Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/7be7EP4egxBVbc96H3WvB1GMSewk9T7JY2tWGUZrNFBG/0/323830343a353837383a343030303a3a2f34382d3438203d3e20323638313331.roa
File:                     323830343a353837383a343030303a3a2f34382d3438203d3e20323638313331.roa (raw, json)
Hash identifier:          ouhAyOcH2VayZfDA15PmGMIddBURZIqd8LmFxV/D8kg=
Subject key identifier:   D3:DE:42:77:6C:96:84:7E:B5:2A:5E:04:FE:98:AF:0A:8F:39:D5:AB
Certificate issuer:       /CN=A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11
Certificate serial:       292D89B8011F967DCE49C368F8E1879FB22713BC
Authority key identifier: A0:CD:D2:CF:58:9D:FC:4A:B4:82:AC:02:EC:05:EB:B5:C3:BE:5B:11
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/7be7EP4egxBVbc96H3WvB1GMSewk9T7JY2tWGUZrNFBG/0/323830343a353837383a343030303a3a2f34382d3438203d3e20323638313331.roa
Signing time:             Tue 03 Jun 2025 16:36:22 +0000
ROA not before:           Tue 03 Jun 2025 16:31:22 +0000
ROA not after:            Tue 02 Jun 2026 16:36:22 +0000
asID:                     268131
IP address blocks:        2804:5878:4000::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/7be7EP4egxBVbc96H3WvB1GMSewk9T7JY2tWGUZrNFBG/0/A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11.crl
                          rsync://rpki-repo.registro.br/repo/7be7EP4egxBVbc96H3WvB1GMSewk9T7JY2tWGUZrNFBG/0/A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 22:51:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:2d:89:b8:01:1f:96:7d:ce:49:c3:68:f8:e1:87:9f:b2:27:13:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11
        Validity
            Not Before: Jun  3 16:31:22 2025 GMT
            Not After : Jun  2 16:36:22 2026 GMT
        Subject: CN=D3DE42776C96847EB52A5E04FE98AF0A8F39D5AB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:53:14:c4:98:58:f5:80:fb:93:73:f2:68:22:
                    31:69:a9:30:14:78:75:a4:aa:ee:b0:a8:4a:8f:8e:
                    0f:2f:c2:db:f8:3b:b6:ee:a5:00:cf:2f:fd:4c:af:
                    9a:49:8a:7d:04:bd:f9:b8:c2:e0:ed:27:44:74:d2:
                    11:b3:44:59:b7:a2:c2:00:21:b3:ea:1d:22:47:34:
                    d1:4d:5b:03:a0:ff:9e:b7:6d:6e:79:22:96:86:24:
                    b2:c3:e4:b7:9f:47:61:9b:fd:7e:9e:d0:5a:6b:27:
                    e8:5f:2e:a1:2f:b1:4e:3b:5e:c2:64:cf:a5:92:0e:
                    cc:7e:fc:58:57:b7:ae:ba:c8:ad:71:91:5f:ae:33:
                    50:e8:7e:79:a0:2b:19:00:c0:b0:d9:84:41:b8:68:
                    09:f9:2c:55:ca:bc:cf:e7:2e:53:b2:17:6f:ca:34:
                    1c:64:6b:89:cb:4f:ea:43:95:c0:dd:17:c8:96:ff:
                    2b:92:34:74:97:65:13:70:c9:4c:69:d3:8e:7c:d0:
                    12:b8:e0:b4:ed:52:31:dc:eb:9d:94:d5:6c:7f:3c:
                    72:39:85:4e:bb:d7:10:d6:4c:2f:46:56:f7:f6:1b:
                    70:35:fd:e4:b7:e6:2b:eb:93:37:75:ad:62:f6:0d:
                    8c:6a:35:5a:55:f1:3f:bc:8e:8c:f3:b8:b0:a2:1b:
                    67:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:DE:42:77:6C:96:84:7E:B5:2A:5E:04:FE:98:AF:0A:8F:39:D5:AB
            X509v3 Authority Key Identifier:
