Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2AH4t4Fb9BChtNDxHzWJXX9uvJZfPdwQCfNNWXxiLwg8/0/323830343a323563343a3a2f33322d3438203d3e20323634333031.roa
File:                     323830343a323563343a3a2f33322d3438203d3e20323634333031.roa (raw, json)
Hash identifier:          AGb/N8ZPtoihV0bqDpsml/vTt3PMTKJp7EIpf44fJ3E=
Subject key identifier:   44:E7:2C:52:1D:21:D9:AF:17:B3:35:E9:42:CE:6D:A7:1C:D9:EE:52
Certificate issuer:       /CN=8BE651CB0CFD9D3B1C7BC9483B5170672B77ED4B
Certificate serial:       225E32E01978DDBBB17B22C61D041529B5BBBA99
Authority key identifier: 8B:E6:51:CB:0C:FD:9D:3B:1C:7B:C9:48:3B:51:70:67:2B:77:ED:4B
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8BE651CB0CFD9D3B1C7BC9483B5170672B77ED4B.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2AH4t4Fb9BChtNDxHzWJXX9uvJZfPdwQCfNNWXxiLwg8/0/323830343a323563343a3a2f33322d3438203d3e20323634333031.roa
Signing time:             Sat 24 May 2025 02:40:43 +0000
ROA not before:           Sat 24 May 2025 02:35:43 +0000
ROA not after:            Sat 23 May 2026 02:40:43 +0000
asID:                     264301
IP address blocks:        2804:25c4::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/2AH4t4Fb9BChtNDxHzWJXX9uvJZfPdwQCfNNWXxiLwg8/0/8BE651CB0CFD9D3B1C7BC9483B5170672B77ED4B.crl
                          rsync://rpki-repo.registro.br/repo/2AH4t4Fb9BChtNDxHzWJXX9uvJZfPdwQCfNNWXxiLwg8/0/8BE651CB0CFD9D3B1C7BC9483B5170672B77ED4B.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8BE651CB0CFD9D3B1C7BC9483B5170672B77ED4B.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 13:33:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:5e:32:e0:19:78:dd:bb:b1:7b:22:c6:1d:04:15:29:b5:bb:ba:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8BE651CB0CFD9D3B1C7BC9483B5170672B77ED4B
        Validity
            Not Before: May 24 02:35:43 2025 GMT
            Not After : May 23 02:40:43 2026 GMT
        Subject: CN=44E72C521D21D9AF17B335E942CE6DA71CD9EE52
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:09:c2:32:06:1f:71:e0:96:af:6b:b1:cf:ed:
                    45:e1:f6:04:89:3a:28:ff:7e:3e:23:78:b5:a5:36:
                    6b:4d:7f:21:47:09:c1:c5:32:96:3a:c9:02:35:46:
                    39:37:90:0c:d4:db:27:de:a8:df:26:73:0a:c2:5f:
                    a5:e6:9b:63:c8:47:76:77:c8:76:88:1f:c6:aa:85:
                    e5:a8:09:e1:47:ad:5f:0f:fb:76:e3:bb:3b:2c:fb:
                    63:9a:4e:de:e0:be:9d:ff:a8:14:d1:e4:fb:81:d4:
                    05:38:e7:cf:92:5e:29:df:db:11:e1:21:0a:e2:c8:
                    64:17:49:7f:df:54:ca:e0:36:23:a0:ab:47:01:07:
                    5b:2c:b1:4f:dc:50:3c:2a:e0:3e:25:2c:64:ac:e7:
                    37:ee:d9:fe:a0:7c:53:65:d4:4f:38:9b:37:34:a2:
                    c9:e9:56:3a:21:1f:6f:10:73:d9:74:ef:fd:4a:28:
                    f3:3b:6d:28:b1:41:b4:19:b0:56:a2:ca:24:c5:b1:
                    a8:c7:fb:6e:06:c6:b3:5f:47:25:2e:bb:61:3c:62:
                    9d:83:07:1f:db:86:98:1f:d7:8a:46:be:62:79:ba:
                    d4:dd:bb:a4:bd:09:5e:6b:5c:c4:7a:d1:29:27:9a:
                    95:3d:bb:d1:58:5c:fe:de:b2:f8:cf:67:fe:3f:27:
                    52:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:E7:2C:52:1D:21:D9:AF:17:B3:35:E9:42:CE:6D:A7:1C:D9:EE:52
            X509v3 Authority Key Identifier:
                keyid:8B:E6:51:CB:0C:FD:9D:3B:1C:7B:C9:48:3B:51:70:67:2B:77:ED:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2AH4t4Fb9BChtNDxHzWJXX9uvJZfPdwQCfNNWXxiLwg8/0/8BE651CB0CFD9D3B1C7BC9483B5170672B77ED4B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8BE651CB0CFD9D3B1C7BC9483B5170672B77ED4B.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2AH4t4Fb9BChtNDxHzWJXX9uvJZfPdwQCfNNWXxiLwg8/0/323830343a323563343a3a2f33322d3438203d3e20323634333031.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:25c4::/32

    Signature Algorithm: sha256WithRSAEncryption
         5d:ce:26:f7:80:b6:ee:78:39:aa:46:4b:a2:62:c8:2e:fc:aa:
         07:bd:a0:ba:11:6e:e9:7d:88:90:59:c5:68:f3:3a:3b:2c:30:
         26:20:af:44:8a:14:de:d9:65:ee:63:90:f7:a2:06:dc:8f:8c:
         e4:ee:b5:47:01:cb:cd:7d:da:5d:c0:12:96:87:85:7a:ec:c6:
         32:55:45:04:3b:39:95:b3:c7:5f:50:c2:ed:67:1f:64:da:42:
         27:5b:e3:e0:90:bc:97:d0:0c:b3:70:36:76:e4:ff:31:ee:d4:
         f4:47:a4:be:86:0d:7c:93:24:f1:68:78:fa:9c:50:9f:ba:b7:
         20:f7:6f:7c:11:57:48:da:aa:03:42:85:77:7e:2d:50:bd:bb:
         60:d3:e1:dc:7d:c2:82:82:f0:48:dd:7a:21:17:a3:cf:3a:45:
         0e:a8:2c:b5:5e:6b:c0:2c:37:23:85:aa:d8:a2:bb:14:79:96:
         e2:ed:3f:97:90:91:62:59:fd:be:ab:14:0b:24:29:4d:b9:46:
         b3:4f:aa:ff:59:a5:e4:f6:8c:71:d2:4f:4e:c5:c3:f5:f8:ce:
         ef:a8:cd:58:eb:e5:74:95:26:c9:a0:df:3e:c0:03:29:7a:15:
         d5:a2:6f:4d:cd:ba:28:0a:d1:b1:d6:78:9c:81:98:a2:ff:22:
         58:66:8d:97
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUIl4y4Bl43buxeyLGHQQVKbW7upkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEJFNjUxQ0IwQ0ZEOUQzQjFDN0JDOTQ4M0I1MTcwNjcy
Qjc3RUQ0QjAeFw0yNTA1MjQwMjM1NDNaFw0yNjA1MjMwMjQwNDNaMDMxMTAvBgNV
BAMTKDQ0RTcyQzUyMUQyMUQ5QUYxN0IzMzVFOTQyQ0U2REE3MUNEOUVFNTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2CcIyBh9x4Java7HP7UXh9gSJ
Oij/fj4jeLWlNmtNfyFHCcHFMpY6yQI1Rjk3kAzU2yfeqN8mcwrCX6Xmm2PIR3Z3
yHaIH8aqheWoCeFHrV8P+3bjuzss+2OaTt7gvp3/qBTR5PuB1AU458+SXinf2xHh
IQriyGQXSX/fVMrgNiOgq0cBB1sssU/cUDwq4D4lLGSs5zfu2f6gfFNl1E84mzc0
osnpVjohH28Qc9l07/1KKPM7bSixQbQZsFaiyiTFsajH+24GxrNfRyUuu2E8Yp2D
Bx/bhpgf14pGvmJ5utTdu6S9CV5rXMR60SknmpU9u9FYXP7esvjPZ/4/J1KJAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUROcsUh0h2a8XszXpQs5tpxzZ7lIwHwYDVR0j
BBgwFoAUi+ZRywz9nTsce8lIO1FwZyt37UswDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMkFINHQ0RmI5QkNodE5EeEh6V0pYWDl1dkpaZlBkd1FDZk5OV1h4aUx3
ZzgvMC84QkU2NTFDQjBDRkQ5RDNCMUM3QkM5NDgzQjUxNzA2NzJCNzdFRDRCLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzhCRTY1MUNCMENGRDlEM0Ix
QzdCQzk0ODNCNTE3MDY3MkI3N0VENEIuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJBSDR0NEZiOUJDaHRORHhIeldKWFg5dXZKWmZQZHdRQ2ZOTldYeGlMd2c4LzAv
MzIzODMwMzQzYTMyMzU2MzM0M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzIzNjM0
MzMzMDMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKAQlxDANBgkqhkiG9w0BAQsFAAOCAQEAXc4m94C2
7ng5qkZLomLILvyqB72guhFu6X2IkFnFaPM6OywwJiCvRIoU3tll7mOQ96IG3I+M
5O61RwHLzX3aXcASloeFeuzGMlVFBDs5lbPHX1DC7WcfZNpCJ1vj4JC8l9AMs3A2
duT/Me7U9EekvoYNfJMk8Wh4+pxQn7q3IPdvfBFXSNqqA0KFd34tUL27YNPh3H3C
goLwSN16IRejzzpFDqgstV5rwCw3I4Wq2KK7FHmW4u0/l5CRYln9vqsUCyQpTblG
s0+q/1ml5PaMcdJPTsXD9fjO76jNWOvldJUmyaDfPsADKXoV1aJvTc26KArRsdZ4
nIGYov8iWGaNlw==
-----END CERTIFICATE-----
Generated at Wed Jun 11 01:21:49 2025 by rpki-client