Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BcgvT9JE4ZwdxMDZQ85SEfmLJas25KyARTtBzbM4L4BA/0/323830343a3635383a633030303a3a2f33352d3335203d3e20323632353738.roa
File:                     323830343a3635383a633030303a3a2f33352d3335203d3e20323632353738.roa (raw, json)
Hash identifier:          DkfHQogdGXNjUjZ63waB5D391I/cftZbVcH3UHHgFSc=
Subject key identifier:   DB:33:A4:4D:84:79:9F:C3:CE:0D:9C:DB:AC:B1:D1:85:AC:38:B8:73
Certificate issuer:       /CN=A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76
Certificate serial:       425FCF84619985CFFBAACCF553F68D80CB8DA19D
Authority key identifier: A8:04:9D:06:C9:C3:DD:09:DB:B1:A4:8A:F9:DA:94:6E:9F:57:AE:76
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BcgvT9JE4ZwdxMDZQ85SEfmLJas25KyARTtBzbM4L4BA/0/323830343a3635383a633030303a3a2f33352d3335203d3e20323632353738.roa
Signing time:             Fri 30 May 2025 17:46:24 +0000
ROA not before:           Fri 30 May 2025 17:41:24 +0000
ROA not after:            Fri 29 May 2026 17:46:24 +0000
asID:                     262578
IP address blocks:        2804:658:c000::/35 maxlen: 35
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BcgvT9JE4ZwdxMDZQ85SEfmLJas25KyARTtBzbM4L4BA/0/A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76.crl
                          rsync://rpki-repo.registro.br/repo/BcgvT9JE4ZwdxMDZQ85SEfmLJas25KyARTtBzbM4L4BA/0/A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 09:14:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:5f:cf:84:61:99:85:cf:fb:aa:cc:f5:53:f6:8d:80:cb:8d:a1:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76
        Validity
            Not Before: May 30 17:41:24 2025 GMT
            Not After : May 29 17:46:24 2026 GMT
        Subject: CN=DB33A44D84799FC3CE0D9CDBACB1D185AC38B873
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:5b:9c:c5:92:72:6e:01:6d:c4:fd:aa:4d:7e:
                    93:bb:e9:01:38:f0:59:1a:79:5a:94:ab:4d:61:5e:
                    38:50:20:d3:8c:17:56:0b:72:9b:cc:d6:48:95:33:
                    1e:d3:a9:fb:85:1e:0b:aa:2f:c8:c6:34:90:c6:da:
                    ed:4d:7f:a0:9c:6d:7c:fa:b8:65:c1:15:e4:1d:69:
                    ef:df:42:b0:3c:d8:bb:85:dc:76:10:04:17:e9:ff:
                    21:24:ac:5c:6f:4f:2b:9d:db:2e:ab:3c:9a:59:37:
                    f9:0e:bb:22:99:69:f5:fb:5c:f7:b4:bc:47:61:50:
                    e0:ff:c6:e0:74:fc:b8:0f:93:a5:a1:f2:53:d3:32:
                    8a:1b:f7:81:1b:ce:fd:b2:71:4d:61:1f:41:19:31:
                    0c:0d:08:c2:17:e0:62:f4:3e:9e:d8:1b:3c:b6:01:
                    4b:f0:bd:8d:65:dc:32:9e:0d:98:b0:4f:85:ef:84:
                    ed:6e:e5:e2:a7:f9:bc:f8:f8:0b:7b:ae:b7:97:c2:
                    62:86:08:b6:b8:56:07:e8:1c:15:db:13:62:19:c2:
                    7d:de:43:14:c9:f2:c9:5f:ce:a3:24:f6:c2:5c:2c:
                    dd:6d:c0:25:84:66:49:ef:d1:f1:3a:43:0f:cb:da:
                    4c:a2:77:7a:8d:41:f5:37:96:22:f9:6c:3c:31:29:
                    89:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:33:A4:4D:84:79:9F:C3:CE:0D:9C:DB:AC:B1:D1:85:AC:38:B8:73
            X509v3 Authority Key Identifier:
                keyid:A8:04:9D:06:C9:C3:DD:09:DB:B1:A4:8A:F9:DA:94:6E:9F:57:AE:76

