Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/323830343a6365343a3a2f33322d3438203d3e203532353733.roa
File:                     323830343a6365343a3a2f33322d3438203d3e203532353733.roa (raw, json)
Hash identifier:          MkmnWh7HLmV8XKeblvGNQ084tQDE0n4cIYzP1XgdXRk=
Subject key identifier:   54:52:1F:A2:39:67:0E:31:90:47:63:C6:0B:D9:59:5C:C2:06:4E:92
Certificate issuer:       /CN=D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7
Certificate serial:       54EA7FC81A826A21B39F01F2208B3B57F50A593B
Authority key identifier: D6:86:F2:D1:C8:D6:F0:E1:82:00:D7:BA:3B:4E:13:8A:86:7E:25:C7
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/323830343a6365343a3a2f33322d3438203d3e203532353733.roa
Signing time:             Sat 31 May 2025 14:17:06 +0000
ROA not before:           Sat 31 May 2025 14:12:06 +0000
ROA not after:            Sat 30 May 2026 14:17:06 +0000
asID:                     52573
IP address blocks:        2804:ce4::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.crl
                          rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 12:35:12 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:ea:7f:c8:1a:82:6a:21:b3:9f:01:f2:20:8b:3b:57:f5:0a:59:3b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7
        Validity
            Not Before: May 31 14:12:06 2025 GMT
            Not After : May 30 14:17:06 2026 GMT
        Subject: CN=54521FA239670E31904763C60BD9595CC2064E92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:c2:ad:07:56:db:85:92:69:5e:0e:3b:d4:b3:
                    da:78:e3:ff:e7:ac:7d:10:64:f7:40:99:de:b8:cf:
                    1e:ea:c0:b1:c0:9e:1b:16:6a:68:6f:3f:d7:15:24:
                    10:9f:d7:6a:9c:13:a9:fc:f6:bc:51:54:e1:c8:71:
                    20:06:f1:37:30:42:26:3f:9c:90:f0:db:11:60:27:
                    69:b4:5d:22:63:2d:3f:7d:4c:73:fc:d8:63:64:02:
                    f2:ad:ee:41:00:e4:3c:32:0b:87:ac:ea:ba:33:6a:
                    b0:28:9c:7e:82:65:4c:b6:fd:e6:d0:87:82:cf:19:
                    33:15:50:03:31:b4:fd:90:81:ba:1b:2d:4b:51:23:
                    ab:23:c6:ab:f5:fc:54:f2:83:5f:e5:f0:ce:b6:de:
                    b7:d9:a6:59:2a:a3:b2:51:71:70:6c:53:56:88:94:
                    10:c9:69:89:37:6d:a6:4d:44:50:2d:1f:68:3f:1c:
                    f7:f0:a4:14:e3:59:ab:cf:4f:a7:ac:c2:7e:e7:57:
                    11:89:1d:89:ec:9b:12:73:a5:15:78:47:1f:65:ab:
                    90:5e:74:d2:45:7e:52:c2:71:8d:43:ca:13:6a:03:
                    64:53:9b:a5:4f:04:4a:9e:e2:b8:7f:23:75:c8:4c:
                    ad:fd:09:26:05:57:c9:ba:ef:82:41:20:71:dc:a6:
                    70:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:52:1F:A2:39:67:0E:31:90:47:63:C6:0B:D9:59:5C:C2:06:4E:92
            X509v3 Authority Key Identifier:
                keyid:D6:86:F2:D1:C8:D6:F0:E1:82:00:D7:BA:3B:4E:13:8A:86:7E:25:C7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/D686F2D1C8D6F0E18200D7BA3B4E138A867E25C7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2JfybCh4P1fahviQCP8NLH9hh4qSKu4GjBCVGe8ZvEeZ/0/323830343a6365343a3a2f33322d3438203d3e203532353733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:ce4::/32

