Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/CJhG6X9jdPGAtdPRz66yts2chEbhZAhbgpTYFCeMBuYj/0/3137372e38342e36342e302f32312d3332203d3e203238313731.roa
File:                     3137372e38342e36342e302f32312d3332203d3e203238313731.roa (raw, json)
Hash identifier:          U0dKlcKKr/hLfu/RHEWfMLWA36Y5pKohdXoqmaps2fk=
Subject key identifier:   81:52:08:4C:D4:D0:6C:D3:4E:DC:2C:18:8E:1D:BA:C4:2E:9C:AC:09
Certificate issuer:       /CN=F61AA6D04968E2222C81499C46D03813F1070400
Certificate serial:       144E17570AAAB53E5E664C041FABD66DEE06FD47
Authority key identifier: F6:1A:A6:D0:49:68:E2:22:2C:81:49:9C:46:D0:38:13:F1:07:04:00
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/F61AA6D04968E2222C81499C46D03813F1070400.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/CJhG6X9jdPGAtdPRz66yts2chEbhZAhbgpTYFCeMBuYj/0/3137372e38342e36342e302f32312d3332203d3e203238313731.roa
Signing time:             Tue 09 Sep 2025 06:40:37 +0000
ROA not before:           Tue 09 Sep 2025 06:35:37 +0000
ROA not after:            Tue 08 Sep 2026 06:40:37 +0000
asID:                     28171
IP address blocks:        177.84.64.0/21 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/CJhG6X9jdPGAtdPRz66yts2chEbhZAhbgpTYFCeMBuYj/0/F61AA6D04968E2222C81499C46D03813F1070400.crl
                          rsync://rpki-repo.registro.br/repo/CJhG6X9jdPGAtdPRz66yts2chEbhZAhbgpTYFCeMBuYj/0/F61AA6D04968E2222C81499C46D03813F1070400.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/F61AA6D04968E2222C81499C46D03813F1070400.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 21 Oct 2025 20:41:32 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:4e:17:57:0a:aa:b5:3e:5e:66:4c:04:1f:ab:d6:6d:ee:06:fd:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F61AA6D04968E2222C81499C46D03813F1070400
        Validity
            Not Before: Sep  9 06:35:37 2025 GMT
            Not After : Sep  8 06:40:37 2026 GMT
        Subject: CN=8152084CD4D06CD34EDC2C188E1DBAC42E9CAC09
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:97:0e:64:d2:cd:0a:0f:bf:9f:0c:97:ca:d6:
                    99:d0:ea:f4:8f:d7:60:93:c8:23:ae:d9:dc:e8:dc:
                    77:69:d0:50:5c:13:0d:b9:4b:4d:f7:49:ab:20:41:
                    2f:c1:7a:5e:f6:31:43:14:bf:9b:25:19:f3:86:18:
                    11:74:bc:cb:d6:22:cf:cf:cc:c8:9e:ec:95:c2:d3:
                    16:f6:8f:73:6f:6c:e9:e8:3f:fd:a7:70:1f:3c:ed:
                    73:45:40:d3:1a:0b:ed:11:50:3f:2a:81:53:80:5a:
                    d9:a9:11:df:dd:a0:0b:13:78:78:53:75:7d:6e:8d:
                    0d:4a:2b:73:04:86:b1:82:06:0a:75:40:6a:8c:7e:
                    96:4c:c7:48:32:10:6e:8a:ef:f0:f8:3f:d8:d4:79:
                    61:6a:28:aa:3a:9e:11:6d:41:0a:32:8e:9e:b0:00:
                    08:82:95:be:2e:88:14:f3:5b:71:90:b2:3c:f1:9a:
                    57:11:1f:dc:fb:b2:6b:c0:b5:12:cc:d9:53:74:af:
                    5d:67:c8:ea:a9:ad:a5:60:8e:5e:ac:fa:08:2e:c8:
                    2e:c4:d7:c6:90:0a:ad:a0:0a:d7:fb:64:70:bb:f0:
                    9c:0e:60:b9:f6:b7:7b:b7:47:40:71:b0:7d:af:ea:
                    42:75:a1:a2:f0:d1:5f:3f:27:2a:b6:7e:80:21:24:
                    f8:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:52:08:4C:D4:D0:6C:D3:4E:DC:2C:18:8E:1D:BA:C4:2E:9C:AC:09
            X509v3 Authority Key Identifier:
