Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/D8TUSc2LTpHgLtaBao19YTQR7KE3fkH4aDYTC2i11y2N/0/323830343a353635343a353030303a3a2f33362d3336203d3e20323637393931.roa
File:                     323830343a353635343a353030303a3a2f33362d3336203d3e20323637393931.roa (raw, json)
Hash identifier:          c0bXFRtFM76kY4MwhE8ivF0gm7GfZqcWPcJtS+O/tR4=
Subject key identifier:   24:25:E9:FB:30:06:91:69:6C:B3:06:D0:E1:D2:DF:92:83:94:64:78
Certificate issuer:       /CN=18440E47EE1A9F2521181FB35A2394A0DE92CC7C
Certificate serial:       2B3A7CB9438A6EA1C8C0EAE9925FC35798B091B3
Authority key identifier: 18:44:0E:47:EE:1A:9F:25:21:18:1F:B3:5A:23:94:A0:DE:92:CC:7C
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/18440E47EE1A9F2521181FB35A2394A0DE92CC7C.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/D8TUSc2LTpHgLtaBao19YTQR7KE3fkH4aDYTC2i11y2N/0/323830343a353635343a353030303a3a2f33362d3336203d3e20323637393931.roa
Signing time:             Tue 03 Jun 2025 16:01:47 +0000
ROA not before:           Tue 03 Jun 2025 15:56:47 +0000
ROA not after:            Tue 02 Jun 2026 16:01:47 +0000
asID:                     267991
IP address blocks:        2804:5654:5000::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/D8TUSc2LTpHgLtaBao19YTQR7KE3fkH4aDYTC2i11y2N/0/18440E47EE1A9F2521181FB35A2394A0DE92CC7C.crl
                          rsync://rpki-repo.registro.br/repo/D8TUSc2LTpHgLtaBao19YTQR7KE3fkH4aDYTC2i11y2N/0/18440E47EE1A9F2521181FB35A2394A0DE92CC7C.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/18440E47EE1A9F2521181FB35A2394A0DE92CC7C.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 10 Jun 2025 03:26:05 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:3a:7c:b9:43:8a:6e:a1:c8:c0:ea:e9:92:5f:c3:57:98:b0:91:b3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=18440E47EE1A9F2521181FB35A2394A0DE92CC7C
        Validity
            Not Before: Jun  3 15:56:47 2025 GMT
            Not After : Jun  2 16:01:47 2026 GMT
        Subject: CN=2425E9FB300691696CB306D0E1D2DF9283946478
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:d6:7a:4d:c6:05:6d:63:61:20:d7:ca:56:08:
                    a0:ba:50:91:6d:d9:98:9f:92:71:2b:ac:95:28:ba:
                    d5:4c:46:c2:bb:7c:14:ff:6d:fa:9f:5e:75:ff:94:
                    96:ce:5b:74:a0:94:9f:c4:5e:eb:8d:aa:ba:d6:27:
                    a6:4e:9e:86:25:e5:5c:13:28:6d:0e:6f:16:f0:54:
                    02:6b:bd:63:c8:f6:92:bd:d9:5f:fe:96:94:27:57:
                    c6:0d:67:3f:07:8e:b9:32:e2:e9:d0:b7:a4:1b:3f:
                    18:d7:c6:ff:4d:c5:66:d3:61:cd:d1:2e:8d:00:f0:
                    d9:0b:0c:ba:5f:e1:e9:a9:81:b4:1f:75:9d:e3:9b:
                    cb:c7:62:a4:dd:5c:63:d2:14:11:cf:90:69:f8:3f:
                    90:21:4f:f5:69:4b:c7:7c:d2:63:c4:45:1d:d4:c9:
                    06:1d:c2:5c:df:72:f1:38:48:49:1c:73:12:64:79:
                    77:64:6f:97:0c:5d:62:33:b0:11:3c:3d:b9:df:ff:
                    13:38:68:1e:4d:3b:37:ac:07:e2:b7:3a:7d:25:22:
                    ae:6d:22:85:8e:65:d3:6d:19:c1:b5:72:5e:54:56:
                    84:0e:36:e5:7c:8a:7c:83:09:8c:28:d0:ef:47:01:
                    42:09:cc:17:c0:55:01:60:ee:23:b9:71:ec:a0:ea:
                    df:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:25:E9:FB:30:06:91:69:6C:B3:06:D0:E1:D2:DF:92:83:94:64:78
            X509v3 Authority Key Identifier:
                keyid:18:44:0E:47:EE:1A:9F:25:21:18:1F:B3:5A:23:94:A0:DE:92:CC:7C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/D8TUSc2LTpHgLtaBao19YTQR7KE3fkH4aDYTC2i11y2N/0/18440E47EE1A9F2521181FB35A2394A0DE92CC7C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/18440E47EE1A9F2521181FB35A2394A0DE92CC7C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/D8TUSc2LTpHgLtaBao19YTQR7KE3fkH4aDYTC2i11y2N/0/323830343a353635343a353030303a3a2f33362d3336203d3e20323637393931.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:5654:5000::/36

    Signature Algorithm: sha256WithRSAEncryption
         47:c2:7b:91:4c:62:bf:70:25:2c:0c:ad:f4:ce:e6:fa:1b:70:
         ee:f6:cd:8a:4b:df:74:38:e4:f0:af:df:a0:db:b2:32:a6:13:
         a1:40:28:eb:3c:d4:9f:5b:47:8b:37:4c:26:00:cc:d2:ba:d3:
         90:e7:53:24:ef:77:8f:dc:c4:a6:80:7e:bf:cc:e2:ac:29:7e:
         51:1c:08:1e:c3:f6:f2:bf:0b:8b:6a:6d:50:da:3c:6d:54:1a:
         04:1b:4d:3c:eb:78:b4:f9:90:35:23:10:cc:ad:de:4b:71:c0:
         d5:44:c1:87:d3:9d:3b:31:a2:e4:0e:8b:f6:a1:b4:5e:d7:ef:
         69:73:0e:8b:11:4b:9b:2c:29:47:56:ff:01:7e:14:dd:6b:eb:
         e3:8f:53:b5:37:fc:58:dc:c9:d2:92:48:37:9b:4f:63:2b:c1:
         79:ba:ed:47:07:80:00:b4:08:47:bb:86:16:79:ad:70:5c:c5:
         b7:fa:da:27:92:19:cd:39:d5:e3:1c:86:ca:9d:cb:70:81:9f:
         e2:a4:4c:86:5b:ae:cb:eb:73:14:b3:3e:12:5d:46:ba:f8:06:
         c8:f3:5c:ba:16:2e:24:98:a1:12:04:86:f0:1d:99:80:ce:c0:
         a3:59:8c:3e:fa:93:38:4f:34:04:8c:3a:7a:6b:b7:7b:c7:8d:
         b3:20:8b:d1
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUKzp8uUOKbqHIwOrpkl/DV5iwkbMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTg0NDBFNDdFRTFBOUYyNTIxMTgxRkIzNUEyMzk0QTBE
RTkyQ0M3QzAeFw0yNTA2MDMxNTU2NDdaFw0yNjA2MDIxNjAxNDdaMDMxMTAvBgNV
BAMTKDI0MjVFOUZCMzAwNjkxNjk2Q0IzMDZEMEUxRDJERjkyODM5NDY0NzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx1npNxgVtY2Eg18pWCKC6UJFt
2ZifknErrJUoutVMRsK7fBT/bfqfXnX/lJbOW3SglJ/EXuuNqrrWJ6ZOnoYl5VwT
KG0ObxbwVAJrvWPI9pK92V/+lpQnV8YNZz8Hjrky4unQt6QbPxjXxv9NxWbTYc3R
Lo0A8NkLDLpf4empgbQfdZ3jm8vHYqTdXGPSFBHPkGn4P5AhT/VpS8d80mPERR3U
yQYdwlzfcvE4SEkccxJkeXdkb5cMXWIzsBE8Pbnf/xM4aB5NOzesB+K3On0lIq5t
IoWOZdNtGcG1cl5UVoQONuV8inyDCYwo0O9HAUIJzBfAVQFg7iO5ceyg6t/XAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUJCXp+zAGkWlsswbQ4dLfkoOUZHgwHwYDVR0j
BBgwFoAUGEQOR+4anyUhGB+zWiOUoN6SzHwwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRDhUVVNjMkxUcEhnTHRhQmFvMTlZVFFSN0tFM2ZrSDRhRFlUQzJpMTF5
Mk4vMC8xODQ0MEU0N0VFMUE5RjI1MjExODFGQjM1QTIzOTRBMERFOTJDQzdDLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzE4NDQwRTQ3RUUxQTlGMjUy
MTE4MUZCMzVBMjM5NEEwREU5MkNDN0MuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0Q4VFVTYzJMVHBIZ0x0YUJhbzE5WVRRUjdLRTNma0g0YURZVEMyaTExeTJOLzAv
MzIzODMwMzQzYTM1MzYzNTM0M2EzNTMwMzAzMDNhM2EyZjMzMzYyZDMzMzYyMDNk
M2UyMDMyMzYzNzM5MzkzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCgEVlRQMA0GCSqGSIb3DQEBCwUA
A4IBAQBHwnuRTGK/cCUsDK30zub6G3Du9s2KS990OOTwr9+g27IyphOhQCjrPNSf
W0eLN0wmAMzSutOQ51Mk73eP3MSmgH6/zOKsKX5RHAgew/byvwuLam1Q2jxtVBoE
G00863i0+ZA1IxDMrd5LccDVRMGH0507MaLkDov2obRe1+9pcw6LEUubLClHVv8B
fhTda+vjj1O1N/xY3MnSkkg3m09jK8F5uu1HB4AAtAhHu4YWea1wXMW3+tonkhnN
OdXjHIbKnctwgZ/ipEyGW67L63MUsz4SXUa6+AbI81y6Fi4kmKESBIbwHZmAzsCj
WYw++pM4TzQEjDp6a7d7x42zIIvR
-----END CERTIFICATE-----
Generated at Mon Jun 9 08:24:07 2025 by rpki-client