Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/323830343a366533633a3a2f33332d3333203d3e203238353732.roa
File:                     323830343a366533633a3a2f33332d3333203d3e203238353732.roa (raw, json)
Hash identifier:          OeyhvVIVZQikdYuDfsnIKQW7LbmjXF+0hhTsXG8AReY=
Subject key identifier:   A5:55:8D:2A:C4:71:D4:A6:93:45:8C:B0:95:DF:3E:41:FA:47:15:4C
Certificate issuer:       /CN=19EAE38D15F5899D3609C411EB1A1C6B42DFB009
Certificate serial:       1A0F134B4D042623DC53EF841BA8532E57C62F4D
Authority key identifier: 19:EA:E3:8D:15:F5:89:9D:36:09:C4:11:EB:1A:1C:6B:42:DF:B0:09
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/323830343a366533633a3a2f33332d3333203d3e203238353732.roa
Signing time:             Sat 31 May 2025 16:01:49 +0000
ROA not before:           Sat 31 May 2025 15:56:49 +0000
ROA not after:            Sat 30 May 2026 16:01:49 +0000
asID:                     28572
IP address blocks:        2804:6e3c::/33 maxlen: 33
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.crl
                          rsync://rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 12:08:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1a:0f:13:4b:4d:04:26:23:dc:53:ef:84:1b:a8:53:2e:57:c6:2f:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=19EAE38D15F5899D3609C411EB1A1C6B42DFB009
        Validity
            Not Before: May 31 15:56:49 2025 GMT
            Not After : May 30 16:01:49 2026 GMT
        Subject: CN=A5558D2AC471D4A693458CB095DF3E41FA47154C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:6f:65:d4:42:f3:f1:0e:66:46:60:1e:32:cd:
                    1c:26:2e:68:f3:62:04:a6:fb:14:93:91:94:aa:67:
                    fc:2f:40:37:dd:5b:bb:3c:78:f6:ae:97:34:f4:3d:
                    51:b3:cd:52:1a:5f:90:15:c1:f6:d0:42:aa:a0:d2:
                    81:f1:a3:bb:23:6c:00:34:2f:4f:d1:57:7a:62:73:
                    c9:09:24:d5:bb:c5:b9:c3:e6:8a:d8:e2:b0:4a:a5:
                    29:c1:87:90:a3:65:ba:22:b3:70:ec:53:7e:14:46:
                    49:a9:59:dd:a8:a7:2a:85:7c:bf:05:c9:8c:d9:60:
                    00:a2:b9:f9:0a:36:7a:52:c7:f4:e6:e2:2f:64:0b:
                    a7:67:65:97:d6:27:d3:f6:e5:27:b1:84:95:c2:5d:
                    a8:72:41:30:5c:5a:7b:43:e0:f7:25:3f:20:33:5d:
                    38:d5:fd:1e:16:0b:ee:53:6d:0f:87:8b:11:57:1a:
                    dd:98:0a:16:90:51:77:26:75:a7:b4:d5:d2:9b:a8:
                    1c:c7:a3:78:ef:12:e8:7d:60:45:c6:18:30:fc:5c:
                    c2:0e:60:3b:e0:ac:c5:60:2d:cd:09:a6:30:36:ea:
                    e1:e1:a6:c4:c0:76:2d:1a:38:14:c0:4f:e9:f1:1c:
                    15:88:d8:ee:33:9e:0e:1e:ea:a2:0b:88:71:22:56:
                    1f:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:55:8D:2A:C4:71:D4:A6:93:45:8C:B0:95:DF:3E:41:FA:47:15:4C
            X509v3 Authority Key Identifier:
                keyid:19:EA:E3:8D:15:F5:89:9D:36:09:C4:11:EB:1A:1C:6B:42:DF:B0:09

