Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/323830343a353264633a373030303a3a2f33362d3336203d3e20323638353436.roa
File:                     323830343a353264633a373030303a3a2f33362d3336203d3e20323638353436.roa (raw, json)
Hash identifier:          m2xAilQxo5Qrl7XF+PUtIKKCyEyMYmna27e5JHA/iSg=
Subject key identifier:   D6:65:EA:83:DA:5D:C4:21:9E:9C:4C:50:16:9C:5A:CE:54:24:6B:BF
Certificate issuer:       /CN=32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4
Certificate serial:       08859F52BF64D92207CA30A65A3D00D34FD28834
Authority key identifier: 32:C3:A2:0B:EB:E1:AC:7A:6C:3E:09:58:CC:B9:71:DE:A6:4D:E1:B4
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/323830343a353264633a373030303a3a2f33362d3336203d3e20323638353436.roa
Signing time:             Wed 04 Jun 2025 01:05:46 +0000
ROA not before:           Wed 04 Jun 2025 01:00:46 +0000
ROA not after:            Wed 03 Jun 2026 01:05:46 +0000
asID:                     268546
IP address blocks:        2804:52dc:7000::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.crl
                          rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 11:40:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:85:9f:52:bf:64:d9:22:07:ca:30:a6:5a:3d:00:d3:4f:d2:88:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4
        Validity
            Not Before: Jun  4 01:00:46 2025 GMT
            Not After : Jun  3 01:05:46 2026 GMT
        Subject: CN=D665EA83DA5DC4219E9C4C50169C5ACE54246BBF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:8b:44:9e:70:95:a1:f3:aa:2d:e2:64:21:42:
                    4a:1b:34:55:88:4f:ec:00:d4:9b:10:09:0e:55:ed:
                    60:f3:f0:4f:44:b5:6a:03:e3:70:05:bc:80:b9:84:
                    c3:27:a1:b3:01:4a:47:aa:d0:04:37:54:65:26:d5:
                    25:fb:36:da:29:d0:f1:32:f7:ff:a7:8d:fa:91:cc:
                    93:68:be:95:be:64:ff:3b:78:fe:9a:5f:80:a3:28:
                    95:d9:7a:af:cf:ae:88:47:eb:de:c9:2a:2e:26:65:
                    35:9d:ec:8a:29:d3:0f:77:b3:0a:11:27:87:04:f4:
                    eb:92:84:48:56:aa:9b:bb:03:2d:99:49:45:ff:de:
                    2e:0a:08:10:dc:60:53:7a:52:21:d8:9b:bb:39:25:
                    24:62:f3:a8:60:64:13:3d:f4:d1:68:f8:00:6d:4a:
                    ba:17:7f:42:ba:03:95:73:50:da:0f:a3:4b:4b:ed:
                    d1:91:09:06:fb:b6:b2:f6:af:d1:d1:18:97:0b:bf:
                    72:43:01:43:e4:bf:81:17:b7:7c:94:60:3c:24:6b:
                    88:dd:99:dc:25:9d:32:04:91:94:8a:d6:a1:42:b9:
                    1f:4d:04:22:fb:1b:78:4f:d3:40:8d:1f:0f:18:d0:
                    83:e4:a8:db:44:f3:43:fc:87:b5:1e:d1:f0:e0:35:
                    a6:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D6:65:EA:83:DA:5D:C4:21:9E:9C:4C:50:16:9C:5A:CE:54:24:6B:BF
            X509v3 Authority Key Identifier:
                keyid:32:C3:A2:0B:EB:E1:AC:7A:6C:3E:09:58:CC:B9:71:DE:A6:4D:E1:B4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/323830343a353264633a373030303a3a2f33362d3336203d3e20323638353436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:52dc:7000::/36

    Signature Algorithm: sha256WithRSAEncryption
         29:8d:36:23:23:58:14:4c:48:3b:a4:c1:95:de:58:fd:ef:86:
         1a:44:c3:74:a3:c3:e9:58:2a:3a:9a:15:58:2f:74:6f:0a:e3:
         64:49:c4:7d:6f:4b:2a:0c:ca:4d:da:99:a4:8d:a3:1f:4d:4b:
         c1:9c:c8:70:78:5a:c6:95:9a:a4:da:6d:74:a5:a7:c4:57:6a:
         ef:1a:cc:2d:a6:55:32:5c:bc:c7:a7:31:9c:6a:3f:5c:93:4d:
         7c:9a:c8:60:3f:8d:54:96:ee:1c:a6:6e:e5:70:71:94:0f:b4:
         01:28:ae:de:88:5a:a0:e9:71:46:53:69:01:54:33:66:fd:f1:
         f5:db:31:33:2b:16:4d:6e:16:79:bb:35:0a:aa:b3:27:1d:14:
         53:26:e0:8f:31:7a:67:a0:4e:61:b8:7c:e3:27:24:e1:19:6c:
         a6:23:94:8e:35:e0:73:01:97:b8:99:af:ac:8d:34:66:05:ca:
         cf:fb:a3:aa:e2:57:da:65:11:f5:e5:7f:f5:97:87:bc:5a:e7:
         57:ef:31:0b:56:c7:b3:de:f2:52:45:bb:12:c7:6f:26:40:68:
         50:9f:81:5d:f3:0f:5b:c1:0b:db:d1:f5:91:96:5a:2e:35:fd:
         c6:b0:31:68:15:47:cd:08:1a:08:c1:ea:1a:24:8c:4e:5a:e4:
         83:f8:83:34
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUCIWfUr9k2SIHyjCmWj0A00/SiDQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzJDM0EyMEJFQkUxQUM3QTZDM0UwOTU4Q0NCOTcxREVB
NjRERTFCNDAeFw0yNTA2MDQwMTAwNDZaFw0yNjA2MDMwMTA1NDZaMDMxMTAvBgNV
BAMTKEQ2NjVFQTgzREE1REM0MjE5RTlDNEM1MDE2OUM1QUNFNTQyNDZCQkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoi0SecJWh86ot4mQhQkobNFWI
T+wA1JsQCQ5V7WDz8E9EtWoD43AFvIC5hMMnobMBSkeq0AQ3VGUm1SX7Ntop0PEy
9/+njfqRzJNovpW+ZP87eP6aX4CjKJXZeq/ProhH697JKi4mZTWd7Iop0w93swoR
J4cE9OuShEhWqpu7Ay2ZSUX/3i4KCBDcYFN6UiHYm7s5JSRi86hgZBM99NFo+ABt
SroXf0K6A5VzUNoPo0tL7dGRCQb7trL2r9HRGJcLv3JDAUPkv4EXt3yUYDwka4jd
mdwlnTIEkZSK1qFCuR9NBCL7G3hP00CNHw8Y0IPkqNtE80P8h7Ue0fDgNaapAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQU1mXqg9pdxCGenExQFpxazlQka78wHwYDVR0j
BBgwFoAUMsOiC+vhrHpsPglYzLlx3qZN4bQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQkhrR1ZkQjJoUm96ZHFoSkZmZkduTmRpY0I4aG5wdDZKclJvWG1jZ0hn
NTMvMC8zMkMzQTIwQkVCRTFBQzdBNkMzRTA5NThDQ0I5NzFERUE2NERFMUI0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzMyQzNBMjBCRUJFMUFDN0E2
QzNFMDk1OENDQjk3MURFQTY0REUxQjQuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JIa0dWZEIyaFJvemRxaEpGZmZHbk5kaWNCOGhucHQ2SnJSb1htY2dIZzUzLzAv
MzIzODMwMzQzYTM1MzI2NDYzM2EzNzMwMzAzMDNhM2EyZjMzMzYyZDMzMzYyMDNk
M2UyMDMyMzYzODM1MzQzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCgEUtxwMA0GCSqGSIb3DQEBCwUA
A4IBAQApjTYjI1gUTEg7pMGV3lj974YaRMN0o8PpWCo6mhVYL3RvCuNkScR9b0sq
DMpN2pmkjaMfTUvBnMhweFrGlZqk2m10pafEV2rvGswtplUyXLzHpzGcaj9ck018
mshgP41Ulu4cpm7lcHGUD7QBKK7eiFqg6XFGU2kBVDNm/fH12zEzKxZNbhZ5uzUK
qrMnHRRTJuCPMXpnoE5huHzjJyThGWymI5SONeBzAZe4ma+sjTRmBcrP+6Oq4lfa
ZRH15X/1l4e8WudX7zELVsez3vJSRbsSx28mQGhQn4Fd8w9bwQvb0fWRllouNf3G
sDFoFUfNCBoIweoaJIxOWuSD+IM0
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:05:47 2025 by rpki-client