Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/7be7EP4egxBVbc96H3WvB1GMSewk9T7JY2tWGUZrNFBG/0/323830343a353837383a3a2f33342d3334203d3e20323638313331.roa
File:                     323830343a353837383a3a2f33342d3334203d3e20323638313331.roa (raw, json)
Hash identifier:          pD7uON0MR1cx9vrRl3bnWsw8Pci3XbwtAVzSZrjF0nU=
Subject key identifier:   42:80:FF:43:55:59:AB:0A:42:5A:48:BF:A0:47:7E:C2:29:DC:57:F6
Certificate issuer:       /CN=A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11
Certificate serial:       765BCB9528E6A0AE7D1A9D45FECC685F67073F6F
Authority key identifier: A0:CD:D2:CF:58:9D:FC:4A:B4:82:AC:02:EC:05:EB:B5:C3:BE:5B:11
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/7be7EP4egxBVbc96H3WvB1GMSewk9T7JY2tWGUZrNFBG/0/323830343a353837383a3a2f33342d3334203d3e20323638313331.roa
Signing time:             Tue 03 Jun 2025 16:36:22 +0000
ROA not before:           Tue 03 Jun 2025 16:31:22 +0000
ROA not after:            Tue 02 Jun 2026 16:36:22 +0000
asID:                     268131
IP address blocks:        2804:5878::/34 maxlen: 34
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/7be7EP4egxBVbc96H3WvB1GMSewk9T7JY2tWGUZrNFBG/0/A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11.crl
                          rsync://rpki-repo.registro.br/repo/7be7EP4egxBVbc96H3WvB1GMSewk9T7JY2tWGUZrNFBG/0/A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Jun 2025 05:17:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:5b:cb:95:28:e6:a0:ae:7d:1a:9d:45:fe:cc:68:5f:67:07:3f:6f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11
        Validity
            Not Before: Jun  3 16:31:22 2025 GMT
            Not After : Jun  2 16:36:22 2026 GMT
        Subject: CN=4280FF435559AB0A425A48BFA0477EC229DC57F6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:e1:24:73:78:dd:e0:c5:2c:e9:f4:3e:4d:bc:
                    6a:8b:7f:13:69:1b:fb:73:98:64:cf:f5:5b:ac:7c:
                    a5:6f:9a:e2:7b:2a:38:c9:c7:6d:9a:fc:13:22:09:
                    d2:af:cc:d6:1b:1a:ff:d4:8e:dc:36:53:f9:60:13:
                    a9:ee:21:88:f9:d8:75:15:00:c9:82:a5:97:90:de:
                    bb:c0:18:df:78:7c:5a:d7:2d:d5:a0:e2:51:f5:ba:
                    3b:e1:ed:b7:9a:36:fc:22:cf:4e:e6:40:ca:1c:89:
                    1e:c6:3f:41:88:19:3d:02:df:13:bf:12:eb:ae:c9:
                    5f:a2:26:0d:0d:af:40:5f:e8:a7:46:83:30:e8:7d:
                    44:13:00:5e:04:76:3e:95:a8:5a:1f:6d:e7:fe:27:
                    ed:03:a7:ed:92:a6:b9:c8:79:ed:e8:c8:85:c3:50:
                    b2:48:0c:86:9f:87:31:cd:48:e5:89:fb:a8:05:48:
                    99:29:c2:80:78:b3:36:59:5c:be:4c:f4:9f:ec:48:
                    66:09:af:73:a4:f0:1b:da:e3:22:e3:f7:85:65:f5:
                    ff:ba:27:96:05:73:d0:1c:49:d6:19:59:96:40:a3:
                    d3:72:90:06:5b:58:b5:94:30:8d:9c:fa:e3:96:b0:
                    e8:02:21:9e:4f:97:da:9d:9e:da:f4:75:83:d9:71:
                    88:eb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:80:FF:43:55:59:AB:0A:42:5A:48:BF:A0:47:7E:C2:29:DC:57:F6
            X509v3 Authority Key Identifier:
                keyid:A0:CD:D2:CF:58:9D:FC:4A:B4:82:AC:02:EC:05:EB:B5:C3:BE:5B:11

