQcXMJthBkg5tLNja5Su8HcCqRIktjuyK5N
uIL7/G4lyuyl
-----END CERTIFICATE-----
Generated at Sat Aug 9 23:10:43 2025 by rpki-client