Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BcgvT9JE4ZwdxMDZQ85SEfmLJas25KyARTtBzbM4L4BA/0/323830343a3635383a653030303a3a2f33352d3335203d3e20323632353738.roa
File:                     323830343a3635383a653030303a3a2f33352d3335203d3e20323632353738.roa (raw, json)
Hash identifier:          uJAH6jRkldzjavl3BlQd294900kR7c5mVBFZQMLoFqo=
Subject key identifier:   5E:2B:FF:09:2F:BA:C3:32:27:76:F1:54:0D:02:9F:DD:2E:52:DD:EB
Certificate issuer:       /CN=A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76
Certificate serial:       47125A03214A5845C9B757B6E7315495D23A01A0
Authority key identifier: A8:04:9D:06:C9:C3:DD:09:DB:B1:A4:8A:F9:DA:94:6E:9F:57:AE:76
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BcgvT9JE4ZwdxMDZQ85SEfmLJas25KyARTtBzbM4L4BA/0/323830343a3635383a653030303a3a2f33352d3335203d3e20323632353738.roa
Signing time:             Fri 30 May 2025 17:46:26 +0000
ROA not before:           Fri 30 May 2025 17:41:26 +0000
ROA not after:            Fri 29 May 2026 17:46:26 +0000
asID:                     262578
IP address blocks:        2804:658:e000::/35 maxlen: 35
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/BcgvT9JE4ZwdxMDZQ85SEfmLJas25KyARTtBzbM4L4BA/0/A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76.crl
                          rsync://rpki-repo.registro.br/repo/BcgvT9JE4ZwdxMDZQ85SEfmLJas25KyARTtBzbM4L4BA/0/A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 09 Jun 2025 21:25:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:12:5a:03:21:4a:58:45:c9:b7:57:b6:e7:31:54:95:d2:3a:01:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76
        Validity
            Not Before: May 30 17:41:26 2025 GMT
            Not After : May 29 17:46:26 2026 GMT
        Subject: CN=5E2BFF092FBAC3322776F1540D029FDD2E52DDEB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:1a:f7:71:a5:2a:0f:15:4e:c5:07:4f:2d:1b:
                    22:04:78:d0:e1:a3:31:5c:cc:9c:f1:0f:07:ae:17:
                    53:61:02:5e:62:3d:56:a5:46:20:24:fb:c2:7e:75:
                    ae:04:a4:e1:f8:e1:e4:f3:c6:15:ad:bf:b5:3e:51:
                    90:5e:64:87:32:c6:40:06:00:62:43:a6:2d:56:0a:
                    47:83:e6:70:9d:d3:53:fe:c8:33:1c:57:83:13:d0:
                    c3:e3:e4:a9:cc:d8:8b:48:9a:f0:25:af:9e:a8:f0:
                    75:00:26:8a:cd:f9:8e:78:dc:22:3e:c3:b3:b2:27:
                    d2:58:44:7e:1d:47:94:e6:7f:7a:56:06:0d:b4:e2:
                    36:27:94:62:10:19:19:4d:c2:16:91:77:f4:3f:be:
                    a1:5a:68:2b:69:51:de:34:68:f2:9d:92:36:e5:b7:
                    62:55:45:9e:1a:41:a4:8f:d6:17:ad:f5:ce:ce:16:
                    d2:5b:ff:ac:05:d2:c3:91:62:a7:9b:de:07:4a:c6:
                    b6:db:27:80:64:07:44:56:83:f0:46:f9:53:9d:6d:
                    fa:95:7e:93:d8:af:c8:66:c6:c8:79:49:e3:bc:8f:
                    7c:fd:62:03:af:39:52:8d:27:d9:e1:44:ef:3d:fb:
                    fa:64:7c:91:85:f2:d7:0e:72:95:2c:44:f4:87:70:
                    b0:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:2B:FF:09:2F:BA:C3:32:27:76:F1:54:0D:02:9F:DD:2E:52:DD:EB
            X509v3 Authority Key Identifier:
                keyid:A8:04:9D:06:C9:C3:DD:09:DB:B1:A4:8A:F9:DA:94:6E:9F:57:AE:76

