Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/323830343a326265303a373230303a3a2f34302d3430203d3e20323632353033.roa
File:                     323830343a326265303a373230303a3a2f34302d3430203d3e20323632353033.roa (raw, json)
Hash identifier:          4JYodFJ9x6SuV10cvxDNDrV0mW10876LzKXGTK+mG+E=
Subject key identifier:   BF:CB:10:BB:8D:09:28:11:6D:D9:12:2B:36:03:6D:0F:39:A2:04:01
Certificate issuer:       /CN=123B03D46660DEE9B32E2712342EB4F48591C7B6
Certificate serial:       2CACA8A16E9831584B448580076A86970AD5A349
Authority key identifier: 12:3B:03:D4:66:60:DE:E9:B3:2E:27:12:34:2E:B4:F4:85:91:C7:B6
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/123B03D46660DEE9B32E2712342EB4F48591C7B6.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/323830343a326265303a373230303a3a2f34302d3430203d3e20323632353033.roa
Signing time:             Tue 19 Aug 2025 20:06:20 +0000
ROA not before:           Tue 19 Aug 2025 20:01:20 +0000
ROA not after:            Tue 18 Aug 2026 20:06:20 +0000
asID:                     262503
IP address blocks:        2804:2be0:7200::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/123B03D46660DEE9B32E2712342EB4F48591C7B6.crl
                          rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/123B03D46660DEE9B32E2712342EB4F48591C7B6.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/123B03D46660DEE9B32E2712342EB4F48591C7B6.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 21 Aug 2025 16:17:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2c:ac:a8:a1:6e:98:31:58:4b:44:85:80:07:6a:86:97:0a:d5:a3:49
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=123B03D46660DEE9B32E2712342EB4F48591C7B6
        Validity
            Not Before: Aug 19 20:01:20 2025 GMT
            Not After : Aug 18 20:06:20 2026 GMT
        Subject: CN=BFCB10BB8D0928116DD9122B36036D0F39A20401
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:0d:85:5e:7e:15:c0:73:80:dc:f0:94:a0:ef:
                    78:18:c2:e0:c8:b9:a7:af:1d:44:85:b2:2a:78:00:
                    88:10:db:c2:6c:8e:33:7d:4d:84:19:7e:aa:0d:06:
                    7e:8c:5d:d5:04:f9:5e:15:22:4b:4d:29:f4:d8:f5:
                    50:9b:9b:11:32:42:b0:f4:04:54:c1:3b:fa:e8:fa:
                    4a:ae:f6:45:0a:6b:d1:8e:a5:27:f3:72:b8:4f:cb:
                    a9:95:12:52:b5:91:f9:64:2c:63:48:e5:9d:7d:f5:
                    37:a5:8e:ea:21:60:ee:27:34:7d:fc:f7:17:ca:84:
                    fe:e0:37:aa:6b:0c:d2:19:f7:4c:fc:bb:25:19:d6:
                    b3:21:ca:20:3a:a0:74:94:b7:94:e2:fe:fb:22:c2:
                    67:8f:36:4e:5c:ea:31:41:4a:b9:39:50:c1:44:99:
                    dd:6d:66:d9:3a:af:81:e0:0b:a1:bd:c7:95:4d:d2:
                    76:ab:2f:4e:4c:f9:0c:dd:50:3f:dd:ae:8a:a5:8d:
                    da:ed:82:dc:73:47:e5:df:de:24:90:7c:10:af:6c:
                    e6:4a:8c:c9:98:33:cb:b4:73:72:60:3d:31:bc:31:
                    86:65:fc:25:61:d7:56:e3:c6:86:21:29:2c:62:8a:
                    e2:7e:28:08:02:3c:0e:dc:f5:a2:99:d3:65:83:88:
                    62:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:CB:10:BB:8D:09:28:11:6D:D9:12:2B:36:03:6D:0F:39:A2:04:01
            X509v3 Authority Key Identifier:
                keyid:12:3B:03:D4:66:60:DE:E9:B3:2E:27:12:34:2E:B4:F4:85:91:C7:B6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/123B03D46660DEE9B32E2712342EB4F48591C7B6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/123B03D46660DEE9B32E2712342EB4F48591C7B6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/323830343a326265303a373230303a3a2f34302d3430203d3e20323632353033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:2be0:7200::/40

    Signature Algorithm: sha256WithRSAEncryption
         a1:28:a5:f2:23:24:4f:7b:bc:e4:04:7e:de:53:19:23:41:b7:
         7a:08:0a:a9:ca:99:9e:a5:1f:74:1c:19:d1:03:2a:0c:c1:26:
         bf:c2:d6:2f:c4:15:6a:92:5f:7d:00:1d:37:34:94:a1:29:20:
         39:4a:c8:38:d4:c6:fc:43:74:20:ac:26:8b:3a:0e:de:9d:93:
         d4:7a:e4:ba:bc:b8:06:41:a9:90:97:76:c0:eb:a3:4e:1c:25:
         88:fd:ab:43:69:a4:ae:93:0e:3b:3b:40:cb:59:ba:77:81:83:
         6c:3b:de:62:09:c6:e3:17:52:6e:0f:74:26:f6:12:2d:3c:da:
         c4:2a:eb:ea:9b:35:92:f5:b1:dc:2f:dd:fd:c8:aa:c6:c1:0b:
         05:7d:13:89:26:73:50:d1:fb:52:97:c5:5d:d1:7b:11:a7:12:
         ef:d2:ac:78:15:41:29:02:f2:42:29:be:14:9d:a6:80:73:46:
         90:d5:33:06:68:54:65:25:e4:d9:f1:2e:c6:fe:2c:71:3d:0f:
         ca:bc:a1:b4:0e:80:eb:44:90:73:d2:22:99:38:22:25:2b:ee:
         74:80:07:d7:43:f2:48:c0:5b:d7:a4:46:4a:cb:84:21:06:8b:
         54:a0:a0:8d:c7:0c:2f:1a:0d:8d:7f:2b:43:c9:47:de:5a:e5:
         d4:ef:15:11
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIULKyooW6YMVhLRIWAB2qGlwrVo0kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTIzQjAzRDQ2NjYwREVFOUIzMkUyNzEyMzQyRUI0RjQ4
NTkxQzdCNjAeFw0yNTA4MTkyMDAxMjBaFw0yNjA4MTgyMDA2MjBaMDMxMTAvBgNV
BAMTKEJGQ0IxMEJCOEQwOTI4MTE2REQ5MTIyQjM2MDM2RDBGMzlBMjA0MDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDWDYVefhXAc4Dc8JSg73gYwuDI
uaevHUSFsip4AIgQ28JsjjN9TYQZfqoNBn6MXdUE+V4VIktNKfTY9VCbmxEyQrD0
BFTBO/ro+kqu9kUKa9GOpSfzcrhPy6mVElK1kflkLGNI5Z199TeljuohYO4nNH38
9xfKhP7gN6prDNIZ90z8uyUZ1rMhyiA6oHSUt5Ti/vsiwmePNk5c6jFBSrk5UMFE
md1tZtk6r4HgC6G9x5VN0narL05M+QzdUD/droqljdrtgtxzR+Xf3iSQfBCvbOZK
jMmYM8u0c3JgPTG8MYZl/CVh11bjxoYhKSxiiuJ+KAgCPA7c9aKZ02WDiGJvAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUv8sQu40JKBFt2RIrNgNtDzmiBAEwHwYDVR0j
BBgwFoAUEjsD1GZg3umzLicSNC609IWRx7YwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOEVvNVFNbXF0ZGltNGp3bzVBdFR1UEprUWl6UGNtV1NtOWZvUnVmWU1G
a0YvMC8xMjNCMDNENDY2NjBERUU5QjMyRTI3MTIzNDJFQjRGNDg1OTFDN0I2LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzEyM0IwM0Q0NjY2MERFRTlC
MzJFMjcxMjM0MkVCNEY0ODU5MUM3QjYuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzhFbzVRTW1xdGRpbTRqd281QXRUdVBKa1FpelBjbVdTbTlmb1J1ZllNRmtGLzAv
MzIzODMwMzQzYTMyNjI2NTMwM2EzNzMyMzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNk
M2UyMDMyMzYzMjM1MzAzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACgEK+ByMA0GCSqGSIb3DQEBCwUA
A4IBAQChKKXyIyRPe7zkBH7eUxkjQbd6CAqpypmepR90HBnRAyoMwSa/wtYvxBVq
kl99AB03NJShKSA5Ssg41Mb8Q3QgrCaLOg7enZPUeuS6vLgGQamQl3bA66NOHCWI
/atDaaSukw47O0DLWbp3gYNsO95iCcbjF1JuD3Qm9hItPNrEKuvqmzWS9bHcL939
yKrGwQsFfROJJnNQ0ftSl8Vd0XsRpxLv0qx4FUEpAvJCKb4UnaaAc0aQ1TMGaFRl
JeTZ8S7G/ixxPQ/KvKG0DoDrRJBz0iKZOCIlK+50gAfXQ/JIwFvXpEZKy4QhBotU
oKCNxwwvGg2NfytDyUfeWuXU7xUR
-----END CERTIFICATE-----
Generated at Thu Aug 21 07:24:51 2025 by rpki-client