Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/5x1DBr5uij9rUuc39pJTi2PBYzEiyBjXmZPicKy5AeUM/0/323830343a373066633a383030303a3a2f33332d3333203d3e20323730373630.roa
File:                     323830343a373066633a383030303a3a2f33332d3333203d3e20323730373630.roa (raw, json)
Hash identifier:          hf1F2YaVDXnl+C13utSppxBEyxX2+9m+uCVTwJk+Sig=
Subject key identifier:   06:9D:A1:83:6C:75:67:B8:55:D2:04:C0:42:F4:64:16:D0:5D:3F:FC
Certificate issuer:       /CN=BDF984AA7B5F31ECB2ECE2B568883C09865443CB
Certificate serial:       364E15EDAC42043AA871F069F2A04605BD0750BD
Authority key identifier: BD:F9:84:AA:7B:5F:31:EC:B2:EC:E2:B5:68:88:3C:09:86:54:43:CB
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BDF984AA7B5F31ECB2ECE2B568883C09865443CB.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/5x1DBr5uij9rUuc39pJTi2PBYzEiyBjXmZPicKy5AeUM/0/323830343a373066633a383030303a3a2f33332d3333203d3e20323730373630.roa
Signing time:             Fri 16 May 2025 13:17:45 +0000
ROA not before:           Fri 16 May 2025 13:12:45 +0000
ROA not after:            Fri 15 May 2026 13:17:45 +0000
asID:                     270760
IP address blocks:        2804:70fc:8000::/33 maxlen: 33
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/5x1DBr5uij9rUuc39pJTi2PBYzEiyBjXmZPicKy5AeUM/0/BDF984AA7B5F31ECB2ECE2B568883C09865443CB.crl
                          rsync://rpki-repo.registro.br/repo/5x1DBr5uij9rUuc39pJTi2PBYzEiyBjXmZPicKy5AeUM/0/BDF984AA7B5F31ECB2ECE2B568883C09865443CB.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BDF984AA7B5F31ECB2ECE2B568883C09865443CB.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Jun 2025 10:57:02 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:4e:15:ed:ac:42:04:3a:a8:71:f0:69:f2:a0:46:05:bd:07:50:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BDF984AA7B5F31ECB2ECE2B568883C09865443CB
        Validity
            Not Before: May 16 13:12:45 2025 GMT
            Not After : May 15 13:17:45 2026 GMT
        Subject: CN=069DA1836C7567B855D204C042F46416D05D3FFC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:eb:58:c2:2c:fe:d5:4a:fb:8d:c2:91:c5:3e:a6:
                    08:d0:fb:26:46:fb:4a:ba:c0:57:2c:bf:9f:a3:02:
                    4e:fb:58:a4:a7:02:fb:c6:89:de:7d:ba:5f:93:e3:
                    be:0a:c9:d9:74:61:ba:f5:e2:88:68:4f:9a:2a:ac:
                    5c:cb:49:2e:9a:d3:4e:02:b0:d2:45:c9:74:48:c9:
                    41:14:ed:51:e8:82:e6:98:59:c5:b7:46:02:0d:fe:
                    9c:a6:19:35:21:d0:93:6e:97:8d:ee:3b:80:3f:f7:
                    08:b1:a6:f0:e9:7f:d1:4d:93:bf:ca:ed:e5:8a:9a:
                    23:80:f9:00:61:fe:65:b5:11:27:0f:15:cc:e6:68:
                    01:a5:d0:7a:62:fe:00:ce:ac:44:25:f4:2f:07:79:
                    f7:59:a0:3d:77:f7:b1:fe:72:bf:5c:17:3c:f6:6a:
                    8b:02:dd:00:70:87:34:64:f5:30:84:71:41:ba:fd:
                    f6:08:4b:8d:66:1b:18:04:3b:e6:b3:91:c7:bd:3c:
                    db:a9:4a:c2:37:a4:4c:7d:8d:10:aa:bc:57:e0:6e:
                    21:37:24:2a:0c:8a:c4:64:d0:80:52:13:17:e9:e5:
                    ba:b4:2c:75:97:fe:7c:cd:b1:7e:27:2a:6d:49:93:
                    78:b0:ab:c1:25:72:e4:41:e6:7e:b0:83:e9:84:3e:
                    da:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:9D:A1:83:6C:75:67:B8:55:D2:04:C0:42:F4:64:16:D0:5D:3F:FC
            X509v3 Authority Key Identifier:
                keyid:BD:F9:84:AA:7B:5F:31:EC:B2:EC:E2:B5:68:88:3C:09:86:54:43:CB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/5x1DBr5uij9rUuc39pJTi2PBYzEiyBjXmZPicKy5AeUM/0/BDF984AA7B5F31ECB2ECE2B568883C09865443CB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BDF984AA7B5F31ECB2ECE2B568883C09865443CB.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/5x1DBr5uij9rUuc39pJTi2PBYzEiyBjXmZPicKy5AeUM/0/323830343a373066633a383030303a3a2f33332d3333203d3e20323730373630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:70fc:8000::/33

    Signature Algorithm: sha256WithRSAEncryption
         42:87:d8:c6:e9:c8:5c:d1:5b:a3:9e:92:d9:43:3a:ba:36:b1:
         ee:a8:53:70:61:3e:5e:4c:11:5f:f9:0c:80:18:9b:ca:af:59:
         b6:7e:5f:ec:1f:2e:09:5b:d1:cd:d9:21:c8:4f:a2:59:bb:12:
         d3:de:e4:af:a0:c0:85:b4:39:bf:28:3e:3a:92:16:07:41:64:
         1b:61:cd:cd:eb:f7:54:78:ac:68:0b:f2:b6:63:c4:2a:c3:c5:
         55:71:99:66:8c:41:2a:70:2b:20:f0:64:dd:02:de:4b:de:d3:
         dc:ce:a6:49:e3:b0:eb:c5:1d:9e:cf:36:2b:e5:07:74:12:dc:
         ce:fe:da:62:6e:8a:47:46:a8:16:21:36:a7:0a:e5:78:1d:d8:
         5e:f9:f4:e5:5b:01:19:f1:4b:95:ec:ea:1e:b8:57:ea:75:0f:
         68:a5:48:ac:70:24:05:21:09:42:45:fe:14:1b:92:f5:5f:b9:
         c2:79:d8:0f:6c:95:ef:b1:1d:56:b4:c2:36:84:bf:ba:ca:44:
         0f:12:02:07:0b:7c:7c:f1:f2:3d:80:6a:49:83:2d:81:cf:08:
         32:4e:8a:4a:a5:5f:a6:59:1f:b3:d5:04:fa:37:88:84:63:f5:
         1b:49:53:45:ac:6f:48:56:a1:7d:3e:df:ce:5b:47:3d:92:b9:
         d3:90:59:4c
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUNk4V7axCBDqocfBp8qBGBb0HUL0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkRGOTg0QUE3QjVGMzFFQ0IyRUNFMkI1Njg4ODNDMDk4
NjU0NDNDQjAeFw0yNTA1MTYxMzEyNDVaFw0yNjA1MTUxMzE3NDVaMDMxMTAvBgNV
BAMTKDA2OURBMTgzNkM3NTY3Qjg1NUQyMDRDMDQyRjQ2NDE2RDA1RDNGRkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrWMIs/tVK+43CkcU+pgjQ+yZG
+0q6wFcsv5+jAk77WKSnAvvGid59ul+T474Kydl0Ybr14ohoT5oqrFzLSS6a004C
sNJFyXRIyUEU7VHoguaYWcW3RgIN/pymGTUh0JNul43uO4A/9wixpvDpf9FNk7/K
7eWKmiOA+QBh/mW1EScPFczmaAGl0Hpi/gDOrEQl9C8HefdZoD1397H+cr9cFzz2
aosC3QBwhzRk9TCEcUG6/fYIS41mGxgEO+azkce9PNupSsI3pEx9jRCqvFfgbiE3
JCoMisRk0IBSExfp5bq0LHWX/nzNsX4nKm1Jk3iwq8ElcuRB5n6wg+mEPtrNAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUBp2hg2x1Z7hV0gTAQvRkFtBdP/wwHwYDVR0j
BBgwFoAUvfmEqntfMeyy7OK1aIg8CYZUQ8swDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNXgxREJyNXVpajlyVXVjMzlwSlRpMlBCWXpFaXlCalhtWlBpY0t5NUFl
VU0vMC9CREY5ODRBQTdCNUYzMUVDQjJFQ0UyQjU2ODg4M0MwOTg2NTQ0M0NCLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0JERjk4NEFBN0I1RjMxRUNC
MkVDRTJCNTY4ODgzQzA5ODY1NDQzQ0IuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzV4MURCcjV1aWo5clV1YzM5cEpUaTJQQll6RWl5QmpYbVpQaWNLeTVBZVVNLzAv
MzIzODMwMzQzYTM3MzA2NjYzM2EzODMwMzAzMDNhM2EyZjMzMzMyZDMzMzMyMDNk
M2UyMDMyMzczMDM3MzYzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBygEcPyAMA0GCSqGSIb3DQEBCwUA
A4IBAQBCh9jG6chc0VujnpLZQzq6NrHuqFNwYT5eTBFf+QyAGJvKr1m2fl/sHy4J
W9HN2SHIT6JZuxLT3uSvoMCFtDm/KD46khYHQWQbYc3N6/dUeKxoC/K2Y8Qqw8VV
cZlmjEEqcCsg8GTdAt5L3tPczqZJ47DrxR2ezzYr5Qd0EtzO/tpibopHRqgWITan
CuV4Hdhe+fTlWwEZ8UuV7OoeuFfqdQ9opUiscCQFIQlCRf4UG5L1X7nCedgPbJXv
sR1WtMI2hL+6ykQPEgIHC3x88fI9gGpJgy2BzwgyTopKpV+mWR+z1QT6N4iEY/Ub
SVNFrG9IVqF9Pt/OW0c9krnTkFlM
-----END CERTIFICATE-----
Generated at Thu Jun 12 15:05:33 2025 by rpki-client