Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/7HsRNe9ghTFCgLbczyhLtDCmq1y76PjLsA5hL5F3E7Sk/0/323830343a383030303a383030303a3a2f33332d3333203d3e20323731373233.roa
File:                     323830343a383030303a383030303a3a2f33332d3333203d3e20323731373233.roa (raw, json)
Hash identifier:          h7Kv+zxSfT3tP9oYJdoUTulCa62bqCSpyNfGiBC+m9w=
Subject key identifier:   8B:EF:78:DD:86:A7:B1:BB:C2:E7:C9:2D:06:D7:D9:72:32:8C:EA:2A
Certificate issuer:       /CN=C5FAC883F52999ACF758B4E2B97F23641E0B1141
Certificate serial:       33AD227FB853E5A65035DF7FAF89722147E508C2
Authority key identifier: C5:FA:C8:83:F5:29:99:AC:F7:58:B4:E2:B9:7F:23:64:1E:0B:11:41
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C5FAC883F52999ACF758B4E2B97F23641E0B1141.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/7HsRNe9ghTFCgLbczyhLtDCmq1y76PjLsA5hL5F3E7Sk/0/323830343a383030303a383030303a3a2f33332d3333203d3e20323731373233.roa
Signing time:             Fri 16 May 2025 13:37:53 +0000
ROA not before:           Fri 16 May 2025 13:32:53 +0000
ROA not after:            Fri 15 May 2026 13:37:53 +0000
asID:                     271723
IP address blocks:        2804:8000:8000::/33 maxlen: 33
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/7HsRNe9ghTFCgLbczyhLtDCmq1y76PjLsA5hL5F3E7Sk/0/C5FAC883F52999ACF758B4E2B97F23641E0B1141.crl
                          rsync://rpki-repo.registro.br/repo/7HsRNe9ghTFCgLbczyhLtDCmq1y76PjLsA5hL5F3E7Sk/0/C5FAC883F52999ACF758B4E2B97F23641E0B1141.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C5FAC883F52999ACF758B4E2B97F23641E0B1141.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 21:18:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:ad:22:7f:b8:53:e5:a6:50:35:df:7f:af:89:72:21:47:e5:08:c2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C5FAC883F52999ACF758B4E2B97F23641E0B1141
        Validity
            Not Before: May 16 13:32:53 2025 GMT
            Not After : May 15 13:37:53 2026 GMT
        Subject: CN=8BEF78DD86A7B1BBC2E7C92D06D7D972328CEA2A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:b9:5c:34:ae:64:80:45:70:52:44:64:c0:1f:
                    69:3c:09:38:a8:b1:af:09:f0:9d:e3:63:eb:f2:f0:
                    44:24:51:37:53:ab:60:a8:03:87:10:68:d8:01:79:
                    92:52:31:15:30:a5:ee:50:ba:4d:e8:4c:01:66:87:
                    b6:02:1f:aa:ab:c8:eb:ff:0b:7f:99:6d:7d:02:04:
                    c2:5d:7b:54:00:58:7f:60:90:4e:1c:e7:5e:0e:97:
                    c3:6b:63:41:bb:19:fa:dc:db:5e:33:f6:fd:7a:dd:
                    74:02:b4:ff:bd:b2:b3:0c:74:bc:8b:44:fd:a8:db:
                    dd:45:5a:41:da:5a:ab:70:66:e9:67:5f:98:db:c6:
                    f3:9f:bb:9d:88:c2:80:74:cd:98:4a:38:60:0a:2b:
                    ea:a4:c3:8e:39:6a:85:26:17:1f:4c:1a:d4:b6:bf:
                    87:5d:72:a3:4e:f9:07:c8:5b:7e:ae:44:d8:d8:dc:
                    4e:35:22:ac:27:bb:42:ee:45:64:67:47:0c:b6:e8:
                    61:5f:77:7c:bb:f7:6d:b7:55:86:11:7e:de:51:a8:
                    74:d3:96:df:84:de:83:db:c3:27:2a:fb:6d:9c:3e:
                    1f:89:51:e0:48:3b:9a:86:7e:e9:65:d2:c5:24:cf:
                    00:8c:d3:ee:f6:cf:d1:31:9f:54:7e:9c:89:f5:55:
                    00:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8B:EF:78:DD:86:A7:B1:BB:C2:E7:C9:2D:06:D7:D9:72:32:8C:EA:2A
            X509v3 Authority Key Identifier:
