Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/D3x4pwrjkHv82m1gxTKnpv8J5x4SCJfMbUKyNWiPdxTf/0/323830343a323539633a616130303a3a2f34302d3430203d3e203532373732.roa
File:                     323830343a323539633a616130303a3a2f34302d3430203d3e203532373732.roa (raw, json)
Hash identifier:          ckTk1DLt86GwYBY+/Aji+LYFdvo5I0gDIAh/XzYprFk=
Subject key identifier:   CC:54:A3:2C:08:96:4B:84:BF:15:61:D2:58:CB:13:9E:DF:F5:41:ED
Certificate issuer:       /CN=9CE70F913E9137B352592B7A2C075D2EA9F4269D
Certificate serial:       7652AD9921FE29C64E9860A91C28BC39B5A99ACC
Authority key identifier: 9C:E7:0F:91:3E:91:37:B3:52:59:2B:7A:2C:07:5D:2E:A9:F4:26:9D
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/9CE70F913E9137B352592B7A2C075D2EA9F4269D.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/D3x4pwrjkHv82m1gxTKnpv8J5x4SCJfMbUKyNWiPdxTf/0/323830343a323539633a616130303a3a2f34302d3430203d3e203532373732.roa
Signing time:             Thu 08 May 2025 18:30:36 +0000
ROA not before:           Thu 08 May 2025 18:25:36 +0000
ROA not after:            Thu 07 May 2026 18:30:36 +0000
asID:                     52772
IP address blocks:        2804:259c:aa00::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/D3x4pwrjkHv82m1gxTKnpv8J5x4SCJfMbUKyNWiPdxTf/0/9CE70F913E9137B352592B7A2C075D2EA9F4269D.crl
                          rsync://rpki-repo.registro.br/repo/D3x4pwrjkHv82m1gxTKnpv8J5x4SCJfMbUKyNWiPdxTf/0/9CE70F913E9137B352592B7A2C075D2EA9F4269D.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/9CE70F913E9137B352592B7A2C075D2EA9F4269D.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 02:40:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:52:ad:99:21:fe:29:c6:4e:98:60:a9:1c:28:bc:39:b5:a9:9a:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9CE70F913E9137B352592B7A2C075D2EA9F4269D
        Validity
            Not Before: May  8 18:25:36 2025 GMT
            Not After : May  7 18:30:36 2026 GMT
        Subject: CN=CC54A32C08964B84BF1561D258CB139EDFF541ED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:4f:59:0d:d2:13:11:cf:61:a8:6b:d1:41:bf:
                    eb:df:8b:5e:aa:e7:44:f1:20:df:a3:ab:4c:33:e6:
                    d2:2f:0c:9f:d3:c9:c8:18:7f:f5:fe:c3:da:e8:17:
                    7d:37:40:d9:e0:ae:e3:da:32:9e:9d:b0:ae:3e:5d:
                    05:1f:3e:48:5d:b0:2e:de:ad:d8:e4:e6:4b:a9:70:
                    92:73:3f:62:c3:d7:e0:fc:ee:c1:31:0b:32:f5:0e:
                    36:8d:c5:82:56:72:62:f5:a6:9c:99:f6:fa:79:03:
                    83:83:03:de:47:af:05:1d:20:d0:06:67:6b:bd:06:
                    94:5d:77:1e:44:89:92:13:84:6b:b0:51:3d:6a:df:
                    83:d5:c1:f8:85:56:f5:aa:02:39:2f:f2:9b:14:91:
                    27:16:02:20:5f:e6:a1:55:d9:dc:69:fa:46:48:49:
                    e1:ab:0a:c3:cf:05:4a:8c:ec:c7:46:ca:b9:e5:eb:
                    82:01:bd:91:35:4f:6d:3a:10:bf:0f:e0:df:5d:ee:
                    a8:ff:8b:d0:08:ea:68:bf:c8:1c:56:3c:8b:24:ad:
                    b8:4e:5c:7c:22:29:20:2f:f0:2c:80:c9:45:70:19:
                    27:eb:32:03:47:48:b3:7d:fe:03:5e:12:44:a7:12:
                    bd:5e:ea:45:dd:cd:a0:82:86:9a:30:78:54:15:14:
                    f6:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:54:A3:2C:08:96:4B:84:BF:15:61:D2:58:CB:13:9E:DF:F5:41:ED
            X509v3 Authority Key Identifier:
                keyid:9C:E7:0F:91:3E:91:37:B3:52:59:2B:7A:2C:07:5D:2E:A9:F4:26:9D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/D3x4pwrjkHv82m1gxTKnpv8J5x4SCJfMbUKyNWiPdxTf/0/9CE70F913E9137B352592B7A2C075D2EA9F4269D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/9CE70F913E9137B352592B7A2C075D2EA9F4269D.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/D3x4pwrjkHv82m1gxTKnpv8J5x4SCJfMbUKyNWiPdxTf/0/323830343a323539633a616130303a3a2f34302d3430203d3e203532373732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:259c:aa00::/40

    Signature Algorithm: sha256WithRSAEncryption
         bc:7e:e3:75:97:12:46:42:ee:25:4e:52:4f:f2:e4:a1:c8:e2:
         d0:db:47:48:9b:ec:8d:10:ca:eb:b0:98:0b:7b:ff:54:08:57:
         50:52:4c:b9:e6:90:c1:e3:be:2e:3d:64:85:0a:4c:a0:47:8b:
         49:30:88:02:6d:d2:03:8f:bc:79:a5:40:15:4c:9c:3b:60:88:
         63:03:d7:21:1d:ac:f9:59:82:2d:0b:14:14:76:69:7c:79:17:
         ac:1f:28:fc:37:f4:06:66:2b:42:c1:2a:8a:7e:7f:94:99:65:
         65:f4:16:32:08:cb:f6:35:d8:b4:e7:e8:2e:96:db:bd:11:de:
         eb:fd:1b:75:f5:60:9f:97:87:70:f3:f2:6b:ae:a9:eb:9f:1a:
         9e:d3:c0:1f:68:e5:24:b8:74:69:4b:47:6e:fa:45:b4:14:b3:
         8c:8b:23:6c:9e:b8:7c:87:47:ac:17:41:59:29:34:88:72:ac:
         ad:2f:ad:04:e5:2f:a6:31:41:8e:1f:aa:2f:f7:c0:9a:70:5d:
         87:99:81:68:32:26:75:e1:73:e8:cc:d9:a9:b4:5c:55:a9:11:
         90:8e:99:1e:7b:0c:2e:ed:d2:02:6a:ef:83:73:d5:5b:00:8d:
         00:82:6d:40:fb:84:f0:e1:29:19:c7:88:18:5f:10:c3:ea:a1:
         44:58:3b:11
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgIUdlKtmSH+KcZOmGCpHCi8ObWpmswwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUNFNzBGOTEzRTkxMzdCMzUyNTkyQjdBMkMwNzVEMkVB
OUY0MjY5RDAeFw0yNTA1MDgxODI1MzZaFw0yNjA1MDcxODMwMzZaMDMxMTAvBgNV
BAMTKENDNTRBMzJDMDg5NjRCODRCRjE1NjFEMjU4Q0IxMzlFREZGNTQxRUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxT1kN0hMRz2Goa9FBv+vfi16q
50TxIN+jq0wz5tIvDJ/TycgYf/X+w9roF303QNngruPaMp6dsK4+XQUfPkhdsC7e
rdjk5kupcJJzP2LD1+D87sExCzL1DjaNxYJWcmL1ppyZ9vp5A4ODA95HrwUdINAG
Z2u9BpRddx5EiZIThGuwUT1q34PVwfiFVvWqAjkv8psUkScWAiBf5qFV2dxp+kZI
SeGrCsPPBUqM7MdGyrnl64IBvZE1T206EL8P4N9d7qj/i9AI6mi/yBxWPIskrbhO
XHwiKSAv8CyAyUVwGSfrMgNHSLN9/gNeEkSnEr1e6kXdzaCChpoweFQVFPZBAgMB
AAGjggJZMIICVTAdBgNVHQ4EFgQUzFSjLAiWS4S/FWHSWMsTnt/1Qe0wHwYDVR0j
BBgwFoAUnOcPkT6RN7NSWSt6LAddLqn0Jp0wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRDN4NHB3cmprSHY4Mm0xZ3hUS25wdjhKNXg0U0NKZk1iVUt5TldpUGR4
VGYvMC85Q0U3MEY5MTNFOTEzN0IzNTI1OTJCN0EyQzA3NUQyRUE5RjQyNjlELmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzlDRTcwRjkxM0U5MTM3QjM1
MjU5MkI3QTJDMDc1RDJFQTlGNDI2OUQuY2VyMIG0BggrBgEFBQcBCwSBpzCBpDCB
oQYIKwYBBQUHMAuGgZRyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0QzeDRwd3Jqa0h2ODJtMWd4VEtucHY4SjV4NFNDSmZNYlVLeU5XaVBkeFRmLzAv
MzIzODMwMzQzYTMyMzUzOTYzM2E2MTYxMzAzMDNhM2EyZjM0MzAyZDM0MzAyMDNk
M2UyMDM1MzIzNzM3MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYI
KwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAoBCWcqjANBgkqhkiG9w0BAQsFAAOC
AQEAvH7jdZcSRkLuJU5ST/Lkocji0NtHSJvsjRDK67CYC3v/VAhXUFJMueaQweO+
Lj1khQpMoEeLSTCIAm3SA4+8eaVAFUycO2CIYwPXIR2s+VmCLQsUFHZpfHkXrB8o
/Df0BmYrQsEqin5/lJllZfQWMgjL9jXYtOfoLpbbvRHe6/0bdfVgn5eHcPPya66p
658antPAH2jlJLh0aUtHbvpFtBSzjIsjbJ64fIdHrBdBWSk0iHKsrS+tBOUvpjFB
jh+qL/fAmnBdh5mBaDImdeFz6MzZqbRcVakRkI6ZHnsMLu3SAmrvg3PVWwCNAIJt
QPuE8OEpGceIGF8Qw+qhRFg7EQ==
-----END CERTIFICATE-----
Generated at Mon Jun 9 15:42:49 2025 by rpki-client