Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/43r5HtNuaBtfqCD3LbVgGoawviriwV6NXYypba3raWPn/0/323830343a333033343a3132303a3a2f34332d3433203d3e20323634393336.roa
File:                     323830343a333033343a3132303a3a2f34332d3433203d3e20323634393336.roa (raw, json)
Hash identifier:          dWjlQ0gigidwSk+OEgmIxEXeDw8e+7MdTKyZWhVJfNw=
Subject key identifier:   4D:20:93:0E:0A:52:AD:7A:A0:28:7C:98:15:59:E1:C6:9F:AB:A3:31
Certificate issuer:       /CN=3C8F0CFC9B35F328402AD269F14D94BF6C5C7372
Certificate serial:       0CEFA16EC8BFB0FF3ECEEFCBB9A75C0A97E7B5A4
Authority key identifier: 3C:8F:0C:FC:9B:35:F3:28:40:2A:D2:69:F1:4D:94:BF:6C:5C:73:72
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3C8F0CFC9B35F328402AD269F14D94BF6C5C7372.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/43r5HtNuaBtfqCD3LbVgGoawviriwV6NXYypba3raWPn/0/323830343a333033343a3132303a3a2f34332d3433203d3e20323634393336.roa
Signing time:             Tue 03 Jun 2025 00:27:03 +0000
ROA not before:           Tue 03 Jun 2025 00:22:03 +0000
ROA not after:            Tue 02 Jun 2026 00:27:03 +0000
asID:                     264936
IP address blocks:        2804:3034:120::/43 maxlen: 43
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/43r5HtNuaBtfqCD3LbVgGoawviriwV6NXYypba3raWPn/0/3C8F0CFC9B35F328402AD269F14D94BF6C5C7372.crl
                          rsync://rpki-repo.registro.br/repo/43r5HtNuaBtfqCD3LbVgGoawviriwV6NXYypba3raWPn/0/3C8F0CFC9B35F328402AD269F14D94BF6C5C7372.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3C8F0CFC9B35F328402AD269F14D94BF6C5C7372.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Jun 2025 00:33:37 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:ef:a1:6e:c8:bf:b0:ff:3e:ce:ef:cb:b9:a7:5c:0a:97:e7:b5:a4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3C8F0CFC9B35F328402AD269F14D94BF6C5C7372
        Validity
            Not Before: Jun  3 00:22:03 2025 GMT
            Not After : Jun  2 00:27:03 2026 GMT
        Subject: CN=4D20930E0A52AD7AA0287C981559E1C69FABA331
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:89:4c:61:47:10:7b:af:6d:ea:3b:ce:69:89:
                    fc:45:78:57:71:5c:a6:57:72:cb:88:4c:92:28:e9:
                    d3:f2:df:48:38:91:0a:34:c9:09:b6:ef:54:ac:fc:
                    be:0f:d6:98:ad:f1:ff:32:58:78:83:45:3d:07:50:
                    19:f4:a2:f9:21:37:b4:e2:69:6d:32:20:2e:d5:97:
                    6f:0c:c6:68:7d:a5:a4:73:7d:2b:63:1a:49:c5:e5:
                    e4:37:50:b3:c6:35:1b:56:39:01:70:cc:99:d3:68:
                    bf:18:8f:9f:a8:67:43:c3:c1:72:7b:87:d5:67:fe:
                    f5:5a:ac:18:06:ac:4e:74:f9:1c:f6:6c:53:c2:5d:
                    b6:a6:44:6b:9e:ce:b7:33:d3:d2:0b:3f:d9:0d:88:
                    74:58:a2:93:a4:12:44:8a:9e:a5:c1:dd:a2:29:2e:
                    fd:88:26:ed:21:f6:fa:8a:93:b8:2b:dd:eb:0b:f0:
                    de:e2:70:5a:d0:93:52:53:bb:1c:d1:3d:dd:6f:80:
                    a3:b8:0d:94:c4:f9:8e:25:69:0a:7a:fa:f1:1a:48:
                    6b:fa:fa:2d:d0:4f:6b:f1:5c:0f:71:6c:40:61:3d:
                    59:79:67:64:63:2c:ce:a9:cc:f9:ba:ed:48:d3:03:
                    d8:52:39:d6:be:f2:61:ed:54:ee:74:64:a1:6f:be:
                    90:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:20:93:0E:0A:52:AD:7A:A0:28:7C:98:15:59:E1:C6:9F:AB:A3:31
            X509v3 Authority Key Identifier:
                keyid:3C:8F:0C:FC:9B:35:F3:28:40:2A:D2:69:F1:4D:94:BF:6C:5C:73:72

