Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/5x1DBr5uij9rUuc39pJTi2PBYzEiyBjXmZPicKy5AeUM/0/323830343a373066633a663030303a3a2f33362d3336203d3e20323730373630.roa
File:                     323830343a373066633a663030303a3a2f33362d3336203d3e20323730373630.roa (raw, json)
Hash identifier:          JouhrU7qheaRgpAuR/sprLKdFxt/EvznOysDwzYxw1s=
Subject key identifier:   8E:DD:A0:0A:EB:58:DB:3C:C8:70:0A:BD:FC:B7:F5:E6:7C:26:F1:85
Certificate issuer:       /CN=BDF984AA7B5F31ECB2ECE2B568883C09865443CB
Certificate serial:       5D8584A4AE9B93E92382A91E66F6AD60C48CF542
Authority key identifier: BD:F9:84:AA:7B:5F:31:EC:B2:EC:E2:B5:68:88:3C:09:86:54:43:CB
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BDF984AA7B5F31ECB2ECE2B568883C09865443CB.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/5x1DBr5uij9rUuc39pJTi2PBYzEiyBjXmZPicKy5AeUM/0/323830343a373066633a663030303a3a2f33362d3336203d3e20323730373630.roa
Signing time:             Fri 16 May 2025 13:17:46 +0000
ROA not before:           Fri 16 May 2025 13:12:46 +0000
ROA not after:            Fri 15 May 2026 13:17:46 +0000
asID:                     270760
IP address blocks:        2804:70fc:f000::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/5x1DBr5uij9rUuc39pJTi2PBYzEiyBjXmZPicKy5AeUM/0/BDF984AA7B5F31ECB2ECE2B568883C09865443CB.crl
                          rsync://rpki-repo.registro.br/repo/5x1DBr5uij9rUuc39pJTi2PBYzEiyBjXmZPicKy5AeUM/0/BDF984AA7B5F31ECB2ECE2B568883C09865443CB.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BDF984AA7B5F31ECB2ECE2B568883C09865443CB.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 03:29:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:85:84:a4:ae:9b:93:e9:23:82:a9:1e:66:f6:ad:60:c4:8c:f5:42
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BDF984AA7B5F31ECB2ECE2B568883C09865443CB
        Validity
            Not Before: May 16 13:12:46 2025 GMT
            Not After : May 15 13:17:46 2026 GMT
        Subject: CN=8EDDA00AEB58DB3CC8700ABDFCB7F5E67C26F185
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:65:c0:bb:c6:0c:fd:2b:45:b5:33:ab:a7:23:
                    5a:f2:36:a6:ca:08:f8:07:40:09:c6:c3:4b:6d:15:
                    fb:63:76:5e:71:d8:af:42:ca:71:b4:ab:c6:be:c2:
                    d4:a1:94:a0:5d:ac:60:64:dd:39:a2:c4:c3:10:7b:
                    9e:4f:74:fc:df:1c:c5:d7:4b:06:22:ab:1a:11:f5:
                    fd:33:88:ea:50:11:34:cb:72:97:32:c5:f6:14:83:
                    ba:0d:33:77:8d:59:79:bf:db:b3:08:97:73:df:d4:
                    c4:1d:9b:56:43:cb:21:6d:d7:cc:73:c9:08:ff:22:
                    06:66:8c:db:67:69:ff:b3:7a:cf:d6:f1:ef:94:97:
                    01:b7:52:13:fc:62:29:ea:91:3a:ab:ca:ef:f8:d2:
                    34:db:b4:d9:f3:27:d4:cf:cb:b9:d2:ae:a7:a6:50:
                    44:45:bd:a3:3e:a6:db:8d:08:d1:14:c4:d2:9d:df:
                    e3:0f:20:ce:c3:99:c3:c4:04:1b:fb:8c:12:6f:a2:
                    ba:63:ad:58:b8:eb:b3:41:55:09:25:de:3d:81:29:
                    48:2c:84:b1:a0:88:84:eb:06:9b:e5:ea:57:66:a1:
                    8b:ee:5e:49:9f:fa:92:e8:24:c8:9b:18:57:93:16:
                    28:5b:4b:0d:e2:16:12:a0:e4:ac:72:e5:e6:6c:78:
                    1b:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8E:DD:A0:0A:EB:58:DB:3C:C8:70:0A:BD:FC:B7:F5:E6:7C:26:F1:85
            X509v3 Authority Key Identifier:
