Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/478NMGGTsyAeyF8GKjTXspM74f9LmAGoHHCMvHqZ7BNU/0/323830343a316433633a383030303a3a2f33332d3438203d3e20323634333536.roa
File:                     323830343a316433633a383030303a3a2f33332d3438203d3e20323634333536.roa (raw, json)
Hash identifier:          H+HDC1Vroa4cr20FyHrZPDBbnqeroMP1UUr+swRDFsw=
Subject key identifier:   1D:EB:58:F4:AB:F9:5E:47:FA:49:EB:50:FD:B6:34:B0:8A:25:25:BC
Certificate issuer:       /CN=5577374B70385DA5B5D77B657F561AFFAE6F8FCA
Certificate serial:       57E3563CB01FEB8509B498AF73A4466127984256
Authority key identifier: 55:77:37:4B:70:38:5D:A5:B5:D7:7B:65:7F:56:1A:FF:AE:6F:8F:CA
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5577374B70385DA5B5D77B657F561AFFAE6F8FCA.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/478NMGGTsyAeyF8GKjTXspM74f9LmAGoHHCMvHqZ7BNU/0/323830343a316433633a383030303a3a2f33332d3438203d3e20323634333536.roa
Signing time:             Tue 11 Mar 2025 20:12:49 +0000
ROA not before:           Tue 11 Mar 2025 20:07:49 +0000
ROA not after:            Tue 10 Mar 2026 20:12:49 +0000
asID:                     264356
IP address blocks:        2804:1d3c:8000::/33 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/478NMGGTsyAeyF8GKjTXspM74f9LmAGoHHCMvHqZ7BNU/0/5577374B70385DA5B5D77B657F561AFFAE6F8FCA.crl
                          rsync://rpki-repo.registro.br/repo/478NMGGTsyAeyF8GKjTXspM74f9LmAGoHHCMvHqZ7BNU/0/5577374B70385DA5B5D77B657F561AFFAE6F8FCA.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5577374B70385DA5B5D77B657F561AFFAE6F8FCA.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 04:25:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:e3:56:3c:b0:1f:eb:85:09:b4:98:af:73:a4:46:61:27:98:42:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5577374B70385DA5B5D77B657F561AFFAE6F8FCA
        Validity
            Not Before: Mar 11 20:07:49 2025 GMT
            Not After : Mar 10 20:12:49 2026 GMT
        Subject: CN=1DEB58F4ABF95E47FA49EB50FDB634B08A2525BC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e9:9e:8c:3b:91:aa:84:af:91:98:1a:e4:21:a6:
                    9a:94:d0:19:2f:69:08:36:7b:9a:13:1e:08:1d:a4:
                    55:cd:48:95:f9:f5:83:06:b9:77:99:f8:a0:6d:df:
                    fc:ff:29:0e:f3:40:5b:67:a9:a0:5a:50:f2:79:e4:
                    f1:79:68:6e:02:a9:d3:69:1b:66:71:db:f6:83:3d:
                    78:78:35:11:97:1c:c6:5f:9f:8c:7d:ea:90:bc:17:
                    4c:6c:c7:77:c1:3e:a8:a3:24:45:e9:4a:3b:05:06:
                    64:d3:76:9d:35:f5:e4:d5:74:0b:b8:e4:f4:d3:42:
                    ee:99:2b:e4:5d:d4:0e:89:4a:7a:9e:24:53:14:ad:
                    e8:a0:e7:58:bf:30:b4:c0:4b:2e:7f:90:a6:c8:00:
                    69:45:66:5f:ae:b1:fe:fd:6c:da:61:04:db:5e:c1:
                    56:98:29:17:06:9f:3c:a2:06:a2:a6:d9:ac:0b:e1:
                    d7:6d:08:c2:cb:b1:cd:e2:a3:9e:fc:75:87:97:58:
                    43:14:d1:9c:66:5a:43:10:8f:d3:72:58:2d:f3:22:
                    1a:b1:32:07:06:8b:d8:dd:0b:75:c0:58:af:d6:6f:
                    94:68:32:0c:3b:91:e8:57:b8:2e:3e:7f:9e:33:49:
                    34:6c:95:8f:ad:09:f2:72:2c:e8:dc:3e:bd:82:c5:
                    ad:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:EB:58:F4:AB:F9:5E:47:FA:49:EB:50:FD:B6:34:B0:8A:25:25:BC
            X509v3 Authority Key Identifier:
                keyid:55:77:37:4B:70:38:5D:A5:B5:D7:7B:65:7F:56:1A:FF:AE:6F:8F:CA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/478NMGGTsyAeyF8GKjTXspM74f9LmAGoHHCMvHqZ7BNU/0/5577374B70385DA5B5D77B657F561AFFAE6F8FCA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/5577374B70385DA5B5D77B657F561AFFAE6F8FCA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/478NMGGTsyAeyF8GKjTXspM74f9LmAGoHHCMvHqZ7BNU/0/323830343a316433633a383030303a3a2f33332d3438203d3e20323634333536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:1d3c:8000::/33

    Signature Algorithm: sha256WithRSAEncryption
         1a:67:28:7b:04:c4:4f:be:ee:e9:f6:d9:07:7e:ea:6e:ea:cf:
         fc:6c:7e:05:63:28:da:38:36:11:d4:c0:af:08:3a:3b:6a:cb:
         f9:9a:78:28:75:b8:de:e7:24:f0:d2:09:19:a8:f5:77:a5:2f:
         6f:c6:0a:65:31:b2:a9:6c:ac:a9:f1:27:44:1c:f4:d1:46:5a:
         4a:29:b0:3d:92:e4:f1:bd:be:6b:0e:d4:56:e2:8a:25:c4:9e:
         43:9d:13:69:f9:e3:70:2f:90:34:b9:fd:cd:6f:58:a0:5f:63:
         e5:5c:0b:2b:5a:67:6d:77:9b:e1:a1:e8:7e:67:37:c2:4c:6c:
         77:cd:20:b7:a3:f3:07:f2:57:f5:5e:36:9d:c7:78:97:59:02:
         c9:4b:45:2c:b5:99:f3:6f:9d:e5:70:88:f3:08:ef:7e:97:d4:
         9f:d2:8a:2d:98:42:c8:b3:bd:74:76:55:83:c1:11:af:2d:32:
         a6:3d:a3:5d:5b:35:6f:0d:5f:c5:39:81:99:b2:2e:32:35:33:
         49:48:71:5e:f3:fd:e8:e8:e7:d4:9a:40:72:9b:b8:85:e0:ee:
         5a:f1:24:bf:e1:9d:d9:1f:cf:5d:dd:13:87:3c:af:8c:94:9e:
         f8:eb:c9:f1:b0:a9:18:f0:38:fa:1e:c5:f6:61:5f:a9:f8:0e:
         d9:9e:fd:2e
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUV+NWPLAf64UJtJivc6RGYSeYQlYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTU3NzM3NEI3MDM4NURBNUI1RDc3QjY1N0Y1NjFBRkZB
RTZGOEZDQTAeFw0yNTAzMTEyMDA3NDlaFw0yNjAzMTAyMDEyNDlaMDMxMTAvBgNV
BAMTKDFERUI1OEY0QUJGOTVFNDdGQTQ5RUI1MEZEQjYzNEIwOEEyNTI1QkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDpnow7kaqEr5GYGuQhppqU0Bkv
aQg2e5oTHggdpFXNSJX59YMGuXeZ+KBt3/z/KQ7zQFtnqaBaUPJ55PF5aG4CqdNp
G2Zx2/aDPXh4NRGXHMZfn4x96pC8F0xsx3fBPqijJEXpSjsFBmTTdp019eTVdAu4
5PTTQu6ZK+Rd1A6JSnqeJFMUreig51i/MLTASy5/kKbIAGlFZl+usf79bNphBNte
wVaYKRcGnzyiBqKm2awL4ddtCMLLsc3io578dYeXWEMU0ZxmWkMQj9NyWC3zIhqx
MgcGi9jdC3XAWK/Wb5RoMgw7kehXuC4+f54zSTRslY+tCfJyLOjcPr2Cxa0xAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUHetY9Kv5Xkf6SetQ/bY0sIolJbwwHwYDVR0j
BBgwFoAUVXc3S3A4XaW113tlf1Ya/65vj8owDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNDc4Tk1HR1RzeUFleUY4R0tqVFhzcE03NGY5TG1BR29ISENNdkhxWjdC
TlUvMC81NTc3Mzc0QjcwMzg1REE1QjVENzdCNjU3RjU2MUFGRkFFNkY4RkNBLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzU1NzczNzRCNzAzODVEQTVC
NUQ3N0I2NTdGNTYxQUZGQUU2RjhGQ0EuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzQ3OE5NR0dUc3lBZXlGOEdLalRYc3BNNzRmOUxtQUdvSEhDTXZIcVo3Qk5VLzAv
MzIzODMwMzQzYTMxNjQzMzYzM2EzODMwMzAzMDNhM2EyZjMzMzMyZDM0MzgyMDNk
M2UyMDMyMzYzNDMzMzUzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBygEHTyAMA0GCSqGSIb3DQEBCwUA
A4IBAQAaZyh7BMRPvu7p9tkHfupu6s/8bH4FYyjaODYR1MCvCDo7asv5mngodbje
5yTw0gkZqPV3pS9vxgplMbKpbKyp8SdEHPTRRlpKKbA9kuTxvb5rDtRW4oolxJ5D
nRNp+eNwL5A0uf3Nb1igX2PlXAsrWmdtd5vhoeh+ZzfCTGx3zSC3o/MH8lf1Xjad
x3iXWQLJS0UstZnzb53lcIjzCO9+l9Sf0ootmELIs710dlWDwRGvLTKmPaNdWzVv
DV/FOYGZsi4yNTNJSHFe8/3o6OfUmkBym7iF4O5a8SS/4Z3ZH89d3ROHPK+MlJ74
68nxsKkY8Dj6HsX2YV+p+A7Znv0u
-----END CERTIFICATE-----
Generated at Mon Jun 9 21:36:59 2025 by rpki-client