Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/HrNTwKVdenTRK7dXVPcC31SpRrTHQyiwEvyXhQUBYti9/0/323830343a346665303a383030303a3a2f33332d3333203d3e20323638333535.roa
File:                     323830343a346665303a383030303a3a2f33332d3333203d3e20323638333535.roa (raw, json)
Hash identifier:          HFtPxATLX5EpbVFkw5GdmivQ5LTbLGy2fdMs9HhaMo0=
Subject key identifier:   76:E3:24:D6:95:E0:B9:F3:9D:64:6D:BB:23:A2:27:A7:A6:5C:6D:36
Certificate issuer:       /CN=28F9F9FBDF489E86A2CB929A47E8BC0ABC2A1B1C
Certificate serial:       28804C23EAF0F5B1C327FED3A4BC4BB781718B84
Authority key identifier: 28:F9:F9:FB:DF:48:9E:86:A2:CB:92:9A:47:E8:BC:0A:BC:2A:1B:1C
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/28F9F9FBDF489E86A2CB929A47E8BC0ABC2A1B1C.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/HrNTwKVdenTRK7dXVPcC31SpRrTHQyiwEvyXhQUBYti9/0/323830343a346665303a383030303a3a2f33332d3333203d3e20323638333535.roa
Signing time:             Wed 17 Sep 2025 14:36:08 +0000
ROA not before:           Wed 17 Sep 2025 14:31:08 +0000
ROA not after:            Wed 16 Sep 2026 14:36:08 +0000
asID:                     268355
IP address blocks:        2804:4fe0:8000::/33 maxlen: 33
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/HrNTwKVdenTRK7dXVPcC31SpRrTHQyiwEvyXhQUBYti9/0/28F9F9FBDF489E86A2CB929A47E8BC0ABC2A1B1C.crl
                          rsync://rpki-repo.registro.br/repo/HrNTwKVdenTRK7dXVPcC31SpRrTHQyiwEvyXhQUBYti9/0/28F9F9FBDF489E86A2CB929A47E8BC0ABC2A1B1C.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/28F9F9FBDF489E86A2CB929A47E8BC0ABC2A1B1C.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 21 Oct 2025 23:30:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            28:80:4c:23:ea:f0:f5:b1:c3:27:fe:d3:a4:bc:4b:b7:81:71:8b:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=28F9F9FBDF489E86A2CB929A47E8BC0ABC2A1B1C
        Validity
            Not Before: Sep 17 14:31:08 2025 GMT
            Not After : Sep 16 14:36:08 2026 GMT
        Subject: CN=76E324D695E0B9F39D646DBB23A227A7A65C6D36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:9d:31:ee:f4:35:69:8c:79:41:6a:b2:19:6a:
                    fb:cd:66:fb:ef:61:c1:73:fb:48:3b:42:16:a0:5d:
                    6e:44:e6:89:7f:3e:5e:20:10:47:76:54:6e:75:ca:
                    f2:41:ab:3d:c9:fb:bd:19:bf:86:8b:8a:0f:f7:89:
                    34:d3:4a:69:32:4c:15:2a:c3:e6:e1:5d:41:28:53:
                    14:3c:4c:0d:31:85:05:c0:74:d0:31:c4:aa:68:f4:
                    8f:b0:68:8b:5f:28:4a:ce:4d:61:87:cc:fa:3e:90:
                    37:f3:d9:f0:2a:3b:4f:95:32:25:e2:9c:b3:17:93:
                    f8:41:a8:a6:b7:5e:cc:37:39:fb:c0:80:94:de:e1:
                    36:f7:0c:40:17:35:a6:f1:99:88:ca:57:ac:e1:1a:
                    f3:f6:5f:ba:ff:cb:1c:57:0d:57:2e:ec:76:78:81:
                    71:4d:b3:33:37:24:6c:12:66:22:bc:04:71:c4:fa:
                    6a:bd:67:68:86:fa:32:ce:b3:4f:1b:3a:a3:8a:cf:
                    25:fd:29:30:3d:3d:a4:d4:fb:80:85:12:63:ca:8c:
                    27:39:3b:77:46:07:3a:a9:12:1f:56:2a:44:5a:bf:
                    8c:a9:2c:e7:f7:cc:3f:d8:06:7e:d6:50:6b:0d:11:
                    dd:f8:e4:41:d3:7e:ea:98:86:fb:97:b9:2f:d0:3d:
                    72:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:E3:24:D6:95:E0:B9:F3:9D:64:6D:BB:23:A2:27:A7:A6:5C:6D:36
            X509v3 Authority Key Identifier:
                keyid:28:F9:F9:FB:DF:48:9E:86:A2:CB:92:9A:47:E8:BC:0A:BC:2A:1B:1C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/HrNTwKVdenTRK7dXVPcC31SpRrTHQyiwEvyXhQUBYti9/0/28F9F9FBDF489E86A2CB929A47E8BC0ABC2A1B1C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/28F9F9FBDF489E86A2CB929A47E8BC0ABC2A1B1C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/HrNTwKVdenTRK7dXVPcC31SpRrTHQyiwEvyXhQUBYti9/0/323830343a346665303a383030303a3a2f33332d3333203d3e20323638333535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:4fe0:8000::/33

    Signature Algorithm: sha256WithRSAEncryption
         10:73:d2:fe:83:23:cd:3d:d4:ec:92:ec:30:bd:d6:14:a3:3c:
         cf:a1:de:ff:28:1a:53:84:bc:08:91:96:78:e1:fb:50:b8:af:
         ff:9d:f0:da:38:96:49:68:58:b7:68:45:13:11:89:3f:1e:98:
         1f:ce:3b:6e:eb:cc:10:29:d9:9d:48:8a:89:4b:44:93:02:ec:
         78:51:f2:15:ec:8e:e8:f1:bb:5a:46:5b:f3:c3:15:c2:ae:cd:
         f3:21:15:77:d2:84:3c:69:ce:ac:d3:1a:be:98:f9:4d:25:90:
         87:4c:92:d6:10:04:f2:e8:e3:67:17:e1:c5:31:69:8f:e9:14:
         88:f4:eb:cf:6e:5e:23:b0:a5:3b:42:9f:1d:1c:e3:d1:c5:69:
         7a:c1:33:40:c7:91:0c:38:f2:8e:42:75:14:36:2b:85:a3:a5:
         76:10:d5:d8:a3:94:f1:33:70:31:4f:d0:8c:47:ab:60:2a:18:
         c7:45:99:02:34:e2:44:13:fe:37:bf:88:0f:28:1d:57:52:b6:
         93:7f:30:b3:bb:3f:04:eb:03:8c:19:3f:cd:d1:1f:82:08:e0:
         91:c2:27:2a:05:10:7a:40:79:87:dd:8a:79:88:bf:3a:0a:7a:
         1f:5a:d1:4f:03:22:4d:f9:1f:5a:47:c5:2f:6e:09:51:05:8e:
         f0:57:f7:da
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgIUKIBMI+rw9bHDJ/7TpLxLt4Fxi4QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjhGOUY5RkJERjQ4OUU4NkEyQ0I5MjlBNDdFOEJDMEFC
QzJBMUIxQzAeFw0yNTA5MTcxNDMxMDhaFw0yNjA5MTYxNDM2MDhaMDMxMTAvBgNV
BAMTKDc2RTMyNEQ2OTVFMEI5RjM5RDY0NkRCQjIzQTIyN0E3QTY1QzZEMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCqnTHu9DVpjHlBarIZavvNZvvv
YcFz+0g7QhagXW5E5ol/Pl4gEEd2VG51yvJBqz3J+70Zv4aLig/3iTTTSmkyTBUq
w+bhXUEoUxQ8TA0xhQXAdNAxxKpo9I+waItfKErOTWGHzPo+kDfz2fAqO0+VMiXi
nLMXk/hBqKa3Xsw3OfvAgJTe4Tb3DEAXNabxmYjKV6zhGvP2X7r/yxxXDVcu7HZ4
gXFNszM3JGwSZiK8BHHE+mq9Z2iG+jLOs08bOqOKzyX9KTA9PaTU+4CFEmPKjCc5
O3dGBzqpEh9WKkRav4ypLOf3zD/YBn7WUGsNEd345EHTfuqYhvuXuS/QPXKtAgMB
AAGjggJbMIICVzAdBgNVHQ4EFgQUduMk1pXgufOdZG27I6Inp6ZcbTYwHwYDVR0j
BBgwFoAUKPn5+99Inoaiy5KaR+i8CrwqGxwwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vSHJOVHdLVmRlblRSSzdkWFZQY0MzMVNwUnJUSFF5aXdFdnlYaFFVQll0
aTkvMC8yOEY5RjlGQkRGNDg5RTg2QTJDQjkyOUE0N0U4QkMwQUJDMkExQjFDLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzI4RjlGOUZCREY0ODlFODZB
MkNCOTI5QTQ3RThCQzBBQkMyQTFCMUMuY2VyMIG2BggrBgEFBQcBCwSBqTCBpjCB
owYIKwYBBQUHMAuGgZZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0hyTlR3S1ZkZW5UUks3ZFhWUGNDMzFTcFJyVEhReWl3RXZ5WGhRVUJZdGk5LzAv
MzIzODMwMzQzYTM0NjY2NTMwM2EzODMwMzAzMDNhM2EyZjMzMzMyZDMzMzMyMDNk
M2UyMDMyMzYzODMzMzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBygET+CAMA0GCSqGSIb3DQEBCwUA
A4IBAQAQc9L+gyPNPdTskuwwvdYUozzPod7/KBpThLwIkZZ44ftQuK//nfDaOJZJ
aFi3aEUTEYk/Hpgfzjtu68wQKdmdSIqJS0STAux4UfIV7I7o8btaRlvzwxXCrs3z
IRV30oQ8ac6s0xq+mPlNJZCHTJLWEATy6ONnF+HFMWmP6RSI9OvPbl4jsKU7Qp8d
HOPRxWl6wTNAx5EMOPKOQnUUNiuFo6V2ENXYo5TxM3AxT9CMR6tgKhjHRZkCNOJE
E/43v4gPKB1XUraTfzCzuz8E6wOMGT/N0R+CCOCRwicqBRB6QHmH3Yp5iL86Cnof
WtFPAyJN+R9aR8UvbglRBY7wV/fa
-----END CERTIFICATE-----
Generated at Tue Oct 21 04:53:32 2025 by rpki-client