Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/Bd8gwAan3LfKUhLBNpaAxDkGFGeWrxUdLctnJweVHPfp/0/323830343a383433303a3a2f33322d3332203d3e20323732323435.roa
File:                     323830343a383433303a3a2f33322d3332203d3e20323732323435.roa (raw, json)
Hash identifier:          cICINoxg8fU/YnpUnJW3IuHLPiaqpo8bkMWHnxlsAuc=
Subject key identifier:   16:5B:6B:A9:40:16:3F:F4:E6:C6:C4:3E:65:0E:D8:1F:A5:13:D8:CA
Certificate issuer:       /CN=C4BF0E4BA3A641F61C3E98DB7B2D361612ABE6A1
Certificate serial:       0BC126774582831DE9BA32F4FD81997C4F638C09
Authority key identifier: C4:BF:0E:4B:A3:A6:41:F6:1C:3E:98:DB:7B:2D:36:16:12:AB:E6:A1
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C4BF0E4BA3A641F61C3E98DB7B2D361612ABE6A1.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/Bd8gwAan3LfKUhLBNpaAxDkGFGeWrxUdLctnJweVHPfp/0/323830343a383433303a3a2f33322d3332203d3e20323732323435.roa
Signing time:             Wed 04 Jun 2025 15:55:05 +0000
ROA not before:           Wed 04 Jun 2025 15:50:05 +0000
ROA not after:            Wed 03 Jun 2026 15:55:05 +0000
asID:                     272245
IP address blocks:        2804:8430::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/Bd8gwAan3LfKUhLBNpaAxDkGFGeWrxUdLctnJweVHPfp/0/C4BF0E4BA3A641F61C3E98DB7B2D361612ABE6A1.crl
                          rsync://rpki-repo.registro.br/repo/Bd8gwAan3LfKUhLBNpaAxDkGFGeWrxUdLctnJweVHPfp/0/C4BF0E4BA3A641F61C3E98DB7B2D361612ABE6A1.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C4BF0E4BA3A641F61C3E98DB7B2D361612ABE6A1.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 00:59:15 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0b:c1:26:77:45:82:83:1d:e9:ba:32:f4:fd:81:99:7c:4f:63:8c:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C4BF0E4BA3A641F61C3E98DB7B2D361612ABE6A1
        Validity
            Not Before: Jun  4 15:50:05 2025 GMT
            Not After : Jun  3 15:55:05 2026 GMT
        Subject: CN=165B6BA940163FF4E6C6C43E650ED81FA513D8CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:9e:a9:76:2e:78:0f:ed:7f:0b:7e:22:18:71:
                    06:09:9b:38:6a:d2:ca:8c:6e:d6:53:e9:c0:ed:4b:
                    a5:1f:94:5b:d3:a3:a2:b3:a0:f0:7f:01:d8:d8:10:
                    c4:43:87:75:c3:bc:38:5f:80:37:5c:53:fc:88:49:
                    a1:75:65:ab:33:31:28:fa:c9:73:a8:5f:0a:59:af:
                    d6:51:1a:65:71:e2:b1:5b:9f:68:dc:82:29:09:ed:
                    7c:be:d1:51:50:8a:b6:39:5d:b9:e3:7a:fa:85:ab:
                    3d:10:e0:c7:01:de:cd:fa:2e:75:74:c4:81:4b:1e:
                    c7:6d:04:d8:bc:d1:9e:41:b8:92:f1:20:ff:d7:74:
                    0d:46:3c:1f:f9:3a:91:bb:de:94:aa:de:79:9c:88:
                    ba:90:ce:b7:27:e0:fa:71:5d:9d:39:f5:ea:b6:13:
                    3b:e3:e8:27:a0:e2:cd:b9:a9:12:ac:dd:64:dc:4e:
                    74:0f:2a:b6:e1:80:99:4b:bf:f8:ca:fe:39:7a:f8:
                    96:a9:7d:0a:77:51:ed:83:80:6f:0c:89:d6:b3:59:
                    a5:f3:b9:00:42:a4:89:63:d3:96:f9:4c:e0:97:2b:
                    8a:48:da:2d:d3:a4:9d:68:09:2a:e4:02:ec:52:e5:
                    97:5c:b6:37:0b:8a:8b:46:dc:0e:5f:2c:db:8b:97:
                    20:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                16:5B:6B:A9:40:16:3F:F4:E6:C6:C4:3E:65:0E:D8:1F:A5:13:D8:CA
            X509v3 Authority Key Identifier:
                keyid:C4:BF:0E:4B:A3:A6:41:F6:1C:3E:98:DB:7B:2D:36:16:12:AB:E6:A1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/Bd8gwAan3LfKUhLBNpaAxDkGFGeWrxUdLctnJweVHPfp/0/C4BF0E4BA3A641F61C3E98DB7B2D361612ABE6A1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C4BF0E4BA3A641F61C3E98DB7B2D361612ABE6A1.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/Bd8gwAan3LfKUhLBNpaAxDkGFGeWrxUdLctnJweVHPfp/0/323830343a383433303a3a2f33322d3332203d3e20323732323435.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:8430::/32

    Signature Algorithm: sha256WithRSAEncryption
         78:f4:0f:08:da:fd:80:eb:7f:9a:0a:c1:74:81:4c:4f:48:de:
         ee:d4:d1:a5:a1:bf:eb:b6:b5:c3:68:f5:3d:2e:fe:be:66:16:
         cd:fc:81:ef:07:33:ba:92:bb:ad:bd:be:b5:32:db:ee:1a:4a:
         63:8b:b3:d5:97:73:b0:c6:5a:19:bb:0d:61:43:da:c8:21:e3:
         d3:2a:fe:2f:1b:1a:6c:7f:d3:03:d6:7a:bf:ea:23:85:0b:32:
         16:de:80:98:4b:51:29:2d:a5:56:a1:ab:4b:cc:cc:79:43:b0:
         05:7d:aa:ab:4b:60:44:16:4b:8d:f9:38:a2:29:55:94:3f:25:
         91:76:7a:9c:40:b5:05:f9:83:0e:e7:c7:85:3b:31:2a:e1:63:
         27:3c:e8:9b:66:6f:70:42:9a:1b:0a:81:48:58:80:f6:b5:9f:
         3e:6c:1f:91:93:43:1d:43:ed:27:de:a5:3b:38:b2:69:27:93:
         ad:43:c8:29:da:3a:b7:60:ef:de:22:1b:96:6c:78:3c:bb:c0:
         f3:a9:17:bb:1b:4f:03:4f:9d:b9:9b:ef:a2:12:4c:8b:54:91:
         58:0f:e3:24:8d:bb:fe:26:98:00:58:f5:27:3b:2c:d0:7c:c3:
         e1:90:13:0e:39:d9:d1:8c:a8:bc:d0:fa:90:65:bf:82:1f:c0:
         7c:c4:3c:d7
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUC8Emd0WCgx3pujL0/YGZfE9jjAkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzRCRjBFNEJBM0E2NDFGNjFDM0U5OERCN0IyRDM2MTYx
MkFCRTZBMTAeFw0yNTA2MDQxNTUwMDVaFw0yNjA2MDMxNTU1MDVaMDMxMTAvBgNV
BAMTKDE2NUI2QkE5NDAxNjNGRjRFNkM2QzQzRTY1MEVEODFGQTUxM0Q4Q0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCznql2LngP7X8LfiIYcQYJmzhq
0sqMbtZT6cDtS6UflFvTo6KzoPB/AdjYEMRDh3XDvDhfgDdcU/yISaF1ZaszMSj6
yXOoXwpZr9ZRGmVx4rFbn2jcgikJ7Xy+0VFQirY5XbnjevqFqz0Q4McB3s36LnV0
xIFLHsdtBNi80Z5BuJLxIP/XdA1GPB/5OpG73pSq3nmciLqQzrcn4PpxXZ059eq2
Ezvj6Ceg4s25qRKs3WTcTnQPKrbhgJlLv/jK/jl6+JapfQp3Ue2DgG8MidazWaXz
uQBCpIlj05b5TOCXK4pI2i3TpJ1oCSrkAuxS5ZdctjcLiotG3A5fLNuLlyCpAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUFltrqUAWP/TmxsQ+ZQ7YH6UT2MowHwYDVR0j
BBgwFoAUxL8OS6OmQfYcPpjbey02FhKr5qEwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQmQ4Z3dBYW4zTGZLVWhMQk5wYUF4RGtHRkdlV3J4VWRMY3RuSndlVkhQ
ZnAvMC9DNEJGMEU0QkEzQTY0MUY2MUMzRTk4REI3QjJEMzYxNjEyQUJFNkExLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0M0QkYwRTRCQTNBNjQxRjYx
QzNFOThEQjdCMkQzNjE2MTJBQkU2QTEuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JkOGd3QWFuM0xmS1VoTEJOcGFBeERrR0ZHZVdyeFVkTGN0bkp3ZVZIUGZwLzAv
MzIzODMwMzQzYTM4MzQzMzMwM2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzNzMy
MzIzNDM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKASEMDANBgkqhkiG9w0BAQsFAAOCAQEAePQPCNr9
gOt/mgrBdIFMT0je7tTRpaG/67a1w2j1PS7+vmYWzfyB7wczupK7rb2+tTLb7hpK
Y4uz1ZdzsMZaGbsNYUPayCHj0yr+LxsabH/TA9Z6v+ojhQsyFt6AmEtRKS2lVqGr
S8zMeUOwBX2qq0tgRBZLjfk4oilVlD8lkXZ6nEC1BfmDDufHhTsxKuFjJzzom2Zv
cEKaGwqBSFiA9rWfPmwfkZNDHUPtJ96lOziyaSeTrUPIKdo6t2Dv3iIblmx4PLvA
86kXuxtPA0+duZvvohJMi1SRWA/jJI27/iaYAFj1Jzss0HzD4ZATDjnZ0YyovND6
kGW/gh/AfMQ81w==
-----END CERTIFICATE-----
Generated at Tue Jun 10 13:14:10 2025 by rpki-client