Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/323830343a326265303a383030303a3a2f34302d3430203d3e20323632353033.roa
File:                     323830343a326265303a383030303a3a2f34302d3430203d3e20323632353033.roa (raw, json)
Hash identifier:          ExJqJa0xA9ZWwGhpCUryu57JomVamLBo8nxmTNC5IKo=
Subject key identifier:   B0:32:CF:C5:FD:E5:BC:B5:B5:1C:88:F7:75:95:C5:01:EB:EE:6D:BE
Certificate issuer:       /CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
Certificate serial:       74B820A105D20D99A406D2EC9C97D6A2E6E34898
Authority key identifier: AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/323830343a326265303a383030303a3a2f34302d3430203d3e20323632353033.roa
Signing time:             Thu 29 May 2025 18:50:12 +0000
ROA not before:           Thu 29 May 2025 18:45:12 +0000
ROA not after:            Thu 28 May 2026 18:50:12 +0000
asID:                     262503
IP address blocks:        2804:2be0:8000::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl
                          rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Jun 2025 00:17:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:b8:20:a1:05:d2:0d:99:a4:06:d2:ec:9c:97:d6:a2:e6:e3:48:98
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
        Validity
            Not Before: May 29 18:45:12 2025 GMT
            Not After : May 28 18:50:12 2026 GMT
        Subject: CN=B032CFC5FDE5BCB5B51C88F77595C501EBEE6DBE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:09:31:25:91:d4:d6:ef:40:57:39:8b:c9:bf:
                    38:34:af:35:35:c0:34:dc:09:34:86:91:2f:0e:e5:
                    08:94:6b:23:bc:13:dd:cf:ed:13:d7:d2:51:dc:1d:
                    3d:ab:05:d9:ab:18:9a:16:4d:00:3b:ee:a0:cf:ff:
                    a5:c4:6a:75:d3:13:24:63:5d:16:97:6f:39:2e:1e:
                    8a:f6:35:b9:2d:cc:9b:7a:8b:37:64:ca:f1:fa:c5:
                    a8:82:ac:c3:fd:5b:3d:23:61:d2:88:cf:e7:0d:1c:
                    68:b8:ad:49:7a:31:b5:8e:29:c3:1e:f0:75:22:55:
                    70:57:24:19:7e:95:31:71:3d:c3:3e:34:f2:fd:3d:
                    d7:df:59:27:fe:ad:dd:9a:a5:69:7a:85:16:d6:c1:
                    3c:17:d9:35:e1:82:53:bb:a2:51:d4:5f:2d:70:00:
                    b2:83:56:f2:21:e6:a8:fe:cf:8d:5f:12:8b:ab:b4:
                    cb:15:26:89:88:5d:a9:f3:1d:b3:28:8f:d9:43:da:
                    9f:2f:89:58:8e:65:a3:44:94:e3:8e:3d:9b:f1:8e:
                    7d:d1:72:50:19:d6:36:e1:c7:59:f0:ee:b4:25:cb:
                    3f:5f:dc:f2:fe:37:f7:2e:19:60:a0:ee:19:6e:08:
                    c4:9c:fe:99:c5:06:c8:11:e0:35:4f:f3:c1:da:ab:
                    8e:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:32:CF:C5:FD:E5:BC:B5:B5:1C:88:F7:75:95:C5:01:EB:EE:6D:BE
            X509v3 Authority Key Identifier:
                keyid:AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/323830343a326265303a383030303a3a2f34302d3430203d3e20323632353033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:2be0:8000::/40

