Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/4H9bRRRCDVqfcmaJzw76p9UXXMQoaHiwxpdeuhneZFTX/0/323830343a323732303a3a2f33322d313238203d3e20323633383738.roa
File:                     323830343a323732303a3a2f33322d313238203d3e20323633383738.roa (raw, json)
Hash identifier:          eVBDY/oePjFsYaz9iRm8P7EQuy+KD+WECK6WrTo92Zc=
Subject key identifier:   90:F8:8A:82:49:1F:E0:78:86:9A:CC:55:38:62:43:17:F0:47:1F:95
Certificate issuer:       /CN=539EBD0106751619B3004BF315DFE05E3415919D
Certificate serial:       6CEB854ACF4ED77B52DAFE96F5E8CC48DF50A31A
Authority key identifier: 53:9E:BD:01:06:75:16:19:B3:00:4B:F3:15:DF:E0:5E:34:15:91:9D
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/539EBD0106751619B3004BF315DFE05E3415919D.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/4H9bRRRCDVqfcmaJzw76p9UXXMQoaHiwxpdeuhneZFTX/0/323830343a323732303a3a2f33322d313238203d3e20323633383738.roa
Signing time:             Mon 09 Jun 2025 13:30:22 +0000
ROA not before:           Mon 09 Jun 2025 13:25:22 +0000
ROA not after:            Mon 08 Jun 2026 13:30:22 +0000
asID:                     263878
IP address blocks:        2804:2720::/32 maxlen: 128
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/4H9bRRRCDVqfcmaJzw76p9UXXMQoaHiwxpdeuhneZFTX/0/539EBD0106751619B3004BF315DFE05E3415919D.crl
                          rsync://rpki-repo.registro.br/repo/4H9bRRRCDVqfcmaJzw76p9UXXMQoaHiwxpdeuhneZFTX/0/539EBD0106751619B3004BF315DFE05E3415919D.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/539EBD0106751619B3004BF315DFE05E3415919D.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 06:42:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6c:eb:85:4a:cf:4e:d7:7b:52:da:fe:96:f5:e8:cc:48:df:50:a3:1a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=539EBD0106751619B3004BF315DFE05E3415919D
        Validity
            Not Before: Jun  9 13:25:22 2025 GMT
            Not After : Jun  8 13:30:22 2026 GMT
        Subject: CN=90F88A82491FE078869ACC5538624317F0471F95
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:c7:89:da:19:55:6f:c2:d2:bd:0f:18:f6:bd:
                    55:55:d4:e2:11:3b:a8:9d:b8:0b:20:fe:17:08:bd:
                    d8:9b:2a:e2:db:6b:7b:31:ac:db:46:60:cc:7c:1a:
                    6d:f4:19:83:35:c9:91:08:71:78:c9:2f:23:69:24:
                    9a:28:e4:0b:13:bc:bd:0e:8a:10:da:f1:b5:40:a8:
                    54:8e:7e:ac:52:dc:f2:8a:d2:cb:78:56:2e:41:42:
                    ed:53:b1:1e:be:d3:e2:f6:4e:ca:9e:0a:f0:82:70:
                    e8:81:65:31:6e:bb:04:dd:93:b6:53:d2:a1:f2:08:
                    1b:93:f8:04:3b:4c:db:7b:5e:ae:bf:99:12:bc:28:
                    14:7e:d9:0a:02:d8:70:15:17:81:bc:a8:f4:ad:df:
                    88:e3:94:63:8b:39:4c:7b:b0:bd:b9:94:d4:38:4f:
                    af:36:bc:eb:03:2c:d7:f9:f1:a1:67:70:55:c2:0d:
                    de:a0:db:00:fe:62:61:84:d8:46:af:d0:41:f6:61:
                    a6:50:ea:48:0e:ac:d5:52:56:b8:7c:5a:37:6e:2d:
                    a4:f1:37:3c:23:d5:77:b3:25:f4:80:ab:5e:5e:6c:
                    b2:20:2d:f8:fd:f2:81:60:0d:88:df:fc:16:97:77:
                    be:02:f6:97:d6:b3:da:68:31:de:1a:91:8a:10:64:
                    42:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:F8:8A:82:49:1F:E0:78:86:9A:CC:55:38:62:43:17:F0:47:1F:95
            X509v3 Authority Key Identifier:
                keyid:53:9E:BD:01:06:75:16:19:B3:00:4B:F3:15:DF:E0:5E:34:15:91:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/4H9bRRRCDVqfcmaJzw76p9UXXMQoaHiwxpdeuhneZFTX/0/539EBD0106751619B3004BF315DFE05E3415919D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/539EBD0106751619B3004BF315DFE05E3415919D.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/4H9bRRRCDVqfcmaJzw76p9UXXMQoaHiwxpdeuhneZFTX/0/323830343a323732303a3a2f33322d313238203d3e20323633383738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:2720::/32

    Signature Algorithm: sha256WithRSAEncryption
         30:69:31:7e:12:0b:62:eb:0b:03:d8:f4:88:f0:9d:79:e4:90:
         12:1b:f2:78:a4:dd:61:4a:60:89:36:55:00:fe:26:b7:5e:ab:
         8f:3f:f4:34:ea:17:57:87:6b:07:b9:3b:8a:49:9b:4f:a1:3a:
         3d:c4:a5:a4:c1:79:5b:92:f7:ef:d1:a4:34:e1:a0:5b:ee:b2:
         e9:0f:a8:b2:22:2a:c8:59:22:0a:4b:4f:ce:37:a8:51:5c:64:
         73:31:44:35:00:32:6b:a2:2e:53:eb:04:21:7d:b7:77:df:1a:
         9a:2f:cc:4f:0b:48:ff:43:f2:72:ad:78:aa:dc:c3:5c:27:71:
         cc:46:6d:cc:82:e3:5f:73:17:68:ea:58:c1:86:d6:10:10:6a:
         32:b3:4f:77:76:3f:6f:b7:1d:58:31:c9:4e:ce:7b:3e:9f:53:
         0b:73:b8:4d:05:3f:15:bf:4c:d2:0e:f2:33:c7:f5:c8:88:21:
         12:b0:75:62:1d:d1:a6:dc:9a:a2:ed:90:cb:80:a7:65:2e:a2:
         fb:02:39:88:6a:20:5f:c8:e2:7f:22:d0:a3:ac:ac:8e:dd:4c:
         d2:44:42:5b:9c:76:e0:ee:cd:d7:5c:0d:12:12:0b:8d:34:72:
         f4:82:99:4d:85:4e:5f:bd:83:24:4a:0c:7c:a6:5a:fe:f4:e6:
         ca:c0:83:f9
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIUbOuFSs9O13tS2v6W9ejMSN9QoxowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTM5RUJEMDEwNjc1MTYxOUIzMDA0QkYzMTVERkUwNUUz
NDE1OTE5RDAeFw0yNTA2MDkxMzI1MjJaFw0yNjA2MDgxMzMwMjJaMDMxMTAvBgNV
BAMTKDkwRjg4QTgyNDkxRkUwNzg4NjlBQ0M1NTM4NjI0MzE3RjA0NzFGOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsx4naGVVvwtK9Dxj2vVVV1OIR
O6iduAsg/hcIvdibKuLba3sxrNtGYMx8Gm30GYM1yZEIcXjJLyNpJJoo5AsTvL0O
ihDa8bVAqFSOfqxS3PKK0st4Vi5BQu1TsR6+0+L2TsqeCvCCcOiBZTFuuwTdk7ZT
0qHyCBuT+AQ7TNt7Xq6/mRK8KBR+2QoC2HAVF4G8qPSt34jjlGOLOUx7sL25lNQ4
T682vOsDLNf58aFncFXCDd6g2wD+YmGE2Eav0EH2YaZQ6kgOrNVSVrh8WjduLaTx
Nzwj1XezJfSAq15ebLIgLfj98oFgDYjf/BaXd74C9pfWs9poMd4akYoQZEKNAgMB
AAGjggJSMIICTjAdBgNVHQ4EFgQUkPiKgkkf4HiGmsxVOGJDF/BHH5UwHwYDVR0j
BBgwFoAUU569AQZ1FhmzAEvzFd/gXjQVkZ0wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNEg5YlJSUkNEVnFmY21hSnp3NzZwOVVYWE1Rb2FIaXd4cGRldWhuZVpG
VFgvMC81MzlFQkQwMTA2NzUxNjE5QjMwMDRCRjMxNURGRTA1RTM0MTU5MTlELmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzUzOUVCRDAxMDY3NTE2MTlC
MzAwNEJGMzE1REZFMDVFMzQxNTkxOUQuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzRIOWJSUlJDRFZxZmNtYUp6dzc2cDlVWFhNUW9hSGl3eHBkZXVobmVaRlRYLzAv
MzIzODMwMzQzYTMyMzczMjMwM2EzYTJmMzMzMjJkMzEzMjM4MjAzZDNlMjAzMjM2
MzMzODM3Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUH
AQcBAf8EETAPMA0EAgACMAcDBQAoBCcgMA0GCSqGSIb3DQEBCwUAA4IBAQAwaTF+
Egti6wsD2PSI8J155JASG/J4pN1hSmCJNlUA/ia3XquPP/Q06hdXh2sHuTuKSZtP
oTo9xKWkwXlbkvfv0aQ04aBb7rLpD6iyIirIWSIKS0/ON6hRXGRzMUQ1ADJroi5T
6wQhfbd33xqaL8xPC0j/Q/JyrXiq3MNcJ3HMRm3MguNfcxdo6ljBhtYQEGoys093
dj9vtx1YMclOzns+n1MLc7hNBT8Vv0zSDvIzx/XIiCESsHViHdGm3Jqi7ZDLgKdl
LqL7AjmIaiBfyOJ/ItCjrKyO3UzSREJbnHbg7s3XXA0SEguNNHL0gplNhU5fvYMk
Sgx8plr+9ObKwIP5
-----END CERTIFICATE-----
Generated at Tue Jun 10 16:11:22 2025 by rpki-client