                keyid:A0:CD:D2:CF:58:9D:FC:4A:B4:82:AC:02:EC:05:EB:B5:C3:BE:5B:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/7be7EP4egxBVbc96H3WvB1GMSewk9T7JY2tWGUZrNFBG/0/A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/7be7EP4egxBVbc96H3WvB1GMSewk9T7JY2tWGUZrNFBG/0/323830343a353837383a343030303a3a2f34382d3438203d3e20323638313331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:5878:4000::/48

    Signature Algorithm: sha256WithRSAEncryption
         38:17:38:e5:36:be:c0:ef:9f:d4:87:cc:48:5e:3a:f6:0b:00:
         08:bc:17:a5:1b:cc:ca:01:e4:9e:29:ce:dd:08:fa:cc:97:36:
         2d:4e:f6:45:57:df:6c:57:6e:c3:36:70:f5:1b:1e:47:cd:f2:
         0d:4e:18:72:a6:a4:f3:23:0d:9e:54:aa:4d:a7:cb:12:e7:4b:
         12:10:43:a5:54:eb:5d:37:da:84:3d:49:fe:fc:5f:ae:68:07:
         20:60:7f:6e:44:52:12:61:c8:22:32:25:fa:fa:2f:72:4b:82:
         64:56:dd:3c:5f:8b:5e:91:2d:82:c4:21:b8:b2:9e:c5:14:43:
         ca:da:d5:a1:61:49:5b:5f:be:88:f7:e8:54:01:61:c9:bd:62:
         6a:d9:11:71:ce:fb:35:75:f4:60:bc:51:c6:b5:89:c5:13:24:
         18:96:d6:4b:52:72:8f:75:d9:1e:e2:72:3d:f0:ea:a0:cf:e9:
         a9:12:37:f4:c2:2c:63:94:0e:46:d0:c7:96:8b:b9:be:33:f4:
         5e:4d:cb:c3:8a:4c:b6:4a:8c:d5:53:62:16:f4:51:e6:85:d1:
         82:10:34:8a:a7:61:9a:d1:1b:f0:d3:03:85:e0:7b:38:04:01:
         93:5d:ff:98:1a:3c:6f:76:49:5b:e4:f8:f0:71:d3:88:e3:3a:
         bb:8a:a9:58
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgIUKS2JuAEfln3OScNo+OGHn7InE7wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBDREQyQ0Y1ODlERkM0QUI0ODJBQzAyRUMwNUVCQjVD
M0JFNUIxMTAeFw0yNTA2MDMxNjMxMjJaFw0yNjA2MDIxNjM2MjJaMDMxMTAvBgNV
BAMTKEQzREU0Mjc3NkM5Njg0N0VCNTJBNUUwNEZFOThBRjBBOEYzOUQ1QUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRUxTEmFj1gPuTc/JoIjFpqTAU
eHWkqu6wqEqPjg8vwtv4O7bupQDPL/1Mr5pJin0Evfm4wuDtJ0R00hGzRFm3osIA
IbPqHSJHNNFNWwOg/563bW55IpaGJLLD5LefR2Gb/X6e0FprJ+hfLqEvsU47XsJk
z6WSDsx+/FhXt666yK1xkV+uM1DofnmgKxkAwLDZhEG4aAn5LFXKvM/nLlOyF2/K
NBxka4nLT+pDlcDdF8iW/yuSNHSXZRNwyUxp04580BK44LTtUjHc652U1Wx/PHI5
hU671xDWTC9GVvf2G3A1/eS35ivrkzd1rWL2DYxqNVpV8T+8jozzuLCiG2etAgMB
AAGjggJcMIICWDAdBgNVHQ4EFgQU095Cd2yWhH61Kl4E/pivCo851aswHwYDVR0j
BBgwFoAUoM3Sz1id/Eq0gqwC7AXrtcO+WxEwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vN2JlN0VQNGVneEJWYmM5NkgzV3ZCMUdNU2V3azlUN0pZMnRXR1Vack5G
QkcvMC9BMENERDJDRjU4OURGQzRBQjQ4MkFDMDJFQzA1RUJCNUMzQkU1QjExLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0EwQ0REMkNGNTg5REZDNEFC
NDgyQUMwMkVDMDVFQkI1QzNCRTVCMTEuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzdiZTdFUDRlZ3hCVmJjOTZIM1d2QjFHTVNld2s5VDdKWTJ0V0dVWnJORkJHLzAv
MzIzODMwMzQzYTM1MzgzNzM4M2EzNDMwMzAzMDNhM2EyZjM0MzgyZDM0MzgyMDNk
M2UyMDMyMzYzODMxMzMzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACgEWHhAADANBgkqhkiG9w0BAQsF
AAOCAQEAOBc45Ta+wO+f1IfMSF469gsACLwXpRvMygHkninO3Qj6zJc2LU72RVff
bFduwzZw9RseR83yDU4Ycqak8yMNnlSqTafLEudLEhBDpVTrXTfahD1J/vxfrmgH
IGB/bkRSEmHIIjIl+vovckuCZFbdPF+LXpEtgsQhuLKexRRDytrVoWFJW1++iPfo
VAFhyb1iatkRcc77NXX0YLxRxrWJxRMkGJbWS1Jyj3XZHuJyPfDqoM/pqRI39MIs
Y5QORtDHlou5vjP0Xk3Lw4pMtkqM1VNiFvRR5oXRghA0iqdhmtEb8NMDheB7OAQB
k13/mBo8b3ZJW+T48HHTiOM6u4qpWA==
-----END CERTIFICATE-----
Generated at Tue Jun 10 05:45:58 2025 by rpki-client