Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/8GXch2noBdkGkjhNM9mugRsgakpK9DptHfQjcH6FWWcm/0/3136382e3138312e3133322e302f32322d3332203d3e20323634383632.roa
File:                     3136382e3138312e3133322e302f32322d3332203d3e20323634383632.roa (raw, json)
Hash identifier:          jK4KZk9GpmyY6DV5imhyMSK8gnX/EJeWy4ICZUOtRSw=
Subject key identifier:   16:96:8F:41:33:28:86:B2:3F:9D:44:4F:64:5D:03:4B:15:92:AA:C0
Certificate issuer:       /CN=8E52C3EE0E4E1482F1ECB7069F3B7A344EA0DDB2
Certificate serial:       20B8B47FD996B4B2A8BD3383E016EFAEB5D0D103
Authority key identifier: 8E:52:C3:EE:0E:4E:14:82:F1:EC:B7:06:9F:3B:7A:34:4E:A0:DD:B2
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8E52C3EE0E4E1482F1ECB7069F3B7A344EA0DDB2.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/8GXch2noBdkGkjhNM9mugRsgakpK9DptHfQjcH6FWWcm/0/3136382e3138312e3133322e302f32322d3332203d3e20323634383632.roa
Signing time:             Fri 25 Apr 2025 18:57:12 +0000
ROA not before:           Fri 25 Apr 2025 18:52:12 +0000
ROA not after:            Fri 24 Apr 2026 18:57:12 +0000
asID:                     264862
IP address blocks:        168.181.132.0/22 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/8GXch2noBdkGkjhNM9mugRsgakpK9DptHfQjcH6FWWcm/0/8E52C3EE0E4E1482F1ECB7069F3B7A344EA0DDB2.crl
                          rsync://rpki-repo.registro.br/repo/8GXch2noBdkGkjhNM9mugRsgakpK9DptHfQjcH6FWWcm/0/8E52C3EE0E4E1482F1ECB7069F3B7A344EA0DDB2.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8E52C3EE0E4E1482F1ECB7069F3B7A344EA0DDB2.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 27 Apr 2025 13:22:53 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:b8:b4:7f:d9:96:b4:b2:a8:bd:33:83:e0:16:ef:ae:b5:d0:d1:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8E52C3EE0E4E1482F1ECB7069F3B7A344EA0DDB2
        Validity
            Not Before: Apr 25 18:52:12 2025 GMT
            Not After : Apr 24 18:57:12 2026 GMT
        Subject: CN=16968F41332886B23F9D444F645D034B1592AAC0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:71:5c:f3:5d:15:b1:43:fd:0b:f0:76:9b:42:
                    f1:50:3c:1d:bd:a5:c7:d0:a1:bc:93:6d:db:25:25:
                    c7:47:4c:6d:25:0f:88:47:c6:12:3b:d9:be:58:ff:
                    22:ec:08:ba:20:53:06:24:d0:77:60:96:aa:ac:cb:
                    01:5d:3f:97:c6:d1:24:f9:21:93:27:ff:b2:bb:f0:
                    19:cc:c3:66:39:fe:da:22:f7:5b:b8:10:85:48:af:
                    fa:17:be:44:ac:82:a1:a1:7f:cb:40:f0:f6:cd:36:
                    12:ff:1b:56:61:e3:9d:25:8e:37:d2:27:74:eb:fc:
                    46:7b:3c:50:97:46:14:3f:93:c8:63:23:f1:e3:b9:
                    94:6e:f2:9e:a9:c7:50:e4:d9:e2:c6:d9:90:46:ec:
                    d2:19:44:e5:20:b6:b8:85:b5:4f:52:74:99:9a:0e:
                    d7:00:35:0b:67:d2:0c:b9:ae:4f:59:d3:6e:6c:d7:
                    58:9e:27:c2:fe:9c:fb:f9:38:64:b3:42:96:85:fd:
                    19:b6:fe:a3:af:17:60:3e:17:ea:59:c4:74:d5:66:
                    e3:b0:d9:16:c3:63:b7:ae:6a:86:ee:f5:42:eb:82:
                    48:c7:a7:89:f5:a1:2f:31:e0:cf:0b:c6:d2:23:f9:
                    00:a2:1f:a7:50:96:c0:6d:2f:69:d1:dd:50:d9:ab:
                    76:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:96:8F:41:33:28:86:B2:3F:9D:44:4F:64:5D:03:4B:15:92:AA:C0
            X509v3 Authority Key Identifier:
                keyid:8E:52:C3:EE:0E:4E:14:82:F1:EC:B7:06:9F:3B:7A:34:4E:A0:DD:B2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/8GXch2noBdkGkjhNM9mugRsgakpK9DptHfQjcH6FWWcm/0/8E52C3EE0E4E1482F1ECB7069F3B7A344EA0DDB2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8E52C3EE0E4E1482F1ECB7069F3B7A344EA0DDB2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/8GXch2noBdkGkjhNM9mugRsgakpK9DptHfQjcH6FWWcm/0/3136382e3138312e3133322e302f32322d3332203d3e20323634383632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.181.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         6b:59:75:ae:87:65:27:fc:bf:f4:30:9d:9c:0c:b2:62:2e:cd:
         0a:20:a3:17:fb:56:35:04:67:9d:69:2a:c2:f0:08:08:35:91:
         ee:8c:88:bd:25:4b:6c:eb:a7:f5:2d:88:6a:1f:52:06:36:c8:
         1a:40:10:b1:ca:8e:d0:02:cc:8c:83:bb:1a:04:7d:f1:f2:89:
         77:64:2a:af:f0:23:da:24:19:e6:9d:aa:90:45:46:5e:da:75:
         c1:90:20:24:4f:e1:66:7f:0c:8a:3d:5c:3f:cb:d1:e7:70:6c:
         d4:9d:5f:3f:72:7f:f6:14:23:57:ee:9c:dd:69:26:05:a7:c7:
         f8:1b:bf:69:97:ed:8c:bf:20:06:f3:74:a4:41:71:5f:95:4d:
         00:d7:68:bb:06:98:03:e6:6f:69:d6:01:08:c3:cc:7e:2f:f6:
         6a:f8:65:73:0c:e1:38:cf:3c:b3:57:73:ca:a4:e2:b7:8b:9b:
         81:1c:2c:38:96:bc:08:98:37:65:f7:b2:f6:bc:e1:a7:5a:41:
         58:3d:19:c0:23:a9:96:24:3f:91:02:4a:fd:dd:d8:12:17:ed:
         61:b9:f7:27:b7:46:a4:06:59:d6:b3:f0:c5:70:9e:61:72:c1:
         4f:4a:bd:1b:d9:d4:3e:69:20:3d:1a:68:74:79:f0:10:bf:b6:
         0f:a2:da:c1
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUILi0f9mWtLKovTOD4BbvrrXQ0QMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEU1MkMzRUUwRTRFMTQ4MkYxRUNCNzA2OUYzQjdBMzQ0
RUEwRERCMjAeFw0yNTA0MjUxODUyMTJaFw0yNjA0MjQxODU3MTJaMDMxMTAvBgNV
BAMTKDE2OTY4RjQxMzMyODg2QjIzRjlENDQ0RjY0NUQwMzRCMTU5MkFBQzAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVcVzzXRWxQ/0L8HabQvFQPB29
pcfQobyTbdslJcdHTG0lD4hHxhI72b5Y/yLsCLogUwYk0HdglqqsywFdP5fG0ST5
IZMn/7K78BnMw2Y5/toi91u4EIVIr/oXvkSsgqGhf8tA8PbNNhL/G1Zh450ljjfS
J3Tr/EZ7PFCXRhQ/k8hjI/HjuZRu8p6px1Dk2eLG2ZBG7NIZROUgtriFtU9SdJma
DtcANQtn0gy5rk9Z025s11ieJ8L+nPv5OGSzQpaF/Rm2/qOvF2A+F+pZxHTVZuOw
2RbDY7euaobu9ULrgkjHp4n1oS8x4M8LxtIj+QCiH6dQlsBtL2nR3VDZq3ZPAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUFpaPQTMohrI/nURPZF0DSxWSqsAwHwYDVR0j
BBgwFoAUjlLD7g5OFILx7LcGnzt6NE6g3bIwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOEdYY2gybm9CZGtHa2poTk05bXVnUnNnYWtwSzlEcHRIZlFqY0g2RldX
Y20vMC84RTUyQzNFRTBFNEUxNDgyRjFFQ0I3MDY5RjNCN0EzNDRFQTBEREIyLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzhFNTJDM0VFMEU0RTE0ODJG
MUVDQjcwNjlGM0I3QTM0NEVBMEREQjIuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzhHWGNoMm5vQmRrR2tqaE5NOW11Z1JzZ2FrcEs5RHB0SGZRamNINkZXV2NtLzAv
MzEzNjM4MmUzMTM4MzEyZTMxMzMzMjJlMzAyZjMyMzIyZDMzMzIyMDNkM2UyMDMy
MzYzNDM4MzYzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAqi1hDANBgkqhkiG9w0BAQsFAAOCAQEAa1l1
rodlJ/y/9DCdnAyyYi7NCiCjF/tWNQRnnWkqwvAICDWR7oyIvSVLbOun9S2Iah9S
BjbIGkAQscqO0ALMjIO7GgR98fKJd2Qqr/Aj2iQZ5p2qkEVGXtp1wZAgJE/hZn8M
ij1cP8vR53Bs1J1fP3J/9hQjV+6c3WkmBafH+Bu/aZftjL8gBvN0pEFxX5VNANdo
uwaYA+ZvadYBCMPMfi/2avhlcwzhOM88s1dzyqTit4ubgRwsOJa8CJg3Zfey9rzh
p1pBWD0ZwCOpliQ/kQJK/d3YEhftYbn3J7dGpAZZ1rPwxXCeYXLBT0q9G9nUPmkg
PRpodHnwEL+2D6LawQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:54:15 2025 by rpki-client on console.sobornost.net