Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/4HdKu173iWcNys5YicMyF6R5KkjTwnVRk8RdMsyjhFYo/0/323830343a373737383a3a2f33322d3332203d3e20323731313830.roa
File:                     323830343a373737383a3a2f33322d3332203d3e20323731313830.roa (raw, json)
Hash identifier:          afCsZwiPB5N2fDqRaLCKFhpsL0Zx4SiwNNU+IFHfbU8=
Subject key identifier:   06:0A:F2:91:45:3E:2F:56:DE:34:10:9E:B4:89:E1:A6:CD:17:44:0A
Certificate issuer:       /CN=DA2C3B2572C3BCA9225E872B77D7EBEC51E4A01A
Certificate serial:       096664C8B43A8B5075DD6F2024B96B2CF6BD604A
Authority key identifier: DA:2C:3B:25:72:C3:BC:A9:22:5E:87:2B:77:D7:EB:EC:51:E4:A0:1A
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DA2C3B2572C3BCA9225E872B77D7EBEC51E4A01A.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/4HdKu173iWcNys5YicMyF6R5KkjTwnVRk8RdMsyjhFYo/0/323830343a373737383a3a2f33322d3332203d3e20323731313830.roa
Signing time:             Mon 29 Sep 2025 13:05:29 +0000
ROA not before:           Mon 29 Sep 2025 13:00:29 +0000
ROA not after:            Mon 28 Sep 2026 13:05:29 +0000
asID:                     271180
IP address blocks:        2804:7778::/32 maxlen: 32
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/4HdKu173iWcNys5YicMyF6R5KkjTwnVRk8RdMsyjhFYo/0/DA2C3B2572C3BCA9225E872B77D7EBEC51E4A01A.crl
                          rsync://rpki-repo.registro.br/repo/4HdKu173iWcNys5YicMyF6R5KkjTwnVRk8RdMsyjhFYo/0/DA2C3B2572C3BCA9225E872B77D7EBEC51E4A01A.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DA2C3B2572C3BCA9225E872B77D7EBEC51E4A01A.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 21 Oct 2025 10:15:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:66:64:c8:b4:3a:8b:50:75:dd:6f:20:24:b9:6b:2c:f6:bd:60:4a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DA2C3B2572C3BCA9225E872B77D7EBEC51E4A01A
        Validity
            Not Before: Sep 29 13:00:29 2025 GMT
            Not After : Sep 28 13:05:29 2026 GMT
        Subject: CN=060AF291453E2F56DE34109EB489E1A6CD17440A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:88:bd:7e:ad:b4:f3:fe:93:b7:70:6c:7f:07:
                    8c:4a:15:aa:4d:56:c8:4a:75:d6:06:f9:a5:86:9b:
                    c4:9e:03:1c:22:32:2d:68:d4:1c:54:7c:3f:ac:27:
                    b6:70:e7:35:40:ab:f3:1c:93:cc:30:86:d2:fb:8d:
                    7d:21:87:b7:8f:1c:e2:d0:71:d7:df:3a:dd:22:72:
                    c5:a7:42:02:ff:4b:34:b1:9a:cb:ea:f6:6a:bb:d1:
                    af:19:e0:3e:ad:33:f4:75:1f:aa:9d:46:d5:a3:ec:
                    d4:f2:6a:c8:90:a7:5f:8e:bf:b9:2e:1a:e0:37:59:
                    14:b9:b0:67:5e:2f:3d:9a:7e:2a:4d:2d:a8:9c:36:
                    db:06:61:54:a2:b4:16:76:90:1f:fe:a9:88:0e:97:
                    f3:7c:45:42:59:24:a5:ac:ba:31:14:9b:16:4b:da:
                    28:ba:d1:db:5b:31:5f:9d:08:64:9b:20:9d:65:91:
                    0e:f1:2f:aa:7d:2f:c7:af:bb:85:05:2a:40:f6:26:
                    30:2c:2c:c8:d3:f2:cf:60:6b:28:e4:3c:78:c9:33:
                    f0:87:bf:aa:07:1d:b3:8f:89:e2:96:3a:1c:4f:37:
                    a2:0f:0b:5b:2e:1d:0e:e8:42:e8:5e:2e:39:84:b4:
                    b5:b7:7a:7a:2d:3a:cf:21:4f:28:77:ee:5c:ed:09:
                    7b:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:0A:F2:91:45:3E:2F:56:DE:34:10:9E:B4:89:E1:A6:CD:17:44:0A
            X509v3 Authority Key Identifier:
                keyid:DA:2C:3B:25:72:C3:BC:A9:22:5E:87:2B:77:D7:EB:EC:51:E4:A0:1A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/4HdKu173iWcNys5YicMyF6R5KkjTwnVRk8RdMsyjhFYo/0/DA2C3B2572C3BCA9225E872B77D7EBEC51E4A01A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DA2C3B2572C3BCA9225E872B77D7EBEC51E4A01A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/4HdKu173iWcNys5YicMyF6R5KkjTwnVRk8RdMsyjhFYo/0/323830343a373737383a3a2f33322d3332203d3e20323731313830.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:7778::/32

    Signature Algorithm: sha256WithRSAEncryption
         0e:20:ad:ce:4d:94:1a:96:60:b6:78:46:1a:0f:eb:0a:7d:6f:
         15:fb:d7:91:40:4b:cf:5b:5d:f1:87:6d:16:f1:6d:52:3a:2f:
         e5:6b:5e:91:f0:77:1a:a1:35:04:da:8c:84:6f:65:42:d7:5a:
         59:2d:4e:40:11:b2:f9:b6:cd:5b:11:93:79:48:cb:6c:ce:63:
         b6:90:8b:48:de:54:6a:bc:58:90:a2:8c:89:2f:08:8d:5d:51:
         2d:d1:f9:2c:79:8b:17:ff:e9:79:34:10:d4:c5:78:5f:93:35:
         f8:40:f4:55:eb:f3:ad:9f:e2:43:32:88:50:5d:f7:ed:86:53:
         30:4d:ae:33:da:20:2b:0b:b5:2f:94:e5:e9:d6:9b:14:ab:87:
         41:60:06:e9:61:fd:2c:f0:03:77:37:1d:93:eb:8e:d5:a6:34:
         34:8e:e6:f0:5b:9b:7f:28:a6:7b:d6:18:1f:1d:4a:6e:af:9e:
         2b:96:62:8d:ac:79:d0:f4:30:3a:5b:08:3d:d6:5a:65:82:f9:
         d9:e0:73:7f:aa:7b:01:2d:48:fa:85:0f:35:d5:e0:54:b2:dd:
         c3:e3:cf:e7:07:ee:f3:e0:e2:8f:1d:e7:73:73:0f:f7:51:3e:
         47:6d:6c:86:1a:11:cf:5b:a1:f1:35:cf:e0:13:07:e9:e2:48:
         ef:57:3f:59
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUCWZkyLQ6i1B13W8gJLlrLPa9YEowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREEyQzNCMjU3MkMzQkNBOTIyNUU4NzJCNzdEN0VCRUM1
MUU0QTAxQTAeFw0yNTA5MjkxMzAwMjlaFw0yNjA5MjgxMzA1MjlaMDMxMTAvBgNV
BAMTKDA2MEFGMjkxNDUzRTJGNTZERTM0MTA5RUI0ODlFMUE2Q0QxNzQ0MEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmiL1+rbTz/pO3cGx/B4xKFapN
VshKddYG+aWGm8SeAxwiMi1o1BxUfD+sJ7Zw5zVAq/Mck8wwhtL7jX0hh7ePHOLQ
cdffOt0icsWnQgL/SzSxmsvq9mq70a8Z4D6tM/R1H6qdRtWj7NTyasiQp1+Ov7ku
GuA3WRS5sGdeLz2afipNLaicNtsGYVSitBZ2kB/+qYgOl/N8RUJZJKWsujEUmxZL
2ii60dtbMV+dCGSbIJ1lkQ7xL6p9L8evu4UFKkD2JjAsLMjT8s9gayjkPHjJM/CH
v6oHHbOPieKWOhxPN6IPC1suHQ7oQuheLjmEtLW3enotOs8hTyh37lztCXs3AgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUBgrykUU+L1beNBCetInhps0XRAowHwYDVR0j
BBgwFoAU2iw7JXLDvKkiXocrd9fr7FHkoBowDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNEhkS3UxNzNpV2NOeXM1WWljTXlGNlI1S2tqVHduVlJrOFJkTXN5amhG
WW8vMC9EQTJDM0IyNTcyQzNCQ0E5MjI1RTg3MkI3N0Q3RUJFQzUxRTRBMDFBLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0RBMkMzQjI1NzJDM0JDQTky
MjVFODcyQjc3RDdFQkVDNTFFNEEwMUEuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzRIZEt1MTczaVdjTnlzNVlpY015RjZSNUtralR3blZSazhSZE1zeWpoRllvLzAv
MzIzODMwMzQzYTM3MzczNzM4M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzNzMx
MzEzODMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKAR3eDANBgkqhkiG9w0BAQsFAAOCAQEADiCtzk2U
GpZgtnhGGg/rCn1vFfvXkUBLz1td8YdtFvFtUjov5WtekfB3GqE1BNqMhG9lQtda
WS1OQBGy+bbNWxGTeUjLbM5jtpCLSN5UarxYkKKMiS8IjV1RLdH5LHmLF//peTQQ
1MV4X5M1+ED0VevzrZ/iQzKIUF337YZTME2uM9ogKwu1L5Tl6dabFKuHQWAG6WH9
LPADdzcdk+uO1aY0NI7m8Fubfyime9YYHx1Kbq+eK5Zijax50PQwOlsIPdZaZYL5
2eBzf6p7AS1I+oUPNdXgVLLdw+PP5wfu8+Dijx3nc3MP91E+R21shhoRz1uh8TXP
4BMH6eJI71c/WQ==
-----END CERTIFICATE-----
Generated at Tue Oct 21 02:39:46 2025 by rpki-client