Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/323830343a353264633a393030303a3a2f33362d3336203d3e20323638353436.roa
File:                     323830343a353264633a393030303a3a2f33362d3336203d3e20323638353436.roa (raw, json)
Hash identifier:          AqHkfIwZ2xFReI+5XGQGidlEUL29d3TXEGbEg97ys8I=
Subject key identifier:   52:60:47:5D:6C:0F:16:5F:FB:F7:A4:10:84:EA:80:E1:0D:E1:05:0D
Certificate issuer:       /CN=32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4
Certificate serial:       2FF2849B0C73897A95642598F62D127827611FC0
Authority key identifier: 32:C3:A2:0B:EB:E1:AC:7A:6C:3E:09:58:CC:B9:71:DE:A6:4D:E1:B4
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/323830343a353264633a393030303a3a2f33362d3336203d3e20323638353436.roa
Signing time:             Wed 04 Jun 2025 01:05:44 +0000
ROA not before:           Wed 04 Jun 2025 01:00:44 +0000
ROA not after:            Wed 03 Jun 2026 01:05:44 +0000
asID:                     268546
IP address blocks:        2804:52dc:9000::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.crl
                          rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 11:40:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2f:f2:84:9b:0c:73:89:7a:95:64:25:98:f6:2d:12:78:27:61:1f:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4
        Validity
            Not Before: Jun  4 01:00:44 2025 GMT
            Not After : Jun  3 01:05:44 2026 GMT
        Subject: CN=5260475D6C0F165FFBF7A41084EA80E10DE1050D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:e5:fa:ed:65:1d:1a:53:12:20:53:ac:d0:b6:
                    de:02:00:78:3c:40:75:eb:29:49:95:3e:f4:21:7c:
                    c5:56:5a:36:9e:2e:bc:35:66:e3:db:8c:04:62:4b:
                    64:87:1a:43:12:33:68:1e:20:08:7f:1f:13:be:7d:
                    cd:57:e3:f5:d6:be:f2:e6:7f:e2:02:13:f8:04:47:
                    d9:03:62:fe:2b:f8:8c:5c:9b:06:95:29:34:52:57:
                    19:1c:44:25:a4:a3:af:f4:76:c8:57:50:42:04:dc:
                    fb:54:fa:d4:ef:4d:b0:a8:c9:cc:56:74:77:dd:13:
                    89:4c:0c:3f:10:49:d2:03:0c:ac:50:89:53:10:dc:
                    79:3d:66:af:85:51:d3:0d:f5:b7:dd:8e:f7:68:4a:
                    a7:79:62:1f:c6:55:d0:69:4e:ff:61:2c:0a:5c:1f:
                    1c:1e:91:1a:2b:ad:95:ad:f6:94:bc:56:d3:8f:b3:
                    32:f1:7d:36:68:b0:ad:1f:13:d4:26:54:44:a6:15:
                    6e:2a:62:a0:24:c7:b8:bf:85:25:2f:31:c4:ae:ed:
                    31:ef:ed:46:15:f3:f9:dd:b1:5a:bd:01:80:8a:87:
                    3a:8b:61:0c:03:a2:5c:dd:b0:51:08:a0:77:f4:7b:
                    63:cf:4c:50:80:e4:af:8d:cc:d9:f2:4f:88:7d:d5:
                    83:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                52:60:47:5D:6C:0F:16:5F:FB:F7:A4:10:84:EA:80:E1:0D:E1:05:0D
            X509v3 Authority Key Identifier:
                keyid:32:C3:A2:0B:EB:E1:AC:7A:6C:3E:09:58:CC:B9:71:DE:A6:4D:E1:B4

