Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/323830343a366533633a3a2f33322d3332203d3e203238353732.roa
File:                     323830343a366533633a3a2f33322d3332203d3e203238353732.roa (raw, json)
Hash identifier:          u0hqOOb38AtyDUeXhdJAU/HMAjEsrQJvXRsGHQqaTwM=
Subject key identifier:   1D:02:86:2D:31:55:C0:37:86:C4:AC:B7:48:0E:90:90:40:87:C7:EC
Certificate issuer:       /CN=19EAE38D15F5899D3609C411EB1A1C6B42DFB009
Certificate serial:       62CC79BCC33729BDE7A4C1A88A44867AF8CF2E08
Authority key identifier: 19:EA:E3:8D:15:F5:89:9D:36:09:C4:11:EB:1A:1C:6B:42:DF:B0:09
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/323830343a366533633a3a2f33322d3332203d3e203238353732.roa
Signing time:             Sat 31 May 2025 16:01:49 +0000
ROA not before:           Sat 31 May 2025 15:56:49 +0000
ROA not after:            Sat 30 May 2026 16:01:49 +0000
asID:                     28572
IP address blocks:        2804:6e3c::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.crl
                          rsync://rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 01:04:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:cc:79:bc:c3:37:29:bd:e7:a4:c1:a8:8a:44:86:7a:f8:cf:2e:08
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19EAE38D15F5899D3609C411EB1A1C6B42DFB009
        Validity
            Not Before: May 31 15:56:49 2025 GMT
            Not After : May 30 16:01:49 2026 GMT
        Subject: CN=1D02862D3155C03786C4ACB7480E90904087C7EC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:ba:08:55:62:55:91:d3:95:b4:a2:2a:4c:16:
                    a9:a6:05:aa:22:ff:a2:2c:3b:e5:a0:11:af:90:78:
                    55:16:18:f8:9d:90:4b:8c:2d:07:bd:45:7e:bc:7c:
                    6c:d1:75:1e:3d:11:09:e0:50:6f:12:2d:86:0f:a4:
                    6c:d6:ea:99:79:f6:7c:23:f2:c8:1a:90:60:f9:e8:
                    74:c9:84:58:29:fc:0d:bb:74:f0:c7:4b:33:ae:a1:
                    6c:a7:16:f9:4a:61:ae:dc:3c:a7:b7:5f:21:e0:ec:
                    b4:d8:ca:05:58:a2:99:9e:1a:9a:d7:26:28:c9:ee:
                    df:51:21:04:83:29:db:9d:b9:5e:e8:c0:0d:c9:00:
                    ff:96:34:37:ef:72:3d:1b:00:4b:ba:e7:a9:e5:ce:
                    55:18:70:8c:8c:80:02:f7:b9:cc:57:34:46:a8:2c:
                    54:d3:bf:8b:8c:ae:7c:9d:fb:13:4e:55:54:1d:65:
                    6b:a9:21:eb:89:4f:c1:b9:c9:66:fd:bd:0d:b3:2e:
                    0a:92:d9:01:e7:d1:53:2f:38:4c:3c:9e:a1:99:a2:
                    ca:b9:57:53:87:b4:c0:cc:42:1c:f7:e4:05:30:a1:
                    7c:5c:98:6d:0e:61:a1:4d:5b:a7:50:09:52:19:60:
                    40:0c:7e:73:7a:cc:f6:9c:6c:6e:1b:a7:f5:11:d4:
                    da:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:02:86:2D:31:55:C0:37:86:C4:AC:B7:48:0E:90:90:40:87:C7:EC
            X509v3 Authority Key Identifier:
                keyid:19:EA:E3:8D:15:F5:89:9D:36:09:C4:11:EB:1A:1C:6B:42:DF:B0:09

