Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/4cmTS1HcuYRBcdviJbx7YaDrDqDA8UAPFjwPK5FuUu6Z/0/323830343a386232303a3a2f33322d3332203d3e20323733373133.roa
File:                     323830343a386232303a3a2f33322d3332203d3e20323733373133.roa (raw, json)
Hash identifier:          c5o6s2pwU3u1/iDsk7BfDQhJFhCLjT0Kb1FV3Tzf90Q=
Subject key identifier:   B3:02:F4:D7:17:9E:95:B1:0D:B1:B1:3D:37:72:65:AE:F8:02:03:20
Certificate issuer:       /CN=47820B403DF38273DD737A919A52D4BF6FBD96E3
Certificate serial:       6BFA0ACE746BF1CED6B5CD71C6643D61247F4AAF
Authority key identifier: 47:82:0B:40:3D:F3:82:73:DD:73:7A:91:9A:52:D4:BF:6F:BD:96:E3
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/47820B403DF38273DD737A919A52D4BF6FBD96E3.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/4cmTS1HcuYRBcdviJbx7YaDrDqDA8UAPFjwPK5FuUu6Z/0/323830343a386232303a3a2f33322d3332203d3e20323733373133.roa
Signing time:             Thu 15 May 2025 13:36:09 +0000
ROA not before:           Thu 15 May 2025 13:31:09 +0000
ROA not after:            Thu 14 May 2026 13:36:09 +0000
asID:                     273713
IP address blocks:        2804:8b20::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/4cmTS1HcuYRBcdviJbx7YaDrDqDA8UAPFjwPK5FuUu6Z/0/47820B403DF38273DD737A919A52D4BF6FBD96E3.crl
                          rsync://rpki-repo.registro.br/repo/4cmTS1HcuYRBcdviJbx7YaDrDqDA8UAPFjwPK5FuUu6Z/0/47820B403DF38273DD737A919A52D4BF6FBD96E3.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/47820B403DF38273DD737A919A52D4BF6FBD96E3.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 12 Jun 2025 06:34:44 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:fa:0a:ce:74:6b:f1:ce:d6:b5:cd:71:c6:64:3d:61:24:7f:4a:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47820B403DF38273DD737A919A52D4BF6FBD96E3
        Validity
            Not Before: May 15 13:31:09 2025 GMT
            Not After : May 14 13:36:09 2026 GMT
        Subject: CN=B302F4D7179E95B10DB1B13D377265AEF8020320
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:de:36:4a:ea:db:61:ba:0c:a5:ad:1c:1d:ee:
                    1e:aa:67:85:eb:ee:5e:6b:e8:67:a1:eb:04:c9:04:
                    ed:87:71:b8:d8:36:69:56:71:bd:2a:81:cc:bb:da:
                    b0:ec:d7:54:c0:00:c0:8b:3e:8d:e2:70:84:d4:94:
                    5d:8f:23:1f:7f:14:3b:88:80:af:b4:cd:df:0a:65:
                    ce:b6:5c:01:bf:31:b8:03:6a:11:50:da:f9:fa:db:
                    f6:de:19:95:0a:8f:d5:79:2c:97:65:54:02:ad:17:
                    81:42:94:77:b4:ff:b4:7e:17:68:ca:6f:de:f0:b4:
                    18:97:b0:74:be:38:b6:2b:10:c5:c3:91:17:c1:c2:
                    da:55:95:c8:22:1a:4f:4c:22:15:b5:e3:f5:f0:2c:
                    aa:ca:35:2f:24:d3:c0:fd:de:db:d6:6e:8c:57:4d:
                    da:ce:b6:3f:ed:4b:b1:83:67:22:76:94:a9:19:ce:
                    a8:8f:52:a4:f5:1b:72:0f:96:00:6b:c5:12:39:c3:
                    a5:a1:cc:99:e1:f8:0a:bc:9c:9c:be:c1:ed:8d:d6:
                    42:1b:58:d0:3c:3d:51:be:5e:97:c3:e6:23:99:f9:
                    66:60:0e:7f:d7:bb:c3:27:02:58:c6:63:81:b2:a3:
                    9c:5c:cc:b2:7b:34:68:71:d2:6e:a3:d7:bf:1c:46:
                    86:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:02:F4:D7:17:9E:95:B1:0D:B1:B1:3D:37:72:65:AE:F8:02:03:20
            X509v3 Authority Key Identifier:
                keyid:47:82:0B:40:3D:F3:82:73:DD:73:7A:91:9A:52:D4:BF:6F:BD:96:E3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/4cmTS1HcuYRBcdviJbx7YaDrDqDA8UAPFjwPK5FuUu6Z/0/47820B403DF38273DD737A919A52D4BF6FBD96E3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/47820B403DF38273DD737A919A52D4BF6FBD96E3.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/4cmTS1HcuYRBcdviJbx7YaDrDqDA8UAPFjwPK5FuUu6Z/0/323830343a386232303a3a2f33322d3332203d3e20323733373133.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:8b20::/32

    Signature Algorithm: sha256WithRSAEncryption
         74:29:57:41:95:7f:d1:ce:42:96:17:14:64:9c:28:28:c4:e9:
         17:48:e8:06:d4:8e:ce:50:01:9f:1c:60:79:0e:79:16:75:c7:
         b3:eb:8b:0d:0c:88:98:9f:0a:b2:1d:4e:f5:a5:98:df:69:f7:
         c5:64:11:36:4b:43:07:70:95:2c:31:d1:5e:2e:26:1e:c3:1b:
         77:37:c9:8f:d3:e9:f2:ab:e8:24:7b:9c:c7:e3:22:c0:e2:ea:
         ee:49:fa:cc:84:8b:cc:f1:63:3b:74:b1:62:7b:6d:fa:05:0e:
         b2:4a:d9:ea:de:90:2a:04:ca:43:9d:de:66:1b:90:4f:3f:8a:
         b2:90:e3:d7:07:84:23:da:6a:cb:5d:a3:04:7d:f8:ac:fc:61:
         87:45:14:96:b2:18:89:e4:27:97:b9:ad:59:1c:46:93:1f:e4:
         f1:c6:39:6f:3f:ba:49:09:61:18:54:03:b5:f6:a4:48:29:04:
         d6:fb:d9:6a:61:36:10:a7:2f:88:ca:27:9f:1a:06:08:37:63:
         6b:38:47:cc:8b:f2:c4:08:64:ec:a1:0e:ce:54:b6:51:50:a1:
         56:a5:21:72:82:71:72:2e:14:e4:8e:cc:22:87:17:8c:02:0b:
         3f:8d:e7:b3:98:93:1b:74:b2:c9:0c:93:d1:fa:11:0b:0c:0e:
         33:07:fb:1f
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUa/oKznRr8c7Wtc1xxmQ9YSR/Sq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDc4MjBCNDAzREYzODI3M0RENzM3QTkxOUE1MkQ0QkY2
RkJEOTZFMzAeFw0yNTA1MTUxMzMxMDlaFw0yNjA1MTQxMzM2MDlaMDMxMTAvBgNV
BAMTKEIzMDJGNEQ3MTc5RTk1QjEwREIxQjEzRDM3NzI2NUFFRjgwMjAzMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC73jZK6tthugylrRwd7h6qZ4Xr
7l5r6Geh6wTJBO2HcbjYNmlWcb0qgcy72rDs11TAAMCLPo3icITUlF2PIx9/FDuI
gK+0zd8KZc62XAG/MbgDahFQ2vn62/beGZUKj9V5LJdlVAKtF4FClHe0/7R+F2jK
b97wtBiXsHS+OLYrEMXDkRfBwtpVlcgiGk9MIhW14/XwLKrKNS8k08D93tvWboxX
TdrOtj/tS7GDZyJ2lKkZzqiPUqT1G3IPlgBrxRI5w6WhzJnh+Aq8nJy+we2N1kIb
WNA8PVG+XpfD5iOZ+WZgDn/Xu8MnAljGY4Gyo5xczLJ7NGhx0m6j178cRoalAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUswL01xeelbENsbE9N3JlrvgCAyAwHwYDVR0j
BBgwFoAUR4ILQD3zgnPdc3qRmlLUv2+9luMwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNGNtVFMxSGN1WVJCY2R2aUpieDdZYURyRHFEQThVQVBGandQSzVGdVV1
NlovMC80NzgyMEI0MDNERjM4MjczREQ3MzdBOTE5QTUyRDRCRjZGQkQ5NkUzLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzQ3ODIwQjQwM0RGMzgyNzNE
RDczN0E5MTlBNTJENEJGNkZCRDk2RTMuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzRjbVRTMUhjdVlSQmNkdmlKYng3WWFEckRxREE4VUFQRmp3UEs1RnVVdTZaLzAv
MzIzODMwMzQzYTM4NjIzMjMwM2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzNzMz
MzczMTMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKASLIDANBgkqhkiG9w0BAQsFAAOCAQEAdClXQZV/
0c5ClhcUZJwoKMTpF0joBtSOzlABnxxgeQ55FnXHs+uLDQyImJ8Ksh1O9aWY32n3
xWQRNktDB3CVLDHRXi4mHsMbdzfJj9Pp8qvoJHucx+MiwOLq7kn6zISLzPFjO3Sx
Yntt+gUOskrZ6t6QKgTKQ53eZhuQTz+KspDj1weEI9pqy12jBH34rPxhh0UUlrIY
ieQnl7mtWRxGkx/k8cY5bz+6SQlhGFQDtfakSCkE1vvZamE2EKcviMonnxoGCDdj
azhHzIvyxAhk7KEOzlS2UVChVqUhcoJxci4U5I7MIocXjAILP43ns5iTG3SyyQyT
0foRCwwOMwf7Hw==
-----END CERTIFICATE-----
Generated at Wed Jun 11 10:21:44 2025 by rpki-client