Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/H248hoi7i19GS224vzB3PSbvxpQ89Si55EHTSSGXALaa/1/323830343a346638343a3a2f33322d3334203d3e20323638333331.roa
File:                     323830343a346638343a3a2f33322d3334203d3e20323638333331.roa (raw, json)
Hash identifier:          4fO4+rykCECbUEZNUODTI2NtNrBMbv6NgzqrX5KXc6o=
Subject key identifier:   A8:02:0D:91:E0:8E:BB:16:46:1E:B5:CE:08:36:54:84:48:1B:26:04
Certificate issuer:       /CN=BF9D09185198062395625CCDCA55DA0C823BC527
Certificate serial:       5A7DDAD5C4D9D4578B63C427352E7BB3E818EBD9
Authority key identifier: BF:9D:09:18:51:98:06:23:95:62:5C:CD:CA:55:DA:0C:82:3B:C5:27
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BF9D09185198062395625CCDCA55DA0C823BC527.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/H248hoi7i19GS224vzB3PSbvxpQ89Si55EHTSSGXALaa/1/323830343a346638343a3a2f33322d3334203d3e20323638333331.roa
Signing time:             Fri 23 May 2025 15:05:16 +0000
ROA not before:           Fri 23 May 2025 15:00:16 +0000
ROA not after:            Fri 22 May 2026 15:05:16 +0000
asID:                     268331
IP address blocks:        2804:4f84::/32 maxlen: 34
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/H248hoi7i19GS224vzB3PSbvxpQ89Si55EHTSSGXALaa/1/BF9D09185198062395625CCDCA55DA0C823BC527.crl
                          rsync://rpki-repo.registro.br/repo/H248hoi7i19GS224vzB3PSbvxpQ89Si55EHTSSGXALaa/1/BF9D09185198062395625CCDCA55DA0C823BC527.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BF9D09185198062395625CCDCA55DA0C823BC527.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Jun 2025 01:54:50 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:7d:da:d5:c4:d9:d4:57:8b:63:c4:27:35:2e:7b:b3:e8:18:eb:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BF9D09185198062395625CCDCA55DA0C823BC527
        Validity
            Not Before: May 23 15:00:16 2025 GMT
            Not After : May 22 15:05:16 2026 GMT
        Subject: CN=A8020D91E08EBB16461EB5CE08365484481B2604
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:15:44:b2:fc:2e:cb:2c:72:80:f3:30:cb:bf:
                    37:bb:66:5a:6d:65:cc:57:86:e2:7d:8b:bf:29:0e:
                    fb:da:41:85:a9:2f:65:b7:60:a7:d2:61:a3:35:90:
                    c4:38:a7:a6:bd:7c:ee:10:1f:9b:be:2b:de:43:78:
                    a0:90:11:9c:45:28:a7:b1:90:2a:57:3e:64:cd:38:
                    0d:90:35:4a:d0:c8:03:b3:65:14:e1:b8:3c:b4:3b:
                    70:85:42:8d:c5:bc:4f:49:2e:ca:42:8d:4c:c9:e5:
                    f1:e8:22:8b:d5:ea:69:2f:60:ea:d9:e3:1a:b9:ab:
                    2f:d6:cc:ec:82:47:de:74:ce:f8:9b:db:0f:64:4a:
                    ff:f2:c7:14:de:fe:22:05:9b:5b:af:64:01:ff:aa:
                    d7:02:59:fd:00:74:75:4e:98:e9:72:bc:ac:30:36:
                    d1:a6:73:be:a1:a5:9f:45:cd:3a:be:e9:78:14:e6:
                    0b:2a:4a:d5:2c:4f:51:39:55:73:45:79:95:00:42:
                    b2:c1:34:87:50:57:94:9a:e7:fe:68:f9:65:b9:a6:
                    bb:b7:9d:63:ed:75:80:c9:8e:53:18:b7:8f:80:eb:
                    a4:43:97:e2:2f:d4:d3:c9:eb:14:1e:e4:3b:e8:b6:
                    c5:86:08:4b:3f:18:06:ae:1a:ed:20:1e:40:39:18:
                    24:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:02:0D:91:E0:8E:BB:16:46:1E:B5:CE:08:36:54:84:48:1B:26:04
            X509v3 Authority Key Identifier:
