Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/EpA7E8V1ypmKjGy5gbK8YJMPiwx2mxmT4M7PmLxUiHiP/0/3132382e3230312e34302e302f32342d3234203d3e20323636363531.roa
File:                     3132382e3230312e34302e302f32342d3234203d3e20323636363531.roa (raw, json)
Hash identifier:          xBspFIvvQcExKAo/nd4giRNDUHi8wecs3/3QxXS1Pyc=
Subject key identifier:   12:59:13:DA:2C:9B:5B:5A:B3:BA:06:EB:B6:DD:DB:59:2B:6C:F1:8A
Certificate issuer:       /CN=652B30E6DC4E618B4E74D3B661B8AC39694AFF27
Certificate serial:       1C8BDED9812C7FDE5C8D584FE0A794018D8B5983
Authority key identifier: 65:2B:30:E6:DC:4E:61:8B:4E:74:D3:B6:61:B8:AC:39:69:4A:FF:27
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/652B30E6DC4E618B4E74D3B661B8AC39694AFF27.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/EpA7E8V1ypmKjGy5gbK8YJMPiwx2mxmT4M7PmLxUiHiP/0/3132382e3230312e34302e302f32342d3234203d3e20323636363531.roa
Signing time:             Thu 26 Jun 2025 18:20:06 +0000
ROA not before:           Thu 26 Jun 2025 18:15:06 +0000
ROA not after:            Thu 25 Jun 2026 18:20:06 +0000
asID:                     266651
IP address blocks:        128.201.40.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/EpA7E8V1ypmKjGy5gbK8YJMPiwx2mxmT4M7PmLxUiHiP/0/652B30E6DC4E618B4E74D3B661B8AC39694AFF27.crl
                          rsync://rpki-repo.registro.br/repo/EpA7E8V1ypmKjGy5gbK8YJMPiwx2mxmT4M7PmLxUiHiP/0/652B30E6DC4E618B4E74D3B661B8AC39694AFF27.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/652B30E6DC4E618B4E74D3B661B8AC39694AFF27.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 03 Jul 2025 02:20:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:8b:de:d9:81:2c:7f:de:5c:8d:58:4f:e0:a7:94:01:8d:8b:59:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=652B30E6DC4E618B4E74D3B661B8AC39694AFF27
        Validity
            Not Before: Jun 26 18:15:06 2025 GMT
            Not After : Jun 25 18:20:06 2026 GMT
        Subject: CN=125913DA2C9B5B5AB3BA06EBB6DDDB592B6CF18A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:9b:2a:ce:4c:7c:8b:32:8d:a9:6d:23:9c:f3:
                    c9:c3:eb:b5:6f:e7:45:eb:15:0b:9d:de:7b:77:ae:
                    b0:f9:c6:6f:2b:38:68:2a:3f:e1:db:69:f0:f4:3d:
                    66:70:87:39:67:67:49:f9:1d:ed:b5:a6:f5:f2:f7:
                    ae:5f:53:9b:4a:4e:03:cf:20:6e:c0:96:82:bd:84:
                    cb:fd:dc:df:b9:c2:33:1a:0e:c1:77:88:b4:96:0e:
                    4f:aa:a9:9a:3c:f4:5d:de:b6:c6:7a:a0:49:bb:d2:
                    85:43:c9:e4:3d:56:36:11:45:4d:f3:05:ce:c0:d2:
                    51:04:59:95:bb:65:3b:c5:e5:80:65:01:cf:bc:f0:
                    5c:8e:a9:14:16:d6:96:7e:80:ab:8e:e3:b3:f0:56:
                    ee:0d:46:67:e7:a2:b7:32:60:c9:0f:58:8b:37:60:
                    1c:8e:33:a8:81:20:54:20:5d:5c:81:1c:c1:4c:93:
                    a2:0c:9c:41:57:2a:fd:93:fd:04:8e:c6:f8:ef:ee:
                    c1:23:3a:2c:31:71:0f:e5:6b:d5:7d:0e:23:dc:a5:
                    8c:76:9d:86:9b:9c:c4:01:b3:63:ff:af:db:2d:47:
                    1c:02:5d:87:3e:d6:98:5a:27:aa:d7:60:a6:28:db:
                    a4:70:12:6d:ea:55:ef:95:ae:a5:08:68:09:41:9d:
                    43:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                12:59:13:DA:2C:9B:5B:5A:B3:BA:06:EB:B6:DD:DB:59:2B:6C:F1:8A
            X509v3 Authority Key Identifier:
                keyid:65:2B:30:E6:DC:4E:61:8B:4E:74:D3:B6:61:B8:AC:39:69:4A:FF:27

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/EpA7E8V1ypmKjGy5gbK8YJMPiwx2mxmT4M7PmLxUiHiP/0/652B30E6DC4E618B4E74D3B661B8AC39694AFF27.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/652B30E6DC4E618B4E74D3B661B8AC39694AFF27.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/EpA7E8V1ypmKjGy5gbK8YJMPiwx2mxmT4M7PmLxUiHiP/0/3132382e3230312e34302e302f32342d3234203d3e20323636363531.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  128.201.40.0/24

    Signature Algorithm: sha256WithRSAEncryption
         2e:8f:34:ad:62:20:91:0c:46:fe:2a:de:df:f8:0e:38:92:c4:
         da:cb:51:80:c8:10:ee:85:10:3d:99:da:6f:36:99:7f:56:bf:
         c1:13:92:4b:d5:b6:3c:3f:0d:a9:a1:bf:b1:a6:31:0f:a2:f9:
         39:ae:e0:b8:c3:fd:9c:13:7b:b9:12:5c:e1:3c:ab:f7:d8:b2:
         0d:41:01:1c:cc:31:45:90:95:93:a8:4c:27:b6:05:ec:8a:2b:
         5d:50:a8:17:76:85:07:43:d8:52:10:fe:70:01:b5:b8:c4:ee:
         25:dd:e8:a1:58:2d:96:62:99:de:cb:61:25:87:c1:55:b1:9f:
         b6:7f:ab:fa:9c:2d:d6:a4:1d:11:6a:6e:8e:a5:ce:2d:34:db:
         04:d8:0f:48:5d:fd:2a:84:51:46:b9:b5:2b:3f:c9:51:5a:4a:
         27:24:5d:44:7a:fc:94:e1:4a:79:ae:80:58:a4:48:07:0e:4e:
         90:9b:b6:fe:10:7a:79:6d:c9:3a:45:6b:82:70:e1:7a:5b:5d:
         6a:32:aa:a5:3c:d2:ee:ea:97:d7:a0:13:0a:3d:ad:04:a5:4d:
         d0:96:7e:cb:e5:da:db:33:a3:bb:c0:b4:96:04:3b:6c:4f:bf:
         d2:3c:50:84:67:00:8e:83:84:b5:04:51:ac:55:47:c1:af:54:
         4c:58:3c:5d
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUHIve2YEsf95cjVhP4KeUAY2LWYMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjUyQjMwRTZEQzRFNjE4QjRFNzREM0I2NjFCOEFDMzk2
OTRBRkYyNzAeFw0yNTA2MjYxODE1MDZaFw0yNjA2MjUxODIwMDZaMDMxMTAvBgNV
BAMTKDEyNTkxM0RBMkM5QjVCNUFCM0JBMDZFQkI2REREQjU5MkI2Q0YxOEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBmyrOTHyLMo2pbSOc88nD67Vv
50XrFQud3nt3rrD5xm8rOGgqP+HbafD0PWZwhzlnZ0n5He21pvXy965fU5tKTgPP
IG7AloK9hMv93N+5wjMaDsF3iLSWDk+qqZo89F3etsZ6oEm70oVDyeQ9VjYRRU3z
Bc7A0lEEWZW7ZTvF5YBlAc+88FyOqRQW1pZ+gKuO47PwVu4NRmfnorcyYMkPWIs3
YByOM6iBIFQgXVyBHMFMk6IMnEFXKv2T/QSOxvjv7sEjOiwxcQ/la9V9DiPcpYx2
nYabnMQBs2P/r9stRxwCXYc+1phaJ6rXYKYo26RwEm3qVe+VrqUIaAlBnUNLAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUElkT2iybW1qzugbrtt3bWSts8YowHwYDVR0j
BBgwFoAUZSsw5txOYYtOdNO2YbisOWlK/ycwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRXBBN0U4VjF5cG1Lakd5NWdiSzhZSk1QaXd4Mm14bVQ0TTdQbUx4VWlI
aVAvMC82NTJCMzBFNkRDNEU2MThCNEU3NEQzQjY2MUI4QUMzOTY5NEFGRjI3LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzY1MkIzMEU2REM0RTYxOEI0
RTc0RDNCNjYxQjhBQzM5Njk0QUZGMjcuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0VwQTdFOFYxeXBtS2pHeTVnYks4WUpNUGl3eDJteG1UNE03UG1MeFVpSGlQLzAv
MzEzMjM4MmUzMjMwMzEyZTM0MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2
MzYzNjM1MzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBACAySgwDQYJKoZIhvcNAQELBQADggEBAC6PNK1i
IJEMRv4q3t/4DjiSxNrLUYDIEO6FED2Z2m82mX9Wv8ETkkvVtjw/Damhv7GmMQ+i
+Tmu4LjD/ZwTe7kSXOE8q/fYsg1BARzMMUWQlZOoTCe2BeyKK11QqBd2hQdD2FIQ
/nABtbjE7iXd6KFYLZZimd7LYSWHwVWxn7Z/q/qcLdakHRFqbo6lzi002wTYD0hd
/SqEUUa5tSs/yVFaSickXUR6/JThSnmugFikSAcOTpCbtv4QenltyTpFa4Jw4Xpb
XWoyqqU80u7ql9egEwo9rQSlTdCWfsvl2tszo7vAtJYEO2xPv9I8UIRnAI6DhLUE
UaxVR8GvVExYPF0=
-----END CERTIFICATE-----
Generated at Wed Jul 2 11:40:03 2025 by rpki-client