Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/6YXL3wyjuwrtfsF3r8reLFQ5KnbeAyGhkuK5ghKJiCQd/0/323830343a353863383a3a2f33322d3332203d3e20323638313439.roa
File:                     323830343a353863383a3a2f33322d3332203d3e20323638313439.roa (raw, json)
Hash identifier:          0z9RmzHDw3yhYPjrkztfSyTwT/lM0PFySzmQIey2Oz4=
Subject key identifier:   98:3C:E9:D0:AA:6B:8C:4C:37:83:AF:F3:46:84:1B:2C:9E:62:0B:7E
Certificate issuer:       /CN=62629DD122858DB38443A4A56BD5A3075CCFACA6
Certificate serial:       67090F30A631E13BBC804D5FDCD4C53583F950F4
Authority key identifier: 62:62:9D:D1:22:85:8D:B3:84:43:A4:A5:6B:D5:A3:07:5C:CF:AC:A6
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/62629DD122858DB38443A4A56BD5A3075CCFACA6.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/6YXL3wyjuwrtfsF3r8reLFQ5KnbeAyGhkuK5ghKJiCQd/0/323830343a353863383a3a2f33322d3332203d3e20323638313439.roa
Signing time:             Wed 02 Apr 2025 00:13:23 +0000
ROA not before:           Wed 02 Apr 2025 00:08:23 +0000
ROA not after:            Wed 01 Apr 2026 00:13:23 +0000
asID:                     268149
IP address blocks:        2804:58c8::/32 maxlen: 32

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/6YXL3wyjuwrtfsF3r8reLFQ5KnbeAyGhkuK5ghKJiCQd/0/62629DD122858DB38443A4A56BD5A3075CCFACA6.crl
                          rsync://rpki-repo.registro.br/repo/6YXL3wyjuwrtfsF3r8reLFQ5KnbeAyGhkuK5ghKJiCQd/0/62629DD122858DB38443A4A56BD5A3075CCFACA6.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/62629DD122858DB38443A4A56BD5A3075CCFACA6.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 29 Apr 2025 02:53:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            67:09:0f:30:a6:31:e1:3b:bc:80:4d:5f:dc:d4:c5:35:83:f9:50:f4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=62629DD122858DB38443A4A56BD5A3075CCFACA6
        Validity
            Not Before: Apr  2 00:08:23 2025 GMT
            Not After : Apr  1 00:13:23 2026 GMT
        Subject: CN=983CE9D0AA6B8C4C3783AFF346841B2C9E620B7E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:5d:02:f3:2a:08:67:e7:c1:34:b0:79:50:14:
                    b0:d3:03:1f:ed:d2:15:29:78:38:c4:b0:7c:6c:1b:
                    6c:d8:47:ec:cb:d3:b3:05:b6:51:21:4e:f1:be:da:
                    05:33:02:60:5d:f0:38:d6:f2:34:fb:6a:b4:c4:e9:
                    8d:41:6b:d0:1a:fa:7b:e4:2b:be:61:1a:20:bd:29:
                    7a:a8:a4:ae:fe:f6:c3:63:17:95:3a:ff:59:8c:89:
                    91:4d:77:6d:17:1d:42:7e:be:38:f0:ee:4e:6c:b9:
                    4f:6c:ca:41:30:ad:0c:38:1f:65:3f:b2:78:64:db:
                    c6:ea:67:fc:9e:cc:96:67:99:b7:1b:5e:60:61:87:
                    c5:fe:9d:4d:cb:5d:60:0a:41:3f:8e:0a:2f:6c:5c:
                    a2:23:8c:b9:43:49:70:24:1d:21:87:6b:4f:07:d9:
                    40:c0:da:d7:27:9a:8d:f5:87:eb:b3:9e:10:fe:e1:
                    07:9b:bd:90:46:cd:6a:dc:9d:45:26:60:ad:a8:86:
                    f9:7d:1f:3a:0a:d8:d7:ef:c7:75:95:7c:d2:e8:a5:
                    9f:09:43:20:2a:f2:0f:5f:36:70:27:36:a9:de:86:
                    df:0d:e8:e6:03:6e:78:fd:73:86:ff:fb:06:0f:23:
                    68:07:d1:e0:54:31:88:f0:e8:ae:33:e0:0b:e2:f2:
                    b7:69
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                98:3C:E9:D0:AA:6B:8C:4C:37:83:AF:F3:46:84:1B:2C:9E:62:0B:7E
            X509v3 Authority Key Identifier:
                keyid:62:62:9D:D1:22:85:8D:B3:84:43:A4:A5:6B:D5:A3:07:5C:CF:AC:A6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/6YXL3wyjuwrtfsF3r8reLFQ5KnbeAyGhkuK5ghKJiCQd/0/62629DD122858DB38443A4A56BD5A3075CCFACA6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/62629DD122858DB38443A4A56BD5A3075CCFACA6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/6YXL3wyjuwrtfsF3r8reLFQ5KnbeAyGhkuK5ghKJiCQd/0/323830343a353863383a3a2f33322d3332203d3e20323638313439.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:58c8::/32

    Signature Algorithm: sha256WithRSAEncryption
         86:a3:15:71:17:a8:41:c9:2d:69:42:05:39:be:4c:63:24:e1:
         29:9c:59:90:18:d3:f1:3b:1d:6b:50:92:6b:d8:85:1b:57:c1:
         9b:6f:53:7c:61:12:a9:a1:30:04:8a:0b:06:e8:31:09:8e:e7:
         76:d9:66:27:44:5c:42:28:fa:55:d4:3b:41:6f:5e:ec:08:d6:
         31:59:66:cb:36:20:8d:ed:5d:5d:19:32:ec:d2:14:32:0c:13:
         91:bf:b8:4f:37:b3:b2:80:ef:38:16:99:05:a8:58:e3:82:e7:
         f2:01:9a:0e:af:41:49:14:43:6b:23:61:14:2f:29:5c:d0:b4:
         cf:12:06:45:ed:54:07:ad:21:0f:bb:7b:6b:eb:50:4e:33:62:
         62:46:79:71:89:78:ce:db:3c:79:76:b5:0f:6c:76:f1:dd:de:
         3d:81:29:89:b1:43:99:c4:cd:2b:ac:48:c1:5a:eb:fb:ea:2c:
         3d:88:9e:92:df:6c:bd:d0:ad:44:9d:a2:8b:f8:a8:82:ef:da:
         70:72:b3:5e:da:fe:3f:d3:c5:87:f6:6a:03:8b:b4:8f:91:dc:
         89:2d:76:ec:c7:ca:b1:3f:96:a8:7f:e1:d6:56:b9:4d:55:be:
         8f:53:f3:e7:de:83:a7:ca:dd:13:c0:b0:09:dd:46:dd:f8:f4:
         02:be:da:96
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUZwkPMKYx4Tu8gE1f3NTFNYP5UPQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjI2MjlERDEyMjg1OERCMzg0NDNBNEE1NkJENUEzMDc1
Q0NGQUNBNjAeFw0yNTA0MDIwMDA4MjNaFw0yNjA0MDEwMDEzMjNaMDMxMTAvBgNV
BAMTKDk4M0NFOUQwQUE2QjhDNEMzNzgzQUZGMzQ2ODQxQjJDOUU2MjBCN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwXQLzKghn58E0sHlQFLDTAx/t
0hUpeDjEsHxsG2zYR+zL07MFtlEhTvG+2gUzAmBd8DjW8jT7arTE6Y1Ba9Aa+nvk
K75hGiC9KXqopK7+9sNjF5U6/1mMiZFNd20XHUJ+vjjw7k5suU9sykEwrQw4H2U/
snhk28bqZ/yezJZnmbcbXmBhh8X+nU3LXWAKQT+OCi9sXKIjjLlDSXAkHSGHa08H
2UDA2tcnmo31h+uznhD+4QebvZBGzWrcnUUmYK2ohvl9HzoK2Nfvx3WVfNLopZ8J
QyAq8g9fNnAnNqneht8N6OYDbnj9c4b/+wYPI2gH0eBUMYjw6K4z4Avi8rdpAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUmDzp0KprjEw3g6/zRoQbLJ5iC34wHwYDVR0j
BBgwFoAUYmKd0SKFjbOEQ6Sla9WjB1zPrKYwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNllYTDN3eWp1d3J0ZnNGM3I4cmVMRlE1S25iZUF5R2hrdUs1Z2hLSmlD
UWQvMC82MjYyOUREMTIyODU4REIzODQ0M0E0QTU2QkQ1QTMwNzVDQ0ZBQ0E2LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzYyNjI5REQxMjI4NThEQjM4
NDQzQTRBNTZCRDVBMzA3NUNDRkFDQTYuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzZZWEwzd3lqdXdydGZzRjNyOHJlTEZRNUtuYmVBeUdoa3VLNWdoS0ppQ1FkLzAv
MzIzODMwMzQzYTM1Mzg2MzM4M2EzYTJmMzMzMjJkMzMzMjIwM2QzZTIwMzIzNjM4
MzEzNDM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEH
AQH/BBEwDzANBAIAAjAHAwUAKARYyDANBgkqhkiG9w0BAQsFAAOCAQEAhqMVcReo
QcktaUIFOb5MYyThKZxZkBjT8Tsda1CSa9iFG1fBm29TfGESqaEwBIoLBugxCY7n
dtlmJ0RcQij6VdQ7QW9e7AjWMVlmyzYgje1dXRky7NIUMgwTkb+4TzezsoDvOBaZ
BahY44Ln8gGaDq9BSRRDayNhFC8pXNC0zxIGRe1UB60hD7t7a+tQTjNiYkZ5cYl4
zts8eXa1D2x28d3ePYEpibFDmcTNK6xIwVrr++osPYiekt9svdCtRJ2ii/iogu/a
cHKzXtr+P9PFh/ZqA4u0j5HciS127MfKsT+WqH/h1la5TVW+j1Pz596Dp8rdE8Cw
Cd1G3fj0Ar7alg==
-----END CERTIFICATE-----
Generated at Mon Apr 28 10:49:20 2025 by rpki-client on console.sobornost.net