Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/Afzi3DnYwho28VDmKjRaUX53dmetK6yPwdVxDEUX9NLo/1/323830343a343433303a383030303a3a2f33332d3333203d3e20323637363038.roa
File:                     323830343a343433303a383030303a3a2f33332d3333203d3e20323637363038.roa (raw, json)
Hash identifier:          WCWkNTRisSo9WTGa0Zr2B8nvTYDaH8r2oHByVbfLMPE=
Subject key identifier:   84:A8:71:38:76:E6:E7:9A:43:77:6C:2C:42:01:84:5D:43:72:BA:B9
Certificate issuer:       /CN=371070DB3AF9489AC044A01894F7F3DEA5016C1F
Certificate serial:       75EBFCC39ABB861851EE12F718EC20A9FB0C2312
Authority key identifier: 37:10:70:DB:3A:F9:48:9A:C0:44:A0:18:94:F7:F3:DE:A5:01:6C:1F
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/371070DB3AF9489AC044A01894F7F3DEA5016C1F.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/Afzi3DnYwho28VDmKjRaUX53dmetK6yPwdVxDEUX9NLo/1/323830343a343433303a383030303a3a2f33332d3333203d3e20323637363038.roa
Signing time:             Fri 30 May 2025 23:30:46 +0000
ROA not before:           Fri 30 May 2025 23:25:46 +0000
ROA not after:            Fri 29 May 2026 23:30:46 +0000
asID:                     267608
IP address blocks:        2804:4430:8000::/33 maxlen: 33
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/Afzi3DnYwho28VDmKjRaUX53dmetK6yPwdVxDEUX9NLo/1/371070DB3AF9489AC044A01894F7F3DEA5016C1F.crl
                          rsync://rpki-repo.registro.br/repo/Afzi3DnYwho28VDmKjRaUX53dmetK6yPwdVxDEUX9NLo/1/371070DB3AF9489AC044A01894F7F3DEA5016C1F.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/371070DB3AF9489AC044A01894F7F3DEA5016C1F.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 06:24:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:eb:fc:c3:9a:bb:86:18:51:ee:12:f7:18:ec:20:a9:fb:0c:23:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=371070DB3AF9489AC044A01894F7F3DEA5016C1F
        Validity
            Not Before: May 30 23:25:46 2025 GMT
            Not After : May 29 23:30:46 2026 GMT
        Subject: CN=84A8713876E6E79A43776C2C4201845D4372BAB9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:b8:d6:c5:54:5a:e4:8d:f9:90:f7:ac:5f:47:
                    35:93:a0:cf:a6:f1:be:02:44:b9:1c:2f:0a:04:92:
                    55:92:34:9e:c1:66:59:e3:53:a3:df:87:21:6a:84:
                    65:61:37:cd:8a:75:89:1e:44:aa:26:d3:d7:70:d4:
                    74:ea:18:5c:61:ec:20:60:90:56:11:5b:e2:5a:09:
                    4e:c8:ed:3c:5d:b5:b1:0e:f1:85:86:e3:67:aa:cb:
                    80:ac:fe:80:d2:77:02:74:15:7c:74:71:1c:9c:d9:
                    5f:6a:d8:e6:d7:e4:f5:68:11:dc:b9:b5:e8:18:25:
                    35:79:56:3c:d7:0c:e4:8f:47:25:73:6c:0b:2d:5d:
                    6e:3b:3a:02:69:a1:69:68:29:98:b5:3a:a3:a4:35:
                    a4:84:49:6b:70:f0:ce:0d:22:3b:50:d9:35:21:2d:
                    84:c2:06:f1:86:d6:09:dd:41:cb:fb:37:8e:a4:46:
                    81:40:0f:3b:8b:02:57:3f:48:fe:83:be:c7:ae:91:
                    32:d1:09:ed:72:ab:9b:86:ac:7b:86:4f:d2:97:bb:
                    a1:ec:65:68:20:fa:6a:f8:68:aa:c9:39:a5:b8:25:
                    07:72:91:7e:10:5f:5a:f1:2d:2c:f0:8b:42:fe:2e:
                    00:fb:4d:48:41:ee:a6:97:63:bf:2a:26:4a:b9:12:
                    c2:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                84:A8:71:38:76:E6:E7:9A:43:77:6C:2C:42:01:84:5D:43:72:BA:B9
            X509v3 Authority Key Identifier:
                keyid:37:10:70:DB:3A:F9:48:9A:C0:44:A0:18:94:F7:F3:DE:A5:01:6C:1F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/Afzi3DnYwho28VDmKjRaUX53dmetK6yPwdVxDEUX9NLo/1/371070DB3AF9489AC044A01894F7F3DEA5016C1F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/371070DB3AF9489AC044A01894F7F3DEA5016C1F.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/Afzi3DnYwho28VDmKjRaUX53dmetK6yPwdVxDEUX9NLo/1/323830343a343433303a383030303a3a2f33332d3333203d3e20323637363038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:4430:8000::/33

    Signature Algorithm: sha256WithRSAEncryption
         8c:08:be:48:1c:25:c6:4f:7f:bf:3c:bb:b9:cc:3e:da:8f:3a:
         91:eb:33:22:29:7f:70:40:45:a4:0e:dc:34:5b:61:80:41:e2:
         f7:a5:1d:c1:fd:3d:52:0c:39:ca:00:b3:45:7a:7c:c4:cb:21:
         dc:6c:23:71:dc:b3:c7:ec:bb:40:e5:63:b9:c2:91:68:2b:9d:
         ee:b7:31:7a:c5:56:03:b2:6b:e3:38:7c:01:17:57:f1:4d:d7:
         10:5b:5c:b2:ed:11:c2:85:9b:f3:2d:4b:da:5f:76:5a:ac:84:
         fc:76:5e:25:a8:8d:46:e5:59:8a:6a:24:63:f7:87:18:d3:6d:
         1c:21:fd:3c:ea:c0:f9:3f:aa:1e:c3:51:c3:88:3e:ab:36:ba:
         30:ad:21:4b:27:c3:99:a4:8a:47:cc:03:b0:6e:00:19:c4:db:
         d6:7f:ea:97:16:e5:cf:ed:23:a5:58:4f:bb:dc:65:2c:52:c5:
         c2:11:d4:dc:09:b7:94:a0:9f:4b:c8:8d:c8:27:94:b3:b3:e4:
         82:7f:4c:92:02:fd:fa:39:21:82:8b:e8:59:f8:31:66:4f:fc:
         04:da:5e:54:82:f4:57:33:0d:01:f6:fa:65:3f:2b:a5:c1:86:
         61:64:31:11:cf:b3:cc:fd:f5:7e:02:b4:2e:11:8c:fd:03:c6:
         7a:7c:8c:d2
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUdev8w5q7hhhR7hL3GOwgqfsMIxIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzcxMDcwREIzQUY5NDg5QUMwNDRBMDE4OTRGN0YzREVB
NTAxNkMxRjAeFw0yNTA1MzAyMzI1NDZaFw0yNjA1MjkyMzMwNDZaMDMxMTAvBgNV
BAMTKDg0QTg3MTM4NzZFNkU3OUE0Mzc3NkMyQzQyMDE4NDVENDM3MkJBQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChuNbFVFrkjfmQ96xfRzWToM+m
8b4CRLkcLwoEklWSNJ7BZlnjU6PfhyFqhGVhN82KdYkeRKom09dw1HTqGFxh7CBg
kFYRW+JaCU7I7TxdtbEO8YWG42eqy4Cs/oDSdwJ0FXx0cRyc2V9q2ObX5PVoEdy5
tegYJTV5VjzXDOSPRyVzbAstXW47OgJpoWloKZi1OqOkNaSESWtw8M4NIjtQ2TUh
LYTCBvGG1gndQcv7N46kRoFADzuLAlc/SP6DvseukTLRCe1yq5uGrHuGT9KXu6Hs
ZWgg+mr4aKrJOaW4JQdykX4QX1rxLSzwi0L+LgD7TUhB7qaXY78qJkq5EsILAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUhKhxOHbm55pDd2wsQgGEXUNyurkwHwYDVR0j
BBgwFoAUNxBw2zr5SJrARKAYlPfz3qUBbB8wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQWZ6aTNEbll3aG8yOFZEbUtqUmFVWDUzZG1ldEs2eVB3ZFZ4REVVWDlO
TG8vMS8zNzEwNzBEQjNBRjk0ODlBQzA0NEEwMTg5NEY3RjNERUE1MDE2QzFGLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzM3MTA3MERCM0FGOTQ4OUFD
MDQ0QTAxODk0RjdGM0RFQTUwMTZDMUYuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0FmemkzRG5Zd2hvMjhWRG1LalJhVVg1M2RtZXRLNnlQd2RWeERFVVg5TkxvLzEv
MzIzODMwMzQzYTM0MzQzMzMwM2EzODMwMzAzMDNhM2EyZjMzMzMyZDMzMzMyMDNk
M2UyMDMyMzYzNzM2MzAzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBygERDCAMA0GCSqGSIb3DQEBCwUA
A4IBAQCMCL5IHCXGT3+/PLu5zD7ajzqR6zMiKX9wQEWkDtw0W2GAQeL3pR3B/T1S
DDnKALNFenzEyyHcbCNx3LPH7LtA5WO5wpFoK53utzF6xVYDsmvjOHwBF1fxTdcQ
W1yy7RHChZvzLUvaX3ZarIT8dl4lqI1G5VmKaiRj94cY020cIf086sD5P6oew1HD
iD6rNrowrSFLJ8OZpIpHzAOwbgAZxNvWf+qXFuXP7SOlWE+73GUsUsXCEdTcCbeU
oJ9LyI3IJ5Szs+SCf0ySAv36OSGCi+hZ+DFmT/wE2l5UgvRXMw0B9vplPyulwYZh
ZDERz7PM/fV+ArQuEYz9A8Z6fIzS
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:54:35 2025 by rpki-client