Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/5UJeW19SWFVDVaD6uPCnKSa5KWPmz1SUJ8wdscYd55Ym/0/3136382e3139372e3131362e302f32322d3332203d3e20323635343831.roa
File:                     3136382e3139372e3131362e302f32322d3332203d3e20323635343831.roa (raw, json)
Hash identifier:          3WX5ElCmBhRGqS3JRwERpfP2ixRdVhG1nwFEdENorYQ=
Subject key identifier:   40:DB:46:89:DD:2C:77:0E:4A:D7:12:E7:12:C1:D3:FD:76:ED:E0:99
Certificate issuer:       /CN=C4D748B22201EF73DDF479CE61008E34630A4EBA
Certificate serial:       19E181AFB77BC6296BF2F0B421237EB9FACB42F0
Authority key identifier: C4:D7:48:B2:22:01:EF:73:DD:F4:79:CE:61:00:8E:34:63:0A:4E:BA
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C4D748B22201EF73DDF479CE61008E34630A4EBA.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/5UJeW19SWFVDVaD6uPCnKSa5KWPmz1SUJ8wdscYd55Ym/0/3136382e3139372e3131362e302f32322d3332203d3e20323635343831.roa
Signing time:             Mon 31 Mar 2025 23:39:16 +0000
ROA not before:           Mon 31 Mar 2025 23:34:16 +0000
ROA not after:            Mon 30 Mar 2026 23:39:16 +0000
asID:                     265481
IP address blocks:        168.197.116.0/22 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/5UJeW19SWFVDVaD6uPCnKSa5KWPmz1SUJ8wdscYd55Ym/0/C4D748B22201EF73DDF479CE61008E34630A4EBA.crl
                          rsync://rpki-repo.registro.br/repo/5UJeW19SWFVDVaD6uPCnKSa5KWPmz1SUJ8wdscYd55Ym/0/C4D748B22201EF73DDF479CE61008E34630A4EBA.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C4D748B22201EF73DDF479CE61008E34630A4EBA.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 27 Apr 2025 05:14:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:e1:81:af:b7:7b:c6:29:6b:f2:f0:b4:21:23:7e:b9:fa:cb:42:f0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C4D748B22201EF73DDF479CE61008E34630A4EBA
        Validity
            Not Before: Mar 31 23:34:16 2025 GMT
            Not After : Mar 30 23:39:16 2026 GMT
        Subject: CN=40DB4689DD2C770E4AD712E712C1D3FD76EDE099
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:93:e4:14:1f:db:30:86:f7:d2:33:cf:dd:dc:
                    15:67:c2:b0:a1:32:e6:d0:80:b5:1f:99:07:8c:df:
                    65:08:fe:c7:a7:4f:23:3e:eb:b1:86:f6:98:d8:b5:
                    7b:86:48:15:f1:f6:80:eb:4f:c5:d2:a8:1d:01:b3:
                    62:16:14:b8:fb:95:b8:55:46:8c:c6:fa:ef:5f:24:
                    d6:1d:50:98:3a:ca:80:01:fc:13:3b:c2:aa:f0:9e:
                    6c:3b:6b:2c:7b:41:c8:9d:65:57:6f:94:e0:c6:dc:
                    55:09:20:ec:9c:8b:84:36:7c:b4:f1:0b:e2:52:8d:
                    f2:e3:ab:ee:30:29:d2:3f:5a:ec:8d:dd:25:85:5d:
                    23:e9:1d:98:7e:43:59:17:0e:91:47:d3:28:7c:7a:
                    8b:bc:59:47:b5:aa:5c:3f:f0:89:2c:bd:a4:c5:e3:
                    90:91:fd:24:25:2a:8d:e0:fc:4c:7e:fd:87:03:36:
                    ae:d2:34:42:5f:6f:8d:43:65:12:98:66:7c:cd:a0:
                    79:99:15:20:66:1f:ef:8a:2f:27:a0:61:1b:1f:b3:
                    21:c8:19:e5:7b:64:b6:84:6a:d0:2b:22:59:6f:0c:
                    89:c4:8c:03:5e:df:e6:9d:58:6a:55:b2:c5:27:33:
                    07:b9:cf:17:df:ba:68:e8:cb:26:77:d2:2f:fb:00:
                    e3:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                40:DB:46:89:DD:2C:77:0E:4A:D7:12:E7:12:C1:D3:FD:76:ED:E0:99
            X509v3 Authority Key Identifier:
                keyid:C4:D7:48:B2:22:01:EF:73:DD:F4:79:CE:61:00:8E:34:63:0A:4E:BA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/5UJeW19SWFVDVaD6uPCnKSa5KWPmz1SUJ8wdscYd55Ym/0/C4D748B22201EF73DDF479CE61008E34630A4EBA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C4D748B22201EF73DDF479CE61008E34630A4EBA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/5UJeW19SWFVDVaD6uPCnKSa5KWPmz1SUJ8wdscYd55Ym/0/3136382e3139372e3131362e302f32322d3332203d3e20323635343831.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.197.116.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4a:00:ad:0b:fa:f6:24:c6:f1:af:33:9c:cc:0c:79:da:9f:53:
         fc:68:35:7e:62:11:8f:cf:15:dc:9b:17:d8:88:3f:72:79:bf:
         84:d3:32:b2:bf:6a:3c:9c:7f:8e:94:ca:48:dd:a6:92:30:02:
         5c:8e:7c:46:93:be:ab:5f:fb:0f:8f:6b:62:22:2c:92:3b:d4:
         8a:c0:7c:bd:47:03:f4:88:40:85:c7:61:82:76:ec:3e:bf:47:
         45:cd:e4:5f:b8:b7:a2:db:c7:e4:09:7b:7f:90:22:4a:21:dd:
         47:f7:f9:8a:55:c9:90:f3:c2:f2:0e:68:2e:2e:ee:89:3e:a9:
         4d:f8:03:df:30:53:ad:a8:73:d6:2a:bf:34:f6:b7:ac:5e:b5:
         ba:03:91:35:15:72:3d:4a:70:b0:1a:72:6a:88:b2:96:65:5b:
         74:c9:34:7f:71:96:23:78:6a:ac:45:1f:70:1c:65:81:94:5f:
         fe:86:d2:94:23:b4:7d:0e:b8:7b:18:55:6d:ec:f6:91:26:53:
         52:e4:c7:a4:4e:48:30:e9:cd:af:c7:a0:5f:53:95:33:9b:0b:
         fe:73:c7:d6:30:6d:79:15:da:17:cf:b4:04:1f:8a:a1:fe:86:
         b3:d5:2f:2a:60:59:4d:54:9f:bc:65:38:ef:89:7c:ab:66:91:
         ee:0e:f1:36
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUGeGBr7d7xilr8vC0ISN+ufrLQvAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzRENzQ4QjIyMjAxRUY3M0RERjQ3OUNFNjEwMDhFMzQ2
MzBBNEVCQTAeFw0yNTAzMzEyMzM0MTZaFw0yNjAzMzAyMzM5MTZaMDMxMTAvBgNV
BAMTKDQwREI0Njg5REQyQzc3MEU0QUQ3MTJFNzEyQzFEM0ZENzZFREUwOTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvk+QUH9swhvfSM8/d3BVnwrCh
MubQgLUfmQeM32UI/senTyM+67GG9pjYtXuGSBXx9oDrT8XSqB0Bs2IWFLj7lbhV
RozG+u9fJNYdUJg6yoAB/BM7wqrwnmw7ayx7QcidZVdvlODG3FUJIOyci4Q2fLTx
C+JSjfLjq+4wKdI/WuyN3SWFXSPpHZh+Q1kXDpFH0yh8eou8WUe1qlw/8IksvaTF
45CR/SQlKo3g/Ex+/YcDNq7SNEJfb41DZRKYZnzNoHmZFSBmH++KLyegYRsfsyHI
GeV7ZLaEatArIllvDInEjANe3+adWGpVssUnMwe5zxffumjoyyZ30i/7AOO1AgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUQNtGid0sdw5K1xLnEsHT/Xbt4JkwHwYDVR0j
BBgwFoAUxNdIsiIB73Pd9HnOYQCONGMKTrowDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNVVKZVcxOVNXRlZEVmFENnVQQ25LU2E1S1dQbXoxU1VKOHdkc2NZZDU1
WW0vMC9DNEQ3NDhCMjIyMDFFRjczRERGNDc5Q0U2MTAwOEUzNDYzMEE0RUJBLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0M0RDc0OEIyMjIwMUVGNzNE
REY0NzlDRTYxMDA4RTM0NjMwQTRFQkEuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzVVSmVXMTlTV0ZWRFZhRDZ1UENuS1NhNUtXUG16MVNVSjh3ZHNjWWQ1NVltLzAv
MzEzNjM4MmUzMTM5MzcyZTMxMzEzNjJlMzAyZjMyMzIyZDMzMzIyMDNkM2UyMDMy
MzYzNTM0MzgzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAqjFdDANBgkqhkiG9w0BAQsFAAOCAQEASgCt
C/r2JMbxrzOczAx52p9T/Gg1fmIRj88V3JsX2Ig/cnm/hNMysr9qPJx/jpTKSN2m
kjACXI58RpO+q1/7D49rYiIskjvUisB8vUcD9IhAhcdhgnbsPr9HRc3kX7i3otvH
5Al7f5AiSiHdR/f5ilXJkPPC8g5oLi7uiT6pTfgD3zBTrahz1iq/NPa3rF61ugOR
NRVyPUpwsBpyaoiylmVbdMk0f3GWI3hqrEUfcBxlgZRf/obSlCO0fQ64exhVbez2
kSZTUuTHpE5IMOnNr8egX1OVM5sL/nPH1jBteRXaF8+0BB+Kof6Gs9UvKmBZTVSf
vGU474l8q2aR7g7xNg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 06:14:44 2025 by rpki-client on console.sobornost.net