Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/5x1DBr5uij9rUuc39pJTi2PBYzEiyBjXmZPicKy5AeUM/0/323830343a373066633a3a2f33332d3333203d3e20323730373630.roa
File:                     323830343a373066633a3a2f33332d3333203d3e20323730373630.roa (raw, json)
Hash identifier:          vURuvHBC3MGjzhxjuPUBi86HJrPM7hMo9nhVTwzH2vk=
Subject key identifier:   BD:6B:BB:44:89:84:C4:AD:2D:52:09:54:CE:68:BF:C0:A6:BC:1C:4C
Certificate issuer:       /CN=BDF984AA7B5F31ECB2ECE2B568883C09865443CB
Certificate serial:       1CD15AA32527B0A4D7D7F9FAAA936A356B753924
Authority key identifier: BD:F9:84:AA:7B:5F:31:EC:B2:EC:E2:B5:68:88:3C:09:86:54:43:CB
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BDF984AA7B5F31ECB2ECE2B568883C09865443CB.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/5x1DBr5uij9rUuc39pJTi2PBYzEiyBjXmZPicKy5AeUM/0/323830343a373066633a3a2f33332d3333203d3e20323730373630.roa
Signing time:             Fri 16 May 2025 13:17:44 +0000
ROA not before:           Fri 16 May 2025 13:12:44 +0000
ROA not after:            Fri 15 May 2026 13:17:44 +0000
asID:                     270760
IP address blocks:        2804:70fc::/33 maxlen: 33
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/5x1DBr5uij9rUuc39pJTi2PBYzEiyBjXmZPicKy5AeUM/0/BDF984AA7B5F31ECB2ECE2B568883C09865443CB.crl
                          rsync://rpki-repo.registro.br/repo/5x1DBr5uij9rUuc39pJTi2PBYzEiyBjXmZPicKy5AeUM/0/BDF984AA7B5F31ECB2ECE2B568883C09865443CB.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BDF984AA7B5F31ECB2ECE2B568883C09865443CB.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 03:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:d1:5a:a3:25:27:b0:a4:d7:d7:f9:fa:aa:93:6a:35:6b:75:39:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BDF984AA7B5F31ECB2ECE2B568883C09865443CB
        Validity
            Not Before: May 16 13:12:44 2025 GMT
            Not After : May 15 13:17:44 2026 GMT
        Subject: CN=BD6BBB448984C4AD2D520954CE68BFC0A6BC1C4C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:08:bb:13:53:34:f3:a0:44:76:70:54:fe:c0:
                    04:bc:6b:ab:5f:1b:10:7c:1d:3d:14:b1:3b:7e:82:
                    21:4f:0b:cf:f8:46:dc:a5:dd:df:25:93:81:70:6e:
                    de:df:da:51:b1:7f:ef:c8:59:03:47:b8:99:da:82:
                    e6:e2:e3:9e:d7:eb:54:b2:00:93:4e:c8:ab:6d:db:
                    24:6e:a3:ab:ff:9b:ab:f1:05:8b:e5:97:91:b0:87:
                    86:24:19:c4:2b:bc:a1:05:6b:46:c7:83:b1:64:f7:
                    03:71:0e:23:f2:6c:ef:ce:80:2c:26:b3:75:33:40:
                    86:c5:6c:ef:2c:66:f8:98:ab:25:d9:9a:e0:68:0b:
                    58:82:01:5c:d0:a3:fa:f0:63:38:33:31:88:a9:f4:
                    e2:92:c5:3d:e2:20:bc:2c:b6:5a:6f:89:fb:06:e9:
                    e8:c8:ac:ea:62:0a:0a:56:f2:5f:29:17:d1:88:dd:
                    cd:03:b5:7c:b2:dd:80:38:ab:ff:b3:fc:ca:68:e3:
                    e7:ad:21:d5:e1:06:50:32:0e:0b:4b:5e:54:5a:ad:
                    35:57:1f:d8:fe:1d:95:d1:fe:54:7d:81:09:a1:a9:
                    41:d8:4e:a1:ed:d9:92:e0:cf:4b:da:68:40:fe:73:
                    11:46:b0:86:a5:76:07:b9:ee:a9:55:4f:3e:e0:23:
                    c4:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:6B:BB:44:89:84:C4:AD:2D:52:09:54:CE:68:BF:C0:A6:BC:1C:4C
            X509v3 Authority Key Identifier:
                keyid:BD:F9:84:AA:7B:5F:31:EC:B2:EC:E2:B5:68:88:3C:09:86:54:43:CB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/5x1DBr5uij9rUuc39pJTi2PBYzEiyBjXmZPicKy5AeUM/0/BDF984AA7B5F31ECB2ECE2B568883C09865443CB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BDF984AA7B5F31ECB2ECE2B568883C09865443CB.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/5x1DBr5uij9rUuc39pJTi2PBYzEiyBjXmZPicKy5AeUM/0/323830343a373066633a3a2f33332d3333203d3e20323730373630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:70fc::/33

    Signature Algorithm: sha256WithRSAEncryption
         31:1d:cc:4d:a0:34:3d:e7:de:64:a1:a4:de:5d:0b:17:3c:a4:
         02:fc:d2:81:3a:8a:f6:82:eb:b2:51:09:01:d9:bf:4f:8f:ce:
         22:3e:a3:5e:9d:51:0d:cf:90:d8:25:08:2c:e6:11:23:64:a5:
         37:6e:3f:b6:09:69:84:40:92:a2:ac:dd:b5:e4:50:fb:70:a1:
         9c:17:77:2f:f8:66:0a:2c:a2:4f:f7:78:3a:98:d7:30:3b:19:
         e0:fe:3e:8e:70:bc:fe:94:35:2c:b4:ad:25:bb:2c:41:df:f1:
         5d:f7:aa:8d:bb:11:c5:88:52:ec:43:70:75:a6:b0:dc:bc:5d:
         5c:42:a6:ac:f4:46:f8:7a:9f:b6:d8:f0:77:36:19:14:0f:ab:
         d4:f9:94:6a:b2:e4:aa:28:f5:ed:bc:c9:c5:bf:29:fd:0f:71:
         fb:a5:fa:14:cd:54:d7:9e:72:5f:95:ca:b8:18:96:73:84:01:
         a7:70:0e:5a:9f:8c:50:8e:0b:22:b2:33:da:5e:27:4b:5a:f1:
         2f:03:97:99:8e:9b:d8:67:52:ff:09:5a:8f:28:f8:7d:74:52:
         1c:a6:45:9c:31:f0:c3:20:25:0e:e7:be:5d:bf:94:4e:fd:b8:
         d0:c8:8d:cb:ae:17:a8:99:d3:74:00:29:45:0b:a2:4d:b8:0e:
         ce:60:a8:ca
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUHNFaoyUnsKTX1/n6qpNqNWt1OSQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkRGOTg0QUE3QjVGMzFFQ0IyRUNFMkI1Njg4ODNDMDk4
NjU0NDNDQjAeFw0yNTA1MTYxMzEyNDRaFw0yNjA1MTUxMzE3NDRaMDMxMTAvBgNV
BAMTKEJENkJCQjQ0ODk4NEM0QUQyRDUyMDk1NENFNjhCRkMwQTZCQzFDNEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUCLsTUzTzoER2cFT+wAS8a6tf
GxB8HT0UsTt+giFPC8/4Rtyl3d8lk4Fwbt7f2lGxf+/IWQNHuJnagubi457X61Sy
AJNOyKtt2yRuo6v/m6vxBYvll5Gwh4YkGcQrvKEFa0bHg7Fk9wNxDiPybO/OgCwm
s3UzQIbFbO8sZviYqyXZmuBoC1iCAVzQo/rwYzgzMYip9OKSxT3iILwstlpvifsG
6ejIrOpiCgpW8l8pF9GI3c0DtXyy3YA4q/+z/Mpo4+etIdXhBlAyDgtLXlRarTVX
H9j+HZXR/lR9gQmhqUHYTqHt2ZLgz0vaaED+cxFGsIaldge57qlVTz7gI8TRAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUvWu7RImExK0tUglUzmi/wKa8HEwwHwYDVR0j
BBgwFoAUvfmEqntfMeyy7OK1aIg8CYZUQ8swDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNXgxREJyNXVpajlyVXVjMzlwSlRpMlBCWXpFaXlCalhtWlBpY0t5NUFl
VU0vMC9CREY5ODRBQTdCNUYzMUVDQjJFQ0UyQjU2ODg4M0MwOTg2NTQ0M0NCLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0JERjk4NEFBN0I1RjMxRUNC
MkVDRTJCNTY4ODgzQzA5ODY1NDQzQ0IuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzV4MURCcjV1aWo5clV1YzM5cEpUaTJQQll6RWl5QmpYbVpQaWNLeTVBZVVNLzAv
MzIzODMwMzQzYTM3MzA2NjYzM2EzYTJmMzMzMzJkMzMzMzIwM2QzZTIwMzIzNzMw
MzczNjMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEH
AQH/BBIwEDAOBAIAAjAIAwYHKARw/AAwDQYJKoZIhvcNAQELBQADggEBADEdzE2g
ND3n3mShpN5dCxc8pAL80oE6ivaC67JRCQHZv0+PziI+o16dUQ3PkNglCCzmESNk
pTduP7YJaYRAkqKs3bXkUPtwoZwXdy/4Zgosok/3eDqY1zA7GeD+Po5wvP6UNSy0
rSW7LEHf8V33qo27EcWIUuxDcHWmsNy8XVxCpqz0Rvh6n7bY8Hc2GRQPq9T5lGqy
5Koo9e28ycW/Kf0Pcful+hTNVNeecl+VyrgYlnOEAadwDlqfjFCOCyKyM9peJ0ta
8S8Dl5mOm9hnUv8JWo8o+H10UhymRZwx8MMgJQ7nvl2/lE79uNDIjcuuF6iZ03QA
KUULok24Ds5gqMo=
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:26:35 2025 by rpki-client