Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/323830343a326265303a373230303a3a2f34302d3430203d3e20323632353033.roa
File:                     323830343a326265303a373230303a3a2f34302d3430203d3e20323632353033.roa (raw, json)
Hash identifier:          GY0pD6pmyYpwoj29X9BfzFeY9m2Yup0xf0EIlOBIsg8=
Subject key identifier:   CE:52:46:C6:C6:69:47:20:84:E9:0A:8A:EA:C0:8E:35:85:BD:0F:DB
Certificate issuer:       /CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
Certificate serial:       6E3B66EEA519313C85EA6354EC3C9CFF29DC5C56
Authority key identifier: AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/323830343a326265303a373230303a3a2f34302d3430203d3e20323632353033.roa
Signing time:             Thu 29 May 2025 18:50:15 +0000
ROA not before:           Thu 29 May 2025 18:45:15 +0000
ROA not after:            Thu 28 May 2026 18:50:15 +0000
asID:                     262503
IP address blocks:        2804:2be0:7200::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl
                          rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 09:47:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:3b:66:ee:a5:19:31:3c:85:ea:63:54:ec:3c:9c:ff:29:dc:5c:56
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
        Validity
            Not Before: May 29 18:45:15 2025 GMT
            Not After : May 28 18:50:15 2026 GMT
        Subject: CN=CE5246C6C669472084E90A8AEAC08E3585BD0FDB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9c:5c:bb:f5:00:42:83:4d:29:68:47:3c:d0:d4:
                    ec:53:57:17:bd:6c:5d:26:10:84:2a:e9:1c:f5:9c:
                    50:b3:be:4e:e4:69:a8:44:3a:bd:19:e1:1b:20:7c:
                    79:1a:97:0e:82:69:53:e2:dd:c7:67:c5:8e:ac:85:
                    ed:80:00:30:a4:e7:00:59:c2:f7:aa:31:4f:4a:d5:
                    65:0e:e5:c0:56:e3:e5:f7:99:df:be:c2:4b:1f:da:
                    2f:9a:79:2b:8c:c2:51:4e:54:62:14:15:9a:44:8c:
                    f4:e9:bc:f5:89:26:ab:fa:62:86:9a:26:d2:b4:20:
                    fb:86:da:83:36:23:5a:fa:b3:07:58:27:6f:4e:11:
                    16:f5:14:cb:07:2f:fe:23:45:5f:2a:cf:bb:46:0a:
                    91:d5:bd:2f:7f:39:c4:7e:9b:df:95:d1:57:7b:25:
                    e5:f4:bb:5f:a5:5c:a3:f5:26:7f:73:a6:ed:e7:7a:
                    6c:84:a7:aa:a2:d3:be:b2:19:ff:14:30:b6:61:46:
                    2e:51:b6:e4:a5:86:9f:65:fd:71:a0:2a:ae:b9:df:
                    00:0a:b0:e7:9f:b5:02:14:5c:31:8b:ce:9c:e9:37:
                    c9:fd:86:9a:cf:e5:41:be:a5:cf:1f:b0:a6:69:e2:
                    84:15:19:9a:a6:e7:45:c9:cb:c7:01:d6:5d:ba:76:
                    de:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CE:52:46:C6:C6:69:47:20:84:E9:0A:8A:EA:C0:8E:35:85:BD:0F:DB
            X509v3 Authority Key Identifier:
                keyid:AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/323830343a326265303a373230303a3a2f34302d3430203d3e20323632353033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:2be0:7200::/40

