Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/323830343a313335343a3a2f33322d3438203d3e203532383932.roa
File:                     323830343a313335343a3a2f33322d3438203d3e203532383932.roa (raw, json)
Hash identifier:          ShbK4nU8/upSz5QzjHABUwTjJQDOAJA58ZVnFi3J8uY=
Subject key identifier:   1A:0E:A5:3F:5E:8A:E0:C9:29:8B:F9:F5:FF:4A:15:78:0F:14:16:19
Certificate issuer:       /CN=02D8A2AD531F129E21D92D275E0EFD380C93FC3C
Certificate serial:       0DEE93A051226DA5BBECBB8D9861FAC3B4AA57AF
Authority key identifier: 02:D8:A2:AD:53:1F:12:9E:21:D9:2D:27:5E:0E:FD:38:0C:93:FC:3C
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/323830343a313335343a3a2f33322d3438203d3e203532383932.roa
Signing time:             Tue 20 May 2025 03:52:24 +0000
ROA not before:           Tue 20 May 2025 03:47:24 +0000
ROA not after:            Tue 19 May 2026 03:52:24 +0000
asID:                     52892
IP address blocks:        2804:1354::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.crl
                          rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Thu 12 Jun 2025 21:10:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:ee:93:a0:51:22:6d:a5:bb:ec:bb:8d:98:61:fa:c3:b4:aa:57:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02D8A2AD531F129E21D92D275E0EFD380C93FC3C
        Validity
            Not Before: May 20 03:47:24 2025 GMT
            Not After : May 19 03:52:24 2026 GMT
        Subject: CN=1A0EA53F5E8AE0C9298BF9F5FF4A15780F141619
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:92:e5:23:5f:a4:96:87:88:8b:72:00:99:62:5a:
                    11:16:70:fb:1c:34:51:c4:61:18:00:19:f9:56:4b:
                    31:99:9d:36:52:1e:f8:3b:57:f2:ee:ba:a4:7a:68:
                    36:a7:8a:f2:2d:1d:32:38:65:cf:f4:4f:db:a9:1b:
                    33:a7:30:9e:35:5d:b6:e4:15:66:fe:da:7e:ed:4a:
                    f0:2e:30:74:c5:a4:a1:7d:af:5f:33:29:d4:75:cd:
                    ab:19:a1:e3:74:ee:36:bb:2d:d2:d9:81:79:b0:e0:
                    02:63:eb:92:3a:cf:47:c3:93:9e:42:53:58:ff:29:
                    64:b1:ec:36:93:82:41:e1:db:ed:9f:fc:cd:31:a7:
                    8f:8e:98:99:81:bd:b8:c1:aa:56:4f:81:d5:b2:ec:
                    32:4b:fa:ba:98:87:2f:d3:98:de:ea:4a:5a:18:b3:
                    04:89:5c:d7:00:32:93:16:dc:95:a8:bb:ca:60:3b:
                    63:25:32:b4:3b:be:e8:86:93:02:14:ee:d7:87:c1:
                    02:4b:4e:e8:5d:36:6c:73:68:61:1b:68:a5:7b:d9:
                    e3:42:48:a7:91:a9:7d:8d:bd:e3:e4:ff:00:6d:fa:
                    72:87:41:55:23:b4:49:67:fd:5d:f3:ca:e1:92:ea:
                    89:ca:7f:27:99:9b:40:63:31:98:2e:1b:7e:ca:3d:
                    63:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:0E:A5:3F:5E:8A:E0:C9:29:8B:F9:F5:FF:4A:15:78:0F:14:16:19
            X509v3 Authority Key Identifier:
                keyid:02:D8:A2:AD:53:1F:12:9E:21:D9:2D:27:5E:0E:FD:38:0C:93:FC:3C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/02D8A2AD531F129E21D92D275E0EFD380C93FC3C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/CBpWjEXiPDSLMxXeEKtB23MTteiqsNuALPYJw5zWYVkX/1/323830343a313335343a3a2f33322d3438203d3e203532383932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:1354::/32

    Signature Algorithm: sha256WithRSAEncryption
         09:71:7c:bf:3c:29:52:5a:d6:c2:69:e0:71:05:4d:c9:9c:a4:
         76:06:58:f7:73:ab:71:6c:41:92:23:bb:d2:28:5d:fe:4e:63:
         db:61:8d:51:84:5d:d6:1b:10:c9:b7:3f:be:a0:47:6b:aa:73:
         5b:10:70:96:3e:7d:94:03:5e:01:05:9f:fb:fc:97:89:27:39:
         f6:b7:75:bf:c5:9a:0f:c5:64:07:8f:a3:2e:88:f3:12:ce:5c:
         eb:e8:f3:6d:ba:b9:41:fc:72:ff:ce:8a:d4:1e:24:f4:db:ec:
         91:76:97:0d:69:26:68:45:01:3c:8c:52:2b:35:e4:56:9c:bb:
         82:7f:15:c3:15:30:98:30:f9:72:46:70:15:d5:9b:d7:46:1d:
         ae:a6:25:6c:c8:71:57:d0:ca:23:af:0a:3b:44:73:76:b8:ce:
         8c:50:e7:47:4c:46:68:73:b4:d0:31:39:07:fa:de:04:c2:17:
         44:9c:39:26:a8:e3:c4:64:4b:5c:84:a4:f1:98:38:1a:c1:e3:
         be:fa:7a:8e:01:58:63:80:d2:10:41:41:a1:1e:c4:3c:19:ee:
         66:ab:01:0c:da:6d:67:f8:a4:6c:60:8a:bc:12:aa:7f:41:fe:
         a9:17:d6:fd:66:bc:4d:12:9c:1a:ec:46:22:0e:41:19:96:f1:
         69:21:af:5f
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgIUDe6ToFEibaW77LuNmGH6w7SqV68wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDJEOEEyQUQ1MzFGMTI5RTIxRDkyRDI3NUUwRUZEMzgw
QzkzRkMzQzAeFw0yNTA1MjAwMzQ3MjRaFw0yNjA1MTkwMzUyMjRaMDMxMTAvBgNV
BAMTKDFBMEVBNTNGNUU4QUUwQzkyOThCRjlGNUZGNEExNTc4MEYxNDE2MTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCS5SNfpJaHiItyAJliWhEWcPsc
NFHEYRgAGflWSzGZnTZSHvg7V/LuuqR6aDanivItHTI4Zc/0T9upGzOnMJ41Xbbk
FWb+2n7tSvAuMHTFpKF9r18zKdR1zasZoeN07ja7LdLZgXmw4AJj65I6z0fDk55C
U1j/KWSx7DaTgkHh2+2f/M0xp4+OmJmBvbjBqlZPgdWy7DJL+rqYhy/TmN7qSloY
swSJXNcAMpMW3JWou8pgO2MlMrQ7vuiGkwIU7teHwQJLTuhdNmxzaGEbaKV72eNC
SKeRqX2NvePk/wBt+nKHQVUjtEln/V3zyuGS6onKfyeZm0BjMZguG37KPWMvAgMB
AAGjggJOMIICSjAdBgNVHQ4EFgQUGg6lP16K4Mkpi/n1/0oVeA8UFhkwHwYDVR0j
BBgwFoAUAtiirVMfEp4h2S0nXg79OAyT/DwwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQ0JwV2pFWGlQRFNMTXhYZUVLdEIyM01UdGVpcXNOdUFMUFlKdzV6V1lW
a1gvMS8wMkQ4QTJBRDUzMUYxMjlFMjFEOTJEMjc1RTBFRkQzODBDOTNGQzNDLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzAyRDhBMkFENTMxRjEyOUUy
MUQ5MkQyNzVFMEVGRDM4MEM5M0ZDM0MuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0NCcFdqRVhpUERTTE14WGVFS3RCMjNNVHRlaXFzTnVBTFBZSnc1eldZVmtYLzEv
MzIzODMwMzQzYTMxMzMzNTM0M2EzYTJmMzMzMjJkMzQzODIwM2QzZTIwMzUzMjM4
MzkzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB
/wQRMA8wDQQCAAIwBwMFACgEE1QwDQYJKoZIhvcNAQELBQADggEBAAlxfL88KVJa
1sJp4HEFTcmcpHYGWPdzq3FsQZIju9IoXf5OY9thjVGEXdYbEMm3P76gR2uqc1sQ
cJY+fZQDXgEFn/v8l4knOfa3db/Fmg/FZAePoy6I8xLOXOvo8226uUH8cv/OitQe
JPTb7JF2lw1pJmhFATyMUis15Facu4J/FcMVMJgw+XJGcBXVm9dGHa6mJWzIcVfQ
yiOvCjtEc3a4zoxQ50dMRmhztNAxOQf63gTCF0ScOSao48RkS1yEpPGYOBrB4776
eo4BWGOA0hBBQaEexDwZ7marAQzabWf4pGxgirwSqn9B/qkX1v1mvE0SnBrsRiIO
QRmW8Wkhr18=
-----END CERTIFICATE-----
Generated at Wed Jun 11 22:37:17 2025 by rpki-client