Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/5kh7U1maB7CEk94NychBpWi1YzXFG9EV5xRaanL9wV3v/0/3136382e302e3135362e302f32322d3234203d3e20323635323536.roa
File:                     3136382e302e3135362e302f32322d3234203d3e20323635323536.roa (raw, json)
Hash identifier:          /BKkNQeF+uTBiSKvTy25W+J/chn9HAn4OElvUjg6hOQ=
Subject key identifier:   08:38:02:AB:40:37:2F:BA:59:2C:91:6C:D2:86:11:86:E5:F8:91:BB
Certificate issuer:       /CN=BE7415AD0D46EBFDA548114CE90CBE13B2F27B9D
Certificate serial:       3529D29BB59672A16C5A9D06C32CE8F4C0D0EB2E
Authority key identifier: BE:74:15:AD:0D:46:EB:FD:A5:48:11:4C:E9:0C:BE:13:B2:F2:7B:9D
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BE7415AD0D46EBFDA548114CE90CBE13B2F27B9D.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/5kh7U1maB7CEk94NychBpWi1YzXFG9EV5xRaanL9wV3v/0/3136382e302e3135362e302f32322d3234203d3e20323635323536.roa
Signing time:             Thu 26 Jun 2025 22:55:16 +0000
ROA not before:           Thu 26 Jun 2025 22:50:16 +0000
ROA not after:            Thu 25 Jun 2026 22:55:16 +0000
asID:                     265256
IP address blocks:        168.0.156.0/22 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/5kh7U1maB7CEk94NychBpWi1YzXFG9EV5xRaanL9wV3v/0/BE7415AD0D46EBFDA548114CE90CBE13B2F27B9D.crl
                          rsync://rpki-repo.registro.br/repo/5kh7U1maB7CEk94NychBpWi1YzXFG9EV5xRaanL9wV3v/0/BE7415AD0D46EBFDA548114CE90CBE13B2F27B9D.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BE7415AD0D46EBFDA548114CE90CBE13B2F27B9D.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 06 Jul 2025 20:52:43 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:29:d2:9b:b5:96:72:a1:6c:5a:9d:06:c3:2c:e8:f4:c0:d0:eb:2e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BE7415AD0D46EBFDA548114CE90CBE13B2F27B9D
        Validity
            Not Before: Jun 26 22:50:16 2025 GMT
            Not After : Jun 25 22:55:16 2026 GMT
        Subject: CN=083802AB40372FBA592C916CD2861186E5F891BB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:4f:92:39:bf:ac:5a:cc:03:17:d5:45:24:0a:
                    3f:bd:f8:b7:44:fb:51:83:d7:8c:5e:c8:d1:e3:ff:
                    5f:7f:ac:dc:f1:be:bf:73:19:2f:0a:b3:8e:34:c2:
                    e6:3e:7c:14:76:10:96:ef:4a:63:1f:5c:53:ad:1f:
                    a8:87:52:39:1f:17:3e:8e:c5:fc:35:16:c8:25:cf:
                    33:00:4d:70:af:dd:0c:22:48:91:ba:89:93:2a:c4:
                    90:81:84:c9:3f:34:0f:de:ab:11:fb:16:ac:b4:a6:
                    ed:72:fc:0a:3a:82:7e:a8:20:2f:82:88:2d:7b:3d:
                    93:30:72:f1:90:bd:15:18:bf:06:fe:d3:37:51:95:
                    95:7b:ad:56:7e:b0:ae:dc:14:2d:bf:aa:ce:48:fc:
                    cf:e3:d3:66:c0:25:1f:2c:78:82:46:7b:df:5a:6c:
                    a5:a0:38:0c:46:aa:56:fd:f7:0c:e8:ec:76:52:04:
                    02:c4:f8:2e:36:f5:4e:56:fd:4d:16:5f:e5:ef:db:
                    5e:98:ce:1b:c5:93:59:88:67:dd:41:e0:71:58:15:
                    7c:b2:8a:62:2b:ab:b8:dc:2a:ca:05:4d:c4:28:e8:
                    2c:4f:99:cf:ab:8e:91:41:f3:bd:7f:fd:d7:ee:8e:
                    88:8f:74:48:68:50:b5:2d:ca:90:5a:00:d7:bb:bb:
                    aa:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:38:02:AB:40:37:2F:BA:59:2C:91:6C:D2:86:11:86:E5:F8:91:BB
            X509v3 Authority Key Identifier:
                keyid:BE:74:15:AD:0D:46:EB:FD:A5:48:11:4C:E9:0C:BE:13:B2:F2:7B:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/5kh7U1maB7CEk94NychBpWi1YzXFG9EV5xRaanL9wV3v/0/BE7415AD0D46EBFDA548114CE90CBE13B2F27B9D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BE7415AD0D46EBFDA548114CE90CBE13B2F27B9D.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/5kh7U1maB7CEk94NychBpWi1YzXFG9EV5xRaanL9wV3v/0/3136382e302e3135362e302f32322d3234203d3e20323635323536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.0.156.0/22

    Signature Algorithm: sha256WithRSAEncryption
         af:58:49:65:fa:48:c1:2c:87:b2:1e:92:0f:0b:db:7a:22:c1:
         11:a6:02:fe:2f:03:8d:f3:f2:62:ab:d2:23:89:88:a2:e3:5e:
         bd:a3:9d:13:66:3b:15:55:eb:25:71:b8:2b:e2:f6:dd:66:fe:
         a9:d3:71:a2:f0:24:d1:2d:b2:bf:f9:ca:fd:9f:77:3e:59:0c:
         84:d1:9b:6a:9e:05:93:35:4f:bd:3a:07:5c:c4:05:3b:69:17:
         2c:e2:6b:7e:8b:b3:bc:7d:02:da:b6:4f:20:ff:00:83:83:ea:
         c5:88:a2:aa:28:ce:ec:ac:c4:69:9c:d3:0c:03:67:44:a3:b3:
         17:79:d9:ad:21:9d:29:a0:0d:5a:6e:9c:69:a4:f0:49:7b:1f:
         3b:16:fe:52:ef:e6:85:89:2c:98:42:23:6a:60:fb:eb:3c:a6:
         84:6b:fd:ec:53:61:f6:01:ed:fc:5b:2a:b3:cd:b1:3a:6b:7b:
         29:7a:e9:82:ae:88:b4:e0:fc:6d:f0:2a:ac:35:d1:2e:bd:31:
         a4:95:48:ba:42:03:95:6a:e1:c2:1d:d0:f2:3a:b6:69:88:4e:
         4b:fd:e8:be:3b:2e:14:50:0c:73:a9:c9:30:3c:ff:23:94:72:
         ec:cf:1d:9e:a8:f5:ec:67:e4:87:43:78:d7:7f:fb:a3:97:db:
         51:02:20:db
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUNSnSm7WWcqFsWp0Gwyzo9MDQ6y4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkU3NDE1QUQwRDQ2RUJGREE1NDgxMTRDRTkwQ0JFMTNC
MkYyN0I5RDAeFw0yNTA2MjYyMjUwMTZaFw0yNjA2MjUyMjU1MTZaMDMxMTAvBgNV
BAMTKDA4MzgwMkFCNDAzNzJGQkE1OTJDOTE2Q0QyODYxMTg2RTVGODkxQkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDST5I5v6xazAMX1UUkCj+9+LdE
+1GD14xeyNHj/19/rNzxvr9zGS8Ks440wuY+fBR2EJbvSmMfXFOtH6iHUjkfFz6O
xfw1FsglzzMATXCv3QwiSJG6iZMqxJCBhMk/NA/eqxH7Fqy0pu1y/Ao6gn6oIC+C
iC17PZMwcvGQvRUYvwb+0zdRlZV7rVZ+sK7cFC2/qs5I/M/j02bAJR8seIJGe99a
bKWgOAxGqlb99wzo7HZSBALE+C429U5W/U0WX+Xv216YzhvFk1mIZ91B4HFYFXyy
imIrq7jcKsoFTcQo6CxPmc+rjpFB871//dfujoiPdEhoULUtypBaANe7u6p9AgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUCDgCq0A3L7pZLJFs0oYRhuX4kbswHwYDVR0j
BBgwFoAUvnQVrQ1G6/2lSBFM6Qy+E7Lye50wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNWtoN1UxbWFCN0NFazk0TnljaEJwV2kxWXpYRkc5RVY1eFJhYW5MOXdW
M3YvMC9CRTc0MTVBRDBENDZFQkZEQTU0ODExNENFOTBDQkUxM0IyRjI3QjlELmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0JFNzQxNUFEMEQ0NkVCRkRB
NTQ4MTE0Q0U5MENCRTEzQjJGMjdCOUQuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzVraDdVMW1hQjdDRWs5NE55Y2hCcFdpMVl6WEZHOUVWNXhSYWFuTDl3VjN2LzAv
MzEzNjM4MmUzMDJlMzEzNTM2MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM1
MzIzNTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCqACcMA0GCSqGSIb3DQEBCwUAA4IBAQCvWEll+kjB
LIeyHpIPC9t6IsERpgL+LwON8/Jiq9IjiYii4169o50TZjsVVeslcbgr4vbdZv6p
03Gi8CTRLbK/+cr9n3c+WQyE0ZtqngWTNU+9OgdcxAU7aRcs4mt+i7O8fQLatk8g
/wCDg+rFiKKqKM7srMRpnNMMA2dEo7MXedmtIZ0poA1abpxppPBJex87Fv5S7+aF
iSyYQiNqYPvrPKaEa/3sU2H2Ae38WyqzzbE6a3speumCroi04Pxt8CqsNdEuvTGk
lUi6QgOVauHCHdDyOrZpiE5L/ei+Oy4UUAxzqckwPP8jlHLszx2eqPXsZ+SHQ3jX
f/ujl9tRAiDb
-----END CERTIFICATE-----
Generated at Sun Jul 6 00:56:51 2025 by rpki-client