                keyid:F6:1A:A6:D0:49:68:E2:22:2C:81:49:9C:46:D0:38:13:F1:07:04:00

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/CJhG6X9jdPGAtdPRz66yts2chEbhZAhbgpTYFCeMBuYj/0/F61AA6D04968E2222C81499C46D03813F1070400.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/F61AA6D04968E2222C81499C46D03813F1070400.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/CJhG6X9jdPGAtdPRz66yts2chEbhZAhbgpTYFCeMBuYj/0/3137372e38342e36342e302f32312d3332203d3e203238313731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.84.64.0/21

    Signature Algorithm: sha256WithRSAEncryption
         3a:43:62:69:11:de:8e:59:12:90:7f:34:7d:ff:ad:97:d5:ae:
         72:3f:ba:63:de:6e:5d:4a:ba:27:64:f1:74:36:5c:d0:c5:ee:
         e5:a0:f8:5d:f0:27:20:00:ad:2d:96:97:92:78:44:7c:29:b4:
         c6:0b:21:a3:7f:e6:a1:9b:1f:cf:94:6d:76:e8:e9:f1:78:a7:
         74:59:69:cf:e1:0e:96:36:15:b5:be:fe:c8:b7:74:96:f9:dd:
         10:3a:c5:3f:a8:65:da:28:b2:65:9d:69:23:27:1a:2d:63:6a:
         b5:e3:48:1f:0c:33:20:1c:a1:da:de:07:66:fa:d4:51:be:eb:
         c2:52:ea:c3:7f:1e:7e:35:61:83:36:d9:33:8e:20:c9:eb:a3:
         b7:66:6d:6a:ce:e0:0e:78:6b:f8:ef:e2:55:fa:c1:75:eb:5a:
         5f:ff:12:34:14:cf:7a:6f:f0:0d:7d:89:dd:d7:f2:26:1c:eb:
         13:f9:1c:ff:fb:08:9a:52:42:39:66:d1:db:27:f8:63:2e:3f:
         74:98:33:e7:c5:5e:7f:14:d2:80:ff:10:0a:ec:85:4b:23:ff:
         31:0c:9f:86:56:b6:b9:af:2a:f6:a1:9f:f1:63:6d:18:79:f0:
         12:fb:26:88:8c:46:a1:ac:8a:f9:25:59:e8:43:b5:92:76:4e:
         02:73:30:91
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUFE4XVwqqtT5eZkwEH6vWbe4G/UcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjYxQUE2RDA0OTY4RTIyMjJDODE0OTlDNDZEMDM4MTNG
MTA3MDQwMDAeFw0yNTA5MDkwNjM1MzdaFw0yNjA5MDgwNjQwMzdaMDMxMTAvBgNV
BAMTKDgxNTIwODRDRDREMDZDRDM0RURDMkMxODhFMURCQUM0MkU5Q0FDMDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCplw5k0s0KD7+fDJfK1pnQ6vSP
12CTyCOu2dzo3Hdp0FBcEw25S033SasgQS/Bel72MUMUv5slGfOGGBF0vMvWIs/P
zMie7JXC0xb2j3NvbOnoP/2ncB887XNFQNMaC+0RUD8qgVOAWtmpEd/doAsTeHhT
dX1ujQ1KK3MEhrGCBgp1QGqMfpZMx0gyEG6K7/D4P9jUeWFqKKo6nhFtQQoyjp6w
AAiClb4uiBTzW3GQsjzxmlcRH9z7smvAtRLM2VN0r11nyOqpraVgjl6s+gguyC7E
18aQCq2gCtf7ZHC78JwOYLn2t3u3R0BxsH2v6kJ1oaLw0V8/Jyq2foAhJPgjAgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUgVIITNTQbNNO3CwYjh26xC6crAkwHwYDVR0j
BBgwFoAU9hqm0Elo4iIsgUmcRtA4E/EHBAAwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQ0poRzZYOWpkUEdBdGRQUno2Nnl0czJjaEViaFpBaGJncFRZRkNlTUJ1
WWovMC9GNjFBQTZEMDQ5NjhFMjIyMkM4MTQ5OUM0NkQwMzgxM0YxMDcwNDAwLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0Y2MUFBNkQwNDk2OEUyMjIy
QzgxNDk5QzQ2RDAzODEzRjEwNzA0MDAuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0NKaEc2WDlqZFBHQXRkUFJ6NjZ5dHMyY2hFYmhaQWhiZ3BUWUZDZU1CdVlqLzAv
MzEzNzM3MmUzODM0MmUzNjM0MmUzMDJmMzIzMTJkMzMzMjIwM2QzZTIwMzIzODMx
MzczMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB
/wQQMA4wDAQCAAEwBgMEA7FUQDANBgkqhkiG9w0BAQsFAAOCAQEAOkNiaRHejlkS
kH80ff+tl9Wucj+6Y95uXUq6J2TxdDZc0MXu5aD4XfAnIACtLZaXknhEfCm0xgsh
o3/moZsfz5Rtdujp8XindFlpz+EOljYVtb7+yLd0lvndEDrFP6hl2iiyZZ1pIyca
LWNqteNIHwwzIByh2t4HZvrUUb7rwlLqw38efjVhgzbZM44gyeujt2Ztas7gDnhr
+O/iVfrBdetaX/8SNBTPem/wDX2J3dfyJhzrE/kc//sImlJCOWbR2yf4Yy4/dJgz
58VefxTSgP8QCuyFSyP/MQyfhla2ua8q9qGf8WNtGHnwEvsmiIxGoayK+SVZ6EO1
knZOAnMwkQ==
-----END CERTIFICATE-----
Generated at Tue Oct 21 00:39:15 2025 by rpki-client