Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/7be7EP4egxBVbc96H3WvB1GMSewk9T7JY2tWGUZrNFBG/0/323830343a353837383a343030303a3a2f33342d3334203d3e20323638313331.roa
File:                     323830343a353837383a343030303a3a2f33342d3334203d3e20323638313331.roa (raw, json)
Hash identifier:          bec0x/Cqckg2a+aVdlOWK1zgbnr5jAeqZG2vSjYskV8=
Subject key identifier:   4E:64:74:9E:DD:13:23:8C:72:79:4C:3F:40:E6:13:16:97:4F:B4:99
Certificate issuer:       /CN=A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11
Certificate serial:       6431A2C317F97762127EC364B9AF06982D5C0915
Authority key identifier: A0:CD:D2:CF:58:9D:FC:4A:B4:82:AC:02:EC:05:EB:B5:C3:BE:5B:11
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/7be7EP4egxBVbc96H3WvB1GMSewk9T7JY2tWGUZrNFBG/0/323830343a353837383a343030303a3a2f33342d3334203d3e20323638313331.roa
Signing time:             Tue 03 Jun 2025 16:36:18 +0000
ROA not before:           Tue 03 Jun 2025 16:31:18 +0000
ROA not after:            Tue 02 Jun 2026 16:36:18 +0000
asID:                     268131
IP address blocks:        2804:5878:4000::/34 maxlen: 34
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/7be7EP4egxBVbc96H3WvB1GMSewk9T7JY2tWGUZrNFBG/0/A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11.crl
                          rsync://rpki-repo.registro.br/repo/7be7EP4egxBVbc96H3WvB1GMSewk9T7JY2tWGUZrNFBG/0/A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 12 Jun 2025 09:18:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:31:a2:c3:17:f9:77:62:12:7e:c3:64:b9:af:06:98:2d:5c:09:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11
        Validity
            Not Before: Jun  3 16:31:18 2025 GMT
            Not After : Jun  2 16:36:18 2026 GMT
        Subject: CN=4E64749EDD13238C72794C3F40E61316974FB499
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:73:9e:df:10:32:e3:39:33:7d:1e:46:6c:55:
                    15:c2:2c:7b:b3:ee:3c:f9:9c:50:24:9e:96:1b:c3:
                    cc:01:73:a4:00:81:0c:b7:74:b0:80:a4:e0:3f:e0:
                    a1:6e:63:b8:77:03:9d:bf:02:6c:7d:fa:65:02:98:
                    f2:16:92:ab:96:07:74:0e:b0:20:f2:97:7d:75:97:
                    a8:81:fe:32:46:a7:a4:a5:02:4d:0f:ef:4d:ab:af:
                    b6:4b:d2:ab:ad:21:ce:83:69:09:92:b1:5b:88:5d:
                    9a:bd:8f:3f:61:b9:c1:d2:b0:d7:40:05:f1:bf:98:
                    23:23:78:7c:87:f4:f4:1b:6e:84:bb:99:42:d4:78:
                    fc:99:dd:ba:6a:27:c7:14:e9:89:9c:72:96:1b:f5:
                    1e:de:b7:87:8d:1e:81:a7:67:23:47:3c:4c:ae:d4:
                    7c:63:25:4a:3f:75:f6:83:14:31:31:e2:0a:4c:ba:
                    5f:d2:cb:17:dd:55:d5:eb:10:0d:7e:be:c1:f5:4f:
                    18:1d:a1:fd:f5:20:2a:c8:1a:69:b3:83:d5:9a:bf:
                    ed:81:f7:3d:4e:b7:3f:ed:2f:56:2a:38:cd:87:af:
                    ee:ad:16:aa:46:f7:8a:84:50:d2:f9:6d:17:dc:db:
                    82:12:ed:dc:41:18:59:17:60:51:28:4d:c9:f1:59:
                    d0:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:64:74:9E:DD:13:23:8C:72:79:4C:3F:40:E6:13:16:97:4F:B4:99
            X509v3 Authority Key Identifier:
                keyid:A0:CD:D2:CF:58:9D:FC:4A:B4:82:AC:02:EC:05:EB:B5:C3:BE:5B:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/7be7EP4egxBVbc96H3WvB1GMSewk9T7JY2tWGUZrNFBG/0/A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/7be7EP4egxBVbc96H3WvB1GMSewk9T7JY2tWGUZrNFBG/0/323830343a353837383a343030303a3a2f33342d3334203d3e20323638313331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:5878:4000::/34

    Signature Algorithm: sha256WithRSAEncryption
         09:2a:32:1b:1b:dc:50:9f:c0:48:b3:cf:1f:00:e1:2a:52:75:
         b3:cb:39:5a:09:e1:68:df:91:f9:a6:14:d5:2f:51:44:43:99:
         38:21:44:fd:09:c4:b8:8c:6e:3c:6f:4f:36:88:4c:8b:80:93:
         22:3a:7b:23:01:b1:64:8a:af:db:de:4b:20:3d:cb:ef:09:0f:
         05:43:78:cf:8c:4c:2b:fe:f2:f2:cd:04:12:eb:1f:69:25:9e:
         16:06:ab:47:a7:52:a7:72:05:2e:bb:c3:f9:67:82:43:e5:38:
         fa:52:7a:97:20:40:7b:86:1e:5a:14:4b:90:de:d3:ea:4c:17:
         12:0c:2a:73:26:99:69:7d:42:fc:11:16:73:c9:17:2a:b1:a8:
         80:25:21:52:0c:93:0c:db:a5:48:44:92:a0:7e:8f:60:15:a4:
         dc:eb:04:ad:5b:aa:37:4d:1a:13:7f:79:cc:c9:03:77:72:28:
         af:17:59:bd:39:cb:c8:07:7f:ed:db:74:25:37:46:c1:f0:50:
         a8:85:a9:82:80:23:22:3b:59:9b:cd:14:2d:03:c2:df:b8:a2:
         a3:f9:3e:ca:4f:1f:fb:78:56:07:f3:fe:c0:61:b7:1b:0f:36:
         6d:06:d9:84:36:27:69:f8:11:6c:ef:15:54:77:f0:6f:d7:e9:
         c1:2e:66:5d
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUZDGiwxf5d2ISfsNkua8GmC1cCRUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBDREQyQ0Y1ODlERkM0QUI0ODJBQzAyRUMwNUVCQjVD
M0JFNUIxMTAeFw0yNTA2MDMxNjMxMThaFw0yNjA2MDIxNjM2MThaMDMxMTAvBgNV
BAMTKDRFNjQ3NDlFREQxMzIzOEM3Mjc5NEMzRjQwRTYxMzE2OTc0RkI0OTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAc57fEDLjOTN9HkZsVRXCLHuz
7jz5nFAknpYbw8wBc6QAgQy3dLCApOA/4KFuY7h3A52/Amx9+mUCmPIWkquWB3QO
sCDyl311l6iB/jJGp6SlAk0P702rr7ZL0qutIc6DaQmSsVuIXZq9jz9hucHSsNdA
BfG/mCMjeHyH9PQbboS7mULUePyZ3bpqJ8cU6YmccpYb9R7et4eNHoGnZyNHPEyu
1HxjJUo/dfaDFDEx4gpMul/SyxfdVdXrEA1+vsH1Txgdof31ICrIGmmzg9Wav+2B
9z1Otz/tL1YqOM2Hr+6tFqpG94qEUNL5bRfc24IS7dxBGFkXYFEoTcnxWdC7AgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUTmR0nt0TI4xyeUw/QOYTFpdPtJkwHwYDVR0j
BBgwFoAUoM3Sz1id/Eq0gqwC7AXrtcO+WxEwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vN2JlN0VQNGVneEJWYmM5NkgzV3ZCMUdNU2V3azlUN0pZMnRXR1Vack5G
QkcvMC9BMENERDJDRjU4OURGQzRBQjQ4MkFDMDJFQzA1RUJCNUMzQkU1QjExLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0EwQ0REMkNGNTg5REZDNEFC
NDgyQUMwMkVDMDVFQkI1QzNCRTVCMTEuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzdiZTdFUDRlZ3hCVmJjOTZIM1d2QjFHTVNld2s5VDdKWTJ0V0dVWnJORkJHLzAv
MzIzODMwMzQzYTM1MzgzNzM4M2EzNDMwMzAzMDNhM2EyZjMzMzQyZDMzMzQyMDNk
M2UyMDMyMzYzODMxMzMzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBigEWHhAMA0GCSqGSIb3DQEBCwUA
A4IBAQAJKjIbG9xQn8BIs88fAOEqUnWzyzlaCeFo35H5phTVL1FEQ5k4IUT9CcS4
jG48b082iEyLgJMiOnsjAbFkiq/b3ksgPcvvCQ8FQ3jPjEwr/vLyzQQS6x9pJZ4W
BqtHp1KncgUuu8P5Z4JD5Tj6UnqXIEB7hh5aFEuQ3tPqTBcSDCpzJplpfUL8ERZz
yRcqsaiAJSFSDJMM26VIRJKgfo9gFaTc6wStW6o3TRoTf3nMyQN3ciivF1m9OcvI
B3/t23QlN0bB8FCohamCgCMiO1mbzRQtA8LfuKKj+T7KTx/7eFYH8/7AYbcbDzZt
BtmENidp+BFs7xVUd/Bv1+nBLmZd
-----END CERTIFICATE-----
Generated at Thu Jun 12 02:46:31 2025 by rpki-client