Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/Afzi3DnYwho28VDmKjRaUX53dmetK6yPwdVxDEUX9NLo/1/323830343a343433303a3a2f33322d3332203d3e20323637363038.roa
File:                     323830343a343433303a3a2f33322d3332203d3e20323637363038.roa (raw, json)
Hash identifier:          qiEzNfr2ChhRdtRA1HhxCWjX6YfKPgIyNoVZp3jc4hA=
Subject key identifier:   02:74:9A:16:EA:92:C7:81:31:7C:46:16:0C:25:8E:40:67:7A:C5:1D
Certificate issuer:       /CN=371070DB3AF9489AC044A01894F7F3DEA5016C1F
Certificate serial:       7C72BC5B573348AC002DAD586CCB724F27910A82
Authority key identifier: 37:10:70:DB:3A:F9:48:9A:C0:44:A0:18:94:F7:F3:DE:A5:01:6C:1F
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/371070DB3AF9489AC044A01894F7F3DEA5016C1F.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/Afzi3DnYwho28VDmKjRaUX53dmetK6yPwdVxDEUX9NLo/1/323830343a343433303a3a2f33322d3332203d3e20323637363038.roa
Signing time:             Fri 30 May 2025 23:29:17 +0000
ROA not before:           Fri 30 May 2025 23:24:17 +0000
ROA not after:            Fri 29 May 2026 23:29:17 +0000
asID:                     267608
IP address blocks:        2804:4430::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/Afzi3DnYwho28VDmKjRaUX53dmetK6yPwdVxDEUX9NLo/1/371070DB3AF9489AC044A01894F7F3DEA5016C1F.crl
                          rsync://rpki-repo.registro.br/repo/Afzi3DnYwho28VDmKjRaUX53dmetK6yPwdVxDEUX9NLo/1/371070DB3AF9489AC044A01894F7F3DEA5016C1F.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/371070DB3AF9489AC044A01894F7F3DEA5016C1F.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 00:24:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7c:72:bc:5b:57:33:48:ac:00:2d:ad:58:6c:cb:72:4f:27:91:0a:82
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=371070DB3AF9489AC044A01894F7F3DEA5016C1F
        Validity
            Not Before: May 30 23:24:17 2025 GMT
            Not After : May 29 23:29:17 2026 GMT
        Subject: CN=02749A16EA92C781317C46160C258E40677AC51D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:fe:57:2f:b8:a5:bb:38:58:76:50:fa:35:ae:
                    1e:3e:10:bc:3d:21:36:15:05:47:d9:21:28:39:a8:
                    3e:f6:17:25:ba:f4:23:6d:79:f6:1e:a2:12:05:82:
                    c8:12:de:43:bd:24:3c:8c:95:19:5e:d7:88:a9:00:
                    49:1c:d7:01:4a:23:a4:a0:b2:60:71:7f:96:c6:d1:
                    5e:16:3c:e1:d3:e5:bc:4c:bc:bd:fc:58:89:62:d3:
                    fd:9e:72:9a:f6:29:74:f5:d5:5a:c4:2e:11:b1:b8:
                    92:1b:8d:a2:b2:ba:46:3f:47:c0:52:86:05:24:ab:
                    1f:4a:47:6a:d0:8b:3c:ee:f2:90:3c:b4:90:2f:1f:
                    cc:ee:dd:1c:2f:64:47:36:82:5a:55:94:07:d9:52:
                    78:46:83:0d:60:6c:25:6f:2c:00:3a:b7:fd:50:5e:
                    a6:25:46:1e:e5:1f:21:dc:d0:cf:07:8e:d6:dc:ea:
                    b0:40:b4:1e:b6:b2:1a:50:fa:7d:0c:c9:fb:84:19:
                    58:69:67:45:0d:d6:46:e8:e4:5d:0c:f2:b0:e0:50:
                    7d:1f:40:af:5e:ad:87:a8:b4:a8:b1:9e:2f:b6:ca:
                    7b:9f:36:29:25:75:76:34:ff:35:05:e2:e3:54:08:
                    1a:15:f9:01:f4:a4:83:d2:06:b0:71:8d:7e:f9:ca:
                    e9:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                02:74:9A:16:EA:92:C7:81:31:7C:46:16:0C:25:8E:40:67:7A:C5:1D
            X509v3 Authority Key Identifier:
                keyid:37:10:70:DB:3A:F9:48:9A:C0:44:A0:18:94:F7:F3:DE:A5:01:6C:1F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/Afzi3DnYwho28VDmKjRaUX53dmetK6yPwdVxDEUX9NLo/1/371070DB3AF9489AC044A01894F7F3DEA5016C1F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/371070DB3AF9489AC044A01894F7F3DEA5016C1F.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/Afzi3DnYwho28VDmKjRaUX53dmetK6yPwdVxDEUX9NLo/1/323830343a343433303a3a2f33322d3332203d3e20323637363038.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:4430::/32

    Signature Algorithm: sha256WithRSAEncryption
         2e:07:83:3d:a4:48:2e:cc:a3:ba:10:4d:13:71:c6:8e:a5:6a:
         60:b3:5f:eb:1c:2a:f8:d0:e3:1e:e2:7d:38:b8:b5:6d:bc:73:
         5a:cd:23:15:bb:09:78:4a:47:ac:b2:4b:70:8a:d0:57:51:97:
         34:ee:4d:0d:fe:3d:55:69:0c:51:69:50:45:c9:39:c7:56:33:
         46:e9:fd:8e:f1:43:12:d6:58:21:0d:1d:f1:fa:82:b7:cf:4e:
         5e:ac:32:91:d5:28:57:ea:eb:e1:c2:3c:bd:40:d4:54:39:a0:
         26:e2:13:3b:de:2c:f6:91:3b:01:11:2b:48:28:ca:04:c7:96:
         92:14:4c:a5:bc:f9:34:74:3c:0b:a2:78:31:28:7f:af:13:9f:
         45:6b:bc:35:9e:73:5f:d4:80:60:fc:ce:c4:cc:b2:e6:1b:0f:
         9b:6c:85:1a:bc:17:b1:32:b8:30:d3:ca:78:4e:d3:03:80:a5:
         4e:51:fc:cc:f9:bd:18:b2:8d:94:e3:04:ca:60:27:f0:cc:c5:
         06:f1:bc:7c:5f:9a:30:c3:dc:33:15:c4:ba:56:34:fc:b6:5d:
         cd:d7:05:c2:18:cc:cb:3f:5b:1e:07:a7:9e:a8:40:4d:97:71:
         49:7d:94:be:b3:9c:d5:53:29:7a:10:90:d1:e2:6b:e2:08:d5:
         23:a7:5d:1a
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUfHK8W1czSKwALa1YbMtyTyeRCoIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzcxMDcwREIzQUY5NDg5QUMwNDRBMDE4OTRGN0YzREVB
NTAxNkMxRjAeFw0yNTA1MzAyMzI0MTdaFw0yNjA1MjkyMzI5MTdaMDMxMTAvBgNV
BAMTKDAyNzQ5QTE2RUE5MkM3ODEzMTdDNDYxNjBDMjU4RTQwNjc3QUM1MUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0/lcvuKW7OFh2UPo1rh4+ELw9
ITYVBUfZISg5qD72FyW69CNtefYeohIFgsgS3kO9JDyMlRle14ipAEkc1wFKI6Sg
smBxf5bG0V4WPOHT5bxMvL38WIli0/2ecpr2KXT11VrELhGxuJIbjaKyukY/R8BS
hgUkqx9KR2rQizzu8pA8tJAvH8zu3RwvZEc2glpVlAfZUnhGgw1gbCVvLAA6t/1Q
XqYlRh7lHyHc0M8Hjtbc6rBAtB62shpQ+n0MyfuEGVhpZ0UN1kbo5F0M8rDgUH0f
QK9erYeotKixni+2ynufNikldXY0/zUF4uNUCBoV+QH0pIPSBrBxjX75yukzAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUAnSaFuqSx4ExfEYWDCWOQGd6xR0wHwYDVR0j
BBgwFoAUNxBw2zr5SJrARKAYlPfz3qUBbB8wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQWZ6aTNEbll3aG8yOFZEbUtqUmFVWDUzZG1ldEs2eVB3ZFZ4REVVWDlO
TG8vMS8zNzEwNzBEQjNBRjk0ODlBQzA0NEEwMTg5NEY3RjNERUE1MDE2QzFGLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzM3MTA3MERCM0FGOTQ4OUFD
MDQ0QTAxODk0RjdGM0RFQTUwMTZDMUYuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0FmemkzRG5Zd2hvMjhWRG1LalJhVVg1M2RtZXRLNnlQd2RWeERFVVg5TkxvLzEv
MzIzODMwMzQzYTM0MzQzMzMwM2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzNjM3
MzYzMDM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKAREMDANBgkqhkiG9w0BAQsFAAOCAQEALgeDPaRI
LsyjuhBNE3HGjqVqYLNf6xwq+NDjHuJ9OLi1bbxzWs0jFbsJeEpHrLJLcIrQV1GX
NO5NDf49VWkMUWlQRck5x1YzRun9jvFDEtZYIQ0d8fqCt89OXqwykdUoV+rr4cI8
vUDUVDmgJuITO94s9pE7ARErSCjKBMeWkhRMpbz5NHQ8C6J4MSh/rxOfRWu8NZ5z
X9SAYPzOxMyy5hsPm2yFGrwXsTK4MNPKeE7TA4ClTlH8zPm9GLKNlOMEymAn8MzF
BvG8fF+aMMPcMxXEulY0/LZdzdcFwhjMyz9bHgennqhATZdxSX2UvrOc1VMpehCQ
0eJr4gjVI6ddGg==
-----END CERTIFICATE-----
Generated at Tue Jun 10 17:32:04 2025 by rpki-client