Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/FhgSjKzTPP3zymzYjDg74Att3k1S6iMJbknsdwCNp1mQ/0/323830343a373538383a3a2f33322d3334203d3e20323731303533.roa
File:                     323830343a373538383a3a2f33322d3334203d3e20323731303533.roa (raw, json)
Hash identifier:          nnZxddMxtPYXvLGrokRo727KDyxmpu+gR99v39ppU0Y=
Subject key identifier:   B2:45:56:00:51:C6:52:1F:43:92:19:A1:58:54:A9:F5:90:FC:85:47
Certificate issuer:       /CN=1CFA53FD7928C175C7432E73DD1472955E5A35FD
Certificate serial:       199474749689B11B2EDB04BEE2B857203ECA11B0
Authority key identifier: 1C:FA:53:FD:79:28:C1:75:C7:43:2E:73:DD:14:72:95:5E:5A:35:FD
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/1CFA53FD7928C175C7432E73DD1472955E5A35FD.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/FhgSjKzTPP3zymzYjDg74Att3k1S6iMJbknsdwCNp1mQ/0/323830343a373538383a3a2f33322d3334203d3e20323731303533.roa
Signing time:             Mon 14 Apr 2025 21:09:16 +0000
ROA not before:           Mon 14 Apr 2025 21:04:16 +0000
ROA not after:            Mon 13 Apr 2026 21:09:16 +0000
asID:                     271053
IP address blocks:        2804:7588::/32 maxlen: 34
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/FhgSjKzTPP3zymzYjDg74Att3k1S6iMJbknsdwCNp1mQ/0/1CFA53FD7928C175C7432E73DD1472955E5A35FD.crl
                          rsync://rpki-repo.registro.br/repo/FhgSjKzTPP3zymzYjDg74Att3k1S6iMJbknsdwCNp1mQ/0/1CFA53FD7928C175C7432E73DD1472955E5A35FD.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/1CFA53FD7928C175C7432E73DD1472955E5A35FD.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 16:04:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            19:94:74:74:96:89:b1:1b:2e:db:04:be:e2:b8:57:20:3e:ca:11:b0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1CFA53FD7928C175C7432E73DD1472955E5A35FD
        Validity
            Not Before: Apr 14 21:04:16 2025 GMT
            Not After : Apr 13 21:09:16 2026 GMT
        Subject: CN=B245560051C6521F439219A15854A9F590FC8547
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:cc:dd:b4:95:f4:e9:1b:3a:52:fe:a3:4a:54:
                    52:64:51:ac:02:ba:c9:06:69:82:39:a3:f8:89:37:
                    82:e5:36:c0:a4:fc:3d:57:0f:10:cf:72:03:2d:9b:
                    95:4d:9a:e1:87:1b:fe:58:96:ce:ff:ca:26:39:19:
                    89:46:01:67:4f:d8:41:b7:f5:5b:f5:61:1f:ca:53:
                    8c:97:88:2e:71:bc:6f:e2:e2:91:85:ed:4d:9b:5a:
                    d7:ec:d9:51:72:af:cc:4c:9f:1b:51:d2:9b:04:5d:
                    8e:dc:0f:b0:90:bd:80:47:48:c1:8d:48:4d:aa:f6:
                    6b:c3:67:3a:5d:ea:0d:b2:e9:41:f8:9b:7a:41:8c:
                    8e:ba:0c:71:52:5e:61:f0:eb:ba:6a:d2:17:d5:0d:
                    f0:fb:c2:14:8b:1e:bf:d8:61:0a:9f:e7:03:52:8c:
                    e5:ab:a0:35:b4:18:b6:01:e3:56:f8:19:6f:ea:de:
                    be:bc:63:6e:f0:8d:79:85:eb:c9:0d:eb:8f:c9:b2:
                    f0:37:bc:da:b4:b1:8e:a2:99:33:28:95:9a:c5:2f:
                    ac:49:04:fe:d3:d1:f0:57:cd:24:77:f9:e5:f9:7c:
                    e2:d4:a6:7b:6d:77:22:90:05:98:be:8c:e1:41:b2:
                    d5:2a:e0:8c:72:a5:63:86:57:bc:e2:3e:00:9b:b6:
                    08:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B2:45:56:00:51:C6:52:1F:43:92:19:A1:58:54:A9:F5:90:FC:85:47
            X509v3 Authority Key Identifier:
                keyid:1C:FA:53:FD:79:28:C1:75:C7:43:2E:73:DD:14:72:95:5E:5A:35:FD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/FhgSjKzTPP3zymzYjDg74Att3k1S6iMJbknsdwCNp1mQ/0/1CFA53FD7928C175C7432E73DD1472955E5A35FD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/1CFA53FD7928C175C7432E73DD1472955E5A35FD.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/FhgSjKzTPP3zymzYjDg74Att3k1S6iMJbknsdwCNp1mQ/0/323830343a373538383a3a2f33322d3334203d3e20323731303533.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:7588::/32

    Signature Algorithm: sha256WithRSAEncryption
         4f:d4:5c:91:29:c4:34:da:3b:c2:f3:eb:f9:10:26:21:db:49:
         bb:02:a1:ec:62:84:da:9c:60:e9:e4:6d:2b:3c:54:df:6d:e7:
         b8:cf:a6:62:0a:cb:41:08:1a:60:37:c9:aa:17:2b:04:ff:01:
         55:e7:d6:6d:dc:e3:ec:e9:99:0a:fe:f0:4d:ca:26:61:ad:6d:
         c6:ad:ab:35:aa:a2:1e:dc:07:19:98:85:6d:e8:fd:07:86:85:
         44:57:f0:ca:7f:43:bb:99:2b:4c:87:49:f6:1d:7c:ee:0f:f7:
         6a:4e:73:f7:48:be:40:d7:fb:98:13:c2:1b:82:5c:d9:c2:f3:
         03:aa:1b:8e:22:f3:81:2f:e7:9b:64:78:f5:b1:c4:95:78:94:
         59:92:88:b7:65:14:a1:53:22:99:ad:18:24:46:69:27:d8:af:
         0a:aa:62:0f:94:ba:cd:33:ae:7c:61:f0:ce:fd:f2:d0:51:85:
         64:8e:2a:78:38:78:6d:50:61:93:6b:28:a1:b7:c4:b8:aa:19:
         97:60:9c:16:bf:c4:29:33:41:83:f8:7a:0c:78:39:6c:47:01:
         08:1c:ee:f9:89:b1:c2:b0:4e:90:48:8c:a7:22:66:ba:dd:7e:
         ff:d2:66:a5:aa:47:af:f2:15:53:f5:2c:35:10:5b:e0:e4:de:
         f7:f2:f9:80
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUGZR0dJaJsRsu2wS+4rhXID7KEbAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMUNGQTUzRkQ3OTI4QzE3NUM3NDMyRTczREQxNDcyOTU1
RTVBMzVGRDAeFw0yNTA0MTQyMTA0MTZaFw0yNjA0MTMyMTA5MTZaMDMxMTAvBgNV
BAMTKEIyNDU1NjAwNTFDNjUyMUY0MzkyMTlBMTU4NTRBOUY1OTBGQzg1NDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKzN20lfTpGzpS/qNKVFJkUawC
uskGaYI5o/iJN4LlNsCk/D1XDxDPcgMtm5VNmuGHG/5Yls7/yiY5GYlGAWdP2EG3
9Vv1YR/KU4yXiC5xvG/i4pGF7U2bWtfs2VFyr8xMnxtR0psEXY7cD7CQvYBHSMGN
SE2q9mvDZzpd6g2y6UH4m3pBjI66DHFSXmHw67pq0hfVDfD7whSLHr/YYQqf5wNS
jOWroDW0GLYB41b4GW/q3r68Y27wjXmF68kN64/JsvA3vNq0sY6imTMolZrFL6xJ
BP7T0fBXzSR3+eX5fOLUpnttdyKQBZi+jOFBstUq4IxypWOGV7ziPgCbtghRAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUskVWAFHGUh9DkhmhWFSp9ZD8hUcwHwYDVR0j
BBgwFoAUHPpT/XkowXXHQy5z3RRylV5aNf0wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRmhnU2pLelRQUDN6eW16WWpEZzc0QXR0M2sxUzZpTUpia25zZHdDTnAx
bVEvMC8xQ0ZBNTNGRDc5MjhDMTc1Qzc0MzJFNzNERDE0NzI5NTVFNUEzNUZELmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzFDRkE1M0ZENzkyOEMxNzVD
NzQzMkU3M0REMTQ3Mjk1NUU1QTM1RkQuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0ZoZ1NqS3pUUFAzenltellqRGc3NEF0dDNrMVM2aU1KYmtuc2R3Q05wMW1RLzAv
MzIzODMwMzQzYTM3MzUzODM4M2EzYTJmMzMzMjJkMzMzNDIwM2QzZTIwMzIzNzMx
MzAzNTMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKAR1iDANBgkqhkiG9w0BAQsFAAOCAQEAT9RckSnE
NNo7wvPr+RAmIdtJuwKh7GKE2pxg6eRtKzxU323nuM+mYgrLQQgaYDfJqhcrBP8B
VefWbdzj7OmZCv7wTcomYa1txq2rNaqiHtwHGZiFbej9B4aFRFfwyn9Du5krTIdJ
9h187g/3ak5z90i+QNf7mBPCG4Jc2cLzA6objiLzgS/nm2R49bHElXiUWZKIt2UU
oVMima0YJEZpJ9ivCqpiD5S6zTOufGHwzv3y0FGFZI4qeDh4bVBhk2soobfEuKoZ
l2CcFr/EKTNBg/h6DHg5bEcBCBzu+YmxwrBOkEiMpyJmut1+/9JmpapHr/IVU/Us
NRBb4OTe9/L5gA==
-----END CERTIFICATE-----
Generated at Tue Jun 10 19:41:20 2025 by rpki-client