Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2VuJwKwnn46nNdS9dEszZ8JzKqGnaN9ZpDPgfsUmSuUP/0/3137302e302e33322e302f32342d3234203d3e20323634353530.roa
File:                     3137302e302e33322e302f32342d3234203d3e20323634353530.roa (raw, json)
Hash identifier:          NqfH3Qj1QTiUSJ0GIEC4vpjarT3yhhpuUh3hOD5IImE=
Subject key identifier:   94:E3:C2:EB:D7:64:CB:2A:D1:87:A2:3A:F7:49:F3:F4:C2:3F:C0:39
Certificate issuer:       /CN=FB435E794D86CB9BAE800A6D289A88F771B5B583
Certificate serial:       415336A9854EAF23B56D8C78407711A539FA1397
Authority key identifier: FB:43:5E:79:4D:86:CB:9B:AE:80:0A:6D:28:9A:88:F7:71:B5:B5:83
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/FB435E794D86CB9BAE800A6D289A88F771B5B583.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2VuJwKwnn46nNdS9dEszZ8JzKqGnaN9ZpDPgfsUmSuUP/0/3137302e302e33322e302f32342d3234203d3e20323634353530.roa
Signing time:             Tue 23 Sep 2025 00:05:08 +0000
ROA not before:           Tue 23 Sep 2025 00:00:08 +0000
ROA not after:            Tue 22 Sep 2026 00:05:08 +0000
asID:                     264550
IP address blocks:        170.0.32.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/2VuJwKwnn46nNdS9dEszZ8JzKqGnaN9ZpDPgfsUmSuUP/0/FB435E794D86CB9BAE800A6D289A88F771B5B583.crl
                          rsync://rpki-repo.registro.br/repo/2VuJwKwnn46nNdS9dEszZ8JzKqGnaN9ZpDPgfsUmSuUP/0/FB435E794D86CB9BAE800A6D289A88F771B5B583.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/FB435E794D86CB9BAE800A6D289A88F771B5B583.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 21 Oct 2025 09:39:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            41:53:36:a9:85:4e:af:23:b5:6d:8c:78:40:77:11:a5:39:fa:13:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB435E794D86CB9BAE800A6D289A88F771B5B583
        Validity
            Not Before: Sep 23 00:00:08 2025 GMT
            Not After : Sep 22 00:05:08 2026 GMT
        Subject: CN=94E3C2EBD764CB2AD187A23AF749F3F4C23FC039
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9e:15:54:7a:43:f4:22:50:69:4e:1d:c6:ad:4f:
                    55:a2:e9:d2:90:0b:0e:44:0b:a4:2c:7a:69:0a:2a:
                    27:6c:f3:f8:8c:d2:92:7c:36:6b:70:b8:67:73:bf:
                    1d:13:28:cc:76:ce:6f:dd:af:e1:ac:4e:fd:a6:54:
                    59:d9:12:ab:1d:be:b5:f9:31:e2:a4:89:25:6c:6b:
                    63:11:e1:27:fb:33:a9:fb:64:eb:d0:1b:ab:af:ab:
                    76:a1:dd:74:46:06:66:65:97:de:a9:9f:51:a8:f9:
                    64:74:f4:9d:ed:60:55:2e:db:f1:09:5f:1d:a8:5a:
                    37:d2:32:2b:16:3b:21:8f:b6:04:57:75:79:89:6a:
                    a5:f9:9b:0c:4c:f3:27:87:a5:0d:9a:1c:2f:b1:ba:
                    b9:dc:ad:bc:b1:a9:50:e0:87:34:4a:e6:5d:d7:17:
                    63:58:96:3e:fb:cd:6c:46:e1:a7:2b:f1:f8:64:c1:
                    05:eb:03:63:42:8b:83:93:d2:7f:3d:d7:d7:ec:dc:
                    d6:4f:d3:68:37:bf:6d:24:d6:00:db:c0:34:e2:7b:
                    2f:fb:35:4a:4a:8a:41:30:54:20:57:2f:12:b9:e6:
                    2b:e8:fd:25:a6:10:85:23:6a:e0:0e:88:56:9f:b6:
                    be:b4:1d:00:d8:37:25:f9:41:13:b7:1f:e5:b3:95:
                    b5:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:E3:C2:EB:D7:64:CB:2A:D1:87:A2:3A:F7:49:F3:F4:C2:3F:C0:39
            X509v3 Authority Key Identifier:
                keyid:FB:43:5E:79:4D:86:CB:9B:AE:80:0A:6D:28:9A:88:F7:71:B5:B5:83

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2VuJwKwnn46nNdS9dEszZ8JzKqGnaN9ZpDPgfsUmSuUP/0/FB435E794D86CB9BAE800A6D289A88F771B5B583.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/FB435E794D86CB9BAE800A6D289A88F771B5B583.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2VuJwKwnn46nNdS9dEszZ8JzKqGnaN9ZpDPgfsUmSuUP/0/3137302e302e33322e302f32342d3234203d3e20323634353530.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.0.32.0/24

    Signature Algorithm: sha256WithRSAEncryption
         62:17:b1:d3:dc:ba:e9:95:84:db:3a:6b:09:5d:24:f0:48:ca:
         3f:55:36:0b:40:57:aa:b6:85:82:2e:3f:e4:57:de:aa:e0:ab:
         1c:45:46:92:12:d4:4f:11:e2:82:db:b0:a5:8a:67:38:16:48:
         b5:85:6b:9a:e4:7b:77:77:e4:d3:dd:d5:68:36:86:e9:66:43:
         e3:c1:1e:47:c2:8b:7a:47:85:0b:63:6a:53:16:5c:83:10:8b:
         24:35:d6:ef:52:70:3f:96:7e:00:ae:89:06:03:c0:68:4e:f1:
         6e:17:88:bb:70:3c:4d:1a:ce:43:c0:b0:93:73:db:e8:48:b8:
         65:7b:24:ca:1b:8d:7c:37:cb:c5:1d:fd:45:5f:1b:b0:c3:a7:
         0d:33:fa:8d:ce:57:ef:6e:b3:e3:d3:fa:2a:32:65:31:77:f6:
         1b:52:9a:a8:cc:b4:b1:4a:99:bf:71:a1:41:4e:0c:65:81:93:
         d5:1f:55:c2:b9:f8:cb:b7:90:7d:13:f2:0a:b9:e9:b3:19:fe:
         5a:b0:4f:1b:ba:b9:d4:ed:43:68:29:a4:a2:bd:ce:45:d5:b4:
         fb:9e:da:d5:8c:f5:50:e6:ff:12:71:48:09:77:d9:67:bd:bd:
         34:75:ec:3c:6e:e6:c5:3e:5a:2b:a4:1e:76:a1:5b:20:a9:8a:
         7d:b9:4e:62
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUQVM2qYVOryO1bYx4QHcRpTn6E5cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkI0MzVFNzk0RDg2Q0I5QkFFODAwQTZEMjg5QTg4Rjc3
MUI1QjU4MzAeFw0yNTA5MjMwMDAwMDhaFw0yNjA5MjIwMDA1MDhaMDMxMTAvBgNV
BAMTKDk0RTNDMkVCRDc2NENCMkFEMTg3QTIzQUY3NDlGM0Y0QzIzRkMwMzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeFVR6Q/QiUGlOHcatT1Wi6dKQ
Cw5EC6QsemkKKids8/iM0pJ8NmtwuGdzvx0TKMx2zm/dr+GsTv2mVFnZEqsdvrX5
MeKkiSVsa2MR4Sf7M6n7ZOvQG6uvq3ah3XRGBmZll96pn1Go+WR09J3tYFUu2/EJ
Xx2oWjfSMisWOyGPtgRXdXmJaqX5mwxM8yeHpQ2aHC+xurncrbyxqVDghzRK5l3X
F2NYlj77zWxG4acr8fhkwQXrA2NCi4OT0n8919fs3NZP02g3v20k1gDbwDTiey/7
NUpKikEwVCBXLxK55ivo/SWmEIUjauAOiFaftr60HQDYNyX5QRO3H+WzlbXZAgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUlOPC69dkyyrRh6I690nz9MI/wDkwHwYDVR0j
BBgwFoAU+0NeeU2Gy5uugAptKJqI93G1tYMwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMlZ1SndLd25uNDZuTmRTOWRFc3paOEp6S3FHbmFOOVpwRFBnZnNVbVN1
VVAvMC9GQjQzNUU3OTREODZDQjlCQUU4MDBBNkQyODlBODhGNzcxQjVCNTgzLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0ZCNDM1RTc5NEQ4NkNCOUJB
RTgwMEE2RDI4OUE4OEY3NzFCNUI1ODMuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJWdUp3S3dubjQ2bk5kUzlkRXN6WjhKektxR25hTjlacERQZ2ZzVW1TdVVQLzAv
MzEzNzMwMmUzMDJlMzMzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzNDM1
MzUzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB
/wQQMA4wDAQCAAEwBgMEAKoAIDANBgkqhkiG9w0BAQsFAAOCAQEAYhex09y66ZWE
2zprCV0k8EjKP1U2C0BXqraFgi4/5FfequCrHEVGkhLUTxHigtuwpYpnOBZItYVr
muR7d3fk093VaDaG6WZD48EeR8KLekeFC2NqUxZcgxCLJDXW71JwP5Z+AK6JBgPA
aE7xbheIu3A8TRrOQ8Cwk3Pb6Ei4ZXskyhuNfDfLxR39RV8bsMOnDTP6jc5X726z
49P6KjJlMXf2G1KaqMy0sUqZv3GhQU4MZYGT1R9Vwrn4y7eQfRPyCrnpsxn+WrBP
G7q51O1DaCmkor3ORdW0+57a1Yz1UOb/EnFICXfZZ729NHXsPG7mxT5aK6QedqFb
IKmKfblOYg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:43:36 2025 by rpki-client