    Signature Algorithm: sha256WithRSAEncryption
         35:fa:f8:18:bb:66:1d:3a:2c:d9:af:85:7a:6f:c1:ed:b0:0d:
         3a:2c:d0:f9:cf:c8:8f:df:e2:68:49:54:b8:87:78:fa:6a:fe:
         bc:f7:bd:7c:46:78:25:c6:f4:f7:fe:23:75:a9:56:0e:cb:45:
         5c:82:29:8f:52:d3:76:6f:73:24:58:cf:d8:07:f5:c2:01:00:
         ae:26:4b:ba:5c:de:1c:30:e1:fd:1e:a5:97:e2:14:4e:c8:d6:
         80:19:f7:8e:dd:a8:d4:30:1f:78:33:01:09:f3:53:96:2d:b9:
         11:fe:9e:76:d4:fb:92:b5:25:aa:41:74:c8:17:c5:98:61:be:
         ac:b3:19:21:04:b1:4e:aa:21:37:b8:3e:a8:2c:65:1c:a1:da:
         1a:fc:9f:f1:be:ca:14:19:cb:56:d9:d9:35:e5:7d:e8:8c:dc:
         7b:c0:0c:aa:26:e9:07:30:6a:6d:13:6f:a9:ea:27:9f:ed:37:
         60:bd:1a:ed:96:6a:fb:f3:56:97:d3:6b:92:1d:e4:91:a3:28:
         a2:a0:79:d8:b1:db:93:a2:0a:f0:2f:b6:a0:4c:fa:90:ca:ea:
         47:ec:c5:85:20:b1:4a:67:7d:31:9f:73:92:83:68:5c:62:46:
         5c:e5:9d:c7:86:78:be:7d:19:b7:3d:09:5e:75:eb:95:fa:2d:
         98:d5:80:30
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUdLggoQXSDZmkBtLsnJfWoubjSJgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM2NEIyRDE3NzFBQjMwRTE4ODgzQ0REMTQwMDFBODJE
OTkwNUY5ODAeFw0yNTA1MjkxODQ1MTJaFw0yNjA1MjgxODUwMTJaMDMxMTAvBgNV
BAMTKEIwMzJDRkM1RkRFNUJDQjVCNTFDODhGNzc1OTVDNTAxRUJFRTZEQkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQCTElkdTW70BXOYvJvzg0rzU1
wDTcCTSGkS8O5QiUayO8E93P7RPX0lHcHT2rBdmrGJoWTQA77qDP/6XEanXTEyRj
XRaXbzkuHor2NbktzJt6izdkyvH6xaiCrMP9Wz0jYdKIz+cNHGi4rUl6MbWOKcMe
8HUiVXBXJBl+lTFxPcM+NPL9PdffWSf+rd2apWl6hRbWwTwX2TXhglO7olHUXy1w
ALKDVvIh5qj+z41fEourtMsVJomIXanzHbMoj9lD2p8viViOZaNElOOOPZvxjn3R
clAZ1jbhx1nw7rQlyz9f3PL+N/cuGWCg7hluCMSc/pnFBsgR4DVP88Haq44DAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUsDLPxf3lvLW1HIj3dZXFAevubb4wHwYDVR0j
BBgwFoAUrGSy0Xcasw4YiDzdFAAagtmQX5gwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOEVvNVFNbXF0ZGltNGp3bzVBdFR1UEprUWl6UGNtV1NtOWZvUnVmWU1G
a0YvMC9BQzY0QjJEMTc3MUFCMzBFMTg4ODNDREQxNDAwMUE4MkQ5OTA1Rjk4LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FDNjRCMkQxNzcxQUIzMEUx
ODg4M0NERDE0MDAxQTgyRDk5MDVGOTguY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzhFbzVRTW1xdGRpbTRqd281QXRUdVBKa1FpelBjbVdTbTlmb1J1ZllNRmtGLzAv
MzIzODMwMzQzYTMyNjI2NTMwM2EzODMwMzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNk
M2UyMDMyMzYzMjM1MzAzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACgEK+CAMA0GCSqGSIb3DQEBCwUA
A4IBAQA1+vgYu2YdOizZr4V6b8HtsA06LND5z8iP3+JoSVS4h3j6av689718Rngl
xvT3/iN1qVYOy0VcgimPUtN2b3MkWM/YB/XCAQCuJku6XN4cMOH9HqWX4hROyNaA
GfeO3ajUMB94MwEJ81OWLbkR/p521PuStSWqQXTIF8WYYb6ssxkhBLFOqiE3uD6o
LGUcodoa/J/xvsoUGctW2dk15X3ojNx7wAyqJukHMGptE2+p6ief7TdgvRrtlmr7
81aX02uSHeSRoyiioHnYsduTogrwL7agTPqQyupH7MWFILFKZ30xn3OSg2hcYkZc
5Z3Hhni+fRm3PQledeuV+i2Y1YAw
-----END CERTIFICATE-----
Generated at Thu Jun 12 06:31:53 2025 by rpki-client