Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/GeboebrzjP9zEyzzhDptkr3D5g8ekLcMp7Kktentjs2c/0/323830343a336466343a3a2f33322d3332203d3e20323636353635.roa
File:                     323830343a336466343a3a2f33322d3332203d3e20323636353635.roa (raw, json)
Hash identifier:          3C2D+sWZHVuldyX33yOPfJCcUrBlDSa2SI1noIN0he4=
Subject key identifier:   8D:EE:1E:F7:B3:24:D9:43:D2:B5:D2:05:82:C8:B8:58:9A:14:58:CC
Certificate issuer:       /CN=8D2922D358225395ABA691BA6723BAA778294D49
Certificate serial:       2976048546FD4E1B292547C3701CEF29805D275D
Authority key identifier: 8D:29:22:D3:58:22:53:95:AB:A6:91:BA:67:23:BA:A7:78:29:4D:49
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8D2922D358225395ABA691BA6723BAA778294D49.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/GeboebrzjP9zEyzzhDptkr3D5g8ekLcMp7Kktentjs2c/0/323830343a336466343a3a2f33322d3332203d3e20323636353635.roa
Signing time:             Sat 19 Jul 2025 18:51:31 +0000
ROA not before:           Sat 19 Jul 2025 18:46:31 +0000
ROA not after:            Sat 18 Jul 2026 18:51:31 +0000
asID:                     266565
IP address blocks:        2804:3df4::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/GeboebrzjP9zEyzzhDptkr3D5g8ekLcMp7Kktentjs2c/0/8D2922D358225395ABA691BA6723BAA778294D49.crl
                          rsync://rpki-repo.registro.br/repo/GeboebrzjP9zEyzzhDptkr3D5g8ekLcMp7Kktentjs2c/0/8D2922D358225395ABA691BA6723BAA778294D49.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8D2922D358225395ABA691BA6723BAA778294D49.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Mon 11 Aug 2025 01:42:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            29:76:04:85:46:fd:4e:1b:29:25:47:c3:70:1c:ef:29:80:5d:27:5d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8D2922D358225395ABA691BA6723BAA778294D49
        Validity
            Not Before: Jul 19 18:46:31 2025 GMT
            Not After : Jul 18 18:51:31 2026 GMT
        Subject: CN=8DEE1EF7B324D943D2B5D20582C8B8589A1458CC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:79:97:35:e5:9a:68:fc:81:48:bd:4f:27:9f:
                    d7:69:3b:b8:30:c9:c8:a2:56:84:be:4e:6e:2c:d1:
                    03:59:46:dc:5d:2e:d6:4c:61:32:c6:2a:fc:5f:60:
                    44:72:8e:dd:b2:7c:19:c7:bb:ad:67:0f:08:fc:48:
                    d5:a7:8a:f1:ea:73:87:fd:d4:02:61:87:c4:48:12:
                    c4:b1:f5:92:e3:3e:92:61:20:70:59:2e:ef:3f:77:
                    60:ae:f5:53:d8:76:11:4e:1b:01:f3:78:90:22:78:
                    d3:f9:59:90:3c:2a:66:95:93:3e:66:b7:fa:e7:7d:
                    a9:50:3f:77:b8:d9:83:c5:b8:01:1d:a6:26:ce:39:
                    13:cb:24:c3:44:1c:1b:4e:75:91:fe:a5:f8:ef:ee:
                    cf:7e:01:f0:16:84:1b:08:34:ce:a3:0e:fe:5d:ff:
                    98:22:9e:5b:79:9a:55:24:8b:29:fd:28:ab:04:a0:
                    06:68:2e:73:e4:a0:c0:55:1b:1d:34:66:5f:3c:6f:
                    3b:9f:f9:cb:81:ca:20:35:2c:20:1f:fa:8e:91:77:
                    c6:c1:b2:29:fb:50:42:45:7f:51:90:55:01:d3:3b:
                    73:c5:dc:a1:ff:76:70:94:36:9c:83:3d:8d:8d:ca:
                    6a:6f:16:eb:55:ca:14:fa:f0:67:98:40:6b:06:54:
                    86:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:EE:1E:F7:B3:24:D9:43:D2:B5:D2:05:82:C8:B8:58:9A:14:58:CC
            X509v3 Authority Key Identifier:
                keyid:8D:29:22:D3:58:22:53:95:AB:A6:91:BA:67:23:BA:A7:78:29:4D:49

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/GeboebrzjP9zEyzzhDptkr3D5g8ekLcMp7Kktentjs2c/0/8D2922D358225395ABA691BA6723BAA778294D49.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8D2922D358225395ABA691BA6723BAA778294D49.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/GeboebrzjP9zEyzzhDptkr3D5g8ekLcMp7Kktentjs2c/0/323830343a336466343a3a2f33322d3332203d3e20323636353635.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:3df4::/32

    Signature Algorithm: sha256WithRSAEncryption
         a8:75:67:42:54:e2:4c:5f:58:8a:74:ae:80:07:4e:3e:ad:cf:
         43:bb:bc:77:98:f4:2f:fd:1d:a7:89:27:97:e5:0e:99:3e:e8:
         9c:6d:48:8c:13:27:86:fe:ed:ca:a8:c8:cb:28:9b:a2:e5:2e:
         d0:3f:99:f4:6f:92:ff:c6:9a:d3:77:e1:75:12:e0:af:a7:ab:
         94:c2:a2:86:dc:75:a6:c1:31:84:5d:04:5f:df:e3:fe:47:28:
         e6:7f:79:1f:3d:2a:eb:72:df:90:6b:a9:99:7e:44:05:b0:80:
         ce:22:75:26:1c:4f:49:b3:45:0d:67:2b:87:40:0a:44:fb:8b:
         69:45:1f:7d:dd:c6:af:6e:56:65:eb:72:e7:5d:2d:fa:1a:ec:
         c6:3a:95:31:4c:96:c3:ad:e1:ef:8d:36:2c:08:82:d1:2f:44:
         c9:8c:4b:24:dd:4d:bd:33:20:96:e4:6e:3d:bf:26:1d:cf:b5:
         70:da:93:ee:40:56:49:bd:f8:ff:a2:50:c3:da:8f:30:49:e8:
         8f:39:e4:66:c9:61:54:5e:39:b1:27:80:d6:8e:2c:aa:4b:89:
         b7:e5:a2:ae:37:c9:09:67:e6:4d:46:7c:de:13:2f:b9:bd:84:
         75:ca:a5:e5:51:79:8d:08:88:74:e6:be:3d:56:7c:e5:f1:58:
         d0:98:b8:c9
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUKXYEhUb9ThspJUfDcBzvKYBdJ10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEQyOTIyRDM1ODIyNTM5NUFCQTY5MUJBNjcyM0JBQTc3
ODI5NEQ0OTAeFw0yNTA3MTkxODQ2MzFaFw0yNjA3MTgxODUxMzFaMDMxMTAvBgNV
BAMTKDhERUUxRUY3QjMyNEQ5NDNEMkI1RDIwNTgyQzhCODU4OUExNDU4Q0MwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6eZc15Zpo/IFIvU8nn9dpO7gw
yciiVoS+Tm4s0QNZRtxdLtZMYTLGKvxfYERyjt2yfBnHu61nDwj8SNWnivHqc4f9
1AJhh8RIEsSx9ZLjPpJhIHBZLu8/d2Cu9VPYdhFOGwHzeJAieNP5WZA8KmaVkz5m
t/rnfalQP3e42YPFuAEdpibOORPLJMNEHBtOdZH+pfjv7s9+AfAWhBsINM6jDv5d
/5ginlt5mlUkiyn9KKsEoAZoLnPkoMBVGx00Zl88bzuf+cuByiA1LCAf+o6Rd8bB
sin7UEJFf1GQVQHTO3PF3KH/dnCUNpyDPY2NympvFutVyhT68GeYQGsGVIbjAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUje4e97Mk2UPStdIFgsi4WJoUWMwwHwYDVR0j
BBgwFoAUjSki01giU5WrppG6ZyO6p3gpTUkwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vR2Vib2VicnpqUDl6RXl6emhEcHRrcjNENWc4ZWtMY01wN0trdGVudGpz
MmMvMC84RDI5MjJEMzU4MjI1Mzk1QUJBNjkxQkE2NzIzQkFBNzc4Mjk0RDQ5LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzhEMjkyMkQzNTgyMjUzOTVB
QkE2OTFCQTY3MjNCQUE3NzgyOTRENDkuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0dlYm9lYnJ6alA5ekV5enpoRHB0a3IzRDVnOGVrTGNNcDdLa3RlbnRqczJjLzAv
MzIzODMwMzQzYTMzNjQ2NjM0M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzNjM2
MzUzNjM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKAQ99DANBgkqhkiG9w0BAQsFAAOCAQEAqHVnQlTi
TF9YinSugAdOPq3PQ7u8d5j0L/0dp4knl+UOmT7onG1IjBMnhv7tyqjIyyibouUu
0D+Z9G+S/8aa03fhdRLgr6erlMKihtx1psExhF0EX9/j/kco5n95Hz0q63LfkGup
mX5EBbCAziJ1JhxPSbNFDWcrh0AKRPuLaUUffd3Gr25WZety510t+hrsxjqVMUyW
w63h7402LAiC0S9EyYxLJN1NvTMgluRuPb8mHc+1cNqT7kBWSb34/6JQw9qPMEno
jznkZslhVF45sSeA1o4sqkuJt+WirjfJCWfmTUZ83hMvub2Edcql5VF5jQiIdOa+
PVZ85fFY0Ji4yQ==
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:48:51 2025 by rpki-client