Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/323830343a353264633a383030303a3a2f33362d3336203d3e20323638353436.roa
File:                     323830343a353264633a383030303a3a2f33362d3336203d3e20323638353436.roa (raw, json)
Hash identifier:          CxMBAt5bPEhhqi5PG4DWw+cyduiEETEYKdO/EM/cXY8=
Subject key identifier:   96:D9:38:78:E8:28:35:14:EF:E7:90:FE:31:31:AC:07:4B:80:81:FE
Certificate issuer:       /CN=32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4
Certificate serial:       1C2C44E918C50D18F4AC54C35C34CAB5800F3008
Authority key identifier: 32:C3:A2:0B:EB:E1:AC:7A:6C:3E:09:58:CC:B9:71:DE:A6:4D:E1:B4
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/323830343a353264633a383030303a3a2f33362d3336203d3e20323638353436.roa
Signing time:             Wed 04 Jun 2025 01:05:45 +0000
ROA not before:           Wed 04 Jun 2025 01:00:45 +0000
ROA not after:            Wed 03 Jun 2026 01:05:45 +0000
asID:                     268546
IP address blocks:        2804:52dc:8000::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.crl
                          rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 05:18:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1c:2c:44:e9:18:c5:0d:18:f4:ac:54:c3:5c:34:ca:b5:80:0f:30:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4
        Validity
            Not Before: Jun  4 01:00:45 2025 GMT
            Not After : Jun  3 01:05:45 2026 GMT
        Subject: CN=96D93878E8283514EFE790FE3131AC074B8081FE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:71:21:cd:3a:9e:b8:89:52:e9:67:9a:a3:61:
                    3d:77:f9:b2:9c:f2:63:c7:4a:57:25:de:f1:14:30:
                    53:bb:e5:ef:8f:a4:21:ac:33:3a:fa:7f:c3:4e:9d:
                    d9:a1:00:e5:fb:9b:d3:60:6b:0a:08:fe:89:1b:b2:
                    10:34:f6:cf:e4:49:c8:e4:77:dc:7c:ba:99:08:9e:
                    23:d3:9e:91:62:63:de:55:d6:1f:ca:1c:2e:3b:ed:
                    76:19:49:db:c4:ca:80:38:2f:16:31:04:63:d9:a3:
                    99:c8:d7:f0:c0:69:fb:19:af:86:75:2e:81:70:0f:
                    fc:2d:e6:28:2e:18:97:7b:8a:f3:0d:42:3a:c8:6e:
                    d0:a2:09:29:4a:42:43:42:84:7c:d2:07:8b:09:be:
                    33:94:59:31:57:14:9a:74:5f:ca:44:de:7e:40:ae:
                    e2:89:5c:2c:90:62:47:4e:96:37:31:c4:8a:76:13:
                    10:18:10:eb:7c:56:c7:64:3a:e1:73:c9:a3:1b:b5:
                    f5:b7:8a:6b:78:36:18:76:48:70:05:e0:47:5d:f7:
                    cf:61:02:7b:4c:19:2e:ad:d8:d6:02:36:6c:ad:74:
                    5b:bd:73:78:54:8a:b7:5c:1e:ea:d2:f0:25:5e:7a:
                    13:0d:4d:4b:8c:27:9a:11:82:3b:8d:2f:27:d5:aa:
                    81:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                96:D9:38:78:E8:28:35:14:EF:E7:90:FE:31:31:AC:07:4B:80:81:FE
            X509v3 Authority Key Identifier:
                keyid:32:C3:A2:0B:EB:E1:AC:7A:6C:3E:09:58:CC:B9:71:DE:A6:4D:E1:B4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/323830343a353264633a383030303a3a2f33362d3336203d3e20323638353436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:52dc:8000::/36

    Signature Algorithm: sha256WithRSAEncryption
         6f:44:3e:93:11:3a:a8:06:81:dd:4a:1d:80:5b:79:88:0d:81:
         4d:62:b4:6c:3e:d8:18:9c:83:16:4a:bc:5a:ac:89:5a:fc:1b:
         00:60:32:f0:3a:66:24:29:ec:95:e2:74:44:fc:a9:c5:c4:09:
         fd:bb:f6:e7:90:1f:ee:fa:2b:74:a6:03:93:a2:55:4e:e7:26:
         8a:7e:6b:78:4e:1b:2d:2e:f2:ef:3d:b6:52:29:9e:0d:1e:03:
         89:5e:31:13:81:66:b8:63:42:04:00:8d:bb:b5:5b:8a:db:24:
         94:6a:1e:51:8c:ea:53:79:3f:29:75:17:f6:22:9e:df:f2:6d:
         83:ef:ce:25:cf:6a:f3:61:7d:2d:43:69:18:5f:1f:a7:fa:0a:
         d6:60:95:75:12:ad:66:b9:ad:fe:a9:06:fa:98:4a:3e:f3:a8:
         60:f1:1f:ce:68:fd:47:72:75:32:db:df:24:66:6f:80:55:8d:
         dc:40:b9:2a:72:69:f6:f6:dc:6d:56:02:0d:c5:9d:2a:d6:1a:
         0a:1f:dd:c8:1c:d1:6b:96:40:72:c9:2b:9d:3f:c9:e3:6b:25:
         dc:de:c9:9f:1f:34:e0:1f:07:43:cf:8b:13:58:c5:d7:9a:9d:
         72:00:6d:9b:5f:5b:7c:04:40:12:a6:32:f0:0c:3a:ad:a4:04:
         1c:af:96:e6
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUHCxE6RjFDRj0rFTDXDTKtYAPMAgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzJDM0EyMEJFQkUxQUM3QTZDM0UwOTU4Q0NCOTcxREVB
NjRERTFCNDAeFw0yNTA2MDQwMTAwNDVaFw0yNjA2MDMwMTA1NDVaMDMxMTAvBgNV
BAMTKDk2RDkzODc4RTgyODM1MTRFRkU3OTBGRTMxMzFBQzA3NEI4MDgxRkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRcSHNOp64iVLpZ5qjYT13+bKc
8mPHSlcl3vEUMFO75e+PpCGsMzr6f8NOndmhAOX7m9NgawoI/okbshA09s/kScjk
d9x8upkIniPTnpFiY95V1h/KHC477XYZSdvEyoA4LxYxBGPZo5nI1/DAafsZr4Z1
LoFwD/wt5iguGJd7ivMNQjrIbtCiCSlKQkNChHzSB4sJvjOUWTFXFJp0X8pE3n5A
ruKJXCyQYkdOljcxxIp2ExAYEOt8VsdkOuFzyaMbtfW3imt4Nhh2SHAF4Edd989h
AntMGS6t2NYCNmytdFu9c3hUirdcHurS8CVeehMNTUuMJ5oRgjuNLyfVqoHxAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUltk4eOgoNRTv55D+MTGsB0uAgf4wHwYDVR0j
BBgwFoAUMsOiC+vhrHpsPglYzLlx3qZN4bQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQkhrR1ZkQjJoUm96ZHFoSkZmZkduTmRpY0I4aG5wdDZKclJvWG1jZ0hn
NTMvMC8zMkMzQTIwQkVCRTFBQzdBNkMzRTA5NThDQ0I5NzFERUE2NERFMUI0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzMyQzNBMjBCRUJFMUFDN0E2
QzNFMDk1OENDQjk3MURFQTY0REUxQjQuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JIa0dWZEIyaFJvemRxaEpGZmZHbk5kaWNCOGhucHQ2SnJSb1htY2dIZzUzLzAv
MzIzODMwMzQzYTM1MzI2NDYzM2EzODMwMzAzMDNhM2EyZjMzMzYyZDMzMzYyMDNk
M2UyMDMyMzYzODM1MzQzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCgEUtyAMA0GCSqGSIb3DQEBCwUA
A4IBAQBvRD6TETqoBoHdSh2AW3mIDYFNYrRsPtgYnIMWSrxarIla/BsAYDLwOmYk
KeyV4nRE/KnFxAn9u/bnkB/u+it0pgOTolVO5yaKfmt4ThstLvLvPbZSKZ4NHgOJ
XjETgWa4Y0IEAI27tVuK2ySUah5RjOpTeT8pdRf2Ip7f8m2D784lz2rzYX0tQ2kY
Xx+n+grWYJV1Eq1mua3+qQb6mEo+86hg8R/OaP1HcnUy298kZm+AVY3cQLkqcmn2
9txtVgINxZ0q1hoKH93IHNFrlkByySudP8njayXc3smfHzTgHwdDz4sTWMXXmp1y
AG2bX1t8BEASpjLwDDqtpAQcr5bm
-----END CERTIFICATE-----
Generated at Tue Jun 10 17:20:34 2025 by rpki-client