Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/323830343a353264633a353030303a3a2f33362d3336203d3e20323638353436.roa
File:                     323830343a353264633a353030303a3a2f33362d3336203d3e20323638353436.roa (raw, json)
Hash identifier:          mCshv+NAoOMpvWkfZS6nb3rpLjnqJF2qURnVw5J9XVM=
Subject key identifier:   7A:E2:AF:B9:D9:5F:3F:50:96:88:DA:81:15:F4:1C:64:6C:25:30:67
Certificate issuer:       /CN=32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4
Certificate serial:       1F3B1F75BB1DF1A5307FFAB654A15492F47533F9
Authority key identifier: 32:C3:A2:0B:EB:E1:AC:7A:6C:3E:09:58:CC:B9:71:DE:A6:4D:E1:B4
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/323830343a353264633a353030303a3a2f33362d3336203d3e20323638353436.roa
Signing time:             Wed 04 Jun 2025 01:05:43 +0000
ROA not before:           Wed 04 Jun 2025 01:00:43 +0000
ROA not after:            Wed 03 Jun 2026 01:05:43 +0000
asID:                     268546
IP address blocks:        2804:52dc:5000::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.crl
                          rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 04:24:35 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:3b:1f:75:bb:1d:f1:a5:30:7f:fa:b6:54:a1:54:92:f4:75:33:f9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4
        Validity
            Not Before: Jun  4 01:00:43 2025 GMT
            Not After : Jun  3 01:05:43 2026 GMT
        Subject: CN=7AE2AFB9D95F3F509688DA8115F41C646C253067
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:5a:c6:58:e6:fc:bc:dd:1a:16:d3:1d:bb:c1:
                    0d:19:72:73:73:e6:6e:6c:f2:aa:99:db:44:98:f6:
                    d8:be:d7:3a:d5:22:1d:34:8a:e9:67:98:01:c4:cc:
                    2b:00:9b:27:86:52:40:0e:30:3a:b4:f6:b0:05:4a:
                    87:a3:55:19:42:d6:1e:ea:f4:92:03:7d:95:8f:07:
                    12:06:77:a3:8e:ca:17:2e:ab:a9:f8:9b:a9:6c:43:
                    76:fe:fb:89:06:73:cf:f6:30:b4:94:37:76:c5:f5:
                    84:b8:0f:d5:74:06:be:16:d0:c9:2c:64:ea:0b:af:
                    59:ee:5f:4d:b4:03:56:27:56:de:06:9e:6b:ab:12:
                    52:08:e8:f7:ea:46:a9:d0:02:37:f0:7f:cc:86:fd:
                    7d:10:65:9d:41:3e:79:21:f3:7a:fa:22:ad:1a:ed:
                    ed:07:18:8b:88:e7:05:40:75:0c:46:2d:c3:31:3e:
                    6f:1e:1d:35:4b:35:1b:f0:9f:43:77:18:12:3b:0d:
                    6b:c1:f9:7d:ba:1a:ae:8f:f8:00:9b:ea:8b:25:bd:
                    35:9b:d8:f8:3b:45:c3:c5:99:19:f8:49:83:1a:c4:
                    25:e4:b6:e1:7e:fa:7a:f1:56:26:b8:60:82:a2:e5:
                    4b:52:06:2d:11:5e:8e:28:d7:07:35:7d:6c:f1:8d:
                    c4:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:E2:AF:B9:D9:5F:3F:50:96:88:DA:81:15:F4:1C:64:6C:25:30:67
            X509v3 Authority Key Identifier:
                keyid:32:C3:A2:0B:EB:E1:AC:7A:6C:3E:09:58:CC:B9:71:DE:A6:4D:E1:B4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/323830343a353264633a353030303a3a2f33362d3336203d3e20323638353436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:52dc:5000::/36

    Signature Algorithm: sha256WithRSAEncryption
         39:f3:45:9c:2a:06:51:cc:37:e7:72:95:b7:e3:97:71:ad:41:
         c7:2d:40:0a:00:34:8e:d3:29:ac:ab:cc:ed:0a:f8:36:ac:4b:
         55:f8:b3:ab:31:c8:6d:0f:cf:e4:11:75:7a:76:35:58:3b:0f:
         cb:b8:4c:8c:bd:57:47:d8:83:40:7d:0b:ec:7b:c0:72:66:c1:
         64:41:97:1a:36:f4:13:bd:43:27:4a:25:55:ac:2b:41:0f:df:
         6a:62:83:24:ee:e1:c3:9b:15:d2:8b:99:7e:37:8f:c1:1b:96:
         6b:08:04:fe:27:49:ee:4c:7e:32:19:a4:85:d1:20:93:bb:c0:
         13:ff:da:62:95:d2:9e:70:25:f3:eb:6b:d5:9a:47:d9:79:14:
         56:df:82:bc:9c:9a:dc:e3:04:16:2a:0d:39:f0:b5:ba:c8:48:
         05:46:2c:2b:98:2a:ba:fe:cc:07:98:7f:76:81:70:d3:49:ea:
         04:f6:87:59:e9:14:a4:12:2a:60:57:43:47:a8:15:4b:4b:55:
         f3:05:75:74:6d:14:66:e4:28:f9:2d:8b:3b:33:62:66:51:18:
         7a:0e:2c:f1:05:d2:d5:01:37:9a:37:95:45:62:41:fc:91:51:
         47:f1:9b:08:07:73:d7:14:06:67:e8:ff:6e:f5:35:36:a9:65:
         7f:87:09:b8
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUHzsfdbsd8aUwf/q2VKFUkvR1M/kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzJDM0EyMEJFQkUxQUM3QTZDM0UwOTU4Q0NCOTcxREVB
NjRERTFCNDAeFw0yNTA2MDQwMTAwNDNaFw0yNjA2MDMwMTA1NDNaMDMxMTAvBgNV
BAMTKDdBRTJBRkI5RDk1RjNGNTA5Njg4REE4MTE1RjQxQzY0NkMyNTMwNjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgWsZY5vy83RoW0x27wQ0ZcnNz
5m5s8qqZ20SY9ti+1zrVIh00iulnmAHEzCsAmyeGUkAOMDq09rAFSoejVRlC1h7q
9JIDfZWPBxIGd6OOyhcuq6n4m6lsQ3b++4kGc8/2MLSUN3bF9YS4D9V0Br4W0Mks
ZOoLr1nuX020A1YnVt4GnmurElII6PfqRqnQAjfwf8yG/X0QZZ1BPnkh83r6Iq0a
7e0HGIuI5wVAdQxGLcMxPm8eHTVLNRvwn0N3GBI7DWvB+X26Gq6P+ACb6oslvTWb
2Pg7RcPFmRn4SYMaxCXktuF++nrxVia4YIKi5UtSBi0RXo4o1wc1fWzxjcQ/AgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUeuKvudlfP1CWiNqBFfQcZGwlMGcwHwYDVR0j
BBgwFoAUMsOiC+vhrHpsPglYzLlx3qZN4bQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQkhrR1ZkQjJoUm96ZHFoSkZmZkduTmRpY0I4aG5wdDZKclJvWG1jZ0hn
NTMvMC8zMkMzQTIwQkVCRTFBQzdBNkMzRTA5NThDQ0I5NzFERUE2NERFMUI0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzMyQzNBMjBCRUJFMUFDN0E2
QzNFMDk1OENDQjk3MURFQTY0REUxQjQuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JIa0dWZEIyaFJvemRxaEpGZmZHbk5kaWNCOGhucHQ2SnJSb1htY2dIZzUzLzAv
MzIzODMwMzQzYTM1MzI2NDYzM2EzNTMwMzAzMDNhM2EyZjMzMzYyZDMzMzYyMDNk
M2UyMDMyMzYzODM1MzQzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCgEUtxQMA0GCSqGSIb3DQEBCwUA
A4IBAQA580WcKgZRzDfncpW345dxrUHHLUAKADSO0ymsq8ztCvg2rEtV+LOrMcht
D8/kEXV6djVYOw/LuEyMvVdH2INAfQvse8ByZsFkQZcaNvQTvUMnSiVVrCtBD99q
YoMk7uHDmxXSi5l+N4/BG5ZrCAT+J0nuTH4yGaSF0SCTu8AT/9pildKecCXz62vV
mkfZeRRW34K8nJrc4wQWKg058LW6yEgFRiwrmCq6/swHmH92gXDTSeoE9odZ6RSk
EipgV0NHqBVLS1XzBXV0bRRm5Cj5LYs7M2JmURh6DizxBdLVATeaN5VFYkH8kVFH
8ZsIB3PXFAZn6P9u9TU2qWV/hwm4
-----END CERTIFICATE-----
Generated at Tue Jun 10 07:29:58 2025 by rpki-client