Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/34hS7B8uGYsDVN6yUoT5LrEi5eEi1nTXzH3K5mQKRBBe/1/323830343a6536303a31383a3a2f34382d3438203d3e203631383838.roa
File:                     323830343a6536303a31383a3a2f34382d3438203d3e203631383838.roa (raw, json)
Hash identifier:          T6BgIwPF8LtXzznXZ6r3HMxvjEM64RVq5yHIP8BBTYw=
Subject key identifier:   64:DC:0C:E0:D9:64:77:21:B7:AB:49:6E:96:C3:02:11:EB:CF:8D:E9
Certificate issuer:       /CN=961AE5D479B2534022682B64D7F0EFE6AA11F791
Certificate serial:       0A6D74878DEB7AF7B93B5B046B48A6E5B8904942
Authority key identifier: 96:1A:E5:D4:79:B2:53:40:22:68:2B:64:D7:F0:EF:E6:AA:11:F7:91
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/961AE5D479B2534022682B64D7F0EFE6AA11F791.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/34hS7B8uGYsDVN6yUoT5LrEi5eEi1nTXzH3K5mQKRBBe/1/323830343a6536303a31383a3a2f34382d3438203d3e203631383838.roa
Signing time:             Thu 15 May 2025 23:15:49 +0000
ROA not before:           Thu 15 May 2025 23:10:49 +0000
ROA not after:            Thu 14 May 2026 23:15:49 +0000
asID:                     61888
IP address blocks:        2804:e60:18::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/34hS7B8uGYsDVN6yUoT5LrEi5eEi1nTXzH3K5mQKRBBe/1/961AE5D479B2534022682B64D7F0EFE6AA11F791.crl
                          rsync://rpki-repo.registro.br/repo/34hS7B8uGYsDVN6yUoT5LrEi5eEi1nTXzH3K5mQKRBBe/1/961AE5D479B2534022682B64D7F0EFE6AA11F791.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/961AE5D479B2534022682B64D7F0EFE6AA11F791.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Jun 2025 08:02:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:6d:74:87:8d:eb:7a:f7:b9:3b:5b:04:6b:48:a6:e5:b8:90:49:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=961AE5D479B2534022682B64D7F0EFE6AA11F791
        Validity
            Not Before: May 15 23:10:49 2025 GMT
            Not After : May 14 23:15:49 2026 GMT
        Subject: CN=64DC0CE0D9647721B7AB496E96C30211EBCF8DE9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:6f:24:19:93:7c:ec:09:de:89:f8:10:9d:30:
                    f3:dd:65:7c:2f:8e:d1:8b:d1:8f:45:d1:f8:72:1f:
                    17:24:a7:be:d2:6b:d5:0c:ce:a1:39:86:4c:85:0b:
                    cb:6c:b7:d2:a3:51:5d:0d:11:33:ef:c8:c9:1d:43:
                    01:da:78:a3:e0:90:77:59:7b:a1:f1:e3:3e:7f:6a:
                    bf:79:03:d0:ca:f2:1d:39:f1:58:2a:83:58:e6:55:
                    44:c7:62:0c:fb:5e:c5:74:7d:16:8e:50:c9:a2:b0:
                    e0:a6:57:2a:6d:95:60:31:e4:f9:45:1a:81:94:ab:
                    70:8d:69:12:4b:5a:4d:e6:c7:a3:fe:24:f3:5a:60:
                    c5:87:4e:f4:42:7e:e9:d1:40:bd:8b:5c:3e:65:35:
                    d8:fa:43:91:62:28:3f:14:ba:da:4a:01:db:09:56:
                    48:7a:b1:85:64:77:57:6d:6f:05:d0:7e:ac:3e:38:
                    10:df:85:f1:b4:86:10:23:d6:da:ab:1e:58:62:76:
                    cc:95:e4:d6:59:6d:fe:4b:9e:16:ea:e3:db:30:5e:
                    c4:d0:ba:e0:f3:1a:79:4b:8e:c3:48:9c:6b:a4:9e:
                    a4:ce:aa:57:6b:d8:f9:c7:99:6c:a1:95:3e:01:a2:
                    ad:b3:d5:65:e3:f1:29:bc:52:1d:e4:38:ac:2b:46:
                    b8:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:DC:0C:E0:D9:64:77:21:B7:AB:49:6E:96:C3:02:11:EB:CF:8D:E9
            X509v3 Authority Key Identifier:
                keyid:96:1A:E5:D4:79:B2:53:40:22:68:2B:64:D7:F0:EF:E6:AA:11:F7:91

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/34hS7B8uGYsDVN6yUoT5LrEi5eEi1nTXzH3K5mQKRBBe/1/961AE5D479B2534022682B64D7F0EFE6AA11F791.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/961AE5D479B2534022682B64D7F0EFE6AA11F791.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/34hS7B8uGYsDVN6yUoT5LrEi5eEi1nTXzH3K5mQKRBBe/1/323830343a6536303a31383a3a2f34382d3438203d3e203631383838.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:e60:18::/48

    Signature Algorithm: sha256WithRSAEncryption
         8d:a8:d5:6f:cf:cf:43:0d:68:3d:db:3d:d9:37:df:68:56:40:
         ed:58:71:a0:8a:c5:19:3b:88:6e:76:21:21:51:52:2d:3c:6e:
         d9:51:ea:a5:89:0c:90:ad:87:c5:35:69:43:a4:93:b8:c4:de:
         d0:51:57:d8:39:4e:55:5a:1b:a9:3b:0e:cf:51:42:2c:1b:1e:
         46:2e:f6:87:3c:42:72:a6:b7:e9:d3:d4:92:11:fa:92:3d:76:
         bd:e5:1e:10:94:fc:35:51:90:ac:86:f5:01:8e:53:7e:2f:1c:
         f2:a4:82:63:99:a0:97:8c:e8:e9:ee:ab:ba:48:55:93:fa:d4:
         9f:ef:44:61:6d:a8:a6:e7:ca:70:5f:5e:aa:d8:6c:ca:1d:6a:
         e8:5c:0c:16:19:92:e2:37:6c:94:c3:4b:ae:0a:55:37:e8:fd:
         e5:be:72:82:e1:0b:18:28:a4:e9:1a:b1:0f:11:68:1b:65:62:
         64:97:d2:40:b1:16:96:5c:92:78:92:8d:ba:fc:dd:83:0a:7c:
         db:7b:ee:0b:86:a0:8d:bb:e6:7a:ae:ba:44:5b:16:c4:c4:6f:
         05:33:03:06:ae:64:4f:99:a1:b1:ab:14:26:8b:eb:20:8e:0a:
         2e:d2:ff:68:a5:7c:0f:4c:2f:a9:94:e2:a0:72:ef:b8:ac:50:
         bf:9b:92:d7
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgIUCm10h43reve5O1sEa0im5biQSUIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTYxQUU1RDQ3OUIyNTM0MDIyNjgyQjY0RDdGMEVGRTZB
QTExRjc5MTAeFw0yNTA1MTUyMzEwNDlaFw0yNjA1MTQyMzE1NDlaMDMxMTAvBgNV
BAMTKDY0REMwQ0UwRDk2NDc3MjFCN0FCNDk2RTk2QzMwMjExRUJDRjhERTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDbyQZk3zsCd6J+BCdMPPdZXwv
jtGL0Y9F0fhyHxckp77Sa9UMzqE5hkyFC8tst9KjUV0NETPvyMkdQwHaeKPgkHdZ
e6Hx4z5/ar95A9DK8h058Vgqg1jmVUTHYgz7XsV0fRaOUMmisOCmVyptlWAx5PlF
GoGUq3CNaRJLWk3mx6P+JPNaYMWHTvRCfunRQL2LXD5lNdj6Q5FiKD8UutpKAdsJ
Vkh6sYVkd1dtbwXQfqw+OBDfhfG0hhAj1tqrHlhidsyV5NZZbf5Lnhbq49swXsTQ
uuDzGnlLjsNInGuknqTOqldr2PnHmWyhlT4Boq2z1WXj8Sm8Uh3kOKwrRrjlAgMB
AAGjggJUMIICUDAdBgNVHQ4EFgQUZNwM4NlkdyG3q0lulsMCEevPjekwHwYDVR0j
BBgwFoAUlhrl1HmyU0AiaCtk1/Dv5qoR95EwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMzRoUzdCOHVHWXNEVk42eVVvVDVMckVpNWVFaTFuVFh6SDNLNW1RS1JC
QmUvMS85NjFBRTVENDc5QjI1MzQwMjI2ODJCNjREN0YwRUZFNkFBMTFGNzkxLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzk2MUFFNUQ0NzlCMjUzNDAy
MjY4MkI2NEQ3RjBFRkU2QUExMUY3OTEuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzM0aFM3Qjh1R1lzRFZONnlVb1Q1THJFaTVlRWkxblRYekgzSzVtUUtSQkJlLzEv
MzIzODMwMzQzYTY1MzYzMDNhMzEzODNhM2EyZjM0MzgyZDM0MzgyMDNkM2UyMDM2
MzEzODM4Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUH
AQcBAf8EEzARMA8EAgACMAkDBwAoBA5gABgwDQYJKoZIhvcNAQELBQADggEBAI2o
1W/Pz0MNaD3bPdk332hWQO1YcaCKxRk7iG52ISFRUi08btlR6qWJDJCth8U1aUOk
k7jE3tBRV9g5TlVaG6k7Ds9RQiwbHkYu9oc8QnKmt+nT1JIR+pI9dr3lHhCU/DVR
kKyG9QGOU34vHPKkgmOZoJeM6Onuq7pIVZP61J/vRGFtqKbnynBfXqrYbModauhc
DBYZkuI3bJTDS64KVTfo/eW+coLhCxgopOkasQ8RaBtlYmSX0kCxFpZckniSjbr8
3YMKfNt77guGoI275nquukRbFsTEbwUzAwauZE+ZobGrFCaL6yCOCi7S/2ilfA9M
L6mU4qBy77isUL+bktc=
-----END CERTIFICATE-----
Generated at Thu Jun 12 23:26:43 2025 by rpki-client