Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2hNZxbWv3kwiYsB9PuxoJndBmScRbthhtZPLbfF22LJe/0/323830343a366432633a3a2f33322d313238203d3e20323730353137.roa
File:                     323830343a366432633a3a2f33322d313238203d3e20323730353137.roa (raw, json)
Hash identifier:          FgEv7DHx8gpoUEHmCHDzneQcmOGaXyHJxKnB2umwj5Q=
Subject key identifier:   3A:C0:47:95:55:EC:2A:BF:3C:04:7E:4B:E1:CA:AE:73:E0:A2:32:37
Certificate issuer:       /CN=DDA4FC5B8E458E28765A866099AD929BAF665339
Certificate serial:       668289F176AFFBF9648136F65E3DB341458D8424
Authority key identifier: DD:A4:FC:5B:8E:45:8E:28:76:5A:86:60:99:AD:92:9B:AF:66:53:39
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DDA4FC5B8E458E28765A866099AD929BAF665339.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2hNZxbWv3kwiYsB9PuxoJndBmScRbthhtZPLbfF22LJe/0/323830343a366432633a3a2f33322d313238203d3e20323730353137.roa
Signing time:             Sat 02 Aug 2025 14:15:49 +0000
ROA not before:           Sat 02 Aug 2025 14:10:49 +0000
ROA not after:            Sat 01 Aug 2026 14:15:49 +0000
asID:                     270517
IP address blocks:        2804:6d2c::/32 maxlen: 128
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/2hNZxbWv3kwiYsB9PuxoJndBmScRbthhtZPLbfF22LJe/0/DDA4FC5B8E458E28765A866099AD929BAF665339.crl
                          rsync://rpki-repo.registro.br/repo/2hNZxbWv3kwiYsB9PuxoJndBmScRbthhtZPLbfF22LJe/0/DDA4FC5B8E458E28765A866099AD929BAF665339.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DDA4FC5B8E458E28765A866099AD929BAF665339.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 11 Aug 2025 23:28:08 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            66:82:89:f1:76:af:fb:f9:64:81:36:f6:5e:3d:b3:41:45:8d:84:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DDA4FC5B8E458E28765A866099AD929BAF665339
        Validity
            Not Before: Aug  2 14:10:49 2025 GMT
            Not After : Aug  1 14:15:49 2026 GMT
        Subject: CN=3AC0479555EC2ABF3C047E4BE1CAAE73E0A23237
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:03:79:90:00:74:8d:ba:4a:40:d6:e8:8c:6a:
                    8c:cf:e0:6e:11:ad:56:f7:d8:5d:9d:b9:4e:61:a6:
                    f9:ce:93:bb:be:3f:0c:91:9f:e3:a5:d9:8b:10:5b:
                    2d:34:a0:c4:38:d4:c6:7b:df:09:8a:a4:8c:5d:38:
                    8b:e0:d5:d4:d2:7f:ba:e7:a1:9a:0c:43:2d:f2:43:
                    6f:e4:5d:ca:21:91:98:5b:87:4e:de:3c:ea:3b:e6:
                    58:76:59:02:a4:3f:48:aa:8f:f9:52:1b:4b:4e:6f:
                    61:db:fd:51:c8:3a:b1:49:cb:b0:04:a7:2d:ef:66:
                    49:15:d4:30:96:d9:72:9d:1b:93:5c:e2:a9:1e:c3:
                    d6:07:8a:39:ad:d9:8f:f7:fb:c3:e0:f6:28:9c:41:
                    06:ca:ef:6a:5e:14:57:8d:ac:f3:94:10:8b:e9:89:
                    f4:25:d4:a1:2e:73:5d:69:20:08:8c:1d:20:1c:58:
                    b0:bc:f0:df:eb:45:95:83:af:87:27:6d:d8:a3:9f:
                    cf:dc:b0:37:1c:c6:a3:67:8e:14:50:91:54:49:3d:
                    d4:5c:5a:8d:2f:9a:3a:bd:ec:76:51:d7:d6:0c:8e:
                    d2:1a:a3:7a:6f:74:16:64:0d:65:98:8b:3e:ce:bf:
                    06:d0:d1:be:74:c4:ba:fe:dc:09:2f:d8:1c:0b:5f:
                    fc:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:C0:47:95:55:EC:2A:BF:3C:04:7E:4B:E1:CA:AE:73:E0:A2:32:37
            X509v3 Authority Key Identifier:
                keyid:DD:A4:FC:5B:8E:45:8E:28:76:5A:86:60:99:AD:92:9B:AF:66:53:39

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2hNZxbWv3kwiYsB9PuxoJndBmScRbthhtZPLbfF22LJe/0/DDA4FC5B8E458E28765A866099AD929BAF665339.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DDA4FC5B8E458E28765A866099AD929BAF665339.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2hNZxbWv3kwiYsB9PuxoJndBmScRbthhtZPLbfF22LJe/0/323830343a366432633a3a2f33322d313238203d3e20323730353137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:6d2c::/32

    Signature Algorithm: sha256WithRSAEncryption
         81:39:ad:07:a1:00:95:a5:e0:3d:e1:70:b8:89:28:f0:a1:c9:
         5c:0d:7b:a9:71:19:dc:1e:48:51:f5:14:95:95:14:96:a0:9e:
         93:4f:b4:6f:e9:9b:8f:5b:d7:d8:b2:91:fc:3d:f4:dc:51:97:
         1a:61:8f:6c:29:9c:7b:52:a8:01:6d:0e:de:c5:73:2f:0a:14:
         f3:a8:2e:a7:7c:31:63:d8:88:ca:cd:19:7a:f3:8f:bd:48:a5:
         3d:17:03:f7:72:1c:61:fd:5d:c7:ae:8a:ce:85:d8:60:0d:3c:
         fb:96:45:02:b9:92:12:2a:af:c6:2f:68:78:b3:f4:ec:48:fb:
         c2:a2:18:16:5c:97:d1:ef:96:15:fe:20:12:5c:44:7c:20:ad:
         18:f3:6f:db:f7:e8:fa:a9:3e:49:18:a0:5a:d5:78:60:ff:db:
         95:62:0a:87:7b:8d:8f:55:e8:bd:b7:1d:89:b7:0c:78:90:61:
         34:b4:b0:a0:76:ce:92:c9:f7:29:3c:98:7c:f0:38:c9:9e:39:
         b1:03:43:fa:8a:91:d9:23:37:a4:7f:f2:a9:dc:ad:4b:4a:55:
         84:13:29:ec:13:6e:e0:4f:f5:0f:de:c0:5e:09:d0:7f:8e:b6:
         fa:66:20:aa:a9:23:52:9f:31:50:ca:0a:fc:41:a0:a9:6b:28:
         de:c8:ce:0f
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIUZoKJ8Xav+/lkgTb2Xj2zQUWNhCQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRERBNEZDNUI4RTQ1OEUyODc2NUE4NjYwOTlBRDkyOUJB
RjY2NTMzOTAeFw0yNTA4MDIxNDEwNDlaFw0yNjA4MDExNDE1NDlaMDMxMTAvBgNV
BAMTKDNBQzA0Nzk1NTVFQzJBQkYzQzA0N0U0QkUxQ0FBRTczRTBBMjMyMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4A3mQAHSNukpA1uiMaozP4G4R
rVb32F2duU5hpvnOk7u+PwyRn+Ol2YsQWy00oMQ41MZ73wmKpIxdOIvg1dTSf7rn
oZoMQy3yQ2/kXcohkZhbh07ePOo75lh2WQKkP0iqj/lSG0tOb2Hb/VHIOrFJy7AE
py3vZkkV1DCW2XKdG5Nc4qkew9YHijmt2Y/3+8Pg9iicQQbK72peFFeNrPOUEIvp
ifQl1KEuc11pIAiMHSAcWLC88N/rRZWDr4cnbdijn8/csDccxqNnjhRQkVRJPdRc
Wo0vmjq97HZR19YMjtIao3pvdBZkDWWYiz7OvwbQ0b50xLr+3Akv2BwLX/z1AgMB
AAGjggJSMIICTjAdBgNVHQ4EFgQUOsBHlVXsKr88BH5L4cquc+CiMjcwHwYDVR0j
BBgwFoAU3aT8W45Fjih2WoZgma2Sm69mUzkwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMmhOWnhiV3Yza3dpWXNCOVB1eG9KbmRCbVNjUmJ0aGh0WlBMYmZGMjJM
SmUvMC9EREE0RkM1QjhFNDU4RTI4NzY1QTg2NjA5OUFEOTI5QkFGNjY1MzM5LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0REQTRGQzVCOEU0NThFMjg3
NjVBODY2MDk5QUQ5MjlCQUY2NjUzMzkuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJoTlp4Yld2M2t3aVlzQjlQdXhvSm5kQm1TY1JidGhodFpQTGJmRjIyTEplLzAv
MzIzODMwMzQzYTM2NjQzMjYzM2EzYTJmMzMzMjJkMzEzMjM4MjAzZDNlMjAzMjM3
MzAzNTMxMzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUH
AQcBAf8EETAPMA0EAgACMAcDBQAoBG0sMA0GCSqGSIb3DQEBCwUAA4IBAQCBOa0H
oQCVpeA94XC4iSjwoclcDXupcRncHkhR9RSVlRSWoJ6TT7Rv6ZuPW9fYspH8PfTc
UZcaYY9sKZx7UqgBbQ7exXMvChTzqC6nfDFj2IjKzRl684+9SKU9FwP3chxh/V3H
rorOhdhgDTz7lkUCuZISKq/GL2h4s/TsSPvCohgWXJfR75YV/iASXER8IK0Y82/b
9+j6qT5JGKBa1Xhg/9uVYgqHe42PVei9tx2Jtwx4kGE0tLCgds6SyfcpPJh88DjJ
njmxA0P6ipHZIzekf/Kp3K1LSlWEEynsE27gT/UP3sBeCdB/jrb6ZiCqqSNSnzFQ
ygr8QaCpayjeyM4P
-----END CERTIFICATE-----
Generated at Mon Aug 11 08:50:05 2025 by rpki-client