Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/323830343a326265303a3a2f33322d3332203d3e20323632353033.roa
File:                     323830343a326265303a3a2f33322d3332203d3e20323632353033.roa (raw, json)
Hash identifier:          YT65T2KC4qo2WHfBxf7yn3wEnc/YJmBzWDaspoOwKNo=
Subject key identifier:   C3:EC:55:B0:19:7D:95:67:0B:08:DA:DD:15:9A:B4:BB:98:D1:7C:53
Certificate issuer:       /CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
Certificate serial:       4BE1F4D4CF2BDCF656C4523537495B62E17978CB
Authority key identifier: AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/323830343a326265303a3a2f33322d3332203d3e20323632353033.roa
Signing time:             Thu 29 May 2025 18:50:13 +0000
ROA not before:           Thu 29 May 2025 18:45:13 +0000
ROA not after:            Thu 28 May 2026 18:50:13 +0000
asID:                     262503
IP address blocks:        2804:2be0::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl
                          rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 14:51:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:e1:f4:d4:cf:2b:dc:f6:56:c4:52:35:37:49:5b:62:e1:79:78:cb
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AC64B2D1771AB30E18883CDD14001A82D9905F98
        Validity
            Not Before: May 29 18:45:13 2025 GMT
            Not After : May 28 18:50:13 2026 GMT
        Subject: CN=C3EC55B0197D95670B08DADD159AB4BB98D17C53
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:21:34:b0:36:a0:e6:69:ea:28:bf:eb:29:a4:
                    02:0f:59:39:4e:8c:18:71:5f:0c:44:ab:1a:86:ab:
                    72:f8:05:75:60:c6:b3:2e:a3:1d:bd:7f:15:dd:09:
                    2e:12:5e:a6:5c:b8:22:d8:7b:28:f4:09:6e:02:36:
                    af:aa:78:67:a4:1e:58:b1:65:eb:3a:24:67:5c:24:
                    50:da:8c:42:51:ab:47:18:de:e4:eb:b3:bb:b7:f6:
                    1d:5c:fe:81:c6:e7:f1:2e:3c:60:b3:d6:f7:46:8f:
                    af:1d:20:a0:99:80:e7:6c:d2:6f:0c:e6:04:04:8a:
                    0b:d3:ae:2f:7d:66:e0:c8:bd:87:4b:19:52:07:4b:
                    99:54:3c:bb:fd:ff:36:bc:7e:2f:06:03:e6:df:7f:
                    20:10:dc:41:11:5e:a6:65:26:04:ca:90:2d:0b:eb:
                    80:5b:80:c8:36:de:f7:98:4c:b2:4c:6c:0d:60:a6:
                    ee:92:95:23:f7:df:95:56:55:f1:21:5e:2d:a5:35:
                    a5:27:72:a1:54:a7:08:78:e5:76:3d:f2:94:23:3a:
                    6c:1c:40:be:d3:44:1d:c7:39:96:f8:aa:fc:78:cb:
                    cc:52:4d:90:dd:11:e1:67:18:57:96:4e:9d:3b:ae:
                    31:c0:5b:69:e9:16:8f:e2:51:be:ee:d8:bf:c4:63:
                    a8:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:EC:55:B0:19:7D:95:67:0B:08:DA:DD:15:9A:B4:BB:98:D1:7C:53
            X509v3 Authority Key Identifier:
                keyid:AC:64:B2:D1:77:1A:B3:0E:18:88:3C:DD:14:00:1A:82:D9:90:5F:98

