Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/8GXch2noBdkGkjhNM9mugRsgakpK9DptHfQjcH6FWWcm/0/323830343a326566303a3a2f33322d313238203d3e20323634383632.roa
File:                     323830343a326566303a3a2f33322d313238203d3e20323634383632.roa (raw, json)
Hash identifier:          /yzgAnYbMJWj28/xRizqx8a9n9Vu4jaezShDbudLLKI=
Subject key identifier:   3A:3F:5C:E0:45:3C:3A:C6:7A:2B:FC:8A:12:51:A3:A0:2E:51:06:8E
Certificate issuer:       /CN=8E52C3EE0E4E1482F1ECB7069F3B7A344EA0DDB2
Certificate serial:       30035BA393C51D274DD103AB2F9540C779EBA1D9
Authority key identifier: 8E:52:C3:EE:0E:4E:14:82:F1:EC:B7:06:9F:3B:7A:34:4E:A0:DD:B2
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8E52C3EE0E4E1482F1ECB7069F3B7A344EA0DDB2.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/8GXch2noBdkGkjhNM9mugRsgakpK9DptHfQjcH6FWWcm/0/323830343a326566303a3a2f33322d313238203d3e20323634383632.roa
Signing time:             Fri 25 Apr 2025 18:57:27 +0000
ROA not before:           Fri 25 Apr 2025 18:52:27 +0000
ROA not after:            Fri 24 Apr 2026 18:57:27 +0000
asID:                     264862
IP address blocks:        2804:2ef0::/32 maxlen: 128

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/8GXch2noBdkGkjhNM9mugRsgakpK9DptHfQjcH6FWWcm/0/8E52C3EE0E4E1482F1ECB7069F3B7A344EA0DDB2.crl
                          rsync://rpki-repo.registro.br/repo/8GXch2noBdkGkjhNM9mugRsgakpK9DptHfQjcH6FWWcm/0/8E52C3EE0E4E1482F1ECB7069F3B7A344EA0DDB2.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8E52C3EE0E4E1482F1ECB7069F3B7A344EA0DDB2.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Tue 29 Apr 2025 20:09:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:03:5b:a3:93:c5:1d:27:4d:d1:03:ab:2f:95:40:c7:79:eb:a1:d9
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8E52C3EE0E4E1482F1ECB7069F3B7A344EA0DDB2
        Validity
            Not Before: Apr 25 18:52:27 2025 GMT
            Not After : Apr 24 18:57:27 2026 GMT
        Subject: CN=3A3F5CE0453C3AC67A2BFC8A1251A3A02E51068E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:9d:20:77:06:e8:a0:d5:23:a9:7b:14:5a:75:
                    4d:c4:17:4e:f2:fe:77:55:4f:ec:28:e9:e2:55:28:
                    97:5a:81:37:ea:cc:f3:9f:fa:65:82:8c:85:9a:d2:
                    69:7b:58:7e:42:c5:85:17:f4:83:02:70:2a:89:26:
                    cc:d7:51:f9:b2:36:87:c2:79:4b:a9:b7:ca:54:31:
                    57:67:88:55:16:79:63:af:7b:a1:b8:8e:99:36:2b:
                    45:92:c0:f0:2f:45:84:a3:a0:ec:e2:b7:e6:58:f6:
                    a7:6a:f1:81:f2:72:4d:2f:7a:77:16:44:fd:7d:d3:
                    40:2a:51:84:d7:e2:59:cc:a6:9f:ac:81:73:63:88:
                    d6:3b:70:e8:2a:be:78:39:b9:b6:3f:6d:95:35:c6:
                    d4:dd:56:f6:e7:5e:0d:a8:b5:f0:9f:50:33:41:32:
                    29:0b:c6:1f:ce:6e:e4:8c:48:a2:44:9b:7b:bb:5a:
                    1e:1c:f9:fa:16:79:2d:ce:fb:dc:9d:2a:01:f3:88:
                    ce:3a:0a:2b:7f:d2:11:64:27:26:b8:1f:95:fc:93:
                    74:e0:92:e6:20:ca:fe:e2:b4:ef:a6:2b:91:5f:8f:
                    64:3d:00:38:9e:d9:00:86:76:4b:d8:70:a6:92:c9:
                    cb:3b:7a:d9:98:40:98:97:df:9f:7b:55:b7:8a:1f:
                    09:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3A:3F:5C:E0:45:3C:3A:C6:7A:2B:FC:8A:12:51:A3:A0:2E:51:06:8E
            X509v3 Authority Key Identifier:
                keyid:8E:52:C3:EE:0E:4E:14:82:F1:EC:B7:06:9F:3B:7A:34:4E:A0:DD:B2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/8GXch2noBdkGkjhNM9mugRsgakpK9DptHfQjcH6FWWcm/0/8E52C3EE0E4E1482F1ECB7069F3B7A344EA0DDB2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8E52C3EE0E4E1482F1ECB7069F3B7A344EA0DDB2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/8GXch2noBdkGkjhNM9mugRsgakpK9DptHfQjcH6FWWcm/0/323830343a326566303a3a2f33322d313238203d3e20323634383632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:2ef0::/32

    Signature Algorithm: sha256WithRSAEncryption
         12:f8:8c:b7:5b:9f:88:7c:e6:c5:ce:37:79:89:ac:98:f2:ea:
         50:04:52:69:9d:9c:95:be:38:e3:bc:3a:f1:54:71:dd:68:29:
         c8:20:a7:ce:31:8b:6e:16:58:ca:ee:0c:6f:25:93:4c:50:78:
         e2:fa:47:6b:f8:48:f6:ee:7f:cd:df:ea:00:f5:ce:af:05:ee:
         e9:30:25:34:e5:47:eb:6d:01:bf:c2:6e:19:8b:3a:20:da:e2:
         1a:7c:bd:a8:f6:dd:26:7a:20:cc:0f:b3:0a:29:ed:92:2c:e5:
         ef:46:05:50:31:a0:d5:01:f4:48:e4:12:c5:da:c2:0a:ec:9e:
         48:06:a8:52:0a:0e:09:a6:0b:1e:62:9a:6b:18:2b:46:31:6b:
         b9:9c:0b:c7:34:1f:31:f7:74:95:db:74:e7:97:31:da:50:39:
         07:a5:4d:80:30:24:b6:82:f1:1a:d1:60:48:8e:f3:20:0d:15:
         31:3e:f0:30:58:b9:47:48:3b:6a:d0:77:77:4f:3d:02:85:56:
         6c:b1:02:8e:3a:5d:01:49:0b:cb:89:bb:0b:99:a6:b5:7c:ae:
         9e:32:80:b8:25:5f:74:5a:e3:b8:1f:62:56:4a:b9:9d:ab:e7:
         78:48:8a:37:51:eb:ed:e7:1f:da:71:b9:0e:0e:37:1f:56:89:
         23:bb:fa:9f
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIUMANbo5PFHSdN0QOrL5VAx3nrodkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEU1MkMzRUUwRTRFMTQ4MkYxRUNCNzA2OUYzQjdBMzQ0
RUEwRERCMjAeFw0yNTA0MjUxODUyMjdaFw0yNjA0MjQxODU3MjdaMDMxMTAvBgNV
BAMTKDNBM0Y1Q0UwNDUzQzNBQzY3QTJCRkM4QTEyNTFBM0EwMkU1MTA2OEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1nSB3Buig1SOpexRadU3EF07y
/ndVT+wo6eJVKJdagTfqzPOf+mWCjIWa0ml7WH5CxYUX9IMCcCqJJszXUfmyNofC
eUupt8pUMVdniFUWeWOve6G4jpk2K0WSwPAvRYSjoOzit+ZY9qdq8YHyck0vencW
RP1900AqUYTX4lnMpp+sgXNjiNY7cOgqvng5ubY/bZU1xtTdVvbnXg2otfCfUDNB
MikLxh/ObuSMSKJEm3u7Wh4c+foWeS3O+9ydKgHziM46Cit/0hFkJya4H5X8k3Tg
kuYgyv7itO+mK5Ffj2Q9ADie2QCGdkvYcKaSycs7etmYQJiX3597VbeKHwkHAgMB
AAGjggJSMIICTjAdBgNVHQ4EFgQUOj9c4EU8OsZ6K/yKElGjoC5RBo4wHwYDVR0j
BBgwFoAUjlLD7g5OFILx7LcGnzt6NE6g3bIwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOEdYY2gybm9CZGtHa2poTk05bXVnUnNnYWtwSzlEcHRIZlFqY0g2RldX
Y20vMC84RTUyQzNFRTBFNEUxNDgyRjFFQ0I3MDY5RjNCN0EzNDRFQTBEREIyLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzhFNTJDM0VFMEU0RTE0ODJG
MUVDQjcwNjlGM0I3QTM0NEVBMEREQjIuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzhHWGNoMm5vQmRrR2tqaE5NOW11Z1JzZ2FrcEs5RHB0SGZRamNINkZXV2NtLzAv
MzIzODMwMzQzYTMyNjU2NjMwM2EzYTJmMzMzMjJkMzEzMjM4MjAzZDNlMjAzMjM2
MzQzODM2MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIAYIKwYBBQUH
AQcBAf8EETAPMA0EAgACMAcDBQAoBC7wMA0GCSqGSIb3DQEBCwUAA4IBAQAS+Iy3
W5+IfObFzjd5iayY8upQBFJpnZyVvjjjvDrxVHHdaCnIIKfOMYtuFljK7gxvJZNM
UHji+kdr+Ej27n/N3+oA9c6vBe7pMCU05UfrbQG/wm4Zizog2uIafL2o9t0meiDM
D7MKKe2SLOXvRgVQMaDVAfRI5BLF2sIK7J5IBqhSCg4JpgseYpprGCtGMWu5nAvH
NB8x93SV23TnlzHaUDkHpU2AMCS2gvEa0WBIjvMgDRUxPvAwWLlHSDtq0Hd3Tz0C
hVZssQKOOl0BSQvLibsLmaa1fK6eMoC4JV90WuO4H2JWSrmdq+d4SIo3Uevt5x/a
cbkODjcfVokju/qf
-----END CERTIFICATE-----
Generated at Mon Apr 28 20:06:40 2025 by rpki-client on console.sobornost.net