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BcgvT9JE4ZwdxMDZQ85SEfmLJas25KyARTtBzbM4L4BA/0/A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/A8049D06C9C3DD09DBB1A48AF9DA946E9F57AE76.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BcgvT9JE4ZwdxMDZQ85SEfmLJas25KyARTtBzbM4L4BA/0/323830343a3635383a653030303a3a2f33352d3335203d3e20323632353738.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:658:e000::/35

    Signature Algorithm: sha256WithRSAEncryption
         a9:28:91:41:4b:ab:ff:16:f7:07:9f:9d:ed:b4:a0:41:00:7a:
         8b:e1:f2:97:65:a7:a5:08:3f:2c:74:a2:f1:ec:f8:25:d6:e5:
         1e:71:e2:b8:bf:0a:67:64:10:06:98:2d:cf:b2:02:53:9b:df:
         fd:12:8a:c7:b9:21:65:1c:b0:3b:3d:fc:2f:6f:31:92:0f:73:
         e1:66:bc:71:40:fa:59:1a:21:94:f0:90:10:e7:db:e7:57:18:
         5b:28:23:6e:99:18:ca:68:0f:5a:ee:01:ae:3f:36:d6:80:25:
         1c:16:64:03:bb:e6:7c:4e:2d:53:89:d0:1d:33:55:15:3d:0a:
         8a:b1:c8:8b:c9:07:7e:e6:e5:c9:d2:4a:4c:db:7a:5e:a6:4c:
         8a:ad:2e:0e:d6:49:75:dd:0e:12:7a:7e:4f:40:50:04:38:15:
         f9:05:8a:f4:4b:ab:a4:45:04:77:2b:d5:60:5c:b9:f8:a5:f4:
         6f:b9:57:60:1d:d5:b6:20:20:f5:5f:98:a1:29:cf:0e:79:d1:
         bd:69:0e:78:bf:e9:f3:62:f8:35:8c:87:7f:7c:4f:8e:85:de:
         b1:1c:95:fb:79:5a:e6:0d:18:af:d5:ab:58:09:31:eb:dc:f8:
         23:6c:cc:50:89:bc:82:12:6d:37:de:20:52:e1:25:05:65:c0:
         e1:68:46:c0
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIURxJaAyFKWEXJt1e25zFUldI6AaAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTgwNDlEMDZDOUMzREQwOURCQjFBNDhBRjlEQTk0NkU5
RjU3QUU3NjAeFw0yNTA1MzAxNzQxMjZaFw0yNjA1MjkxNzQ2MjZaMDMxMTAvBgNV
BAMTKDVFMkJGRjA5MkZCQUMzMzIyNzc2RjE1NDBEMDI5RkREMkU1MkRERUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTGvdxpSoPFU7FB08tGyIEeNDh
ozFczJzxDweuF1NhAl5iPValRiAk+8J+da4EpOH44eTzxhWtv7U+UZBeZIcyxkAG
AGJDpi1WCkeD5nCd01P+yDMcV4MT0MPj5KnM2ItImvAlr56o8HUAJorN+Y543CI+
w7OyJ9JYRH4dR5Tmf3pWBg204jYnlGIQGRlNwhaRd/Q/vqFaaCtpUd40aPKdkjbl
t2JVRZ4aQaSP1het9c7OFtJb/6wF0sORYqeb3gdKxrbbJ4BkB0RWg/BG+VOdbfqV
fpPYr8hmxsh5SeO8j3z9YgOvOVKNJ9nhRO89+/pkfJGF8tcOcpUsRPSHcLBRAgMB
AAGjggJZMIICVTAdBgNVHQ4EFgQUXiv/CS+6wzIndvFUDQKf3S5S3eswHwYDVR0j
BBgwFoAUqASdBsnD3QnbsaSK+dqUbp9XrnYwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQmNndlQ5SkU0WndkeE1EWlE4NVNFZm1MSmFzMjVLeUFSVHRCemJNNEw0
QkEvMC9BODA0OUQwNkM5QzNERDA5REJCMUE0OEFGOURBOTQ2RTlGNTdBRTc2LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0E4MDQ5RDA2QzlDM0REMDlE
QkIxQTQ4QUY5REE5NDZFOUY1N0FFNzYuY2VyMIG0BggrBgEFBQcBCwSBpzCBpDCB
oQYIKwYBBQUHMAuGgZRyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JjZ3ZUOUpFNFp3ZHhNRFpRODVTRWZtTEphczI1S3lBUlR0QnpiTTRMNEJBLzAv
MzIzODMwMzQzYTM2MzUzODNhNjUzMDMwMzAzYTNhMmYzMzM1MmQzMzM1MjAzZDNl
MjAzMjM2MzIzNTM3Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYI
KwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgUoBAZY4DANBgkqhkiG9w0BAQsFAAOC
AQEAqSiRQUur/xb3B5+d7bSgQQB6i+Hyl2WnpQg/LHSi8ez4JdblHnHiuL8KZ2QQ
Bpgtz7ICU5vf/RKKx7khZRywOz38L28xkg9z4Wa8cUD6WRohlPCQEOfb51cYWygj
bpkYymgPWu4Brj821oAlHBZkA7vmfE4tU4nQHTNVFT0KirHIi8kHfublydJKTNt6
XqZMiq0uDtZJdd0OEnp+T0BQBDgV+QWK9EurpEUEdyvVYFy5+KX0b7lXYB3VtiAg
9V+YoSnPDnnRvWkOeL/p82L4NYyHf3xPjoXesRyV+3la5g0Yr9WrWAkx69z4I2zM
UIm8ghJtN94gUuElBWXA4WhGwA==
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:23:40 2025 by rpki-client