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/43r5HtNuaBtfqCD3LbVgGoawviriwV6NXYypba3raWPn/0/3C8F0CFC9B35F328402AD269F14D94BF6C5C7372.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3C8F0CFC9B35F328402AD269F14D94BF6C5C7372.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/43r5HtNuaBtfqCD3LbVgGoawviriwV6NXYypba3raWPn/0/323830343a333033343a3132303a3a2f34332d3433203d3e20323634393336.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:3034:120::/43

    Signature Algorithm: sha256WithRSAEncryption
         6e:33:7b:3d:a3:96:fc:ad:02:82:90:8f:77:96:00:34:e3:73:
         19:4b:83:d6:85:e5:96:49:ff:0d:79:8e:63:7c:35:98:d2:fa:
         44:4e:c7:2c:aa:c2:e3:81:40:9e:5b:5d:1d:2c:49:a0:ec:bb:
         c3:7c:b4:69:e1:54:6e:56:ff:85:18:82:36:bb:0b:d7:b1:00:
         1b:83:41:8b:b7:f0:1c:64:e9:3e:bc:ee:94:74:e3:ce:c2:0d:
         f7:a5:4e:19:ea:a5:be:13:dc:ba:21:3f:b5:12:96:33:9b:5b:
         52:92:f9:57:92:8c:ce:0a:ac:f4:90:5f:0e:54:da:b2:41:be:
         3c:38:c6:0e:52:6c:fa:a0:1d:62:b5:61:af:96:97:4e:d4:ae:
         d3:f9:e1:d1:b0:04:74:6c:f2:96:09:3e:13:e2:b6:9a:1d:f9:
         d3:77:14:8b:c4:8b:27:fd:0f:2a:d0:f1:76:37:32:05:6e:fc:
         0a:ff:4f:59:29:6b:38:30:f5:07:9e:ec:3f:7c:5f:76:36:12:
         c9:9a:fe:8e:28:ae:38:42:44:90:75:a6:9a:0b:ce:c0:3f:84:
         20:1a:e3:bc:08:4d:cc:23:d7:63:0a:72:03:aa:8c:6f:3a:b2:
         15:70:24:47:0c:7a:b7:7c:72:e7:f0:59:bf:57:bc:f8:3f:09:
         90:87:5d:a2
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgIUDO+hbsi/sP8+zu/LuadcCpfntaQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0M4RjBDRkM5QjM1RjMyODQwMkFEMjY5RjE0RDk0QkY2
QzVDNzM3MjAeFw0yNTA2MDMwMDIyMDNaFw0yNjA2MDIwMDI3MDNaMDMxMTAvBgNV
BAMTKDREMjA5MzBFMEE1MkFEN0FBMDI4N0M5ODE1NTlFMUM2OUZBQkEzMzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7iUxhRxB7r23qO85pifxFeFdx
XKZXcsuITJIo6dPy30g4kQo0yQm271Ss/L4P1pit8f8yWHiDRT0HUBn0ovkhN7Ti
aW0yIC7Vl28Mxmh9paRzfStjGknF5eQ3ULPGNRtWOQFwzJnTaL8Yj5+oZ0PDwXJ7
h9Vn/vVarBgGrE50+Rz2bFPCXbamRGuezrcz09ILP9kNiHRYopOkEkSKnqXB3aIp
Lv2IJu0h9vqKk7gr3esL8N7icFrQk1JTuxzRPd1vgKO4DZTE+Y4laQp6+vEaSGv6
+i3QT2vxXA9xbEBhPVl5Z2RjLM6pzPm67UjTA9hSOda+8mHtVO50ZKFvvpAzAgMB
AAGjggJaMIICVjAdBgNVHQ4EFgQUTSCTDgpSrXqgKHyYFVnhxp+rozEwHwYDVR0j
BBgwFoAUPI8M/Js18yhAKtJp8U2Uv2xcc3IwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNDNyNUh0TnVhQnRmcUNEM0xiVmdHb2F3dmlyaXdWNk5YWXlwYmEzcmFX
UG4vMC8zQzhGMENGQzlCMzVGMzI4NDAyQUQyNjlGMTREOTRCRjZDNUM3MzcyLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzNDOEYwQ0ZDOUIzNUYzMjg0
MDJBRDI2OUYxNEQ5NEJGNkM1QzczNzIuY2VyMIG0BggrBgEFBQcBCwSBpzCBpDCB
oQYIKwYBBQUHMAuGgZRyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzQzcjVIdE51YUJ0ZnFDRDNMYlZnR29hd3Zpcml3VjZOWFl5cGJhM3JhV1BuLzAv
MzIzODMwMzQzYTMzMzAzMzM0M2EzMTMyMzAzYTNhMmYzNDMzMmQzNDMzMjAzZDNl
MjAzMjM2MzQzOTMzMzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYI
KwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwUoBDA0ASAwDQYJKoZIhvcNAQELBQAD
ggEBAG4zez2jlvytAoKQj3eWADTjcxlLg9aF5ZZJ/w15jmN8NZjS+kROxyyqwuOB
QJ5bXR0sSaDsu8N8tGnhVG5W/4UYgja7C9exABuDQYu38Bxk6T687pR0487CDfel
Thnqpb4T3LohP7USljObW1KS+VeSjM4KrPSQXw5U2rJBvjw4xg5SbPqgHWK1Ya+W
l07UrtP54dGwBHRs8pYJPhPitpod+dN3FIvEiyf9DyrQ8XY3MgVu/Ar/T1kpazgw
9Qee7D98X3Y2Esma/o4orjhCRJB1ppoLzsA/hCAa47wITcwj12MKcgOqjG86shVw
JEcMerd8cufwWb9XvPg/CZCHXaI=
-----END CERTIFICATE-----
Generated at Thu Jun 12 14:10:20 2025 by rpki-client