Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2dSoa12UGnYxP6vT935eLg8MtFxneihFC63zdZB2kg4q/0/323830343a333964343a3a2f33322d313238203d3e20323636303533.roa
File:                     323830343a333964343a3a2f33322d313238203d3e20323636303533.roa (raw, json)
Hash identifier:          S+1YM580MYl2/Ez26cZdvbOuNQSh+xfPKBssmmPx6uY=
Subject key identifier:   7B:0F:33:E0:4E:5C:C4:2A:2B:F8:DC:69:BB:C6:D1:89:47:A2:AD:CA
Certificate issuer:       /CN=4295C42DF9ABE644065D731C7A08680CD3ECBE88
Certificate serial:       7B270B7A11E1C39144D338435F1A9A7D33C343BD
Authority key identifier: 42:95:C4:2D:F9:AB:E6:44:06:5D:73:1C:7A:08:68:0C:D3:EC:BE:88
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/4295C42DF9ABE644065D731C7A08680CD3ECBE88.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2dSoa12UGnYxP6vT935eLg8MtFxneihFC63zdZB2kg4q/0/323830343a333964343a3a2f33322d313238203d3e20323636303533.roa
Signing time:             Sat 20 Jun 2026 12:09:45 +0000
ROA not before:           Sat 20 Jun 2026 12:04:45 +0000
ROA not after:            Sat 19 Jun 2027 12:09:45 +0000
asID:                     266053
IP address blocks:        2804:39d4::/32 maxlen: 128
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/2dSoa12UGnYxP6vT935eLg8MtFxneihFC63zdZB2kg4q/0/4295C42DF9ABE644065D731C7A08680CD3ECBE88.crl
                          rsync://rpki-repo.registro.br/repo/2dSoa12UGnYxP6vT935eLg8MtFxneihFC63zdZB2kg4q/0/4295C42DF9ABE644065D731C7A08680CD3ECBE88.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/4295C42DF9ABE644065D731C7A08680CD3ECBE88.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 09 Jul 2026 14:37:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:27:0b:7a:11:e1:c3:91:44:d3:38:43:5f:1a:9a:7d:33:c3:43:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4295C42DF9ABE644065D731C7A08680CD3ECBE88
        Validity
            Not Before: Jun 20 12:04:45 2026 GMT
            Not After : Jun 19 12:09:45 2027 GMT
        Subject: CN=7B0F33E04E5CC42A2BF8DC69BBC6D18947A2ADCA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:7b:e0:87:20:f1:04:6a:8d:15:be:a0:08:59:
                    56:ab:fa:57:b3:41:d1:68:d5:87:d7:80:7d:8e:4b:
                    61:58:9c:43:20:c0:60:4c:35:e6:14:89:2e:84:5e:
                    0f:59:04:ce:a1:33:16:cc:b4:28:63:11:43:a7:a4:
                    49:9c:5a:09:44:5b:69:a2:bd:5b:9d:7d:8d:3d:2f:
                    0d:86:fc:67:23:88:51:0b:c9:85:f9:1e:48:f0:6f:
                    ea:52:46:c7:52:95:4b:06:d1:85:52:6d:43:62:f4:
                    e8:43:78:45:bf:35:75:af:8b:d3:13:26:56:d4:cb:
                    3d:a9:7a:de:84:ef:bc:2d:a6:80:e8:20:67:ed:39:
                    82:4f:74:00:25:06:f9:6c:2b:4b:6a:eb:e5:b4:d7:
                    d1:9a:63:93:63:27:17:f8:52:96:24:62:e6:e9:81:
                    2f:9d:62:23:dd:b7:d2:eb:e9:a4:b4:db:9b:ec:8b:
                    b1:e5:b4:79:00:a4:f5:15:7a:5a:f4:b9:ea:26:fe:
                    c0:26:38:b2:fd:1b:b7:7b:82:48:56:a7:c3:d1:aa:
                    5d:92:31:ec:3e:ba:2f:e0:d0:fc:ed:e1:24:ba:21:
                    08:4d:e5:9f:16:23:fe:1f:a3:e2:cc:11:2c:fb:a2:
                    ee:0f:2e:6d:ef:e4:5a:dd:c9:65:52:72:11:8a:0b:
                    33:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7B:0F:33:E0:4E:5C:C4:2A:2B:F8:DC:69:BB:C6:D1:89:47:A2:AD:CA
            X509v3 Authority Key Identifier:
                keyid:42:95:C4:2D:F9:AB:E6:44:06:5D:73:1C:7A:08:68:0C:D3:EC:BE:88

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2dSoa12UGnYxP6vT935eLg8MtFxneihFC63zdZB2kg4q/0/4295C42DF9ABE644065D731C7A08680CD3ECBE88.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/4295C42DF9ABE644065D731C7A08680CD3ECBE88.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2dSoa12UGnYxP6vT935eLg8MtFxneihFC63zdZB2kg4q/0/323830343a333964343a3a2f33322d313238203d3e20323636303533.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:39d4::/32

    Signature Algorithm: sha256WithRSAEncryption
         9d:a9:7a:bf:1f:b2:dd:77:a6:1a:cb:d9:fc:fb:d4:39:82:ff:
         61:86:ea:28:e3:e8:6d:5d:0b:1d:4d:07:91:51:7c:96:df:66:
         f6:1a:a9:d4:5a:38:70:40:c2:52:64:94:57:80:15:c1:dd:7e:
         a3:f8:16:71:d2:44:c9:ae:d8:36:06:85:c7:ca:79:a3:96:5c:
         7b:cb:8a:52:5c:75:5d:dc:39:52:1b:3f:79:48:c0:c4:e9:ae:
         32:ca:93:06:03:54:e1:17:fc:1a:40:d5:34:c3:62:36:86:97:
         55:97:3d:f0:4a:c2:cb:1d:6d:67:b6:63:bf:50:a3:b4:c9:b2:
         b7:c1:ce:54:a1:a7:fc:be:e0:06:96:fb:0c:30:7d:39:94:15:
         27:72:4f:84:4e:37:7b:b2:21:d7:06:b7:75:c9:23:48:fb:49:
         a8:32:c6:a4:30:54:75:92:73:af:4b:5e:b4:5f:e9:19:44:9c:
         27:f9:e8:d8:d0:9e:15:76:a2:f8:c9:12:9b:52:66:22:a4:26:
         bf:6d:3e:33:79:f6:e3:8e:73:fc:ac:39:f9:7b:4b:ca:d2:61:
         fb:09:45:c7:bd:66:67:6b:15:04:ff:82:a3:f0:5a:17:07:dc:
         e9:85:fc:a0:10:11:a4:37:f3:b4:a2:1e:6c:d3:f5:31:63:5c:
         81:ec:62:22
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIUeycLehHhw5FE0zhDXxqafTPDQ70wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDI5NUM0MkRGOUFCRTY0NDA2NUQ3MzFDN0EwODY4MENE
M0VDQkU4ODAeFw0yNjA2MjAxMjA0NDVaFw0yNzA2MTkxMjA5NDVaMDMxMTAvBgNV
BAMTKDdCMEYzM0UwNEU1Q0M0MkEyQkY4REM2OUJCQzZEMTg5NDdBMkFEQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDle+CHIPEEao0VvqAIWVar+lez
QdFo1YfXgH2OS2FYnEMgwGBMNeYUiS6EXg9ZBM6hMxbMtChjEUOnpEmcWglEW2mi
vVudfY09Lw2G/GcjiFELyYX5Hkjwb+pSRsdSlUsG0YVSbUNi9OhDeEW/NXWvi9MT
JlbUyz2pet6E77wtpoDoIGftOYJPdAAlBvlsK0tq6+W019GaY5NjJxf4UpYkYubp
gS+dYiPdt9Lr6aS025vsi7HltHkApPUVelr0ueom/sAmOLL9G7d7gkhWp8PRql2S
Mew+ui/g0Pzt4SS6IQhN5Z8WI/4fo+LMESz7ou4PLm3v5FrdyWVSchGKCzOFAgMB
AAGjggJSMIICTjAdBgNVHQ4EFgQUew8z4E5cxCor+Nxpu8bRiUeircowHwYDVR0j
BBgwFoAUQpXELfmr5kQGXXMceghoDNPsvogwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMmRTb2ExMlVHbll4UDZ2VDkzNWVMZzhNdEZ4bmVpaEZDNjN6ZFpCMmtn
NHEvMC80Mjk1QzQyREY5QUJFNjQ0MDY1RDczMUM3QTA4NjgwQ0QzRUNCRTg4LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzQyOTVDNDJERjlBQkU2NDQw
NjVENzMxQzdBMDg2ODBDRDNFQ0JFODguY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJkU29hMTJVR25ZeFA2dlQ5MzVlTGc4TXRGeG5laWhGQzYzemRaQjJrZzRxLzAv
MzIzODMwMzQzYTMzMzk2NDM0M2EzYTJmMzMzMjJkMzEzMjM4MjAzZDNlMjAzMjM2
MzYzMDM1MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUH
AQcBAf8EETAPMA0EAgACMAcDBQAoBDnUMA0GCSqGSIb3DQEBCwUAA4IBAQCdqXq/
H7Ldd6Yay9n8+9Q5gv9hhuoo4+htXQsdTQeRUXyW32b2GqnUWjhwQMJSZJRXgBXB
3X6j+BZx0kTJrtg2BoXHynmjllx7y4pSXHVd3DlSGz95SMDE6a4yypMGA1ThF/wa
QNU0w2I2hpdVlz3wSsLLHW1ntmO/UKO0ybK3wc5Uoaf8vuAGlvsMMH05lBUnck+E
Tjd7siHXBrd1ySNI+0moMsakMFR1knOvS160X+kZRJwn+ejY0J4VdqL4yRKbUmYi
pCa/bT4zefbjjnP8rDn5e0vK0mH7CUXHvWZnaxUE/4Kj8FoXB9zphfygEBGkN/O0
oh5s0/UxY1yB7GIi
-----END CERTIFICATE-----
Generated at Wed Jul 8 17:10:53 2026 by rpki-client