Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/9rAytqZH1tiETWamj8Y81VMnR9CUpyWs7SZ5sFZwgSkM/1/3137302e37382e32392e302f32342d3234203d3e203532353837.roa
File:                     3137302e37382e32392e302f32342d3234203d3e203532353837.roa (raw, json)
Hash identifier:          ZVRpjy5LyDeaPoHH9Yq0IsvVayvZvPCcq+8GiojQ0YU=
Subject key identifier:   79:F1:3B:B1:1A:38:C7:2F:B9:CA:26:68:3F:93:AE:E0:41:5F:E6:36
Certificate issuer:       /CN=0CF3DADBF6F41DDBFB22107D682BAB4859EBEF96
Certificate serial:       14225F404A7138D5CD0BCD350F070C7AEB1E02A8
Authority key identifier: 0C:F3:DA:DB:F6:F4:1D:DB:FB:22:10:7D:68:2B:AB:48:59:EB:EF:96
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0CF3DADBF6F41DDBFB22107D682BAB4859EBEF96.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/9rAytqZH1tiETWamj8Y81VMnR9CUpyWs7SZ5sFZwgSkM/1/3137302e37382e32392e302f32342d3234203d3e203532353837.roa
Signing time:             Fri 13 Jun 2025 02:25:56 +0000
ROA not before:           Fri 13 Jun 2025 02:20:56 +0000
ROA not after:            Fri 12 Jun 2026 02:25:56 +0000
asID:                     52587
IP address blocks:        170.78.29.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/9rAytqZH1tiETWamj8Y81VMnR9CUpyWs7SZ5sFZwgSkM/1/0CF3DADBF6F41DDBFB22107D682BAB4859EBEF96.crl
                          rsync://rpki-repo.registro.br/repo/9rAytqZH1tiETWamj8Y81VMnR9CUpyWs7SZ5sFZwgSkM/1/0CF3DADBF6F41DDBFB22107D682BAB4859EBEF96.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0CF3DADBF6F41DDBFB22107D682BAB4859EBEF96.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 14 Jun 2025 03:07:57 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:22:5f:40:4a:71:38:d5:cd:0b:cd:35:0f:07:0c:7a:eb:1e:02:a8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0CF3DADBF6F41DDBFB22107D682BAB4859EBEF96
        Validity
            Not Before: Jun 13 02:20:56 2025 GMT
            Not After : Jun 12 02:25:56 2026 GMT
        Subject: CN=79F13BB11A38C72FB9CA26683F93AEE0415FE636
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:96:4c:ed:b6:58:87:ff:b9:db:62:6f:52:22:10:
                    6a:a1:2c:28:8a:d1:f2:33:a7:f6:da:98:92:1a:34:
                    aa:de:7a:a1:7c:aa:e0:22:42:8d:58:fd:e3:ff:42:
                    a1:ff:cf:49:1b:56:cd:d0:8c:84:de:7f:5e:15:f3:
                    28:b8:2f:79:57:50:20:6f:2e:ab:95:f3:a9:d8:a5:
                    4a:e2:86:6d:7f:34:37:f6:e7:73:ab:b2:a8:04:1d:
                    70:0c:e5:02:65:96:a6:50:40:7f:ac:97:42:3f:f7:
                    89:4e:75:6d:e3:58:c0:2b:aa:7e:0f:ee:14:07:30:
                    91:60:cf:b0:bb:d8:71:ff:a8:73:b0:5f:80:c3:84:
                    30:31:3d:a9:6f:e6:9f:ba:d8:18:23:8a:2c:0a:55:
                    e8:ca:59:e3:37:d8:0f:74:d7:0b:b1:d2:c1:b9:fb:
                    0b:de:19:d0:ab:3a:c7:10:6b:c8:a5:66:88:d9:c9:
                    3a:38:07:9b:ba:d1:43:a0:81:af:84:89:0f:a7:c3:
                    19:a9:d2:de:3a:d9:ce:1c:55:2b:79:de:20:0a:1f:
                    9a:70:29:5c:51:58:83:51:a2:d8:20:c6:a6:0c:d5:
                    34:4b:11:d7:4a:01:31:5b:4f:26:ed:f5:97:46:fe:
                    35:10:c0:05:14:51:5a:58:50:6e:72:0d:47:5b:1d:
                    95:f9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:F1:3B:B1:1A:38:C7:2F:B9:CA:26:68:3F:93:AE:E0:41:5F:E6:36
            X509v3 Authority Key Identifier:
                keyid:0C:F3:DA:DB:F6:F4:1D:DB:FB:22:10:7D:68:2B:AB:48:59:EB:EF:96

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/9rAytqZH1tiETWamj8Y81VMnR9CUpyWs7SZ5sFZwgSkM/1/0CF3DADBF6F41DDBFB22107D682BAB4859EBEF96.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0CF3DADBF6F41DDBFB22107D682BAB4859EBEF96.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/9rAytqZH1tiETWamj8Y81VMnR9CUpyWs7SZ5sFZwgSkM/1/3137302e37382e32392e302f32342d3234203d3e203532353837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.78.29.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9d:fe:36:e8:73:61:16:19:04:27:a6:07:14:c1:b8:38:60:be:
         bc:a2:1d:cd:f8:72:09:7f:7c:d5:c5:31:c5:ab:16:f2:1a:a6:
         77:4e:69:a0:97:5a:fe:63:54:6a:5e:f9:3b:c8:38:df:b8:70:
         1b:20:f5:01:de:4f:6d:b1:3a:60:60:38:3b:79:03:56:97:b0:
         c8:d7:5d:c5:c1:53:50:2e:0d:0a:f4:78:fd:3b:0f:be:f6:d9:
         aa:60:7a:12:69:b0:74:a9:a9:83:89:52:de:41:6d:3c:5c:6c:
         5d:39:15:7a:0d:48:35:41:21:dc:43:5d:12:a3:0d:f8:8d:e7:
         1e:04:bd:66:3a:09:67:92:ce:88:81:ba:e5:39:55:e3:dc:76:
         bc:89:31:10:57:4f:15:9c:2a:a6:9e:13:fc:2c:51:38:13:ec:
         e6:93:21:bc:0a:63:44:c7:2f:ae:8d:4f:09:1e:39:dd:05:68:
         ce:d5:99:31:56:56:55:a1:67:3c:63:84:b9:2e:19:8e:f4:4c:
         7b:cb:92:d6:a7:ba:de:0e:3a:ec:48:41:0e:53:3b:ef:44:ff:
         17:29:90:c9:28:b5:0f:27:3f:a0:be:62:83:22:96:75:b4:d2:
         3e:0e:92:8e:2b:eb:cf:f0:67:37:6c:f8:c6:7d:33:1f:1d:b7:
         5b:83:a1:39
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUFCJfQEpxONXNC801DwcMeuseAqgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMENGM0RBREJGNkY0MUREQkZCMjIxMDdENjgyQkFCNDg1
OUVCRUY5NjAeFw0yNTA2MTMwMjIwNTZaFw0yNjA2MTIwMjI1NTZaMDMxMTAvBgNV
BAMTKDc5RjEzQkIxMUEzOEM3MkZCOUNBMjY2ODNGOTNBRUUwNDE1RkU2MzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWTO22WIf/udtib1IiEGqhLCiK
0fIzp/bamJIaNKreeqF8quAiQo1Y/eP/QqH/z0kbVs3QjITef14V8yi4L3lXUCBv
LquV86nYpUrihm1/NDf253OrsqgEHXAM5QJllqZQQH+sl0I/94lOdW3jWMArqn4P
7hQHMJFgz7C72HH/qHOwX4DDhDAxPalv5p+62BgjiiwKVejKWeM32A901wux0sG5
+wveGdCrOscQa8ilZojZyTo4B5u60UOgga+EiQ+nwxmp0t462c4cVSt53iAKH5pw
KVxRWINRotggxqYM1TRLEddKATFbTybt9ZdG/jUQwAUUUVpYUG5yDUdbHZX5AgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUefE7sRo4xy+5yiZoP5Ou4EFf5jYwHwYDVR0j
BBgwFoAUDPPa2/b0Hdv7IhB9aCurSFnr75YwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vOXJBeXRxWkgxdGlFVFdhbWo4WTgxVk1uUjlDVXB5V3M3U1o1c0Zad2dT
a00vMS8wQ0YzREFEQkY2RjQxRERCRkIyMjEwN0Q2ODJCQUI0ODU5RUJFRjk2LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzBDRjNEQURCRjZGNDFEREJG
QjIyMTA3RDY4MkJBQjQ4NTlFQkVGOTYuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzlyQXl0cVpIMXRpRVRXYW1qOFk4MVZNblI5Q1VweVdzN1NaNXNGWndnU2tNLzEv
MzEzNzMwMmUzNzM4MmUzMjM5MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzUzMjM1
MzgzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB
/wQQMA4wDAQCAAEwBgMEAKpOHTANBgkqhkiG9w0BAQsFAAOCAQEAnf426HNhFhkE
J6YHFMG4OGC+vKIdzfhyCX981cUxxasW8hqmd05poJda/mNUal75O8g437hwGyD1
Ad5PbbE6YGA4O3kDVpewyNddxcFTUC4NCvR4/TsPvvbZqmB6EmmwdKmpg4lS3kFt
PFxsXTkVeg1INUEh3ENdEqMN+I3nHgS9ZjoJZ5LOiIG65TlV49x2vIkxEFdPFZwq
pp4T/CxROBPs5pMhvApjRMcvro1PCR453QVoztWZMVZWVaFnPGOEuS4ZjvRMe8uS
1qe63g467EhBDlM770T/FymQySi1Dyc/oL5igyKWdbTSPg6Sjivrz/BnN2z4xn0z
Hx23W4OhOQ==
-----END CERTIFICATE-----
Generated at Fri Jun 13 13:53:46 2025 by rpki-client