Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/D3cieqzvMC2PKTA9TYePjqQn8Q2dKxfX8RghKKopqMFP/0/323830343a363235633a3a2f33332d3333203d3e20323639323932.roa
File:                     323830343a363235633a3a2f33332d3333203d3e20323639323932.roa (raw, json)
Hash identifier:          l7j5jrYtTHS96gbvaETyWxklO0VohGEx5IrrwFK5RFg=
Subject key identifier:   32:CC:5C:2A:9D:C4:CC:01:24:5E:0A:AB:1B:0B:77:E9:24:35:C4:FA
Certificate issuer:       /CN=891876379661096633CCF1E14D82D1BBB9CBF133
Certificate serial:       54BB359E373DA5A01876A248B54FDACD848BE499
Authority key identifier: 89:18:76:37:96:61:09:66:33:CC:F1:E1:4D:82:D1:BB:B9:CB:F1:33
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/891876379661096633CCF1E14D82D1BBB9CBF133.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/D3cieqzvMC2PKTA9TYePjqQn8Q2dKxfX8RghKKopqMFP/0/323830343a363235633a3a2f33332d3333203d3e20323639323932.roa
Signing time:             Tue 16 Sep 2025 17:07:06 +0000
ROA not before:           Tue 16 Sep 2025 17:02:06 +0000
ROA not after:            Tue 15 Sep 2026 17:07:06 +0000
asID:                     269292
IP address blocks:        2804:625c::/33 maxlen: 33
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/D3cieqzvMC2PKTA9TYePjqQn8Q2dKxfX8RghKKopqMFP/0/891876379661096633CCF1E14D82D1BBB9CBF133.crl
                          rsync://rpki-repo.registro.br/repo/D3cieqzvMC2PKTA9TYePjqQn8Q2dKxfX8RghKKopqMFP/0/891876379661096633CCF1E14D82D1BBB9CBF133.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/891876379661096633CCF1E14D82D1BBB9CBF133.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 21 Oct 2025 21:05:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            54:bb:35:9e:37:3d:a5:a0:18:76:a2:48:b5:4f:da:cd:84:8b:e4:99
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=891876379661096633CCF1E14D82D1BBB9CBF133
        Validity
            Not Before: Sep 16 17:02:06 2025 GMT
            Not After : Sep 15 17:07:06 2026 GMT
        Subject: CN=32CC5C2A9DC4CC01245E0AAB1B0B77E92435C4FA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:6b:2c:f7:13:c3:81:e9:3d:75:cb:00:c5:30:
                    70:c4:fb:75:9d:b9:ad:b8:37:92:89:d3:2b:d9:b4:
                    45:9a:78:a6:f7:41:dc:50:71:a2:ff:3c:05:40:e5:
                    c6:02:6f:54:bf:5f:86:20:c6:e3:63:d2:01:2c:3a:
                    54:5c:a2:75:38:5f:d3:d8:a5:2e:9f:8d:4b:09:10:
                    36:0c:21:ca:e3:c5:9a:34:9a:cb:63:da:95:55:00:
                    0c:ed:da:be:50:c6:73:d2:2c:0e:e3:1e:68:e5:da:
                    71:be:4a:3a:95:16:c6:39:af:de:b3:cd:c1:30:cd:
                    13:3f:29:c1:bc:85:b7:3d:86:5c:73:f5:20:a6:8e:
                    c2:e5:75:d3:51:42:07:c0:8e:a3:b3:39:1f:ba:b0:
                    86:a2:98:b4:68:66:f1:ef:f0:cd:74:1a:63:71:e8:
                    60:b0:bc:f8:15:fa:3d:25:1f:f7:87:5a:5e:7f:7a:
                    61:0e:71:f6:23:e7:36:45:09:df:ae:6d:c6:90:23:
                    03:0d:c7:42:5c:4a:0e:4b:3b:76:ca:eb:2d:c3:2b:
                    3f:14:cd:65:74:df:a7:b8:60:f4:b6:63:a1:4c:6e:
                    66:5c:c1:05:bc:3e:66:7a:46:c9:de:05:52:00:ff:
                    43:e5:5d:31:95:b3:05:8d:31:37:9e:84:47:7a:87:
                    4f:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:CC:5C:2A:9D:C4:CC:01:24:5E:0A:AB:1B:0B:77:E9:24:35:C4:FA
            X509v3 Authority Key Identifier:
                keyid:89:18:76:37:96:61:09:66:33:CC:F1:E1:4D:82:D1:BB:B9:CB:F1:33

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/D3cieqzvMC2PKTA9TYePjqQn8Q2dKxfX8RghKKopqMFP/0/891876379661096633CCF1E14D82D1BBB9CBF133.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/891876379661096633CCF1E14D82D1BBB9CBF133.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/D3cieqzvMC2PKTA9TYePjqQn8Q2dKxfX8RghKKopqMFP/0/323830343a363235633a3a2f33332d3333203d3e20323639323932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:625c::/33

    Signature Algorithm: sha256WithRSAEncryption
         a5:fc:70:54:eb:8e:f6:52:b0:51:ad:c3:1e:c1:09:8a:6f:c9:
         b9:b8:b9:ba:f4:af:bf:4e:65:f0:cf:48:51:11:91:d1:d0:4d:
         e1:05:00:00:63:18:c3:db:45:b5:2e:f9:f9:43:8d:c8:2c:b3:
         c8:dd:93:d1:06:ce:0a:c8:42:c6:56:33:3c:9d:c7:e0:ec:2b:
         dc:3c:31:8b:3d:41:ac:3c:80:8b:4c:de:39:99:82:c0:f5:b5:
         b0:35:08:cd:12:fa:2b:09:32:6c:36:e4:3c:6e:84:0c:2e:2e:
         3b:bd:9f:1b:7a:49:d7:29:ad:f7:0c:29:19:06:f1:79:a5:07:
         f8:19:6c:97:bb:60:7a:5f:c2:8a:5f:23:e3:c8:3e:69:3c:5b:
         b4:e3:89:39:8e:f6:7b:16:f0:4a:64:cd:57:df:47:86:af:79:
         51:4a:ca:18:33:fc:d1:6a:3a:b6:28:d2:51:4c:cf:ee:4a:f9:
         87:4d:16:99:5a:2e:e3:fe:bb:af:9a:aa:1a:6b:b0:00:65:00:
         12:0f:db:98:61:b7:b5:18:94:7e:0b:82:ba:57:30:ae:90:3a:
         cd:f6:2c:2f:f0:7a:49:1f:7c:ce:12:16:81:65:f2:86:11:6d:
         ef:eb:4f:03:26:f2:87:f1:25:61:08:69:eb:05:ef:3b:d1:8b:
         21:a6:62:09
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUVLs1njc9paAYdqJItU/azYSL5JkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODkxODc2Mzc5NjYxMDk2NjMzQ0NGMUUxNEQ4MkQxQkJC
OUNCRjEzMzAeFw0yNTA5MTYxNzAyMDZaFw0yNjA5MTUxNzA3MDZaMDMxMTAvBgNV
BAMTKDMyQ0M1QzJBOURDNENDMDEyNDVFMEFBQjFCMEI3N0U5MjQzNUM0RkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2ayz3E8OB6T11ywDFMHDE+3Wd
ua24N5KJ0yvZtEWaeKb3QdxQcaL/PAVA5cYCb1S/X4YgxuNj0gEsOlRconU4X9PY
pS6fjUsJEDYMIcrjxZo0mstj2pVVAAzt2r5QxnPSLA7jHmjl2nG+SjqVFsY5r96z
zcEwzRM/KcG8hbc9hlxz9SCmjsLlddNRQgfAjqOzOR+6sIaimLRoZvHv8M10GmNx
6GCwvPgV+j0lH/eHWl5/emEOcfYj5zZFCd+ubcaQIwMNx0JcSg5LO3bK6y3DKz8U
zWV036e4YPS2Y6FMbmZcwQW8PmZ6RsneBVIA/0PlXTGVswWNMTeehEd6h0/bAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUMsxcKp3EzAEkXgqrGwt36SQ1xPowHwYDVR0j
BBgwFoAUiRh2N5ZhCWYzzPHhTYLRu7nL8TMwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRDNjaWVxenZNQzJQS1RBOVRZZVBqcVFuOFEyZEt4Zlg4UmdoS0tvcHFN
RlAvMC84OTE4NzYzNzk2NjEwOTY2MzNDQ0YxRTE0RDgyRDFCQkI5Q0JGMTMzLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzg5MTg3NjM3OTY2MTA5NjYz
M0NDRjFFMTREODJEMUJCQjlDQkYxMzMuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0QzY2llcXp2TUMyUEtUQTlUWWVQanFRbjhRMmRLeGZYOFJnaEtLb3BxTUZQLzAv
MzIzODMwMzQzYTM2MzIzNTYzM2EzYTJmMzMzMzJkMzMzMzIwM2QzZTIwMzIzNjM5
MzIzOTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEH
AQH/BBIwEDAOBAIAAjAIAwYHKARiXAAwDQYJKoZIhvcNAQELBQADggEBAKX8cFTr
jvZSsFGtwx7BCYpvybm4ubr0r79OZfDPSFERkdHQTeEFAABjGMPbRbUu+flDjcgs
s8jdk9EGzgrIQsZWMzydx+DsK9w8MYs9Qaw8gItM3jmZgsD1tbA1CM0S+isJMmw2
5DxuhAwuLju9nxt6SdcprfcMKRkG8XmlB/gZbJe7YHpfwopfI+PIPmk8W7TjiTmO
9nsW8EpkzVffR4aveVFKyhgz/NFqOrYo0lFMz+5K+YdNFplaLuP+u6+aqhprsABl
ABIP25hht7UYlH4LgrpXMK6QOs32LC/wekkffM4SFoFl8oYRbe/rTwMm8ofxJWEI
aesF7zvRiyGmYgk=
-----END CERTIFICATE-----
Generated at Mon Oct 20 21:55:52 2025 by rpki-client