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/7be7EP4egxBVbc96H3WvB1GMSewk9T7JY2tWGUZrNFBG/0/A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A0CDD2CF589DFC4AB482AC02EC05EBB5C3BE5B11.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/7be7EP4egxBVbc96H3WvB1GMSewk9T7JY2tWGUZrNFBG/0/323830343a353837383a3a2f33342d3334203d3e20323638313331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:5878::/34

    Signature Algorithm: sha256WithRSAEncryption
         5f:7d:f9:e3:c6:dd:a3:f7:18:75:35:88:84:c4:56:34:bb:a2:
         56:be:b2:7f:58:c2:2a:24:69:a0:9c:4d:cb:58:71:80:a8:3b:
         c5:a4:54:1d:a4:eb:7f:c4:80:d4:25:6a:3a:26:51:bc:dd:99:
         b8:a0:31:d5:9c:be:36:f7:09:f8:82:7a:8a:4c:06:97:7f:6d:
         1c:e7:20:61:ac:ad:e6:f3:66:cc:66:4f:6f:7e:8d:39:70:d6:
         4a:8f:48:dc:c3:cb:73:f2:ab:50:ee:64:17:79:e5:89:62:e5:
         05:ae:d2:48:ea:c6:32:ba:ba:1a:1f:11:00:0e:9e:da:e8:a3:
         57:2f:94:1c:e6:11:be:c1:1b:3a:69:00:a6:cb:ef:e3:5e:c5:
         5f:00:58:20:09:28:ac:44:05:96:29:15:38:22:75:d6:16:3a:
         0f:66:39:6e:4c:d3:d8:3e:a9:76:53:d8:0a:e7:aa:fa:7d:22:
         c1:5d:e2:4b:9d:46:3b:10:e0:e1:9a:d1:9d:c2:19:54:20:c0:
         3c:f4:57:f7:2f:a4:59:dc:fd:b1:10:c2:cb:09:c5:6b:a4:eb:
         73:26:71:77:3b:49:a6:19:6a:8b:7e:25:1f:bf:01:e6:aa:15:
         e2:f9:65:1d:34:d1:83:8e:79:90:09:62:7f:3b:36:38:f3:a2:
         e6:17:35:d1
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUdlvLlSjmoK59Gp1F/sxoX2cHP28wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTBDREQyQ0Y1ODlERkM0QUI0ODJBQzAyRUMwNUVCQjVD
M0JFNUIxMTAeFw0yNTA2MDMxNjMxMjJaFw0yNjA2MDIxNjM2MjJaMDMxMTAvBgNV
BAMTKDQyODBGRjQzNTU1OUFCMEE0MjVBNDhCRkEwNDc3RUMyMjlEQzU3RjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc4SRzeN3gxSzp9D5NvGqLfxNp
G/tzmGTP9VusfKVvmuJ7KjjJx22a/BMiCdKvzNYbGv/Ujtw2U/lgE6nuIYj52HUV
AMmCpZeQ3rvAGN94fFrXLdWg4lH1ujvh7beaNvwiz07mQMociR7GP0GIGT0C3xO/
EuuuyV+iJg0Nr0Bf6KdGgzDofUQTAF4Edj6VqFofbef+J+0Dp+2SprnIee3oyIXD
ULJIDIafhzHNSOWJ+6gFSJkpwoB4szZZXL5M9J/sSGYJr3Ok8Bva4yLj94Vl9f+6
J5YFc9AcSdYZWZZAo9NykAZbWLWUMI2c+uOWsOgCIZ5Pl9qdntr0dYPZcYjrAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUQoD/Q1VZqwpCWki/oEd+wincV/YwHwYDVR0j
BBgwFoAUoM3Sz1id/Eq0gqwC7AXrtcO+WxEwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vN2JlN0VQNGVneEJWYmM5NkgzV3ZCMUdNU2V3azlUN0pZMnRXR1Vack5G
QkcvMC9BMENERDJDRjU4OURGQzRBQjQ4MkFDMDJFQzA1RUJCNUMzQkU1QjExLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0EwQ0REMkNGNTg5REZDNEFC
NDgyQUMwMkVDMDVFQkI1QzNCRTVCMTEuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzdiZTdFUDRlZ3hCVmJjOTZIM1d2QjFHTVNld2s5VDdKWTJ0V0dVWnJORkJHLzAv
MzIzODMwMzQzYTM1MzgzNzM4M2EzYTJmMzMzNDJkMzMzNDIwM2QzZTIwMzIzNjM4
MzEzMzMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEH
AQH/BBIwEDAOBAIAAjAIAwYGKARYeAAwDQYJKoZIhvcNAQELBQADggEBAF99+ePG
3aP3GHU1iITEVjS7ola+sn9YwiokaaCcTctYcYCoO8WkVB2k63/EgNQlajomUbzd
mbigMdWcvjb3CfiCeopMBpd/bRznIGGsrebzZsxmT29+jTlw1kqPSNzDy3Pyq1Du
ZBd55Yli5QWu0kjqxjK6uhofEQAOntroo1cvlBzmEb7BGzppAKbL7+NexV8AWCAJ
KKxEBZYpFTgiddYWOg9mOW5M09g+qXZT2Arnqvp9IsFd4kudRjsQ4OGa0Z3CGVQg
wDz0V/cvpFnc/bEQwssJxWuk63MmcXc7SaYZaot+JR+/AeaqFeL5ZR000YOOeZAJ
Yn87NjjzouYXNdE=
-----END CERTIFICATE-----
Generated at Thu Jun 12 14:54:42 2025 by rpki-client