Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/SdGCz1A4FjgJw1gQ7592GA25bKoWSP2cVtKEBjXsdtw/0/323830343a323062303a3a2f33322d3438203d3e20323634353038.roa
File:                     323830343a323062303a3a2f33322d3438203d3e20323634353038.roa (raw, json)
Hash identifier:          vkoLWI26GiuuozvXrpkKPobFcl8TDXNof5wr2hOdrYw=
Subject key identifier:   F8:FC:F0:11:DD:31:FD:C9:CA:D5:F3:81:6D:E0:E0:4A:30:88:6B:28
Certificate issuer:       /CN=E7D190A6B06E0CCDD0311C10E2F5FA6461CC7D9A
Certificate serial:       10EE057DB8A13EE0B9F4B431E6D8C7035F4CB508
Authority key identifier: E7:D1:90:A6:B0:6E:0C:CD:D0:31:1C:10:E2:F5:FA:64:61:CC:7D:9A
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/E7D190A6B06E0CCDD0311C10E2F5FA6461CC7D9A.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/SdGCz1A4FjgJw1gQ7592GA25bKoWSP2cVtKEBjXsdtw/0/323830343a323062303a3a2f33322d3438203d3e20323634353038.roa
Signing time:             Mon 28 Apr 2025 22:18:24 +0000
ROA not before:           Mon 28 Apr 2025 22:13:24 +0000
ROA not after:            Mon 27 Apr 2026 22:18:24 +0000
asID:                     264508
IP address blocks:        2804:20b0::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/SdGCz1A4FjgJw1gQ7592GA25bKoWSP2cVtKEBjXsdtw/0/E7D190A6B06E0CCDD0311C10E2F5FA6461CC7D9A.crl
                          rsync://rpki-repo.registro.br/repo/SdGCz1A4FjgJw1gQ7592GA25bKoWSP2cVtKEBjXsdtw/0/E7D190A6B06E0CCDD0311C10E2F5FA6461CC7D9A.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/E7D190A6B06E0CCDD0311C10E2F5FA6461CC7D9A.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 01:20:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            10:ee:05:7d:b8:a1:3e:e0:b9:f4:b4:31:e6:d8:c7:03:5f:4c:b5:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E7D190A6B06E0CCDD0311C10E2F5FA6461CC7D9A
        Validity
            Not Before: Apr 28 22:13:24 2025 GMT
            Not After : Apr 27 22:18:24 2026 GMT
        Subject: CN=F8FCF011DD31FDC9CAD5F3816DE0E04A30886B28
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:d2:d4:4f:af:bd:f1:0c:b4:01:a8:26:ef:7a:
                    50:53:57:03:28:9d:21:ee:38:e7:45:19:b5:40:df:
                    bf:d8:d2:6a:69:95:15:12:7d:4a:a9:9a:7b:29:fb:
                    a0:76:b3:3b:b8:6c:71:3e:98:28:26:c9:ba:67:eb:
                    ef:bf:b4:20:d0:f7:2d:f5:46:e2:0d:4e:8d:22:fa:
                    7c:a1:26:85:82:81:5c:49:f7:ed:a3:e7:26:a5:00:
                    09:0f:53:7b:fd:44:c7:95:7c:e1:47:4b:13:b0:49:
                    51:6a:21:74:e6:a6:58:a1:5d:1b:2f:89:5b:1c:37:
                    77:46:f2:d2:ea:05:2a:3a:9a:10:7a:33:24:b7:bd:
                    df:01:13:a8:65:96:1b:9d:0c:f2:64:64:ab:61:dd:
                    47:8f:37:ff:96:17:c8:81:4b:6f:e1:9d:00:17:d8:
                    73:50:c1:51:b3:56:cd:a7:6f:44:23:91:a0:1c:4b:
                    ad:97:bc:b8:51:ed:4b:95:36:74:45:77:d5:67:c8:
                    f6:5a:ea:16:32:a4:6f:09:13:ee:85:dc:75:a4:14:
                    ec:37:9f:3a:cf:1d:80:df:a4:6b:10:28:a0:85:2f:
                    f9:45:6b:cc:81:8e:91:fb:34:e8:9b:4d:bc:45:af:
                    92:16:d5:90:b4:42:d0:8c:af:78:fb:c8:2f:51:bc:
                    4c:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F8:FC:F0:11:DD:31:FD:C9:CA:D5:F3:81:6D:E0:E0:4A:30:88:6B:28
            X509v3 Authority Key Identifier:
                keyid:E7:D1:90:A6:B0:6E:0C:CD:D0:31:1C:10:E2:F5:FA:64:61:CC:7D:9A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/SdGCz1A4FjgJw1gQ7592GA25bKoWSP2cVtKEBjXsdtw/0/E7D190A6B06E0CCDD0311C10E2F5FA6461CC7D9A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/E7D190A6B06E0CCDD0311C10E2F5FA6461CC7D9A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/SdGCz1A4FjgJw1gQ7592GA25bKoWSP2cVtKEBjXsdtw/0/323830343a323062303a3a2f33322d3438203d3e20323634353038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:20b0::/32

    Signature Algorithm: sha256WithRSAEncryption
         b8:72:ea:c3:c8:95:3a:ee:09:33:ce:36:d8:11:7d:dd:ad:54:
         6f:11:dc:2a:04:45:10:ac:80:3c:2d:15:32:e4:c7:37:9a:02:
         e7:70:bb:83:c6:8a:b5:6c:d5:f8:f8:e0:14:3a:d6:b1:53:27:
         45:9d:fc:81:c1:9a:f4:46:36:8a:76:61:0d:e6:aa:06:c1:f5:
         8a:d9:10:fe:07:b5:6c:1b:a0:40:7f:e9:d3:43:bf:db:6a:b3:
         9d:4d:88:c1:ae:01:7a:1b:15:63:6a:38:18:4f:e9:15:e1:11:
         93:1b:1c:fc:7f:0c:08:83:52:73:e1:d9:6f:05:5a:21:ba:0f:
         e2:d7:f8:97:40:f8:30:c1:98:ec:62:f9:2a:f8:f6:37:ec:66:
         83:ff:41:38:50:3a:20:db:b8:20:32:97:4c:15:b1:f5:6c:64:
         be:85:21:c7:a6:56:d6:77:46:e0:dc:74:f2:6d:59:4d:84:39:
         14:74:f5:2f:85:72:ab:bd:4d:26:00:bc:20:4f:2b:41:ae:a7:
         fe:b1:e6:82:73:5d:51:23:4e:82:c1:f9:2d:1a:16:92:8e:da:
         2d:28:44:22:3b:88:29:80:07:ae:c0:ef:be:1d:0b:12:74:e7:
         0e:5f:30:1c:26:ce:73:56:f6:e8:3b:cf:fc:98:21:d7:c9:e2:
         c2:76:2f:8c
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUEO4FfbihPuC59LQx5tjHA19MtQgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTdEMTkwQTZCMDZFMENDREQwMzExQzEwRTJGNUZBNjQ2
MUNDN0Q5QTAeFw0yNTA0MjgyMjEzMjRaFw0yNjA0MjcyMjE4MjRaMDMxMTAvBgNV
BAMTKEY4RkNGMDExREQzMUZEQzlDQUQ1RjM4MTZERTBFMDRBMzA4ODZCMjgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP0tRPr73xDLQBqCbvelBTVwMo
nSHuOOdFGbVA37/Y0mpplRUSfUqpmnsp+6B2szu4bHE+mCgmybpn6++/tCDQ9y31
RuINTo0i+nyhJoWCgVxJ9+2j5yalAAkPU3v9RMeVfOFHSxOwSVFqIXTmplihXRsv
iVscN3dG8tLqBSo6mhB6MyS3vd8BE6hllhudDPJkZKth3UePN/+WF8iBS2/hnQAX
2HNQwVGzVs2nb0QjkaAcS62XvLhR7UuVNnRFd9VnyPZa6hYypG8JE+6F3HWkFOw3
nzrPHYDfpGsQKKCFL/lFa8yBjpH7NOibTbxFr5IW1ZC0QtCMr3j7yC9RvEytAgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQU+PzwEd0x/cnK1fOBbeDgSjCIaygwHwYDVR0j
BBgwFoAU59GQprBuDM3QMRwQ4vX6ZGHMfZowDgYDVR0PAQH/BAQDAgeAMIGSBgNV
HR8EgYowgYcwgYSggYGgf4Z9cnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIv
cmVwby9TZEdDejFBNEZqZ0p3MWdRNzU5MkdBMjViS29XU1AyY1Z0S0VCalhzZHR3
LzAvRTdEMTkwQTZCMDZFMENDREQwMzExQzEwRTJGNUZBNjQ2MUNDN0Q5QS5jcmww
eAYIKwYBBQUHAQEEbDBqMGgGCCsGAQUFBzAChlxyc3luYzovL3Jwa2ktcmVwby5y
ZWdpc3Ryby5ici9yZXBvL25pY2JyX3JlcG8vMS9FN0QxOTBBNkIwNkUwQ0NERDAz
MTFDMTBFMkY1RkE2NDYxQ0M3RDlBLmNlcjCBqwYIKwYBBQUHAQsEgZ4wgZswgZgG
CCsGAQUFBzALhoGLcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby9T
ZEdDejFBNEZqZ0p3MWdRNzU5MkdBMjViS29XU1AyY1Z0S0VCalhzZHR3LzAvMzIz
ODMwMzQzYTMyMzA2MjMwM2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzIzNjM0MzUz
MDM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/
BBEwDzANBAIAAjAHAwUAKAQgsDANBgkqhkiG9w0BAQsFAAOCAQEAuHLqw8iVOu4J
M8422BF93a1UbxHcKgRFEKyAPC0VMuTHN5oC53C7g8aKtWzV+PjgFDrWsVMnRZ38
gcGa9EY2inZhDeaqBsH1itkQ/ge1bBugQH/p00O/22qznU2Iwa4BehsVY2o4GE/p
FeERkxsc/H8MCINSc+HZbwVaIboP4tf4l0D4MMGY7GL5Kvj2N+xmg/9BOFA6INu4
IDKXTBWx9WxkvoUhx6ZW1ndG4Nx08m1ZTYQ5FHT1L4Vyq71NJgC8IE8rQa6n/rHm
gnNdUSNOgsH5LRoWko7aLShEIjuIKYAHrsDvvh0LEnTnDl8wHCbOc1b26DvP/Jgh
18niwnYvjA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:49:05 2025 by rpki-client