                keyid:BD:F9:84:AA:7B:5F:31:EC:B2:EC:E2:B5:68:88:3C:09:86:54:43:CB

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/5x1DBr5uij9rUuc39pJTi2PBYzEiyBjXmZPicKy5AeUM/0/BDF984AA7B5F31ECB2ECE2B568883C09865443CB.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/BDF984AA7B5F31ECB2ECE2B568883C09865443CB.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/5x1DBr5uij9rUuc39pJTi2PBYzEiyBjXmZPicKy5AeUM/0/323830343a373066633a663030303a3a2f33362d3336203d3e20323730373630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:70fc:f000::/36

    Signature Algorithm: sha256WithRSAEncryption
         ac:4b:68:89:6c:59:5a:51:88:ae:83:69:36:b8:30:d8:de:3e:
         11:ff:c0:e4:69:80:6d:81:61:2b:4d:f6:9a:1b:9d:5c:54:bc:
         3a:62:17:bf:10:e3:a1:61:ad:de:ea:63:81:2a:43:58:bc:5a:
         c1:f0:77:ad:38:2c:f6:6a:47:ca:46:d3:af:b2:f5:d3:a6:df:
         8e:5d:09:3c:4f:7b:c0:b6:1b:3d:60:3c:be:33:4c:f1:90:e8:
         a5:73:a8:72:0e:ff:6f:11:a0:82:71:66:52:2f:c7:a8:e4:3c:
         34:21:72:99:f8:05:27:30:18:dd:71:1f:51:23:c8:3d:36:dd:
         6d:69:b0:e7:1f:07:ad:27:4b:ea:85:6c:11:d3:ea:0b:b2:ad:
         83:c0:03:df:33:16:9b:9a:0f:a1:46:1e:4f:d0:4b:2a:4d:2e:
         6f:d1:53:bc:12:3e:70:2a:5e:3b:eb:c4:76:38:d9:3d:8d:47:
         17:4c:6f:9a:b0:49:6c:75:83:fc:c2:3b:46:04:6f:a4:46:2b:
         b0:1f:46:be:31:57:63:19:2a:13:a9:87:b9:05:94:38:42:72:
         3b:47:da:6e:a8:ed:76:a9:33:d9:8d:f1:91:df:95:44:2c:b3:
         69:d7:68:cc:ba:b3:3a:83:ec:ca:2c:2e:95:44:80:1a:5b:d4:
         4f:cc:78:49
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUXYWEpK6bk+kjgqkeZvatYMSM9UIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQkRGOTg0QUE3QjVGMzFFQ0IyRUNFMkI1Njg4ODNDMDk4
NjU0NDNDQjAeFw0yNTA1MTYxMzEyNDZaFw0yNjA1MTUxMzE3NDZaMDMxMTAvBgNV
BAMTKDhFRERBMDBBRUI1OERCM0NDODcwMEFCREZDQjdGNUU2N0MyNkYxODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvZcC7xgz9K0W1M6unI1ryNqbK
CPgHQAnGw0ttFftjdl5x2K9CynG0q8a+wtShlKBdrGBk3TmixMMQe55PdPzfHMXX
SwYiqxoR9f0ziOpQETTLcpcyxfYUg7oNM3eNWXm/27MIl3Pf1MQdm1ZDyyFt18xz
yQj/IgZmjNtnaf+zes/W8e+UlwG3UhP8YinqkTqryu/40jTbtNnzJ9TPy7nSrqem
UERFvaM+ptuNCNEUxNKd3+MPIM7DmcPEBBv7jBJvorpjrVi467NBVQkl3j2BKUgs
hLGgiITrBpvl6ldmoYvuXkmf+pLoJMibGFeTFihbSw3iFhKg5Kxy5eZseBsRAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUjt2gCutY2zzIcAq9/Lf15nwm8YUwHwYDVR0j
BBgwFoAUvfmEqntfMeyy7OK1aIg8CYZUQ8swDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNXgxREJyNXVpajlyVXVjMzlwSlRpMlBCWXpFaXlCalhtWlBpY0t5NUFl
VU0vMC9CREY5ODRBQTdCNUYzMUVDQjJFQ0UyQjU2ODg4M0MwOTg2NTQ0M0NCLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0JERjk4NEFBN0I1RjMxRUNC
MkVDRTJCNTY4ODgzQzA5ODY1NDQzQ0IuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzV4MURCcjV1aWo5clV1YzM5cEpUaTJQQll6RWl5QmpYbVpQaWNLeTVBZVVNLzAv
MzIzODMwMzQzYTM3MzA2NjYzM2E2NjMwMzAzMDNhM2EyZjMzMzYyZDMzMzYyMDNk
M2UyMDMyMzczMDM3MzYzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCgEcPzwMA0GCSqGSIb3DQEBCwUA
A4IBAQCsS2iJbFlaUYiug2k2uDDY3j4R/8DkaYBtgWErTfaaG51cVLw6Yhe/EOOh
Ya3e6mOBKkNYvFrB8HetOCz2akfKRtOvsvXTpt+OXQk8T3vAths9YDy+M0zxkOil
c6hyDv9vEaCCcWZSL8eo5Dw0IXKZ+AUnMBjdcR9RI8g9Nt1tabDnHwetJ0vqhWwR
0+oLsq2DwAPfMxabmg+hRh5P0EsqTS5v0VO8Ej5wKl4768R2ONk9jUcXTG+asEls
dYP8wjtGBG+kRiuwH0a+MVdjGSoTqYe5BZQ4QnI7R9puqO12qTPZjfGR35VELLNp
12jMurM6g+zKLC6VRIAaW9RPzHhJ
-----END CERTIFICATE-----
Generated at Tue Jun 10 03:45:43 2025 by rpki-client