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/32C3A20BEBE1AC7A6C3E0958CCB971DEA64DE1B4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BHkGVdB2hRozdqhJFffGnNdicB8hnpt6JrRoXmcgHg53/0/323830343a353264633a393030303a3a2f33362d3336203d3e20323638353436.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:52dc:9000::/36

    Signature Algorithm: sha256WithRSAEncryption
         13:c4:9d:2c:58:a3:b8:4b:c2:26:d8:79:7b:5b:95:0f:49:b7:
         34:06:41:68:7e:fc:c7:91:a0:06:f3:8e:fa:a0:9d:d7:01:50:
         13:45:ca:e6:aa:be:8e:6c:5a:c0:28:e6:74:5a:42:0d:b0:c5:
         cc:69:99:94:09:ac:df:74:d7:fa:91:d0:fa:e4:f5:4f:0d:d0:
         3b:8b:31:3e:ae:51:fe:6d:ad:a8:39:0f:88:55:92:88:26:a1:
         8c:6e:d2:92:11:a1:42:52:c5:f6:94:9f:50:74:43:d1:7f:17:
         06:40:d6:d5:fb:be:14:81:53:f1:a1:a5:bb:9e:dd:ce:a0:98:
         2e:46:06:3a:37:11:79:08:93:0c:50:44:8b:12:2e:2a:1f:dd:
         8b:3d:b7:97:4a:d2:3a:b1:02:ff:e9:b2:6a:3a:7d:42:b3:ff:
         50:87:40:c6:73:c7:07:d3:d9:4f:03:00:b8:11:3e:d7:55:c9:
         34:34:bb:c9:18:b8:a7:69:0a:19:e9:b2:26:3e:fe:f6:94:df:
         bf:7f:e1:49:82:58:6c:b4:6c:e9:a7:d3:b1:99:9e:8c:ae:7a:
         ed:b0:98:6e:ec:e3:dd:d3:92:57:41:12:27:af:aa:b7:98:27:
         01:84:58:e0:63:cf:4c:67:07:5f:9f:56:01:50:0f:9d:dc:be:
         5d:a3:16:12
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUL/KEmwxziXqVZCWY9i0SeCdhH8AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzJDM0EyMEJFQkUxQUM3QTZDM0UwOTU4Q0NCOTcxREVB
NjRERTFCNDAeFw0yNTA2MDQwMTAwNDRaFw0yNjA2MDMwMTA1NDRaMDMxMTAvBgNV
BAMTKDUyNjA0NzVENkMwRjE2NUZGQkY3QTQxMDg0RUE4MEUxMERFMTA1MEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZ5frtZR0aUxIgU6zQtt4CAHg8
QHXrKUmVPvQhfMVWWjaeLrw1ZuPbjARiS2SHGkMSM2geIAh/HxO+fc1X4/XWvvLm
f+ICE/gER9kDYv4r+IxcmwaVKTRSVxkcRCWko6/0dshXUEIE3PtU+tTvTbCoycxW
dHfdE4lMDD8QSdIDDKxQiVMQ3Hk9Zq+FUdMN9bfdjvdoSqd5Yh/GVdBpTv9hLApc
HxwekRorrZWt9pS8VtOPszLxfTZosK0fE9QmVESmFW4qYqAkx7i/hSUvMcSu7THv
7UYV8/ndsVq9AYCKhzqLYQwDolzdsFEIoHf0e2PPTFCA5K+NzNnyT4h91YMXAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUUmBHXWwPFl/796QQhOqA4Q3hBQ0wHwYDVR0j
BBgwFoAUMsOiC+vhrHpsPglYzLlx3qZN4bQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQkhrR1ZkQjJoUm96ZHFoSkZmZkduTmRpY0I4aG5wdDZKclJvWG1jZ0hn
NTMvMC8zMkMzQTIwQkVCRTFBQzdBNkMzRTA5NThDQ0I5NzFERUE2NERFMUI0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzMyQzNBMjBCRUJFMUFDN0E2
QzNFMDk1OENDQjk3MURFQTY0REUxQjQuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JIa0dWZEIyaFJvemRxaEpGZmZHbk5kaWNCOGhucHQ2SnJSb1htY2dIZzUzLzAv
MzIzODMwMzQzYTM1MzI2NDYzM2EzOTMwMzAzMDNhM2EyZjMzMzYyZDMzMzYyMDNk
M2UyMDMyMzYzODM1MzQzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCgEUtyQMA0GCSqGSIb3DQEBCwUA
A4IBAQATxJ0sWKO4S8Im2Hl7W5UPSbc0BkFofvzHkaAG8476oJ3XAVATRcrmqr6O
bFrAKOZ0WkINsMXMaZmUCazfdNf6kdD65PVPDdA7izE+rlH+ba2oOQ+IVZKIJqGM
btKSEaFCUsX2lJ9QdEPRfxcGQNbV+74UgVPxoaW7nt3OoJguRgY6NxF5CJMMUESL
Ei4qH92LPbeXStI6sQL/6bJqOn1Cs/9Qh0DGc8cH09lPAwC4ET7XVck0NLvJGLin
aQoZ6bImPv72lN+/f+FJglhstGzpp9OxmZ6MrnrtsJhu7OPd05JXQRInr6q3mCcB
hFjgY89MZwdfn1YBUA+d3L5doxYS
-----END CERTIFICATE-----
Generated at Mon Jun 9 19:06:53 2025 by rpki-client