Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BLaKFpUd6fnt4Pn4AedZTS86SJWqVcK1BzsThC2dYhGe/0/3138372e3132312e3233362e302f32322d3232203d3e203238323936.roa
File:                     3138372e3132312e3233362e302f32322d3232203d3e203238323936.roa (raw, json)
Hash identifier:          sSQiCoAKua8zUzcBnKh0VvAA8hQiCtGxLBTvJVGvCC8=
Subject key identifier:   AA:67:FB:28:40:C4:34:F6:3A:5D:41:08:91:6C:D2:59:5C:0B:CB:E1
Certificate issuer:       /CN=70B9C65823B529121333565E1FBBC0AFCAA62A2F
Certificate serial:       6111F2764C9990C74490C4D313DC1BCA4C2EF78D
Authority key identifier: 70:B9:C6:58:23:B5:29:12:13:33:56:5E:1F:BB:C0:AF:CA:A6:2A:2F
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/70B9C65823B529121333565E1FBBC0AFCAA62A2F.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BLaKFpUd6fnt4Pn4AedZTS86SJWqVcK1BzsThC2dYhGe/0/3138372e3132312e3233362e302f32322d3232203d3e203238323936.roa
Signing time:             Fri 03 Oct 2025 02:29:08 +0000
ROA not before:           Fri 03 Oct 2025 02:24:08 +0000
ROA not after:            Fri 02 Oct 2026 02:29:08 +0000
asID:                     28296
IP address blocks:        187.121.236.0/22 maxlen: 22
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BLaKFpUd6fnt4Pn4AedZTS86SJWqVcK1BzsThC2dYhGe/0/70B9C65823B529121333565E1FBBC0AFCAA62A2F.crl
                          rsync://rpki-repo.registro.br/repo/BLaKFpUd6fnt4Pn4AedZTS86SJWqVcK1BzsThC2dYhGe/0/70B9C65823B529121333565E1FBBC0AFCAA62A2F.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/70B9C65823B529121333565E1FBBC0AFCAA62A2F.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 21 Oct 2025 11:13:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:11:f2:76:4c:99:90:c7:44:90:c4:d3:13:dc:1b:ca:4c:2e:f7:8d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70B9C65823B529121333565E1FBBC0AFCAA62A2F
        Validity
            Not Before: Oct  3 02:24:08 2025 GMT
            Not After : Oct  2 02:29:08 2026 GMT
        Subject: CN=AA67FB2840C434F63A5D4108916CD2595C0BCBE1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:f4:14:db:ae:57:b7:79:88:b6:2b:96:75:7f:
                    6b:05:a8:db:86:7c:4c:d0:aa:d7:5d:23:cc:91:95:
                    2c:53:ef:5a:b7:de:4c:99:9d:1e:d4:62:3a:e9:d0:
                    c5:bb:50:56:7b:45:32:65:bf:cc:14:fd:10:58:e4:
                    d7:fe:72:92:c7:40:8f:50:08:eb:3c:11:e1:6e:54:
                    3b:5e:a1:c8:3b:70:18:26:5b:ba:7d:22:d3:d1:5a:
                    28:f0:8b:fe:f4:9d:9e:6a:ba:82:fa:29:06:5b:eb:
                    bd:d3:de:d9:4f:a6:2c:e0:8c:64:ae:4f:d1:82:a5:
                    11:54:c1:ff:8b:35:c1:55:7f:21:e8:9f:67:7a:1d:
                    e3:30:d3:00:47:45:86:57:25:7c:36:58:21:c0:66:
                    a2:08:12:52:ef:89:2d:c4:66:26:9b:bd:a1:e6:99:
                    89:8e:70:e1:a3:69:53:4d:8c:6e:32:be:1a:22:1a:
                    a7:5b:98:97:bc:1a:82:de:47:31:19:29:92:1a:65:
                    74:cf:3b:e5:af:9b:12:f0:3a:88:65:cb:0b:94:25:
                    99:d9:11:bc:01:19:4f:9b:17:d6:f9:b9:e9:bd:9f:
                    1a:54:96:bd:ad:02:78:5e:5b:bd:c6:a4:34:22:12:
                    0a:c5:63:fc:8c:51:91:63:02:de:da:b5:d5:4d:3a:
                    5f:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:67:FB:28:40:C4:34:F6:3A:5D:41:08:91:6C:D2:59:5C:0B:CB:E1
            X509v3 Authority Key Identifier:
                keyid:70:B9:C6:58:23:B5:29:12:13:33:56:5E:1F:BB:C0:AF:CA:A6:2A:2F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BLaKFpUd6fnt4Pn4AedZTS86SJWqVcK1BzsThC2dYhGe/0/70B9C65823B529121333565E1FBBC0AFCAA62A2F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/70B9C65823B529121333565E1FBBC0AFCAA62A2F.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BLaKFpUd6fnt4Pn4AedZTS86SJWqVcK1BzsThC2dYhGe/0/3138372e3132312e3233362e302f32322d3232203d3e203238323936.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  187.121.236.0/22

    Signature Algorithm: sha256WithRSAEncryption
         60:bd:5c:d7:6a:db:0f:eb:6e:df:da:66:6a:be:6d:4e:7d:e8:
         17:f2:b2:d8:3c:6a:0c:1c:9e:db:cb:fc:bd:a3:bf:3e:1c:c6:
         d7:17:82:6f:ec:61:5d:79:93:4d:a8:9b:1a:ab:34:5a:0e:41:
         14:20:78:16:af:49:d0:0e:33:af:35:8d:52:1e:76:5b:e6:47:
         05:ec:d6:df:d5:7f:91:10:61:31:62:f1:21:40:c7:1b:85:5a:
         22:22:13:a4:1c:41:d7:1d:16:61:be:fb:ef:f9:c0:fb:ec:67:
         55:9a:a0:b1:45:21:10:1e:46:ff:95:35:ac:96:c5:82:54:4b:
         76:3d:e7:2f:61:dd:10:5c:dc:a1:3e:63:b6:5a:aa:c5:3e:cf:
         93:49:37:09:99:62:35:69:67:79:1e:b4:69:6c:5c:f1:1b:42:
         76:f3:58:74:b5:ce:c9:d9:b9:91:71:9e:09:b5:b2:b3:3a:32:
         a9:95:36:68:15:79:b5:a7:3e:88:c4:05:b5:70:75:2e:e6:d9:
         59:ee:f6:1b:b6:fa:05:4f:58:7a:29:bd:aa:8b:b4:a6:f7:39:
         1d:33:91:43:fe:4d:8f:01:a3:cb:d9:be:e9:5e:c6:1d:ec:e9:
         22:03:e5:59:8b:4b:31:b0:ad:f1:43:82:22:d1:69:50:e0:df:
         15:95:b2:27
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUYRHydkyZkMdEkMTTE9wbykwu940wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzBCOUM2NTgyM0I1MjkxMjEzMzM1NjVFMUZCQkMwQUZD
QUE2MkEyRjAeFw0yNTEwMDMwMjI0MDhaFw0yNjEwMDIwMjI5MDhaMDMxMTAvBgNV
BAMTKEFBNjdGQjI4NDBDNDM0RjYzQTVENDEwODkxNkNEMjU5NUMwQkNCRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv9BTbrle3eYi2K5Z1f2sFqNuG
fEzQqtddI8yRlSxT71q33kyZnR7UYjrp0MW7UFZ7RTJlv8wU/RBY5Nf+cpLHQI9Q
COs8EeFuVDteocg7cBgmW7p9ItPRWijwi/70nZ5quoL6KQZb673T3tlPpizgjGSu
T9GCpRFUwf+LNcFVfyHon2d6HeMw0wBHRYZXJXw2WCHAZqIIElLviS3EZiabvaHm
mYmOcOGjaVNNjG4yvhoiGqdbmJe8GoLeRzEZKZIaZXTPO+WvmxLwOohlywuUJZnZ
EbwBGU+bF9b5uem9nxpUlr2tAnheW73GpDQiEgrFY/yMUZFjAt7atdVNOl+bAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUqmf7KEDENPY6XUEIkWzSWVwLy+EwHwYDVR0j
BBgwFoAUcLnGWCO1KRITM1ZeH7vAr8qmKi8wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQkxhS0ZwVWQ2Zm50NFBuNEFlZFpUUzg2U0pXcVZjSzFCenNUaEMyZFlo
R2UvMC83MEI5QzY1ODIzQjUyOTEyMTMzMzU2NUUxRkJCQzBBRkNBQTYyQTJGLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzcwQjlDNjU4MjNCNTI5MTIx
MzMzNTY1RTFGQkJDMEFGQ0FBNjJBMkYuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JMYUtGcFVkNmZudDRQbjRBZWRaVFM4NlNKV3FWY0sxQnpzVGhDMmRZaEdlLzAv
MzEzODM3MmUzMTMyMzEyZTMyMzMzNjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMy
MzgzMjM5MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAK7eewwDQYJKoZIhvcNAQELBQADggEBAGC9XNdq
2w/rbt/aZmq+bU596Bfystg8agwcntvL/L2jvz4cxtcXgm/sYV15k02omxqrNFoO
QRQgeBavSdAOM681jVIedlvmRwXs1t/Vf5EQYTFi8SFAxxuFWiIiE6QcQdcdFmG+
++/5wPvsZ1WaoLFFIRAeRv+VNayWxYJUS3Y95y9h3RBc3KE+Y7ZaqsU+z5NJNwmZ
YjVpZ3ketGlsXPEbQnbzWHS1zsnZuZFxngm1srM6MqmVNmgVebWnPojEBbVwdS7m
2Vnu9hu2+gVPWHopvaqLtKb3OR0zkUP+TY8Bo8vZvulexh3s6SID5VmLSzGwrfFD
giLRaVDg3xWVsic=
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:51:25 2025 by rpki-client