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BcgvT9JE4ZwdxMDZQ85SEfmLJas25KyARTtBzbM4L4BA/0/A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BcgvT9JE4ZwdxMDZQ85SEfmLJas25KyARTtBzbM4L4BA/0/323830343a3635383a633030303a3a2f33352d3335203d3e20323632353738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:658:c000::/35

    Signature Algorithm: sha256WithRSAEncryption
         64:e1:2b:7b:43:11:b0:31:de:c9:e1:cf:24:23:0a:35:9b:c3:
         43:6c:c4:38:b2:94:9b:37:34:0b:c1:c9:1f:69:d9:7a:f4:fb:
         32:29:b6:2c:18:d8:e7:0b:5a:d2:a6:6e:16:91:ae:d2:b6:91:
         d8:59:c4:54:90:ab:09:0a:7b:75:7f:0d:5d:32:c6:14:2f:d1:
         60:e5:6d:cd:ea:98:17:ab:6a:ca:a1:4e:06:ab:39:fb:7e:7a:
         d7:5d:5a:60:41:a4:26:17:49:68:a9:c8:63:3a:1b:56:b0:de:
         c1:bc:2d:67:5e:9a:8a:16:6d:88:ca:1d:ec:54:5a:53:4f:65:
         82:5f:3f:e8:a1:d9:66:a3:49:8a:85:63:58:19:b3:f6:38:5f:
         f5:32:81:59:f9:69:6a:d1:ed:ed:4c:76:90:f2:90:c5:0a:8d:
         30:6b:eb:65:09:5b:c2:ba:cf:42:91:cc:58:77:cc:05:5d:d3:
         f9:2a:3e:2b:a9:00:fd:41:f2:1f:df:85:b6:b0:48:04:b6:40:
         3d:57:e1:c3:32:18:d8:4a:b8:2f:fb:b5:41:32:01:cd:97:d6:
         55:b8:7d:3d:0f:68:6c:e8:71:d0:9d:52:af:d8:38:5e:9d:23:
         aa:5d:7b:61:34:6d:bd:03:44:d8:03:40:70:a6:4c:ab:ff:8b:
         3d:fa:76:3c
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIUQl/PhGGZhc/7qsz1U/aNgMuNoZ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTgwNDlEMDZDOUMzREQwOURCQjFBNDhBRjlEQTk0NkU5
RjU3QUU3NjAeFw0yNTA1MzAxNzQxMjRaFw0yNjA1MjkxNzQ2MjRaMDMxMTAvBgNV
BAMTKERCMzNBNDREODQ3OTlGQzNDRTBEOUNEQkFDQjFEMTg1QUMzOEI4NzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDmW5zFknJuAW3E/apNfpO76QE4
8FkaeVqUq01hXjhQINOMF1YLcpvM1kiVMx7TqfuFHguqL8jGNJDG2u1Nf6CcbXz6
uGXBFeQdae/fQrA82LuF3HYQBBfp/yEkrFxvTyud2y6rPJpZN/kOuyKZafX7XPe0
vEdhUOD/xuB0/LgPk6Wh8lPTMoob94Ebzv2ycU1hH0EZMQwNCMIX4GL0Pp7YGzy2
AUvwvY1l3DKeDZiwT4XvhO1u5eKn+bz4+At7rreXwmKGCLa4VgfoHBXbE2IZwn3e
QxTJ8slfzqMk9sJcLN1twCWEZknv0fE6Qw/L2kyid3qNQfU3liL5bDwxKYmDAgMB
AAGjggJZMIICVTAdBgNVHQ4EFgQU2zOkTYR5n8PODZzbrLHRhaw4uHMwHwYDVR0j
BBgwFoAUqASdBsnD3QnbsaSK+dqUbp9XrnYwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQmNndlQ5SkU0WndkeE1EWlE4NVNFZm1MSmFzMjVLeUFSVHRCemJNNEw0
QkEvMC9BODA0OUQwNkM5QzNERDA5REJCMUE0OEFGOURBOTQ2RTlGNTdBRTc2LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0E4MDQ5RDA2QzlDM0REMDlE
QkIxQTQ4QUY5REE5NDZFOUY1N0FFNzYuY2VyMIG0BggrBgEFBQcBCwSBpzCBpDCB
oQYIKwYBBQUHMAuGgZRyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JjZ3ZUOUpFNFp3ZHhNRFpRODVTRWZtTEphczI1S3lBUlR0QnpiTTRMNEJBLzAv
MzIzODMwMzQzYTM2MzUzODNhNjMzMDMwMzAzYTNhMmYzMzM1MmQzMzM1MjAzZDNl
MjAzMjM2MzIzNTM3Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYI
KwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgUoBAZYwDANBgkqhkiG9w0BAQsFAAOC
AQEAZOEre0MRsDHeyeHPJCMKNZvDQ2zEOLKUmzc0C8HJH2nZevT7Mim2LBjY5wta
0qZuFpGu0raR2FnEVJCrCQp7dX8NXTLGFC/RYOVtzeqYF6tqyqFOBqs5+356111a
YEGkJhdJaKnIYzobVrDewbwtZ16aihZtiMod7FRaU09lgl8/6KHZZqNJioVjWBmz
9jhf9TKBWflpatHt7Ux2kPKQxQqNMGvrZQlbwrrPQpHMWHfMBV3T+So+K6kA/UHy
H9+FtrBIBLZAPVfhwzIY2Eq4L/u1QTIBzZfWVbh9PQ9obOhx0J1Sr9g4Xp0jql17
YTRtvQNE2ANAcKZMq/+LPfp2PA==
-----END CERTIFICATE-----
Generated at Tue Jun 10 21:17:33 2025 by rpki-client