Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/GvfhAciEXy2cQjTUjcXgMzoVpnf3AdscpYYhxuh2rwfT/0/323830343a373266633a383030303a3a2f33332d3438203d3e20323730383838.roa
File:                     323830343a373266633a383030303a3a2f33332d3438203d3e20323730383838.roa (raw, json)
Hash identifier:          kdmXgNEvhfXURz4occhN0+YijpnG+3hZFeIKjD3tDkw=
Subject key identifier:   42:21:8E:1E:8D:D4:D2:9E:F7:AB:8E:88:FD:8E:C2:42:6B:A3:FB:3F
Certificate issuer:       /CN=2CE7EAA613A389D3132F70754E25E343490494C5
Certificate serial:       0A27B8A4DBC166F168CCD045584A22C354D8ECC0
Authority key identifier: 2C:E7:EA:A6:13:A3:89:D3:13:2F:70:75:4E:25:E3:43:49:04:94:C5
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/2CE7EAA613A389D3132F70754E25E343490494C5.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/GvfhAciEXy2cQjTUjcXgMzoVpnf3AdscpYYhxuh2rwfT/0/323830343a373266633a383030303a3a2f33332d3438203d3e20323730383838.roa
Signing time:             Wed 07 May 2025 17:01:12 +0000
ROA not before:           Wed 07 May 2025 16:56:12 +0000
ROA not after:            Wed 06 May 2026 17:01:12 +0000
asID:                     270888
IP address blocks:        2804:72fc:8000::/33 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/GvfhAciEXy2cQjTUjcXgMzoVpnf3AdscpYYhxuh2rwfT/0/2CE7EAA613A389D3132F70754E25E343490494C5.crl
                          rsync://rpki-repo.registro.br/repo/GvfhAciEXy2cQjTUjcXgMzoVpnf3AdscpYYhxuh2rwfT/0/2CE7EAA613A389D3132F70754E25E343490494C5.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/2CE7EAA613A389D3132F70754E25E343490494C5.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Wed 11 Jun 2025 11:48:46 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:27:b8:a4:db:c1:66:f1:68:cc:d0:45:58:4a:22:c3:54:d8:ec:c0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2CE7EAA613A389D3132F70754E25E343490494C5
        Validity
            Not Before: May  7 16:56:12 2025 GMT
            Not After : May  6 17:01:12 2026 GMT
        Subject: CN=42218E1E8DD4D29EF7AB8E88FD8EC2426BA3FB3F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:12:f4:c0:75:3a:95:eb:fe:cf:d2:76:87:29:
                    f9:1a:43:34:1b:a4:a4:fa:f2:0e:ea:d7:35:d8:c9:
                    81:d1:18:7b:e5:62:54:47:3d:5e:9e:b1:40:02:92:
                    1d:20:c5:6f:96:3e:e3:64:a4:a3:4d:28:a9:52:2e:
                    76:29:1e:41:f7:3f:b1:90:b3:3d:aa:a0:fe:14:39:
                    e8:0f:91:48:77:34:8b:f5:4c:e1:11:10:b7:41:38:
                    ca:17:88:18:5c:7d:1c:c7:c7:88:72:d0:11:04:3a:
                    29:b7:4b:3c:f6:2b:91:8b:96:6c:36:ed:ae:a1:d8:
                    80:7a:3c:fe:63:8f:7b:e4:f4:de:90:1d:96:f1:9d:
                    ac:e3:ba:1e:a5:13:73:1b:09:eb:87:39:97:df:2a:
                    85:67:60:9a:1e:09:99:54:89:3f:27:a3:94:39:2e:
                    0a:6d:1b:a8:ee:e3:5d:36:a2:c6:c8:a8:d9:f6:12:
                    b9:eb:80:d2:5d:67:e0:0a:a3:b3:02:02:3a:2e:a0:
                    3e:01:87:cd:31:c2:e1:16:ac:45:4e:d7:4f:9a:af:
                    70:9e:89:a3:53:ae:c1:95:c0:d2:82:f7:60:b5:95:
                    8a:e8:74:f4:cc:5f:88:e6:c6:46:61:99:85:d5:78:
                    eb:64:18:e7:01:2a:9d:18:45:43:a9:04:99:40:d6:
                    a4:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:21:8E:1E:8D:D4:D2:9E:F7:AB:8E:88:FD:8E:C2:42:6B:A3:FB:3F
            X509v3 Authority Key Identifier:
                keyid:2C:E7:EA:A6:13:A3:89:D3:13:2F:70:75:4E:25:E3:43:49:04:94:C5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/GvfhAciEXy2cQjTUjcXgMzoVpnf3AdscpYYhxuh2rwfT/0/2CE7EAA613A389D3132F70754E25E343490494C5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/2CE7EAA613A389D3132F70754E25E343490494C5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/GvfhAciEXy2cQjTUjcXgMzoVpnf3AdscpYYhxuh2rwfT/0/323830343a373266633a383030303a3a2f33332d3438203d3e20323730383838.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:72fc:8000::/33

    Signature Algorithm: sha256WithRSAEncryption
         98:7d:e9:e5:8a:dc:23:91:3a:bf:43:ec:38:cb:85:e2:ad:54:
         d2:77:b7:df:ab:61:64:04:9c:20:46:58:b3:c6:2b:e9:03:73:
         5a:d0:81:b9:6c:9d:54:ec:08:10:46:33:34:25:4a:51:7b:1f:
         7d:d0:fe:7f:7c:62:ff:4e:f1:9b:4c:4d:fe:80:3b:d8:97:ca:
         6b:b4:99:fc:23:e6:8a:a8:83:66:ed:04:1d:af:7e:fd:4a:b1:
         15:23:1c:ce:dc:86:c8:b6:16:e7:ce:bf:eb:61:02:a0:45:0f:
         90:50:07:84:07:b5:33:e5:02:cf:6e:85:b8:99:0c:20:4e:16:
         12:a6:09:20:4c:e0:ea:68:a3:20:36:15:72:ff:0c:2d:fd:e2:
         76:6c:25:8f:30:20:96:50:7e:d0:e1:31:7d:c0:4c:6f:07:a2:
         be:a7:ef:bb:d7:27:86:18:0d:86:82:3f:3a:02:80:6a:78:4b:
         5e:d1:a0:f9:36:90:6e:76:30:ca:0f:11:44:ae:f9:11:c1:6b:
         a0:ac:c3:91:8e:99:d5:da:65:9f:59:2e:1b:2e:f7:5d:e8:71:
         ca:c4:c5:4d:33:8f:27:48:e1:68:2b:f0:e1:45:86:ef:60:94:
         1f:a0:57:19:3b:dc:a9:08:3f:d0:07:58:44:66:c1:3f:67:3f:
         18:a9:8d:73
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUCie4pNvBZvFozNBFWEoiw1TY7MAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkNFN0VBQTYxM0EzODlEMzEzMkY3MDc1NEUyNUUzNDM0
OTA0OTRDNTAeFw0yNTA1MDcxNjU2MTJaFw0yNjA1MDYxNzAxMTJaMDMxMTAvBgNV
BAMTKDQyMjE4RTFFOERENEQyOUVGN0FCOEU4OEZEOEVDMjQyNkJBM0ZCM0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+EvTAdTqV6/7P0naHKfkaQzQb
pKT68g7q1zXYyYHRGHvlYlRHPV6esUACkh0gxW+WPuNkpKNNKKlSLnYpHkH3P7GQ
sz2qoP4UOegPkUh3NIv1TOERELdBOMoXiBhcfRzHx4hy0BEEOim3Szz2K5GLlmw2
7a6h2IB6PP5jj3vk9N6QHZbxnazjuh6lE3MbCeuHOZffKoVnYJoeCZlUiT8no5Q5
LgptG6ju4102osbIqNn2ErnrgNJdZ+AKo7MCAjouoD4Bh80xwuEWrEVO10+ar3Ce
iaNTrsGVwNKC92C1lYrodPTMX4jmxkZhmYXVeOtkGOcBKp0YRUOpBJlA1qRnAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUQiGOHo3U0p73q46I/Y7CQmuj+z8wHwYDVR0j
BBgwFoAULOfqphOjidMTL3B1TiXjQ0kElMUwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vR3ZmaEFjaUVYeTJjUWpUVWpjWGdNem9WcG5mM0Fkc2NwWVloeHVoMnJ3
ZlQvMC8yQ0U3RUFBNjEzQTM4OUQzMTMyRjcwNzU0RTI1RTM0MzQ5MDQ5NEM1LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzJDRTdFQUE2MTNBMzg5RDMx
MzJGNzA3NTRFMjVFMzQzNDkwNDk0QzUuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0d2ZmhBY2lFWHkyY1FqVFVqY1hnTXpvVnBuZjNBZHNjcFlZaHh1aDJyd2ZULzAv
MzIzODMwMzQzYTM3MzI2NjYzM2EzODMwMzAzMDNhM2EyZjMzMzMyZDM0MzgyMDNk
M2UyMDMyMzczMDM4MzgzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBygEcvyAMA0GCSqGSIb3DQEBCwUA
A4IBAQCYfenlitwjkTq/Q+w4y4XirVTSd7ffq2FkBJwgRlizxivpA3Na0IG5bJ1U
7AgQRjM0JUpRex990P5/fGL/TvGbTE3+gDvYl8prtJn8I+aKqINm7QQdr379SrEV
IxzO3IbIthbnzr/rYQKgRQ+QUAeEB7Uz5QLPboW4mQwgThYSpgkgTODqaKMgNhVy
/wwt/eJ2bCWPMCCWUH7Q4TF9wExvB6K+p++71yeGGA2Ggj86AoBqeEte0aD5NpBu
djDKDxFErvkRwWugrMORjpnV2mWfWS4bLvdd6HHKxMVNM48nSOFoK/DhRYbvYJQf
oFcZO9ypCD/QB1hEZsE/Zz8YqY1z
-----END CERTIFICATE-----
Generated at Wed Jun 11 01:19:40 2025 by rpki-client