Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/4cmTS1HcuYRBcdviJbx7YaDrDqDA8UAPFjwPK5FuUu6Z/0/323830343a386232303a3a2f33332d3333203d3e20323733373133.roa
File:                     323830343a386232303a3a2f33332d3333203d3e20323733373133.roa (raw, json)
Hash identifier:          UhCjSK9SoqbCwkVt6j1gnROZg3c0AShZ3tVDDsodA3o=
Subject key identifier:   BB:F0:6F:21:9A:D2:A8:0F:8F:0E:B9:34:EE:12:03:EF:7E:F5:64:11
Certificate issuer:       /CN=47820B403DF38273DD737A919A52D4BF6FBD96E3
Certificate serial:       238A4CB6C7F319FD49D0B9AE547D66AD8AAC05D9
Authority key identifier: 47:82:0B:40:3D:F3:82:73:DD:73:7A:91:9A:52:D4:BF:6F:BD:96:E3
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/47820B403DF38273DD737A919A52D4BF6FBD96E3.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/4cmTS1HcuYRBcdviJbx7YaDrDqDA8UAPFjwPK5FuUu6Z/0/323830343a386232303a3a2f33332d3333203d3e20323733373133.roa
Signing time:             Thu 15 May 2025 13:36:09 +0000
ROA not before:           Thu 15 May 2025 13:31:09 +0000
ROA not after:            Thu 14 May 2026 13:36:09 +0000
asID:                     273713
IP address blocks:        2804:8b20::/33 maxlen: 33
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/4cmTS1HcuYRBcdviJbx7YaDrDqDA8UAPFjwPK5FuUu6Z/0/47820B403DF38273DD737A919A52D4BF6FBD96E3.crl
                          rsync://rpki-repo.registro.br/repo/4cmTS1HcuYRBcdviJbx7YaDrDqDA8UAPFjwPK5FuUu6Z/0/47820B403DF38273DD737A919A52D4BF6FBD96E3.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/47820B403DF38273DD737A919A52D4BF6FBD96E3.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 10:44:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:8a:4c:b6:c7:f3:19:fd:49:d0:b9:ae:54:7d:66:ad:8a:ac:05:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=47820B403DF38273DD737A919A52D4BF6FBD96E3
        Validity
            Not Before: May 15 13:31:09 2025 GMT
            Not After : May 14 13:36:09 2026 GMT
        Subject: CN=BBF06F219AD2A80F8F0EB934EE1203EF7EF56411
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:87:8b:de:85:55:6f:be:54:ce:e2:ce:c6:ee:12:
                    a1:b2:2d:0d:2d:a8:e4:ff:25:2a:55:16:59:fc:5f:
                    b1:b7:b0:3a:b4:d4:e8:77:8b:4f:c8:33:36:a3:96:
                    e8:02:0d:1a:3b:4b:9e:50:21:81:79:b8:c6:00:fd:
                    ad:7b:13:a8:be:00:8b:f2:c4:2b:df:de:91:fe:51:
                    4b:67:dd:55:a3:12:b3:b8:fe:19:30:e7:3b:51:e2:
                    a4:bd:82:5c:b1:e3:91:87:ba:1d:53:89:ff:bb:6a:
                    83:ad:18:45:d2:0c:63:22:b5:e5:46:c5:9a:db:e1:
                    dd:83:39:f2:e5:73:0e:de:3e:c1:a2:de:f9:7f:cf:
                    77:0f:15:8a:4a:27:c0:3c:12:e0:ed:aa:50:d4:f6:
                    52:d0:8b:9c:ed:52:41:11:0a:7e:d1:0e:c7:d0:b5:
                    01:fd:4b:1f:66:0d:0a:7f:a8:27:c1:b0:d0:be:fc:
                    9e:3d:fd:24:5f:6e:6c:32:a4:6e:42:4a:34:66:aa:
                    98:44:44:da:2d:46:a8:23:ea:14:48:0c:15:c8:ff:
                    76:3b:aa:b9:e0:42:1d:ab:bc:0f:c3:e1:55:8a:76:
                    15:a1:07:41:38:db:8b:0d:19:3d:c4:b5:73:f1:44:
                    e1:5d:10:5e:5f:ca:f1:e8:f7:a9:9b:f9:fb:9a:1c:
                    b9:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:F0:6F:21:9A:D2:A8:0F:8F:0E:B9:34:EE:12:03:EF:7E:F5:64:11
            X509v3 Authority Key Identifier:
                keyid:47:82:0B:40:3D:F3:82:73:DD:73:7A:91:9A:52:D4:BF:6F:BD:96:E3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/4cmTS1HcuYRBcdviJbx7YaDrDqDA8UAPFjwPK5FuUu6Z/0/47820B403DF38273DD737A919A52D4BF6FBD96E3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/47820B403DF38273DD737A919A52D4BF6FBD96E3.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/4cmTS1HcuYRBcdviJbx7YaDrDqDA8UAPFjwPK5FuUu6Z/0/323830343a386232303a3a2f33332d3333203d3e20323733373133.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:8b20::/33

    Signature Algorithm: sha256WithRSAEncryption
         05:06:d0:17:71:0b:3c:b6:8d:39:79:ae:f4:41:a1:89:94:c9:
         b9:1b:87:ad:ec:7b:05:89:c2:8c:4d:79:89:cb:84:a8:e5:03:
         cd:90:cb:33:18:9d:fb:47:03:f4:39:bf:94:be:e3:0b:68:8a:
         c4:cf:1e:de:8d:75:66:cb:72:83:48:14:9f:0e:5b:34:2f:c1:
         a1:37:01:43:a2:51:d3:2d:92:8e:48:88:46:35:d4:2c:3f:ca:
         6f:44:b8:ca:cf:50:f4:ea:4c:d1:11:ad:ae:e2:5d:73:c6:9c:
         09:f6:9d:5e:00:f8:7e:41:8e:9f:dd:1c:a7:5e:1e:90:91:83:
         c0:77:b9:27:01:84:c7:46:5f:b9:86:c1:39:76:ca:f2:14:7c:
         86:31:65:36:33:ae:ed:c7:63:ab:2b:58:51:63:f0:cf:a1:ee:
         5d:c3:ff:cf:a6:60:18:e1:2c:4f:a7:b8:bb:4b:e6:b5:82:45:
         8f:4e:69:8a:a6:03:6b:cd:bf:01:68:40:92:fe:86:5a:61:72:
         8f:64:5f:bd:08:ec:f0:a0:7a:d3:e3:50:30:fe:c8:19:46:3d:
         52:72:a5:6c:4f:61:7d:d7:d2:ef:9b:39:2d:ca:5c:a2:33:c8:
         3f:c5:ab:11:2b:74:31:29:6a:8c:f9:7a:1c:c5:1b:b9:5c:ff:
         ec:e1:90:8c
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUI4pMtsfzGf1J0LmuVH1mrYqsBdkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDc4MjBCNDAzREYzODI3M0RENzM3QTkxOUE1MkQ0QkY2
RkJEOTZFMzAeFw0yNTA1MTUxMzMxMDlaFw0yNjA1MTQxMzM2MDlaMDMxMTAvBgNV
BAMTKEJCRjA2RjIxOUFEMkE4MEY4RjBFQjkzNEVFMTIwM0VGN0VGNTY0MTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCHi96FVW++VM7izsbuEqGyLQ0t
qOT/JSpVFln8X7G3sDq01Oh3i0/IMzajlugCDRo7S55QIYF5uMYA/a17E6i+AIvy
xCvf3pH+UUtn3VWjErO4/hkw5ztR4qS9glyx45GHuh1Tif+7aoOtGEXSDGMiteVG
xZrb4d2DOfLlcw7ePsGi3vl/z3cPFYpKJ8A8EuDtqlDU9lLQi5ztUkERCn7RDsfQ
tQH9Sx9mDQp/qCfBsNC+/J49/SRfbmwypG5CSjRmqphERNotRqgj6hRIDBXI/3Y7
qrngQh2rvA/D4VWKdhWhB0E424sNGT3EtXPxROFdEF5fyvHo96mb+fuaHLmfAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUu/BvIZrSqA+PDrk07hID7371ZBEwHwYDVR0j
BBgwFoAUR4ILQD3zgnPdc3qRmlLUv2+9luMwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNGNtVFMxSGN1WVJCY2R2aUpieDdZYURyRHFEQThVQVBGandQSzVGdVV1
NlovMC80NzgyMEI0MDNERjM4MjczREQ3MzdBOTE5QTUyRDRCRjZGQkQ5NkUzLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzQ3ODIwQjQwM0RGMzgyNzNE
RDczN0E5MTlBNTJENEJGNkZCRDk2RTMuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzRjbVRTMUhjdVlSQmNkdmlKYng3WWFEckRxREE4VUFQRmp3UEs1RnVVdTZaLzAv
MzIzODMwMzQzYTM4NjIzMjMwM2EzYTJmMzMzMzJkMzMzMzIwM2QzZTIwMzIzNzMz
MzczMTMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEH
AQH/BBIwEDAOBAIAAjAIAwYHKASLIAAwDQYJKoZIhvcNAQELBQADggEBAAUG0Bdx
Czy2jTl5rvRBoYmUybkbh63sewWJwoxNeYnLhKjlA82QyzMYnftHA/Q5v5S+4wto
isTPHt6NdWbLcoNIFJ8OWzQvwaE3AUOiUdMtko5IiEY11Cw/ym9EuMrPUPTqTNER
ra7iXXPGnAn2nV4A+H5Bjp/dHKdeHpCRg8B3uScBhMdGX7mGwTl2yvIUfIYxZTYz
ru3HY6srWFFj8M+h7l3D/8+mYBjhLE+nuLtL5rWCRY9OaYqmA2vNvwFoQJL+hlph
co9kX70I7PCgetPjUDD+yBlGPVJypWxPYX3X0u+bOS3KXKIzyD/FqxErdDEpaoz5
ehzFG7lc/+zhkIw=
-----END CERTIFICATE-----
Generated at Tue Jun 10 17:17:28 2025 by rpki-client