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/19EAE38D15F5899D3609C411EB1A1C6B42DFB009.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BNZmfczX8xLpULCAXWBxajkwBHDJJksJhJK4PoawxASQ/0/323830343a366533633a3a2f33332d3333203d3e203238353732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:6e3c::/33

    Signature Algorithm: sha256WithRSAEncryption
         37:2d:b8:c1:e0:ca:0b:7d:99:69:88:ed:af:4b:bf:76:ee:5f:
         04:4c:5f:29:89:29:27:cc:61:50:28:38:80:5f:72:2e:b3:b0:
         03:0c:2d:54:89:d1:37:66:a9:be:e4:20:84:29:e5:91:14:52:
         a0:08:b6:d5:b1:70:97:63:93:91:cb:ab:98:39:ae:33:e0:b9:
         a3:89:9a:aa:ca:5a:eb:e9:74:ce:db:75:60:2e:02:f3:18:46:
         6f:91:1e:b6:e3:3c:94:9c:03:b8:20:22:b4:e0:db:42:3d:8b:
         d9:08:31:a7:32:08:f3:71:a9:3e:00:ec:ab:4e:34:4d:da:43:
         b7:cd:18:12:62:b3:46:47:7e:13:d4:ab:73:f9:09:de:2f:32:
         7e:d0:78:cb:f6:ad:aa:ca:1a:5f:98:12:c4:e3:b6:90:e1:31:
         53:dc:a0:ab:e6:7a:6a:32:36:8d:63:25:e4:a3:bb:64:af:5b:
         1c:1a:9f:e7:fe:2e:e2:9d:20:a7:4e:69:e5:cf:aa:68:8b:d8:
         fa:50:2f:04:62:17:2f:31:9d:47:ba:4b:4d:df:cf:d2:ea:6c:
         f1:d3:af:6c:77:1c:48:ca:5d:44:42:f7:d9:e7:1a:50:e3:dd:
         26:56:a3:a0:02:09:7b:be:a7:c1:d3:0d:3e:1f:9b:5a:7c:b3:
         01:b7:5f:05
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUGg8TS00EJiPcU++EG6hTLlfGL00wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTlFQUUzOEQxNUY1ODk5RDM2MDlDNDExRUIxQTFDNkI0
MkRGQjAwOTAeFw0yNTA1MzExNTU2NDlaFw0yNjA1MzAxNjAxNDlaMDMxMTAvBgNV
BAMTKEE1NTU4RDJBQzQ3MUQ0QTY5MzQ1OENCMDk1REYzRTQxRkE0NzE1NEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqb2XUQvPxDmZGYB4yzRwmLmjz
YgSm+xSTkZSqZ/wvQDfdW7s8ePaulzT0PVGzzVIaX5AVwfbQQqqg0oHxo7sjbAA0
L0/RV3pic8kJJNW7xbnD5orY4rBKpSnBh5CjZbois3DsU34URkmpWd2opyqFfL8F
yYzZYACiufkKNnpSx/Tm4i9kC6dnZZfWJ9P25SexhJXCXahyQTBcWntD4PclPyAz
XTjV/R4WC+5TbQ+HixFXGt2YChaQUXcmdae01dKbqBzHo3jvEuh9YEXGGDD8XMIO
YDvgrMVgLc0JpjA26uHhpsTAdi0aOBTAT+nxHBWI2O4zng4e6qILiHEiVh/HAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUpVWNKsRx1KaTRYywld8+QfpHFUwwHwYDVR0j
BBgwFoAUGerjjRX1iZ02CcQR6xoca0LfsAkwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQk5abWZjelg4eExwVUxDQVhXQnhhamt3QkhESkprc0poSks0UG9hd3hB
U1EvMC8xOUVBRTM4RDE1RjU4OTlEMzYwOUM0MTFFQjFBMUM2QjQyREZCMDA5LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzE5RUFFMzhEMTVGNTg5OUQz
NjA5QzQxMUVCMUExQzZCNDJERkIwMDkuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JOWm1mY3pYOHhMcFVMQ0FYV0J4YWprd0JIREpKa3NKaEpLNFBvYXd4QVNRLzAv
MzIzODMwMzQzYTM2NjUzMzYzM2EzYTJmMzMzMzJkMzMzMzIwM2QzZTIwMzIzODM1
MzczMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB
/wQSMBAwDgQCAAIwCAMGBygEbjwAMA0GCSqGSIb3DQEBCwUAA4IBAQA3LbjB4MoL
fZlpiO2vS7927l8ETF8piSknzGFQKDiAX3Ius7ADDC1UidE3Zqm+5CCEKeWRFFKg
CLbVsXCXY5ORy6uYOa4z4LmjiZqqylrr6XTO23VgLgLzGEZvkR624zyUnAO4ICK0
4NtCPYvZCDGnMgjzcak+AOyrTjRN2kO3zRgSYrNGR34T1Ktz+QneLzJ+0HjL9q2q
yhpfmBLE47aQ4TFT3KCr5npqMjaNYyXko7tkr1scGp/n/i7inSCnTmnlz6poi9j6
UC8EYhcvMZ1HuktN38/S6mzx069sdxxIyl1EQvfZ5xpQ490mVqOgAgl7vqfB0w0+
H5tafLMBt18F
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:29:13 2025 by rpki-client