Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/Bd8gwAan3LfKUhLBNpaAxDkGFGeWrxUdLctnJweVHPfp/0/323830343a383433303a633030303a3a2f33342d3334203d3e20323732323435.roa
File:                     323830343a383433303a633030303a3a2f33342d3334203d3e20323732323435.roa (raw, json)
Hash identifier:          /bon9zLXqz2rBS5zC0Aa9hxJP/kMaIJesjXDSJQWrvE=
Subject key identifier:   72:66:60:94:86:E6:D2:D6:22:D6:76:D8:52:70:19:E2:41:4B:D2:B0
Certificate issuer:       /CN=C4BF0E4BA3A641F61C3E98DB7B2D361612ABE6A1
Certificate serial:       1B6367B3DC648CF8863299E2F3D47FA98B7CEC48
Authority key identifier: C4:BF:0E:4B:A3:A6:41:F6:1C:3E:98:DB:7B:2D:36:16:12:AB:E6:A1
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C4BF0E4BA3A641F61C3E98DB7B2D361612ABE6A1.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/Bd8gwAan3LfKUhLBNpaAxDkGFGeWrxUdLctnJweVHPfp/0/323830343a383433303a633030303a3a2f33342d3334203d3e20323732323435.roa
Signing time:             Wed 04 Jun 2025 15:55:05 +0000
ROA not before:           Wed 04 Jun 2025 15:50:05 +0000
ROA not after:            Wed 03 Jun 2026 15:55:05 +0000
asID:                     272245
IP address blocks:        2804:8430:c000::/34 maxlen: 34
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/Bd8gwAan3LfKUhLBNpaAxDkGFGeWrxUdLctnJweVHPfp/0/C4BF0E4BA3A641F61C3E98DB7B2D361612ABE6A1.crl
                          rsync://rpki-repo.registro.br/repo/Bd8gwAan3LfKUhLBNpaAxDkGFGeWrxUdLctnJweVHPfp/0/C4BF0E4BA3A641F61C3E98DB7B2D361612ABE6A1.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C4BF0E4BA3A641F61C3E98DB7B2D361612ABE6A1.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 14 Jun 2025 18:18:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:63:67:b3:dc:64:8c:f8:86:32:99:e2:f3:d4:7f:a9:8b:7c:ec:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C4BF0E4BA3A641F61C3E98DB7B2D361612ABE6A1
        Validity
            Not Before: Jun  4 15:50:05 2025 GMT
            Not After : Jun  3 15:55:05 2026 GMT
        Subject: CN=7266609486E6D2D622D676D8527019E2414BD2B0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:8a:ff:25:98:ce:94:5f:21:37:2f:46:da:04:
                    dc:f9:79:d1:ec:37:f3:a7:46:86:de:8c:ce:57:3e:
                    25:7b:46:46:47:af:e3:87:6e:5a:20:38:92:45:20:
                    a4:4f:20:8d:2c:8d:d0:54:ad:8a:f5:0f:11:21:49:
                    f8:56:ba:c9:24:c3:11:a5:13:1b:64:bb:e3:ee:bd:
                    0c:29:0d:8b:27:1e:9a:96:2b:5b:db:2a:1d:55:2c:
                    24:34:2a:b2:f5:61:24:24:bc:52:a6:07:dd:dd:23:
                    58:e5:00:df:31:7a:73:12:51:b7:ce:0e:5d:f0:12:
                    b2:df:5d:fa:42:78:d4:f6:76:d7:8c:2f:b8:bd:15:
                    d4:e8:eb:49:e7:4a:cf:ee:60:2d:29:16:f9:84:66:
                    d5:54:63:e1:3f:f3:96:d7:4c:4f:62:e0:70:0a:b5:
                    59:a3:7f:f2:b2:5d:c0:96:d5:3d:f0:dd:99:c7:9f:
                    03:4e:00:42:ac:3b:d2:e9:69:16:86:03:e2:bc:e5:
                    2d:ed:21:44:72:d5:27:fc:02:4a:99:4f:5e:48:96:
                    dc:a6:f4:10:cf:27:d7:7c:eb:69:6f:2b:b0:9f:be:
                    58:ea:67:cc:4d:16:61:ed:ad:e6:06:45:83:5e:48:
                    8f:d0:e1:db:35:73:a8:44:79:18:42:c1:de:51:d0:
                    5d:5b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                72:66:60:94:86:E6:D2:D6:22:D6:76:D8:52:70:19:E2:41:4B:D2:B0
            X509v3 Authority Key Identifier:
                keyid:C4:BF:0E:4B:A3:A6:41:F6:1C:3E:98:DB:7B:2D:36:16:12:AB:E6:A1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/Bd8gwAan3LfKUhLBNpaAxDkGFGeWrxUdLctnJweVHPfp/0/C4BF0E4BA3A641F61C3E98DB7B2D361612ABE6A1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/C4BF0E4BA3A641F61C3E98DB7B2D361612ABE6A1.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/Bd8gwAan3LfKUhLBNpaAxDkGFGeWrxUdLctnJweVHPfp/0/323830343a383433303a633030303a3a2f33342d3334203d3e20323732323435.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:8430:c000::/34

    Signature Algorithm: sha256WithRSAEncryption
         06:1b:8c:66:36:2d:18:c0:f3:10:bf:bc:80:52:1d:3a:7d:3c:
         dd:1f:2f:08:04:9d:5e:ec:f5:d2:29:a2:c9:a5:ee:a9:91:fd:
         c4:69:37:e0:0f:c3:61:cb:55:ce:b7:f3:11:f0:9c:af:9b:f2:
         af:9e:15:c3:5d:56:1e:e2:e3:a9:88:35:05:70:18:f9:75:7e:
         35:ea:4d:fc:af:05:89:40:ff:f3:08:2f:51:e9:e6:45:4b:f5:
         bd:65:bf:30:cb:ce:2e:38:e7:df:30:9a:ae:80:39:e8:f7:b5:
         8e:09:26:55:a8:ff:b3:df:4f:b2:60:01:8d:3a:27:66:7c:05:
         90:21:2b:ac:ee:f1:ee:bf:b8:6a:77:1a:ab:fd:a8:bf:e2:f6:
         43:fd:cb:aa:fd:94:ea:18:c7:dd:1c:58:2b:0e:d9:79:a0:e2:
         52:9b:8a:a2:03:05:63:2a:e4:e1:99:20:3d:dd:49:b6:89:47:
         3e:ed:0f:ec:76:85:86:c1:ed:fd:f8:9b:bf:ac:1d:06:4e:2a:
         c5:8e:25:ab:d5:ac:55:6d:a6:aa:a7:b0:66:b9:60:1d:6d:ff:
         08:28:0a:53:79:e7:1c:3f:3f:15:fd:21:8c:67:e6:13:0c:d4:
         fe:fd:48:7e:34:90:fe:43:56:68:8d:a1:ed:55:9e:f5:52:f7:
         9b:20:3a:6d
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUG2Nns9xkjPiGMpni89R/qYt87EgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzRCRjBFNEJBM0E2NDFGNjFDM0U5OERCN0IyRDM2MTYx
MkFCRTZBMTAeFw0yNTA2MDQxNTUwMDVaFw0yNjA2MDMxNTU1MDVaMDMxMTAvBgNV
BAMTKDcyNjY2MDk0ODZFNkQyRDYyMkQ2NzZEODUyNzAxOUUyNDE0QkQyQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTiv8lmM6UXyE3L0baBNz5edHs
N/OnRobejM5XPiV7RkZHr+OHblogOJJFIKRPII0sjdBUrYr1DxEhSfhWuskkwxGl
Extku+PuvQwpDYsnHpqWK1vbKh1VLCQ0KrL1YSQkvFKmB93dI1jlAN8xenMSUbfO
Dl3wErLfXfpCeNT2dteML7i9FdTo60nnSs/uYC0pFvmEZtVUY+E/85bXTE9i4HAK
tVmjf/KyXcCW1T3w3ZnHnwNOAEKsO9LpaRaGA+K85S3tIURy1Sf8AkqZT15Iltym
9BDPJ9d862lvK7CfvljqZ8xNFmHtreYGRYNeSI/Q4ds1c6hEeRhCwd5R0F1bAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUcmZglIbm0tYi1nbYUnAZ4kFL0rAwHwYDVR0j
BBgwFoAUxL8OS6OmQfYcPpjbey02FhKr5qEwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQmQ4Z3dBYW4zTGZLVWhMQk5wYUF4RGtHRkdlV3J4VWRMY3RuSndlVkhQ
ZnAvMC9DNEJGMEU0QkEzQTY0MUY2MUMzRTk4REI3QjJEMzYxNjEyQUJFNkExLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0M0QkYwRTRCQTNBNjQxRjYx
QzNFOThEQjdCMkQzNjE2MTJBQkU2QTEuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JkOGd3QWFuM0xmS1VoTEJOcGFBeERrR0ZHZVdyeFVkTGN0bkp3ZVZIUGZwLzAv
MzIzODMwMzQzYTM4MzQzMzMwM2E2MzMwMzAzMDNhM2EyZjMzMzQyZDMzMzQyMDNk
M2UyMDMyMzczMjMyMzQzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBigEhDDAMA0GCSqGSIb3DQEBCwUA
A4IBAQAGG4xmNi0YwPMQv7yAUh06fTzdHy8IBJ1e7PXSKaLJpe6pkf3EaTfgD8Nh
y1XOt/MR8Jyvm/KvnhXDXVYe4uOpiDUFcBj5dX416k38rwWJQP/zCC9R6eZFS/W9
Zb8wy84uOOffMJqugDno97WOCSZVqP+z30+yYAGNOidmfAWQISus7vHuv7hqdxqr
/ai/4vZD/cuq/ZTqGMfdHFgrDtl5oOJSm4qiAwVjKuThmSA93Um2iUc+7Q/sdoWG
we39+Ju/rB0GTirFjiWr1axVbaaqp7BmuWAdbf8IKApTeeccPz8V/SGMZ+YTDNT+
/Uh+NJD+Q1ZojaHtVZ71UvebIDpt
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:43:12 2025 by rpki-client