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/323830343a366533633a3a2f33322d3332203d3e203238353732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:6e3c::/32

    Signature Algorithm: sha256WithRSAEncryption
         3b:68:ed:2d:c9:01:51:9d:6b:d1:ee:36:ce:54:d2:0a:74:ed:
         23:f9:3b:e9:7c:1b:b7:a5:e6:74:a2:4f:13:ae:89:65:ef:47:
         18:48:dd:d6:50:5c:36:00:fc:80:f0:d8:48:c3:6b:9e:af:f2:
         5a:78:7c:78:71:c0:42:d5:07:98:4a:5f:0f:6c:a5:51:0f:78:
         65:23:c8:29:9d:eb:58:05:27:8a:89:e4:9f:46:80:7d:fb:80:
         a8:ad:47:38:04:f9:ea:74:99:a8:ce:53:68:bd:c1:a4:f6:6a:
         f7:1f:3b:51:1e:bf:97:2a:bf:a2:b0:a8:ce:f8:eb:69:42:17:
         75:6d:90:ec:a5:cc:e2:c4:d8:63:a9:a2:b0:91:bd:8e:24:10:
         10:cd:f1:0b:27:b9:75:7a:b9:89:6e:a8:fd:c5:3c:d7:c5:ee:
         80:b7:4b:f1:e6:cd:17:b0:45:ad:73:f7:65:19:46:dc:76:ec:
         fb:20:02:1b:48:2e:aa:8c:da:88:0d:10:d9:6d:96:01:70:53:
         09:a9:86:2a:4c:93:23:04:5a:80:23:7e:56:35:99:78:d9:0f:
         d6:2d:4d:de:4c:6c:bf:60:0a:77:af:bf:b8:15:cf:46:96:52:
         00:ec:38:be:b5:a3:6f:0a:e9:0a:b3:b2:9e:38:81:1c:56:79:
         1c:80:04:01
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgIUYsx5vMM3Kb3npMGoikSGevjPLggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTlFQUUzOEQxNUY1ODk5RDM2MDlDNDExRUIxQTFDNkI0
MkRGQjAwOTAeFw0yNTA1MzExNTU2NDlaFw0yNjA1MzAxNjAxNDlaMDMxMTAvBgNV
BAMTKDFEMDI4NjJEMzE1NUMwMzc4NkM0QUNCNzQ4MEU5MDkwNDA4N0M3RUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfughVYlWR05W0oipMFqmmBaoi
/6IsO+WgEa+QeFUWGPidkEuMLQe9RX68fGzRdR49EQngUG8SLYYPpGzW6pl59nwj
8sgakGD56HTJhFgp/A27dPDHSzOuoWynFvlKYa7cPKe3XyHg7LTYygVYopmeGprX
JijJ7t9RIQSDKduduV7owA3JAP+WNDfvcj0bAEu656nlzlUYcIyMgAL3ucxXNEao
LFTTv4uMrnyd+xNOVVQdZWupIeuJT8G5yWb9vQ2zLgqS2QHn0VMvOEw8nqGZosq5
V1OHtMDMQhz35AUwoXxcmG0OYaFNW6dQCVIZYEAMfnN6zPacbG4bp/UR1NrHAgMB
AAGjggJOMIICSjAdBgNVHQ4EFgQUHQKGLTFVwDeGxKy3SA6QkECHx+wwHwYDVR0j
BBgwFoAUGerjjRX1iZ02CcQR6xoca0LfsAkwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQk5abWZjelg4eExwVUxDQVhXQnhhamt3QkhESkprc0poSks0UG9hd3hB
U1EvMC8xOUVBRTM4RDE1RjU4OTlEMzYwOUM0MTFFQjFBMUM2QjQyREZCMDA5LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzE5RUFFMzhEMTVGNTg5OUQz
NjA5QzQxMUVCMUExQzZCNDJERkIwMDkuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JOWm1mY3pYOHhMcFVMQ0FYV0J4YWprd0JIREpKa3NKaEpLNFBvYXd4QVNRLzAv
MzIzODMwMzQzYTM2NjUzMzYzM2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzODM1
MzczMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB
/wQRMA8wDQQCAAIwBwMFACgEbjwwDQYJKoZIhvcNAQELBQADggEBADto7S3JAVGd
a9HuNs5U0gp07SP5O+l8G7el5nSiTxOuiWXvRxhI3dZQXDYA/IDw2EjDa56v8lp4
fHhxwELVB5hKXw9spVEPeGUjyCmd61gFJ4qJ5J9GgH37gKitRzgE+ep0majOU2i9
waT2avcfO1Eev5cqv6KwqM7462lCF3VtkOylzOLE2GOporCRvY4kEBDN8QsnuXV6
uYluqP3FPNfF7oC3S/HmzRewRa1z92UZRtx27PsgAhtILqqM2ogNENltlgFwUwmp
hipMkyMEWoAjflY1mXjZD9YtTd5MbL9gCnevv7gVz0aWUgDsOL61o28K6Qqzsp44
gRxWeRyABAE=
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:55:59 2025 by rpki-client