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/AC64B2D1771AB30E18883CDD14001A82D9905F98.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/AC64B2D1771AB30E18883CDD14001A82D9905F98.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/8Eo5QMmqtdim4jwo5AtTuPJkQizPcmWSm9foRufYMFkF/0/323830343a326265303a3a2f33322d3332203d3e20323632353033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:2be0::/32

    Signature Algorithm: sha256WithRSAEncryption
         1e:ad:86:9f:36:c4:bc:c9:bc:ab:29:d9:73:7a:50:ec:83:a2:
         b4:ea:d0:e9:b7:3b:55:37:80:32:f4:58:e3:67:c1:75:c1:42:
         6c:ac:ec:f1:6f:05:5d:8a:b2:e5:67:2f:8b:50:c0:61:a2:16:
         d1:c9:a3:94:a9:dd:40:fe:fe:e0:c3:0f:a7:d8:3a:53:31:c3:
         98:c8:a5:d5:5a:ad:b2:4f:4a:66:71:ff:38:2a:fb:22:04:e2:
         1a:83:24:08:4b:e9:73:5f:89:77:44:4c:9f:0b:25:3a:80:57:
         94:d7:6e:14:61:42:28:4e:21:fa:ac:18:75:f6:05:9c:10:1f:
         04:c0:67:94:7f:79:f3:f9:5a:51:5b:19:d9:f8:ed:92:4b:f2:
         44:b6:94:28:7a:71:36:58:b5:83:32:51:c9:78:ba:1d:ec:55:
         a2:54:7e:fc:68:cf:4c:6a:b8:19:5c:40:07:7b:72:da:ac:d6:
         71:7a:8a:ee:6a:d5:0c:e2:57:15:e5:a3:41:64:2f:ca:e8:5f:
         de:d5:e0:e2:5a:71:55:ea:f5:ab:a4:9e:55:0d:0d:ab:dc:80:
         43:9b:0c:d1:9b:77:b8:03:c9:59:f1:c0:8e:5c:58:ee:b1:cd:
         d5:54:06:36:24:01:e3:d0:69:79:50:5e:27:af:eb:a6:73:0a:
         54:d3:a6:bf
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUS+H01M8r3PZWxFI1N0lbYuF5eMswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUM2NEIyRDE3NzFBQjMwRTE4ODgzQ0REMTQwMDFBODJE
OTkwNUY5ODAeFw0yNTA1MjkxODQ1MTNaFw0yNjA1MjgxODUwMTNaMDMxMTAvBgNV
BAMTKEMzRUM1NUIwMTk3RDk1NjcwQjA4REFERDE1OUFCNEJCOThEMTdDNTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEITSwNqDmaeoov+sppAIPWTlO
jBhxXwxEqxqGq3L4BXVgxrMuox29fxXdCS4SXqZcuCLYeyj0CW4CNq+qeGekHlix
Zes6JGdcJFDajEJRq0cY3uTrs7u39h1c/oHG5/EuPGCz1vdGj68dIKCZgOds0m8M
5gQEigvTri99ZuDIvYdLGVIHS5lUPLv9/za8fi8GA+bffyAQ3EERXqZlJgTKkC0L
64BbgMg23veYTLJMbA1gpu6SlSP335VWVfEhXi2lNaUncqFUpwh45XY98pQjOmwc
QL7TRB3HOZb4qvx4y8xSTZDdEeFnGFeWTp07rjHAW2npFo/iUb7u2L/EY6iXAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUw+xVsBl9lWcLCNrdFZq0u5jRfFMwHwYDVR0j
BBgwFoAUrGSy0Xcasw4YiDzdFAAagtmQX5gwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOEVvNVFNbXF0ZGltNGp3bzVBdFR1UEprUWl6UGNtV1NtOWZvUnVmWU1G
a0YvMC9BQzY0QjJEMTc3MUFCMzBFMTg4ODNDREQxNDAwMUE4MkQ5OTA1Rjk4LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0FDNjRCMkQxNzcxQUIzMEUx
ODg4M0NERDE0MDAxQTgyRDk5MDVGOTguY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzhFbzVRTW1xdGRpbTRqd281QXRUdVBKa1FpelBjbVdTbTlmb1J1ZllNRmtGLzAv
MzIzODMwMzQzYTMyNjI2NTMwM2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzNjMy
MzUzMDMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKAQr4DANBgkqhkiG9w0BAQsFAAOCAQEAHq2GnzbE
vMm8qynZc3pQ7IOitOrQ6bc7VTeAMvRY42fBdcFCbKzs8W8FXYqy5Wcvi1DAYaIW
0cmjlKndQP7+4MMPp9g6UzHDmMil1Vqtsk9KZnH/OCr7IgTiGoMkCEvpc1+Jd0RM
nwslOoBXlNduFGFCKE4h+qwYdfYFnBAfBMBnlH958/laUVsZ2fjtkkvyRLaUKHpx
Nli1gzJRyXi6HexVolR+/GjPTGq4GVxAB3ty2qzWcXqK7mrVDOJXFeWjQWQvyuhf
3tXg4lpxVer1q6SeVQ0Nq9yAQ5sM0Zt3uAPJWfHAjlxY7rHN1VQGNiQB49BpeVBe
J6/rpnMKVNOmvw==
-----END CERTIFICATE-----
Generated at Tue Jun 10 07:36:11 2025 by rpki-client