    Signature Algorithm: sha256WithRSAEncryption
         40:10:d0:4a:b2:73:2a:0c:bf:38:7c:af:2b:92:95:f8:db:80:
         e3:f6:e6:61:20:a9:6c:f1:70:0e:9b:ce:e7:01:66:df:e9:e8:
         c8:e4:86:23:fb:90:99:1f:8f:0a:1b:3f:8b:0a:a1:e2:e1:86:
         aa:0c:05:f7:dc:65:1e:19:9e:56:6f:7a:b9:1d:3b:80:78:fd:
         9c:d3:06:54:81:fb:a5:81:78:a5:fa:a4:72:8c:b1:ba:ba:92:
         d0:0c:9e:a2:90:37:05:92:78:a8:09:97:cc:6e:c8:ed:1a:80:
         21:33:19:21:ee:66:4d:ee:5f:89:21:db:80:e2:5a:75:5d:74:
         4e:a1:54:2a:40:ae:3e:37:c8:3f:8e:46:02:bb:78:39:36:cf:
         64:d5:79:5b:bb:37:cf:cb:6e:b0:01:7e:01:b6:4c:9b:ad:69:
         84:fe:6a:86:11:f7:0c:e6:66:eb:17:86:ee:38:a8:c4:97:ee:
         4a:80:9b:8c:c7:59:7f:0f:f7:49:a4:f1:36:36:b5:07:7a:8f:
         5b:7c:c4:01:b9:62:a4:a4:80:26:57:96:db:42:8a:b7:05:cc:
         0d:0b:f7:cf:e4:cb:13:2e:e9:cb:88:d2:68:1a:4c:e2:b3:d1:
         99:39:55:6d:7c:ff:8b:53:bd:30:c1:35:eb:5d:75:01:64:a4:
         35:dd:0f:12
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUVOp/yBqCaiGznwHyIIs7V/UKWTswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDY4NkYyRDFDOEQ2RjBFMTgyMDBEN0JBM0I0RTEzOEE4
NjdFMjVDNzAeFw0yNTA1MzExNDEyMDZaFw0yNjA1MzAxNDE3MDZaMDMxMTAvBgNV
BAMTKDU0NTIxRkEyMzk2NzBFMzE5MDQ3NjNDNjBCRDk1OTVDQzIwNjRFOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGwq0HVtuFkmleDjvUs9p44//n
rH0QZPdAmd64zx7qwLHAnhsWamhvP9cVJBCf12qcE6n89rxRVOHIcSAG8TcwQiY/
nJDw2xFgJ2m0XSJjLT99THP82GNkAvKt7kEA5DwyC4es6rozarAonH6CZUy2/ebQ
h4LPGTMVUAMxtP2QgbobLUtRI6sjxqv1/FTyg1/l8M623rfZplkqo7JRcXBsU1aI
lBDJaYk3baZNRFAtH2g/HPfwpBTjWavPT6eswn7nVxGJHYnsmxJzpRV4Rx9lq5Be
dNJFflLCcY1DyhNqA2RTm6VPBEqe4rh/I3XITK39CSYFV8m674JBIHHcpnD5AgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQUVFIfojlnDjGQR2PGC9lZXMIGTpIwHwYDVR0j
BBgwFoAU1oby0cjW8OGCANe6O04TioZ+JccwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMkpmeWJDaDRQMWZhaHZpUUNQOE5MSDloaDRxU0t1NEdqQkNWR2U4WnZF
ZVovMC9ENjg2RjJEMUM4RDZGMEUxODIwMEQ3QkEzQjRFMTM4QTg2N0UyNUM3LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0Q2ODZGMkQxQzhENkYwRTE4
MjAwRDdCQTNCNEUxMzhBODY3RTI1QzcuY2VyMIGoBggrBgEFBQcBCwSBmzCBmDCB
lQYIKwYBBQUHMAuGgYhyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJKZnliQ2g0UDFmYWh2aVFDUDhOTEg5aGg0cVNLdTRHakJDVkdlOFp2RWVaLzAv
MzIzODMwMzQzYTYzNjUzNDNhM2EyZjMzMzIyZDM0MzgyMDNkM2UyMDM1MzIzNTM3
MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUHAQcBAf8E
ETAPMA0EAgACMAcDBQAoBAzkMA0GCSqGSIb3DQEBCwUAA4IBAQBAENBKsnMqDL84
fK8rkpX424Dj9uZhIKls8XAOm87nAWbf6ejI5IYj+5CZH48KGz+LCqHi4YaqDAX3
3GUeGZ5Wb3q5HTuAeP2c0wZUgfulgXil+qRyjLG6upLQDJ6ikDcFknioCZfMbsjt
GoAhMxkh7mZN7l+JIduA4lp1XXROoVQqQK4+N8g/jkYCu3g5Ns9k1XlbuzfPy26w
AX4BtkybrWmE/mqGEfcM5mbrF4buOKjEl+5KgJuMx1l/D/dJpPE2NrUHeo9bfMQB
uWKkpIAmV5bbQoq3BcwNC/fP5MsTLunLiNJoGkzis9GZOVVtfP+LU70wwTXrXXUB
ZKQ13Q8S
-----END CERTIFICATE-----
Generated at Tue Jun 10 22:11:41 2025 by rpki-client