Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/57i6EhFRpGYi4na8qaF1XYwmwYozik7yWvuPTVvMWgLM/0/323830343a313061303a3a2f33322d3438203d3e203238313733.roa
File:                     323830343a313061303a3a2f33322d3438203d3e203238313733.roa (raw, json)
Hash identifier:          NmXhy0HcOm/kXZzRed2qqzCUaIBSjGksCk82h64gDio=
Subject key identifier:   6E:E1:35:10:ED:23:09:8D:D8:80:86:3F:3F:FE:12:35:9F:80:33:F1
Certificate issuer:       /CN=700C105F866D3955B5DC6A4CACFF8263EED77B4C
Certificate serial:       2C72F1A72DB248ADC14DAEC4BFF4C6B1A50F8D65
Authority key identifier: 70:0C:10:5F:86:6D:39:55:B5:DC:6A:4C:AC:FF:82:63:EE:D7:7B:4C
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/700C105F866D3955B5DC6A4CACFF8263EED77B4C.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/57i6EhFRpGYi4na8qaF1XYwmwYozik7yWvuPTVvMWgLM/0/323830343a313061303a3a2f33322d3438203d3e203238313733.roa
Signing time:             Fri 30 May 2025 17:04:01 +0000
ROA not before:           Fri 30 May 2025 16:59:01 +0000
ROA not after:            Fri 29 May 2026 17:04:01 +0000
asID:                     28173
IP address blocks:        2804:10a0::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/57i6EhFRpGYi4na8qaF1XYwmwYozik7yWvuPTVvMWgLM/0/700C105F866D3955B5DC6A4CACFF8263EED77B4C.crl
                          rsync://rpki-repo.registro.br/repo/57i6EhFRpGYi4na8qaF1XYwmwYozik7yWvuPTVvMWgLM/0/700C105F866D3955B5DC6A4CACFF8263EED77B4C.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/700C105F866D3955B5DC6A4CACFF8263EED77B4C.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 03:18:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:72:f1:a7:2d:b2:48:ad:c1:4d:ae:c4:bf:f4:c6:b1:a5:0f:8d:65
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=700C105F866D3955B5DC6A4CACFF8263EED77B4C
        Validity
            Not Before: May 30 16:59:01 2025 GMT
            Not After : May 29 17:04:01 2026 GMT
        Subject: CN=6EE13510ED23098DD880863F3FFE12359F8033F1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:bd:6c:79:83:78:eb:dd:59:d2:c9:a8:35:3e:
                    f3:33:75:56:1a:fb:5e:6e:39:91:b8:d5:0e:af:3c:
                    3e:61:ef:c1:83:be:69:7b:2b:bd:f9:7e:f0:32:c2:
                    bf:fd:21:30:45:69:1e:85:c3:a8:d7:74:cd:5b:60:
                    53:db:e6:cc:a7:e5:9a:df:e6:8b:8d:86:46:2b:4e:
                    3c:bd:41:e0:e4:39:90:b3:9b:56:70:ff:20:64:04:
                    96:c1:d5:7a:f3:d7:a3:73:2a:4a:9b:63:a6:4b:73:
                    f0:7c:89:de:31:aa:28:76:b2:5c:a5:d8:d4:f2:0b:
                    c4:e9:7d:d3:97:a6:34:70:23:40:44:54:a6:66:f3:
                    5e:21:4a:4b:35:33:a2:00:b0:5d:05:b2:96:f4:ff:
                    ba:d9:b4:f8:34:a2:1b:e6:4b:87:bd:7b:18:ff:1b:
                    97:dc:ae:fa:0e:40:e4:1e:97:59:f5:f2:96:a8:fb:
                    b0:71:8e:9a:ef:4f:5a:96:7c:d0:9b:28:29:f9:80:
                    fc:90:4c:39:b9:09:7e:32:45:52:b8:bf:d1:74:e5:
                    b3:10:28:79:54:48:22:ff:ff:8d:8f:06:97:94:8f:
                    ba:65:29:de:d0:82:9f:48:f4:32:64:95:e8:d2:89:
                    24:87:49:12:0e:c6:69:5a:1a:4c:2d:27:99:d8:bf:
                    af:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6E:E1:35:10:ED:23:09:8D:D8:80:86:3F:3F:FE:12:35:9F:80:33:F1
            X509v3 Authority Key Identifier:
                keyid:70:0C:10:5F:86:6D:39:55:B5:DC:6A:4C:AC:FF:82:63:EE:D7:7B:4C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/57i6EhFRpGYi4na8qaF1XYwmwYozik7yWvuPTVvMWgLM/0/700C105F866D3955B5DC6A4CACFF8263EED77B4C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/700C105F866D3955B5DC6A4CACFF8263EED77B4C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/57i6EhFRpGYi4na8qaF1XYwmwYozik7yWvuPTVvMWgLM/0/323830343a313061303a3a2f33322d3438203d3e203238313733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:10a0::/32

    Signature Algorithm: sha256WithRSAEncryption
         52:0e:14:4d:d5:66:25:47:01:2d:a5:90:01:33:0b:b3:a6:b2:
         1a:6a:44:64:a8:40:ad:42:92:34:e4:b0:a6:c9:a6:55:9d:db:
         83:e6:93:65:b8:2d:24:58:5b:5a:95:ec:74:90:b6:58:6c:88:
         ef:cf:c9:45:a2:b2:33:2d:2b:b6:04:f2:8b:8d:0a:0b:0d:4a:
         36:53:0e:5d:20:06:c2:1a:8c:04:b8:61:33:82:56:24:25:b3:
         af:63:57:ac:d4:d9:d2:eb:30:ef:89:b6:e8:ee:f1:62:98:87:
         3e:9d:df:25:97:d9:e2:33:23:27:61:d4:1a:9b:2b:ae:75:f7:
         d5:8d:51:23:b6:81:13:4d:bf:2c:44:4e:c4:77:df:1a:21:60:
         4a:11:65:34:76:49:54:b2:f6:b8:1f:79:43:48:1a:e5:a7:65:
         c5:19:75:ea:31:06:39:a6:34:a2:8e:79:d6:1f:f4:9c:42:5b:
         22:05:77:dd:0d:e2:52:e1:30:09:a7:0a:84:3d:bd:66:25:08:
         e6:a0:c7:9b:62:32:1b:ee:1f:52:50:51:69:14:09:b8:2d:b2:
         6a:d2:70:1d:b5:8f:de:c2:34:60:fb:12:c6:ab:0f:55:e9:87:
         7c:54:e6:d7:00:e2:dc:77:3f:dd:c1:06:2a:89:7f:7c:e7:df:
         38:3f:a9:60
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgIULHLxpy2ySK3BTa7Ev/TGsaUPjWUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzAwQzEwNUY4NjZEMzk1NUI1REM2QTRDQUNGRjgyNjNF
RUQ3N0I0QzAeFw0yNTA1MzAxNjU5MDFaFw0yNjA1MjkxNzA0MDFaMDMxMTAvBgNV
BAMTKDZFRTEzNTEwRUQyMzA5OEREODgwODYzRjNGRkUxMjM1OUY4MDMzRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCovWx5g3jr3VnSyag1PvMzdVYa
+15uOZG41Q6vPD5h78GDvml7K735fvAywr/9ITBFaR6Fw6jXdM1bYFPb5syn5Zrf
5ouNhkYrTjy9QeDkOZCzm1Zw/yBkBJbB1Xrz16NzKkqbY6ZLc/B8id4xqih2slyl
2NTyC8TpfdOXpjRwI0BEVKZm814hSks1M6IAsF0Fspb0/7rZtPg0ohvmS4e9exj/
G5fcrvoOQOQel1n18pao+7BxjprvT1qWfNCbKCn5gPyQTDm5CX4yRVK4v9F05bMQ
KHlUSCL//42PBpeUj7plKd7Qgp9I9DJklejSiSSHSRIOxmlaGkwtJ5nYv6/PAgMB
AAGjggJOMIICSjAdBgNVHQ4EFgQUbuE1EO0jCY3YgIY/P/4SNZ+AM/EwHwYDVR0j
BBgwFoAUcAwQX4ZtOVW13GpMrP+CY+7Xe0wwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNTdpNkVoRlJwR1lpNG5hOHFhRjFYWXdtd1lvemlrN3lXdnVQVFZ2TVdn
TE0vMC83MDBDMTA1Rjg2NkQzOTU1QjVEQzZBNENBQ0ZGODI2M0VFRDc3QjRDLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzcwMEMxMDVGODY2RDM5NTVC
NURDNkE0Q0FDRkY4MjYzRUVENzdCNEMuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzU3aTZFaEZScEdZaTRuYThxYUYxWFl3bXdZb3ppazd5V3Z1UFRWdk1XZ0xNLzAv
MzIzODMwMzQzYTMxMzA2MTMwM2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzIzODMx
MzczMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB
/wQRMA8wDQQCAAIwBwMFACgEEKAwDQYJKoZIhvcNAQELBQADggEBAFIOFE3VZiVH
AS2lkAEzC7OmshpqRGSoQK1CkjTksKbJplWd24Pmk2W4LSRYW1qV7HSQtlhsiO/P
yUWisjMtK7YE8ouNCgsNSjZTDl0gBsIajAS4YTOCViQls69jV6zU2dLrMO+Jtuju
8WKYhz6d3yWX2eIzIydh1BqbK65199WNUSO2gRNNvyxETsR33xohYEoRZTR2SVSy
9rgfeUNIGuWnZcUZdeoxBjmmNKKOedYf9JxCWyIFd90N4lLhMAmnCoQ9vWYlCOag
x5tiMhvuH1JQUWkUCbgtsmrScB21j97CNGD7EsarD1Xph3xU5tcA4tx3P93BBiqJ
f3zn3zg/qWA=
-----END CERTIFICATE-----
Generated at Tue Jun 10 06:40:16 2025 by rpki-client