    Signature Algorithm: sha256WithRSAEncryption
         ac:4c:67:df:74:1d:16:c2:2d:e2:62:dc:0f:98:75:e8:16:6d:
         44:31:a1:94:29:4d:09:d1:f3:c0:9a:c0:5c:81:4c:8b:89:da:
         11:f3:2b:20:a7:96:12:cb:a8:fc:be:d6:57:a4:c8:36:03:53:
         b7:05:ae:ea:90:f9:bc:24:d8:c2:98:ee:9b:6a:86:ae:87:51:
         92:c5:2e:b8:11:dc:3f:93:f3:94:bc:a0:e1:27:a1:a7:04:ca:
         8c:df:ac:24:98:c3:39:12:a3:ee:f4:de:27:b8:b0:82:0b:63:
         7a:74:2d:54:f5:2f:76:cb:14:0b:87:06:bf:10:4f:d1:a3:cd:
         45:a8:59:c8:b0:a1:2d:73:8b:84:5c:82:ad:33:37:d5:86:98:
         21:95:05:ab:6d:2f:80:63:28:44:92:c8:d3:8f:7f:7e:7b:f8:
         5d:3a:a3:88:ff:37:5d:9f:6b:70:e6:65:cc:48:c6:21:a9:a5:
         66:c9:4f:bb:7f:0e:c3:31:0c:8f:3c:5f:60:40:6b:e1:5b:1f:
         80:cb:0d:b7:5e:b3:22:7c:c9:47:2a:51:02:bf:96:1b:f7:74:
         7b:15:47:b6:79:78:15:2c:9f:84:a5:d6:91:a0:ca:7d:ab:33:
         90:a6:6e:48:8f:72:6c:1d:17:35:c9:31:62:c2:b5:be:21:d4:
         25:2c:3e:f0
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUbjtm7qUZMTyF6mNU7Dyc/yncXFYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM2NEIyRDE3NzFBQjMwRTE4ODgzQ0REMTQwMDFBODJE
OTkwNUY5ODAeFw0yNTA1MjkxODQ1MTVaFw0yNjA1MjgxODUwMTVaMDMxMTAvBgNV
BAMTKENFNTI0NkM2QzY2OTQ3MjA4NEU5MEE4QUVBQzA4RTM1ODVCRDBGREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCcXLv1AEKDTSloRzzQ1OxTVxe9
bF0mEIQq6Rz1nFCzvk7kaahEOr0Z4RsgfHkalw6CaVPi3cdnxY6she2AADCk5wBZ
wveqMU9K1WUO5cBW4+X3md++wksf2i+aeSuMwlFOVGIUFZpEjPTpvPWJJqv6Yoaa
JtK0IPuG2oM2I1r6swdYJ29OERb1FMsHL/4jRV8qz7tGCpHVvS9/OcR+m9+V0Vd7
JeX0u1+lXKP1Jn9zpu3nemyEp6qi076yGf8UMLZhRi5RtuSlhp9l/XGgKq653wAK
sOeftQIUXDGLzpzpN8n9hprP5UG+pc8fsKZp4oQVGZqm50XJy8cB1l26dt55AgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUzlJGxsZpRyCE6QqK6sCONYW9D9swHwYDVR0j
BBgwFoAUrGSy0Xcasw4YiDzdFAAagtmQX5gwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOEVvNVFNbXF0ZGltNGp3bzVBdFR1UEprUWl6UGNtV1NtOWZvUnVmWU1G
a0YvMC9BQzY0QjJEMTc3MUFCMzBFMTg4ODNDREQxNDAwMUE4MkQ5OTA1Rjk4LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FDNjRCMkQxNzcxQUIzMEUx
ODg4M0NERDE0MDAxQTgyRDk5MDVGOTguY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzhFbzVRTW1xdGRpbTRqd281QXRUdVBKa1FpelBjbVdTbTlmb1J1ZllNRmtGLzAv
MzIzODMwMzQzYTMyNjI2NTMwM2EzNzMyMzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNk
M2UyMDMyMzYzMjM1MzAzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACgEK+ByMA0GCSqGSIb3DQEBCwUA
A4IBAQCsTGffdB0Wwi3iYtwPmHXoFm1EMaGUKU0J0fPAmsBcgUyLidoR8ysgp5YS
y6j8vtZXpMg2A1O3Ba7qkPm8JNjCmO6baoauh1GSxS64Edw/k/OUvKDhJ6GnBMqM
36wkmMM5EqPu9N4nuLCCC2N6dC1U9S92yxQLhwa/EE/Ro81FqFnIsKEtc4uEXIKt
MzfVhpghlQWrbS+AYyhEksjTj39+e/hdOqOI/zddn2tw5mXMSMYhqaVmyU+7fw7D
MQyPPF9gQGvhWx+Ayw23XrMifMlHKlECv5Yb93R7FUe2eXgVLJ+EpdaRoMp9qzOQ
pm5Ij3JsHRc1yTFiwrW+IdQlLD7w
-----END CERTIFICATE-----
Generated at Tue Jun 10 17:48:05 2025 by rpki-client