                keyid:C5:FA:C8:83:F5:29:99:AC:F7:58:B4:E2:B9:7F:23:64:1E:0B:11:41

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/7HsRNe9ghTFCgLbczyhLtDCmq1y76PjLsA5hL5F3E7Sk/0/C5FAC883F52999ACF758B4E2B97F23641E0B1141.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C5FAC883F52999ACF758B4E2B97F23641E0B1141.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/7HsRNe9ghTFCgLbczyhLtDCmq1y76PjLsA5hL5F3E7Sk/0/323830343a383030303a383030303a3a2f33332d3333203d3e20323731373233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:8000:8000::/33

    Signature Algorithm: sha256WithRSAEncryption
         04:d4:79:a9:9c:30:3e:62:a0:26:8f:09:ce:1d:31:aa:09:99:
         f8:34:77:15:17:63:17:20:2e:cd:a9:1e:b9:6d:27:1a:87:8b:
         82:51:82:6a:bc:c5:3b:52:8a:32:e0:de:62:53:a8:80:28:11:
         6c:45:6a:5e:b3:c5:fa:85:95:3a:6f:ae:46:87:18:38:69:4e:
         0d:ce:66:fa:c4:10:80:14:2a:83:23:a0:57:71:29:50:f4:10:
         9b:d8:d1:26:5f:ac:66:8a:37:bd:bd:cb:fa:b0:09:92:bf:88:
         34:f9:56:d4:fe:37:11:01:f0:e4:95:ab:5c:84:ef:77:e1:c4:
         fc:d6:cf:dc:c4:7d:df:86:88:bb:51:83:68:8e:99:7b:6d:5f:
         fd:55:07:a2:bf:7b:86:ef:3a:5d:26:84:fc:04:0e:f2:00:f8:
         d4:ca:b8:a1:55:8c:6b:82:03:ed:c2:45:b1:08:cd:9c:be:9e:
         e7:40:38:09:e6:27:4b:f8:a5:85:1f:53:a6:a9:51:3a:a5:8d:
         08:9c:ec:15:e4:df:e0:bc:1e:ee:12:8b:6f:d1:34:fe:1d:35:
         89:eb:98:d3:62:ff:00:17:05:f4:97:09:f3:ee:81:da:3e:ab:
         41:ac:35:2f:ff:5c:49:fc:74:ff:44:c6:d4:9f:29:af:b9:15:
         3f:21:34:53
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUM60if7hT5aZQNd9/r4lyIUflCMIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzVGQUM4ODNGNTI5OTlBQ0Y3NThCNEUyQjk3RjIzNjQx
RTBCMTE0MTAeFw0yNTA1MTYxMzMyNTNaFw0yNjA1MTUxMzM3NTNaMDMxMTAvBgNV
BAMTKDhCRUY3OEREODZBN0IxQkJDMkU3QzkyRDA2RDdEOTcyMzI4Q0VBMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtuVw0rmSARXBSRGTAH2k8CTio
sa8J8J3jY+vy8EQkUTdTq2CoA4cQaNgBeZJSMRUwpe5Quk3oTAFmh7YCH6qryOv/
C3+ZbX0CBMJde1QAWH9gkE4c514Ol8NrY0G7Gfrc214z9v163XQCtP+9srMMdLyL
RP2o291FWkHaWqtwZulnX5jbxvOfu52IwoB0zZhKOGAKK+qkw445aoUmFx9MGtS2
v4ddcqNO+QfIW36uRNjY3E41Iqwnu0LuRWRnRwy26GFfd3y79223VYYRft5RqHTT
lt+E3oPbwycq+22cPh+JUeBIO5qGfull0sUkzwCM0+72z9Exn1R+nIn1VQBdAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUi+943YansbvC58ktBtfZcjKM6iowHwYDVR0j
BBgwFoAUxfrIg/Upmaz3WLTiuX8jZB4LEUEwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vN0hzUk5lOWdoVEZDZ0xiY3p5aEx0RENtcTF5NzZQakxzQTVoTDVGM0U3
U2svMC9DNUZBQzg4M0Y1Mjk5OUFDRjc1OEI0RTJCOTdGMjM2NDFFMEIxMTQxLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0M1RkFDODgzRjUyOTk5QUNG
NzU4QjRFMkI5N0YyMzY0MUUwQjExNDEuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzdIc1JOZTlnaFRGQ2dMYmN6eWhMdERDbXExeTc2UGpMc0E1aEw1RjNFN1NrLzAv
MzIzODMwMzQzYTM4MzAzMDMwM2EzODMwMzAzMDNhM2EyZjMzMzMyZDMzMzMyMDNk
M2UyMDMyMzczMTM3MzIzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBygEgACAMA0GCSqGSIb3DQEBCwUA
A4IBAQAE1HmpnDA+YqAmjwnOHTGqCZn4NHcVF2MXIC7NqR65bScah4uCUYJqvMU7
Uooy4N5iU6iAKBFsRWpes8X6hZU6b65Ghxg4aU4Nzmb6xBCAFCqDI6BXcSlQ9BCb
2NEmX6xmije9vcv6sAmSv4g0+VbU/jcRAfDklatchO934cT81s/cxH3fhoi7UYNo
jpl7bV/9VQeiv3uG7zpdJoT8BA7yAPjUyrihVYxrggPtwkWxCM2cvp7nQDgJ5idL
+KWFH1OmqVE6pY0InOwV5N/gvB7uEotv0TT+HTWJ65jTYv8AFwX0lwnz7oHaPqtB
rDUv/1xJ/HT/RMbUnymvuRU/ITRT
-----END CERTIFICATE-----
Generated at Wed Jun 11 14:38:03 2025 by rpki-client