Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/ArT8vrDjqy4bWaMCtFP24CFU5hMzWhHRkjvgxZyQBQkp/0/3137372e38352e3137362e302f32322d3232203d3e20323632363131.roa
File:                     3137372e38352e3137362e302f32322d3232203d3e20323632363131.roa (raw, json)
Hash identifier:          VdTGtPka9QIzvTrN1HXJhPUEeLZce+YThXb/eewCAqw=
Subject key identifier:   20:3E:DB:6B:6E:15:8B:6A:32:8D:44:CA:F0:2F:65:45:78:58:4B:E8
Certificate issuer:       /CN=D2B24673AF94F6E8A7171887B60BF4EBE9D15E73
Certificate serial:       04A76322ABAE1CC244DD4BB8ED20F3A307B0DC9C
Authority key identifier: D2:B2:46:73:AF:94:F6:E8:A7:17:18:87:B6:0B:F4:EB:E9:D1:5E:73
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D2B24673AF94F6E8A7171887B60BF4EBE9D15E73.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/ArT8vrDjqy4bWaMCtFP24CFU5hMzWhHRkjvgxZyQBQkp/0/3137372e38352e3137362e302f32322d3232203d3e20323632363131.roa
Signing time:             Wed 19 Mar 2025 14:30:13 +0000
ROA not before:           Wed 19 Mar 2025 14:25:13 +0000
ROA not after:            Wed 18 Mar 2026 14:30:13 +0000
asID:                     262611
IP address blocks:        177.85.176.0/22 maxlen: 22

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/ArT8vrDjqy4bWaMCtFP24CFU5hMzWhHRkjvgxZyQBQkp/0/D2B24673AF94F6E8A7171887B60BF4EBE9D15E73.crl
                          rsync://rpki-repo.registro.br/repo/ArT8vrDjqy4bWaMCtFP24CFU5hMzWhHRkjvgxZyQBQkp/0/D2B24673AF94F6E8A7171887B60BF4EBE9D15E73.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D2B24673AF94F6E8A7171887B60BF4EBE9D15E73.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 27 Apr 2025 05:14:40 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:a7:63:22:ab:ae:1c:c2:44:dd:4b:b8:ed:20:f3:a3:07:b0:dc:9c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D2B24673AF94F6E8A7171887B60BF4EBE9D15E73
        Validity
            Not Before: Mar 19 14:25:13 2025 GMT
            Not After : Mar 18 14:30:13 2026 GMT
        Subject: CN=203EDB6B6E158B6A328D44CAF02F654578584BE8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:b1:83:fe:91:19:67:ef:95:b2:cb:e2:4d:b4:
                    c7:40:10:3e:7d:3f:4d:84:54:be:54:3e:db:fb:74:
                    48:ee:57:fa:55:37:0c:ef:b1:9a:9c:ee:b6:8d:4b:
                    59:e4:94:ec:55:19:04:d0:4e:1d:b3:ae:c7:4f:d9:
                    80:f9:97:61:b6:e3:52:48:b7:60:f6:f8:9f:b8:f1:
                    fd:30:23:20:05:53:47:29:2e:3a:7d:8b:31:ed:ae:
                    7d:ba:1c:97:6f:1d:d9:ea:ea:d4:ed:5d:18:81:eb:
                    6b:0f:89:a3:69:1e:56:d4:89:ef:6f:f1:ed:a1:3e:
                    0b:3e:ee:1d:99:c5:69:d5:c9:8d:ad:a4:2f:8d:ec:
                    9e:18:fe:87:01:76:53:26:ac:09:c2:6d:1e:d3:5e:
                    69:0a:c5:72:e6:55:11:ac:b7:d7:20:79:e7:40:42:
                    cc:96:39:d5:f1:fe:32:e9:14:e8:7e:25:e1:a8:0d:
                    54:d0:6f:7b:0b:c7:c3:65:d3:51:25:a8:70:34:4e:
                    fc:c4:83:c5:9e:a9:23:6a:35:19:8b:47:44:04:c6:
                    51:2b:0b:fe:ce:4a:7a:35:3c:93:a6:b0:b6:ab:32:
                    8b:5d:e5:d4:26:b2:04:60:d1:d1:5a:6c:d6:e9:20:
                    61:b4:f9:c5:37:a6:8c:42:47:48:cd:ba:eb:bc:81:
                    93:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:3E:DB:6B:6E:15:8B:6A:32:8D:44:CA:F0:2F:65:45:78:58:4B:E8
            X509v3 Authority Key Identifier:
                keyid:D2:B2:46:73:AF:94:F6:E8:A7:17:18:87:B6:0B:F4:EB:E9:D1:5E:73

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/ArT8vrDjqy4bWaMCtFP24CFU5hMzWhHRkjvgxZyQBQkp/0/D2B24673AF94F6E8A7171887B60BF4EBE9D15E73.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D2B24673AF94F6E8A7171887B60BF4EBE9D15E73.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/ArT8vrDjqy4bWaMCtFP24CFU5hMzWhHRkjvgxZyQBQkp/0/3137372e38352e3137362e302f32322d3232203d3e20323632363131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.85.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         7c:66:0a:b2:85:66:b3:b3:f3:21:40:7e:f3:01:74:61:8e:9b:
         f9:65:4d:5c:94:de:d9:83:4a:59:5a:fb:73:1d:c1:fd:49:bd:
         34:c0:24:21:52:ac:cd:29:72:f2:d8:5a:54:c5:93:92:76:36:
         3a:ce:a8:fb:67:b9:60:4b:4f:8c:2f:f4:f6:6d:22:98:6a:36:
         15:da:b0:2d:bb:eb:7c:a6:55:f9:ed:a4:62:81:c1:63:64:dd:
         d8:2a:60:e3:86:bc:c3:2b:85:90:2c:25:17:e0:45:e8:14:3e:
         1d:f2:b0:17:32:96:94:75:a1:03:04:74:95:81:ef:e3:4f:ea:
         69:e3:5a:5d:9a:82:53:56:ae:1f:f4:41:be:7c:d9:90:c3:11:
         e3:45:a0:4c:b6:31:49:bd:d6:e0:4c:19:52:39:e0:ab:cd:c0:
         8a:e6:fe:02:e8:dd:25:be:71:01:9b:0d:4b:7f:65:a2:5b:04:
         e1:25:4b:8c:4d:20:34:e6:fa:de:39:a8:31:40:4e:4e:fd:93:
         3c:b7:6b:98:40:ef:8d:93:be:54:58:37:c2:86:84:e9:a7:ad:
         79:26:6e:b0:00:5d:be:c1:13:fb:ca:0e:65:34:bb:88:8d:d4:
         6d:58:c4:f3:f3:69:a9:fb:9d:18:87:43:96:9e:1d:91:e9:09:
         b5:8a:63:44
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUBKdjIquuHMJE3Uu47SDzowew3JwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDJCMjQ2NzNBRjk0RjZFOEE3MTcxODg3QjYwQkY0RUJF
OUQxNUU3MzAeFw0yNTAzMTkxNDI1MTNaFw0yNjAzMTgxNDMwMTNaMDMxMTAvBgNV
BAMTKDIwM0VEQjZCNkUxNThCNkEzMjhENDRDQUYwMkY2NTQ1Nzg1ODRCRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8sYP+kRln75Wyy+JNtMdAED59
P02EVL5UPtv7dEjuV/pVNwzvsZqc7raNS1nklOxVGQTQTh2zrsdP2YD5l2G241JI
t2D2+J+48f0wIyAFU0cpLjp9izHtrn26HJdvHdnq6tTtXRiB62sPiaNpHlbUie9v
8e2hPgs+7h2ZxWnVyY2tpC+N7J4Y/ocBdlMmrAnCbR7TXmkKxXLmVRGst9cgeedA
QsyWOdXx/jLpFOh+JeGoDVTQb3sLx8Nl01ElqHA0TvzEg8WeqSNqNRmLR0QExlEr
C/7OSno1PJOmsLarMotd5dQmsgRg0dFabNbpIGG0+cU3poxCR0jNuuu8gZOVAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUID7ba24Vi2oyjUTK8C9lRXhYS+gwHwYDVR0j
BBgwFoAU0rJGc6+U9uinFxiHtgv06+nRXnMwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQXJUOHZyRGpxeTRiV2FNQ3RGUDI0Q0ZVNWhNeldoSFJranZneFp5UUJR
a3AvMC9EMkIyNDY3M0FGOTRGNkU4QTcxNzE4ODdCNjBCRjRFQkU5RDE1RTczLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0QyQjI0NjczQUY5NEY2RThB
NzE3MTg4N0I2MEJGNEVCRTlEMTVFNzMuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0FyVDh2ckRqcXk0YldhTUN0RlAyNENGVTVoTXpXaEhSa2p2Z3haeVFCUWtwLzAv
MzEzNzM3MmUzODM1MmUzMTM3MzYyZTMwMmYzMjMyMmQzMjMyMjAzZDNlMjAzMjM2
MzIzNjMxMzEucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAKxVbAwDQYJKoZIhvcNAQELBQADggEBAHxmCrKF
ZrOz8yFAfvMBdGGOm/llTVyU3tmDSlla+3Mdwf1JvTTAJCFSrM0pcvLYWlTFk5J2
NjrOqPtnuWBLT4wv9PZtIphqNhXasC2763ymVfntpGKBwWNk3dgqYOOGvMMrhZAs
JRfgRegUPh3ysBcylpR1oQMEdJWB7+NP6mnjWl2aglNWrh/0Qb582ZDDEeNFoEy2
MUm91uBMGVI54KvNwIrm/gLo3SW+cQGbDUt/ZaJbBOElS4xNIDTm+t45qDFATk79
kzy3a5hA742TvlRYN8KGhOmnrXkmbrAAXb7BE/vKDmU0u4iN1G1YxPPzaan7nRiH
Q5aeHZHpCbWKY0Q=
-----END CERTIFICATE-----
Generated at Sat Apr 26 11:16:43 2025 by rpki-client on console.sobornost.net