                keyid:BF:9D:09:18:51:98:06:23:95:62:5C:CD:CA:55:DA:0C:82:3B:C5:27

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/H248hoi7i19GS224vzB3PSbvxpQ89Si55EHTSSGXALaa/1/BF9D09185198062395625CCDCA55DA0C823BC527.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BF9D09185198062395625CCDCA55DA0C823BC527.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/H248hoi7i19GS224vzB3PSbvxpQ89Si55EHTSSGXALaa/1/323830343a346638343a3a2f33322d3334203d3e20323638333331.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:4f84::/32

    Signature Algorithm: sha256WithRSAEncryption
         52:1e:e0:22:ca:63:ab:4f:5b:9e:cd:c0:0d:9a:31:33:96:29:
         cd:dd:cd:0b:9b:e7:4b:a6:5a:20:a6:a6:bf:4a:b1:0a:fd:28:
         76:fe:0c:0e:9d:4d:db:80:84:0d:83:89:05:84:67:ae:18:e9:
         37:75:c8:5b:fe:c8:18:50:72:d4:88:b2:aa:af:84:e8:69:9b:
         b9:cd:ac:26:b7:26:86:51:cd:d2:90:2e:ac:81:a6:07:e6:04:
         17:8e:e5:4a:5a:06:12:02:db:cd:c9:6e:3a:b0:a7:df:d9:4e:
         fc:24:66:09:fd:1f:0f:23:f7:27:d2:2f:0a:77:7e:1d:d1:84:
         b1:62:f0:34:6f:f1:ec:ae:31:1a:94:ee:fc:94:47:02:da:0c:
         7c:5b:59:c1:ca:a1:88:fa:09:03:70:62:dd:e8:ef:9a:1a:62:
         01:00:d6:d8:03:d8:fb:da:c6:e4:f5:d9:fa:a8:44:0b:2f:7f:
         9a:09:e1:04:8f:9b:3e:32:9f:57:9c:3b:ac:e0:51:5c:9c:93:
         56:44:cf:c1:83:a8:50:c7:dd:fa:95:25:09:17:b0:1a:08:89:
         67:c6:e7:cd:2d:d7:9b:81:83:84:a5:c2:52:f1:44:86:9e:98:
         7a:6d:65:73:aa:5d:08:c4:60:0a:17:04:af:7f:9e:51:42:39:
         a8:0f:05:0a
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUWn3a1cTZ1FeLY8QnNS57s+gY69kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkY5RDA5MTg1MTk4MDYyMzk1NjI1Q0NEQ0E1NURBMEM4
MjNCQzUyNzAeFw0yNTA1MjMxNTAwMTZaFw0yNjA1MjIxNTA1MTZaMDMxMTAvBgNV
BAMTKEE4MDIwRDkxRTA4RUJCMTY0NjFFQjVDRTA4MzY1NDg0NDgxQjI2MDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRFUSy/C7LLHKA8zDLvze7Zlpt
ZcxXhuJ9i78pDvvaQYWpL2W3YKfSYaM1kMQ4p6a9fO4QH5u+K95DeKCQEZxFKKex
kCpXPmTNOA2QNUrQyAOzZRThuDy0O3CFQo3FvE9JLspCjUzJ5fHoIovV6mkvYOrZ
4xq5qy/WzOyCR950zvib2w9kSv/yxxTe/iIFm1uvZAH/qtcCWf0AdHVOmOlyvKww
NtGmc76hpZ9FzTq+6XgU5gsqStUsT1E5VXNFeZUAQrLBNIdQV5Sa5/5o+WW5pru3
nWPtdYDJjlMYt4+A66RDl+Iv1NPJ6xQe5DvotsWGCEs/GAauGu0gHkA5GCQfAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUqAINkeCOuxZGHrXOCDZUhEgbJgQwHwYDVR0j
BBgwFoAUv50JGFGYBiOVYlzNylXaDII7xScwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vSDI0OGhvaTdpMTlHUzIyNHZ6QjNQU2J2eHBRODlTaTU1RUhUU1NHWEFM
YWEvMS9CRjlEMDkxODUxOTgwNjIzOTU2MjVDQ0RDQTU1REEwQzgyM0JDNTI3LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0JGOUQwOTE4NTE5ODA2MjM5
NTYyNUNDRENBNTVEQTBDODIzQkM1MjcuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0gyNDhob2k3aTE5R1MyMjR2ekIzUFNidnhwUTg5U2k1NUVIVFNTR1hBTGFhLzEv
MzIzODMwMzQzYTM0NjYzODM0M2EzYTJmMzMzMjJkMzMzNDIwM2QzZTIwMzIzNjM4
MzMzMzMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKARPhDANBgkqhkiG9w0BAQsFAAOCAQEAUh7gIspj
q09bns3ADZoxM5Ypzd3NC5vnS6ZaIKamv0qxCv0odv4MDp1N24CEDYOJBYRnrhjp
N3XIW/7IGFBy1Iiyqq+E6Gmbuc2sJrcmhlHN0pAurIGmB+YEF47lSloGEgLbzclu
OrCn39lO/CRmCf0fDyP3J9IvCnd+HdGEsWLwNG/x7K4xGpTu/JRHAtoMfFtZwcqh
iPoJA3Bi3ejvmhpiAQDW2APY+9rG5PXZ+qhECy9/mgnhBI+bPjKfV5w7rOBRXJyT
VkTPwYOoUMfd+pUlCRewGgiJZ8bnzS3Xm4GDhKXCUvFEhp6Yem1lc6pdCMRgChcE
r3+eUUI5qA8FCg==
-----END CERTIFICATE-----
Generated at Thu Jun 12 14:57:31 2025 by rpki-client