Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/4nYob2zryPbySzdA1s9prrVJfK8F3MUMgtcKbu7d5oGG/0/323830343a363731633a383030303a3a2f33332d3333203d3e20323639363034.roa
File:                     323830343a363731633a383030303a3a2f33332d3333203d3e20323639363034.roa (raw, json)
Hash identifier:          qIqZvIzU3ebY9PqiyxJGs/q20ZBMnqWZLHf6ji7R6eo=
Subject key identifier:   28:0B:49:7B:F4:18:81:06:F2:BE:B9:E8:55:57:45:52:2D:5B:8C:0A
Certificate issuer:       /CN=80203E22C8FA0050317D1387223B6C2E9CFE204B
Certificate serial:       535536386C0B09FAD09EA4255373CCEFBD4F856B
Authority key identifier: 80:20:3E:22:C8:FA:00:50:31:7D:13:87:22:3B:6C:2E:9C:FE:20:4B
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/80203E22C8FA0050317D1387223B6C2E9CFE204B.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/4nYob2zryPbySzdA1s9prrVJfK8F3MUMgtcKbu7d5oGG/0/323830343a363731633a383030303a3a2f33332d3333203d3e20323639363034.roa
Signing time:             Thu 01 May 2025 22:43:52 +0000
ROA not before:           Thu 01 May 2025 22:38:52 +0000
ROA not after:            Thu 30 Apr 2026 22:43:52 +0000
asID:                     269604
IP address blocks:        2804:671c:8000::/33 maxlen: 33
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/4nYob2zryPbySzdA1s9prrVJfK8F3MUMgtcKbu7d5oGG/0/80203E22C8FA0050317D1387223B6C2E9CFE204B.crl
                          rsync://rpki-repo.registro.br/repo/4nYob2zryPbySzdA1s9prrVJfK8F3MUMgtcKbu7d5oGG/0/80203E22C8FA0050317D1387223B6C2E9CFE204B.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/80203E22C8FA0050317D1387223B6C2E9CFE204B.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 14 Jun 2025 22:50:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:55:36:38:6c:0b:09:fa:d0:9e:a4:25:53:73:cc:ef:bd:4f:85:6b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=80203E22C8FA0050317D1387223B6C2E9CFE204B
        Validity
            Not Before: May  1 22:38:52 2025 GMT
            Not After : Apr 30 22:43:52 2026 GMT
        Subject: CN=280B497BF4188106F2BEB9E8555745522D5B8C0A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:80:23:8e:eb:9c:10:3e:22:ce:99:7c:82:f3:
                    35:f1:1e:65:9c:48:24:44:f9:2d:8a:61:23:e9:30:
                    7d:c2:11:5f:2a:8a:75:99:1e:b2:c2:68:f1:eb:ba:
                    e9:07:bf:eb:f9:66:f5:17:77:99:25:cb:83:e1:05:
                    8e:78:46:23:87:4d:65:b0:05:32:26:14:21:12:04:
                    67:49:5c:91:ff:f6:a1:55:ad:57:45:8f:5d:3e:8b:
                    7a:0c:1e:6e:e2:f8:46:14:8f:1c:1c:a3:0e:b9:9d:
                    0c:0c:7e:ed:6d:4c:85:78:4b:a6:4e:2d:92:3d:f6:
                    ce:0f:c1:c6:2b:2e:45:79:9e:ca:1e:f7:d5:70:3c:
                    32:97:5c:00:35:e9:43:b7:93:27:77:c3:48:1e:1d:
                    b8:17:45:44:39:05:bb:b9:8a:eb:20:2a:be:86:13:
                    15:b0:72:78:05:85:38:af:84:5e:a9:ce:ce:f8:f0:
                    2b:bc:ab:d9:78:2d:17:27:b2:0c:31:03:a7:d3:e3:
                    4b:0f:de:ea:08:99:10:41:0c:98:8f:f8:94:85:6e:
                    df:5e:1f:9b:21:f6:14:fc:8d:49:0b:6e:cd:5e:25:
                    5e:0b:18:27:94:73:c9:26:73:13:c9:4e:c7:6b:6a:
                    00:12:8e:50:8a:e8:3f:6c:42:47:4a:c4:e5:5e:af:
                    1d:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:0B:49:7B:F4:18:81:06:F2:BE:B9:E8:55:57:45:52:2D:5B:8C:0A
            X509v3 Authority Key Identifier:
                keyid:80:20:3E:22:C8:FA:00:50:31:7D:13:87:22:3B:6C:2E:9C:FE:20:4B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/4nYob2zryPbySzdA1s9prrVJfK8F3MUMgtcKbu7d5oGG/0/80203E22C8FA0050317D1387223B6C2E9CFE204B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/80203E22C8FA0050317D1387223B6C2E9CFE204B.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/4nYob2zryPbySzdA1s9prrVJfK8F3MUMgtcKbu7d5oGG/0/323830343a363731633a383030303a3a2f33332d3333203d3e20323639363034.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:671c:8000::/33

    Signature Algorithm: sha256WithRSAEncryption
         5e:21:fe:ff:2e:01:47:9b:65:59:26:ea:da:0c:ad:d2:05:32:
         5e:31:b3:b1:87:7a:2f:62:c4:c8:9e:31:fe:7e:40:24:b0:ec:
         59:83:aa:3a:d9:91:dc:aa:6b:46:34:63:6b:90:f4:fc:05:31:
         49:d5:67:83:b1:f9:05:40:1e:31:fb:52:12:33:c0:41:0e:a7:
         85:3a:11:d5:55:c8:b7:f2:4a:de:56:59:55:a9:47:b8:0a:3f:
         16:70:bf:8b:dd:87:33:48:57:24:64:d2:b2:91:b2:99:ea:14:
         c8:1f:7c:b3:3b:b9:c3:ed:64:f6:cb:c1:13:32:8e:3a:27:c9:
         0f:ec:df:0e:59:36:09:2f:cc:28:10:46:0b:bf:cf:e2:2a:da:
         9d:d5:80:3c:85:7f:5f:fa:f4:85:89:cb:5c:45:cd:f0:12:a1:
         34:29:c1:5d:1b:d3:06:ae:17:41:c4:26:ea:d0:34:46:fd:31:
         ff:6a:c7:0e:7e:09:36:4e:83:12:9d:85:a3:3a:76:5f:4c:c9:
         b9:97:27:19:27:0d:40:6e:bf:3f:f5:17:70:92:93:36:0f:0d:
         88:98:99:a7:41:09:51:84:f4:41:a1:1f:0a:36:b4:d0:43:46:
         ef:8f:b1:85:dc:b9:f9:67:83:5a:67:1b:59:5f:3b:ca:27:20:
         87:c6:dc:1f
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUU1U2OGwLCfrQnqQlU3PM771PhWswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODAyMDNFMjJDOEZBMDA1MDMxN0QxMzg3MjIzQjZDMkU5
Q0ZFMjA0QjAeFw0yNTA1MDEyMjM4NTJaFw0yNjA0MzAyMjQzNTJaMDMxMTAvBgNV
BAMTKDI4MEI0OTdCRjQxODgxMDZGMkJFQjlFODU1NTc0NTUyMkQ1QjhDMEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpgCOO65wQPiLOmXyC8zXxHmWc
SCRE+S2KYSPpMH3CEV8qinWZHrLCaPHruukHv+v5ZvUXd5kly4PhBY54RiOHTWWw
BTImFCESBGdJXJH/9qFVrVdFj10+i3oMHm7i+EYUjxwcow65nQwMfu1tTIV4S6ZO
LZI99s4PwcYrLkV5nsoe99VwPDKXXAA16UO3kyd3w0geHbgXRUQ5Bbu5iusgKr6G
ExWwcngFhTivhF6pzs748Cu8q9l4LRcnsgwxA6fT40sP3uoImRBBDJiP+JSFbt9e
H5sh9hT8jUkLbs1eJV4LGCeUc8kmcxPJTsdragASjlCK6D9sQkdKxOVerx0JAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUKAtJe/QYgQbyvrnoVVdFUi1bjAowHwYDVR0j
BBgwFoAUgCA+Isj6AFAxfROHIjtsLpz+IEswDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNG5Zb2IyenJ5UGJ5U3pkQTFzOXByclZKZks4RjNNVU1ndGNLYnU3ZDVv
R0cvMC84MDIwM0UyMkM4RkEwMDUwMzE3RDEzODcyMjNCNkMyRTlDRkUyMDRCLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzgwMjAzRTIyQzhGQTAwNTAz
MTdEMTM4NzIyM0I2QzJFOUNGRTIwNEIuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzRuWW9iMnpyeVBieVN6ZEExczlwcnJWSmZLOEYzTVVNZ3RjS2J1N2Q1b0dHLzAv
MzIzODMwMzQzYTM2MzczMTYzM2EzODMwMzAzMDNhM2EyZjMzMzMyZDMzMzMyMDNk
M2UyMDMyMzYzOTM2MzAzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBygEZxyAMA0GCSqGSIb3DQEBCwUA
A4IBAQBeIf7/LgFHm2VZJuraDK3SBTJeMbOxh3ovYsTInjH+fkAksOxZg6o62ZHc
qmtGNGNrkPT8BTFJ1WeDsfkFQB4x+1ISM8BBDqeFOhHVVci38kreVllVqUe4Cj8W
cL+L3YczSFckZNKykbKZ6hTIH3yzO7nD7WT2y8ETMo46J8kP7N8OWTYJL8woEEYL
v8/iKtqd1YA8hX9f+vSFictcRc3wEqE0KcFdG9MGrhdBxCbq0DRG/TH/ascOfgk2
ToMSnYWjOnZfTMm5lycZJw1Abr8/9RdwkpM2Dw2ImJmnQQlRhPRBoR8KNrTQQ0bv
j7GF3Ln5Z4NaZxtZXzvKJyCHxtwf
-----END CERTIFICATE-----
Generated at Sat Jun 14 07:28:18 2025 by rpki-client