Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/FSfoj4MNKpnaBu855MxMj3MjYhu3ovmS22Xpx4LD6SPQ/0/323830343a3634343a3a2f33322d313238203d3e203533323235.roa
File:                     323830343a3634343a3a2f33322d313238203d3e203533323235.roa (raw, json)
Hash identifier:          73HOjYfhhvVTdWFyxps0/WNwusC3N74uwWMHMnfH7P8=
Subject key identifier:   92:5D:B1:DE:41:BA:6E:43:4D:2C:51:B0:6C:99:7D:79:87:8E:4F:F7
Certificate issuer:       /CN=72D21565C0A508FC2BDEA7768D0F4AEFD6CD19F1
Certificate serial:       78E6CC0DFC0B3DF63DE9072A3A2F990519DD6BA5
Authority key identifier: 72:D2:15:65:C0:A5:08:FC:2B:DE:A7:76:8D:0F:4A:EF:D6:CD:19:F1
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/72D21565C0A508FC2BDEA7768D0F4AEFD6CD19F1.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/FSfoj4MNKpnaBu855MxMj3MjYhu3ovmS22Xpx4LD6SPQ/0/323830343a3634343a3a2f33322d313238203d3e203533323235.roa
Signing time:             Thu 12 Jun 2025 16:36:17 +0000
ROA not before:           Thu 12 Jun 2025 16:31:17 +0000
ROA not after:            Thu 11 Jun 2026 16:36:17 +0000
asID:                     53225
IP address blocks:        2804:644::/32 maxlen: 128
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/FSfoj4MNKpnaBu855MxMj3MjYhu3ovmS22Xpx4LD6SPQ/0/72D21565C0A508FC2BDEA7768D0F4AEFD6CD19F1.crl
                          rsync://rpki-repo.registro.br/repo/FSfoj4MNKpnaBu855MxMj3MjYhu3ovmS22Xpx4LD6SPQ/0/72D21565C0A508FC2BDEA7768D0F4AEFD6CD19F1.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/72D21565C0A508FC2BDEA7768D0F4AEFD6CD19F1.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 13 Jun 2025 17:07:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:e6:cc:0d:fc:0b:3d:f6:3d:e9:07:2a:3a:2f:99:05:19:dd:6b:a5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=72D21565C0A508FC2BDEA7768D0F4AEFD6CD19F1
        Validity
            Not Before: Jun 12 16:31:17 2025 GMT
            Not After : Jun 11 16:36:17 2026 GMT
        Subject: CN=925DB1DE41BA6E434D2C51B06C997D79878E4FF7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:d2:31:b4:bb:29:0f:71:cc:df:14:31:37:24:
                    a1:8c:7a:8f:02:9a:f1:b2:e6:3c:c9:97:b9:9f:90:
                    ac:3e:84:50:d4:9a:05:53:3e:c1:5a:0e:2b:92:55:
                    4f:f1:f5:4b:6d:5f:55:1f:60:f2:82:03:88:09:c1:
                    c9:82:8e:81:cf:9a:6a:c3:5a:db:6f:7a:91:07:f9:
                    45:ea:56:b1:2c:b8:33:bd:aa:85:a3:59:da:48:f7:
                    45:42:3d:6b:fe:7f:30:c7:71:dd:d0:b3:12:b8:14:
                    aa:4f:47:7a:88:4a:96:18:21:3c:b8:07:20:91:4e:
                    87:11:5a:86:19:5a:39:d2:71:f2:3e:c5:1a:72:f9:
                    af:8c:3b:76:ae:f3:bc:e5:cc:9a:83:0c:5e:06:2a:
                    4c:67:bd:85:96:d2:2b:cb:16:e9:fd:40:ec:a6:da:
                    1d:37:4e:0a:91:62:1f:eb:6d:c8:80:74:6f:db:c2:
                    9f:db:d8:80:c6:6d:44:ea:c4:f5:12:9a:4f:22:1e:
                    8c:11:a6:61:39:bf:45:e2:d5:fb:83:38:76:2a:c4:
                    a3:27:da:20:70:d8:c1:f8:51:35:47:06:52:9a:77:
                    e3:2a:05:77:ce:fd:98:12:ff:b2:d0:f3:50:38:c5:
                    f1:f1:b9:3a:71:bd:52:36:09:d1:9c:5f:da:4b:40:
                    5d:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:5D:B1:DE:41:BA:6E:43:4D:2C:51:B0:6C:99:7D:79:87:8E:4F:F7
            X509v3 Authority Key Identifier:
                keyid:72:D2:15:65:C0:A5:08:FC:2B:DE:A7:76:8D:0F:4A:EF:D6:CD:19:F1

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/FSfoj4MNKpnaBu855MxMj3MjYhu3ovmS22Xpx4LD6SPQ/0/72D21565C0A508FC2BDEA7768D0F4AEFD6CD19F1.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/72D21565C0A508FC2BDEA7768D0F4AEFD6CD19F1.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/FSfoj4MNKpnaBu855MxMj3MjYhu3ovmS22Xpx4LD6SPQ/0/323830343a3634343a3a2f33322d313238203d3e203533323235.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:644::/32

    Signature Algorithm: sha256WithRSAEncryption
         0f:a5:6b:d4:96:96:9c:fb:ac:e2:c9:0e:6a:9b:c7:0c:6e:e7:
         76:88:d0:98:2c:6c:a5:91:6d:a9:b6:ab:68:ae:9c:4d:68:db:
         e6:1a:9e:10:eb:94:ce:5d:9f:9e:84:eb:a5:53:86:8a:1c:12:
         6d:93:74:6e:3f:45:20:db:b9:39:70:cf:ce:2f:de:63:70:39:
         47:58:67:b5:3d:e5:03:98:a5:b9:23:74:82:4c:3e:b0:44:03:
         0a:f3:74:d0:39:0d:69:4e:8e:d2:fd:68:4d:c6:95:00:5e:94:
         27:d5:fc:7f:6c:76:dc:79:df:2a:d2:98:55:4a:de:5d:5d:b7:
         25:11:22:9c:22:04:59:5d:af:11:a9:1e:b5:2e:84:38:cb:19:
         46:b4:df:26:13:2f:37:bd:ac:3d:ac:68:72:25:69:ad:8d:c2:
         ba:e1:7f:7d:79:b2:57:96:41:0c:36:ba:33:4c:ed:86:d4:ce:
         05:82:40:e3:92:f9:27:63:06:58:55:da:c6:b6:88:f4:29:40:
         be:1d:77:e7:3e:42:c7:d6:99:de:8d:10:db:0e:10:e9:46:87:
         49:e8:83:e7:5e:3e:98:0d:d5:01:cd:92:cf:e5:5f:de:35:ff:
         d6:b1:5c:3a:55:c4:47:31:0a:ce:1c:cb:d7:e4:ae:74:46:0a:
         73:d7:a4:fd
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgIUeObMDfwLPfY96QcqOi+ZBRnda6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzJEMjE1NjVDMEE1MDhGQzJCREVBNzc2OEQwRjRBRUZE
NkNEMTlGMTAeFw0yNTA2MTIxNjMxMTdaFw0yNjA2MTExNjM2MTdaMDMxMTAvBgNV
BAMTKDkyNURCMURFNDFCQTZFNDM0RDJDNTFCMDZDOTk3RDc5ODc4RTRGRjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+0jG0uykPcczfFDE3JKGMeo8C
mvGy5jzJl7mfkKw+hFDUmgVTPsFaDiuSVU/x9UttX1UfYPKCA4gJwcmCjoHPmmrD
WttvepEH+UXqVrEsuDO9qoWjWdpI90VCPWv+fzDHcd3QsxK4FKpPR3qISpYYITy4
ByCRTocRWoYZWjnScfI+xRpy+a+MO3au87zlzJqDDF4GKkxnvYWW0ivLFun9QOym
2h03TgqRYh/rbciAdG/bwp/b2IDGbUTqxPUSmk8iHowRpmE5v0Xi1fuDOHYqxKMn
2iBw2MH4UTVHBlKad+MqBXfO/ZgS/7LQ81A4xfHxuTpxvVI2CdGcX9pLQF1LAgMB
AAGjggJOMIICSjAdBgNVHQ4EFgQUkl2x3kG6bkNNLFGwbJl9eYeOT/cwHwYDVR0j
BBgwFoAUctIVZcClCPwr3qd2jQ9K79bNGfEwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRlNmb2o0TU5LcG5hQnU4NTVNeE1qM01qWWh1M292bVMyMlhweDRMRDZT
UFEvMC83MkQyMTU2NUMwQTUwOEZDMkJERUE3NzY4RDBGNEFFRkQ2Q0QxOUYxLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzcyRDIxNTY1QzBBNTA4RkMy
QkRFQTc3NjhEMEY0QUVGRDZDRDE5RjEuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0ZTZm9qNE1OS3BuYUJ1ODU1TXhNajNNallodTNvdm1TMjJYcHg0TEQ2U1BRLzAv
MzIzODMwMzQzYTM2MzQzNDNhM2EyZjMzMzIyZDMxMzIzODIwM2QzZTIwMzUzMzMy
MzIzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB
/wQRMA8wDQQCAAIwBwMFACgEBkQwDQYJKoZIhvcNAQELBQADggEBAA+la9SWlpz7
rOLJDmqbxwxu53aI0JgsbKWRbam2q2iunE1o2+YanhDrlM5dn56E66VThoocEm2T
dG4/RSDbuTlwz84v3mNwOUdYZ7U95QOYpbkjdIJMPrBEAwrzdNA5DWlOjtL9aE3G
lQBelCfV/H9sdtx53yrSmFVK3l1dtyURIpwiBFldrxGpHrUuhDjLGUa03yYTLze9
rD2saHIlaa2Nwrrhf315sleWQQw2ujNM7YbUzgWCQOOS+SdjBlhV2sa2iPQpQL4d
d+c+QsfWmd6NENsOEOlGh0nog+dePpgN1QHNks/lX941/9axXDpVxEcxCs4cy9fk
rnRGCnPXpP0=
-----END CERTIFICATE-----
Generated at Thu Jun 12 23:04:09 2025 by rpki-client