Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/A9ztewJdFB2uZCHYipgn8bZtF6E7cCZ8Du1sxCthF2pp/1/3134332e3235352e39392e302f32342d3234203d3e203532393737.roa
File:                     3134332e3235352e39392e302f32342d3234203d3e203532393737.roa (raw, json)
Hash identifier:          cgS04xC5NmrqzIDilk5u9lX/ygH+lvBNdEPEmE/dYdU=
Subject key identifier:   04:76:02:2D:6C:94:A0:84:11:8E:0B:CA:2B:40:39:9C:93:CE:6B:1C
Certificate issuer:       /CN=9CBC4DC7500C24EB7BE5D1B3235A7CF0EE7CC50E
Certificate serial:       0FCF88F9600E06725EFC106EE4B0AFC74D63F1C6
Authority key identifier: 9C:BC:4D:C7:50:0C:24:EB:7B:E5:D1:B3:23:5A:7C:F0:EE:7C:C5:0E
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/9CBC4DC7500C24EB7BE5D1B3235A7CF0EE7CC50E.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/A9ztewJdFB2uZCHYipgn8bZtF6E7cCZ8Du1sxCthF2pp/1/3134332e3235352e39392e302f32342d3234203d3e203532393737.roa
Signing time:             Wed 03 Apr 2024 18:30:52 +0000
ROA not before:           Wed 03 Apr 2024 18:25:52 +0000
ROA not after:            Wed 02 Apr 2025 18:30:52 +0000
asID:                     52977
IP address blocks:        143.255.99.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rpki-repo.registro.br/repo/A9ztewJdFB2uZCHYipgn8bZtF6E7cCZ8Du1sxCthF2pp/1/9CBC4DC7500C24EB7BE5D1B3235A7CF0EE7CC50E.crl
                          rsync://rpki-repo.registro.br/repo/A9ztewJdFB2uZCHYipgn8bZtF6E7cCZ8Du1sxCthF2pp/1/9CBC4DC7500C24EB7BE5D1B3235A7CF0EE7CC50E.mft
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/9CBC4DC7500C24EB7BE5D1B3235A7CF0EE7CC50E.cer
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.crl
                          rsync://rpki-repo.registro.br/repo/nicbr_repo/1/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.mft
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/605432E9E1B05A7E6C208B2946FDC9C967CA8A4B.cer
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.crl
                          rsync://repository.lacnic.net/rpki/lacnic/A1531B24BF50C461C7F574CD65267A8B0DC325DAAA10075F67165B98C4F4EFC3/0/05BAF2939E37DDDE1793A803162A35594ACBB405.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/05BAF2939E37DDDE1793A803162A35594ACBB405.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sat 23 Nov 2024 19:40:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:cf:88:f9:60:0e:06:72:5e:fc:10:6e:e4:b0:af:c7:4d:63:f1:c6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9CBC4DC7500C24EB7BE5D1B3235A7CF0EE7CC50E
        Validity
            Not Before: Apr  3 18:25:52 2024 GMT
            Not After : Apr  2 18:30:52 2025 GMT
        Subject: CN=0476022D6C94A084118E0BCA2B40399C93CE6B1C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:ec:2a:f9:9e:b6:01:3e:b8:c3:43:21:24:2e:
                    d5:9a:a0:4c:09:fd:fc:c9:ef:05:00:ed:12:c2:86:
                    cc:f2:3d:cf:eb:6b:01:95:e8:17:e7:55:8f:36:49:
                    90:f6:4b:80:a7:4b:d5:6e:1a:bc:ba:e6:9f:fd:e8:
                    ac:c7:bd:47:80:d5:25:31:32:9d:05:72:c3:25:e1:
                    e7:69:ad:45:fa:79:f1:cb:33:dd:26:f5:95:3d:56:
                    1e:bf:08:45:e9:18:e2:45:1a:c6:ea:92:2c:ec:1b:
                    0f:0d:31:18:fc:9b:f0:29:41:92:95:42:aa:8d:6a:
                    82:fe:8f:93:e0:f1:b7:74:1e:5d:33:62:d0:a7:fb:
                    4b:e5:ec:5b:dd:18:2b:b1:89:78:d4:e0:1c:c4:2e:
                    65:7d:55:c3:9c:09:a1:67:43:07:63:e9:2f:b0:a8:
                    c7:a6:66:7c:48:c3:2b:e6:ae:fc:07:a9:6c:91:50:
                    74:1f:64:0b:4d:d9:cf:55:b0:d9:48:d5:be:4d:ab:
                    91:cf:9d:fa:45:02:82:f7:99:b7:e6:e0:09:c5:ac:
                    d8:a8:7a:8c:fa:57:85:a2:1a:68:29:3c:70:81:6b:
                    55:f4:b8:a3:2d:b6:19:c3:39:91:7c:f8:26:1a:fb:
                    a0:b8:38:c5:a8:8d:97:aa:84:06:6d:fe:da:21:6b:
                    10:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:76:02:2D:6C:94:A0:84:11:8E:0B:CA:2B:40:39:9C:93:CE:6B:1C
            X509v3 Authority Key Identifier:
                keyid:9C:BC:4D:C7:50:0C:24:EB:7B:E5:D1:B3:23:5A:7C:F0:EE:7C:C5:0E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/A9ztewJdFB2uZCHYipgn8bZtF6E7cCZ8Du1sxCthF2pp/1/9CBC4DC7500C24EB7BE5D1B3235A7CF0EE7CC50E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/9CBC4DC7500C24EB7BE5D1B3235A7CF0EE7CC50E.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/A9ztewJdFB2uZCHYipgn8bZtF6E7cCZ8Du1sxCthF2pp/1/3134332e3235352e39392e302f32342d3234203d3e203532393737.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  143.255.99.0/24

    Signature Algorithm: sha256WithRSAEncryption
         14:9d:75:3a:af:2d:1a:96:db:94:74:5c:8e:57:40:14:a9:e1:
         d5:9c:eb:96:27:26:05:57:d9:98:54:83:43:bf:ff:e1:f3:af:
         9c:fd:be:74:28:9a:f0:5a:67:87:2b:3a:72:f6:4d:5f:d9:6c:
         7b:b0:9f:82:53:cd:ee:11:6d:d5:83:80:b2:ff:d1:d1:cc:6d:
         52:6b:1a:34:d1:50:5f:8d:36:ab:ff:f2:d7:57:82:c9:4e:c8:
         b8:3e:e7:f6:02:a2:82:26:a6:fe:7c:15:23:bd:25:89:4c:39:
         a9:e3:08:ac:31:b3:3c:3a:13:ba:31:ee:00:7e:c4:a0:73:ad:
         31:45:f4:61:12:11:de:be:53:9e:0e:6c:56:22:5a:e5:37:ed:
         f1:55:03:33:43:b8:20:34:df:cc:d9:8f:c2:11:0d:37:29:ea:
         31:6e:81:5b:d7:35:58:1e:78:5f:86:df:f1:ee:51:b8:2a:da:
         04:4a:cc:31:c2:12:c7:53:c3:66:f6:a1:db:d1:9e:cb:68:9c:
         b9:27:62:26:6d:ce:70:32:04:e5:09:4f:28:d0:33:1e:12:a7:
         c4:51:be:01:d7:6f:6f:fb:16:02:4e:83:2b:17:8b:2c:47:db:
         4a:89:35:37:9d:39:93:82:4d:31:a1:eb:f5:00:1e:d4:9f:8e:
         3f:b1:58:21
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUD8+I+WAOBnJe/BBu5LCvx01j8cYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUNCQzREQzc1MDBDMjRFQjdCRTVEMUIzMjM1QTdDRjBF
RTdDQzUwRTAeFw0yNDA0MDMxODI1NTJaFw0yNTA0MDIxODMwNTJaMDMxMTAvBgNV
BAMTKDA0NzYwMjJENkM5NEEwODQxMThFMEJDQTJCNDAzOTlDOTNDRTZCMUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ7Cr5nrYBPrjDQyEkLtWaoEwJ
/fzJ7wUA7RLChszyPc/rawGV6BfnVY82SZD2S4CnS9VuGry65p/96KzHvUeA1SUx
Mp0FcsMl4edprUX6efHLM90m9ZU9Vh6/CEXpGOJFGsbqkizsGw8NMRj8m/ApQZKV
QqqNaoL+j5Pg8bd0Hl0zYtCn+0vl7FvdGCuxiXjU4BzELmV9VcOcCaFnQwdj6S+w
qMemZnxIwyvmrvwHqWyRUHQfZAtN2c9VsNlI1b5Nq5HPnfpFAoL3mbfm4AnFrNio
eoz6V4WiGmgpPHCBa1X0uKMtthnDOZF8+CYa+6C4OMWojZeqhAZt/tohaxAdAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUBHYCLWyUoIQRjgvKK0A5nJPOaxwwHwYDVR0j
BBgwFoAUnLxNx1AMJOt75dGzI1p88O58xQ4wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQTl6dGV3SmRGQjJ1WkNIWWlwZ244Ylp0RjZFN2NDWjhEdTFzeEN0aEYy
cHAvMS85Q0JDNERDNzUwMEMyNEVCN0JFNUQxQjMyMzVBN0NGMEVFN0NDNTBFLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzlDQkM0REM3NTAwQzI0RUI3
QkU1RDFCMzIzNUE3Q0YwRUU3Q0M1MEUuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0E5enRld0pkRkIydVpDSFlpcGduOGJadEY2RTdjQ1o4RHUxc3hDdGhGMnBwLzEv
MzEzNDMzMmUzMjM1MzUyZTM5MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMy
MzkzNzM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAj/9jMA0GCSqGSIb3DQEBCwUAA4IBAQAUnXU6ry0a
ltuUdFyOV0AUqeHVnOuWJyYFV9mYVINDv//h86+c/b50KJrwWmeHKzpy9k1f2Wx7
sJ+CU83uEW3Vg4Cy/9HRzG1Saxo00VBfjTar//LXV4LJTsi4Puf2AqKCJqb+fBUj
vSWJTDmp4wisMbM8OhO6Me4AfsSgc60xRfRhEhHevlOeDmxWIlrlN+3xVQMzQ7gg
NN/M2Y/CEQ03KeoxboFb1zVYHnhfht/x7lG4KtoESswxwhLHU8Nm9qHb0Z7LaJy5
J2Imbc5wMgTlCU8o0DMeEqfEUb4B129v+xYCToMrF4ssR9tKiTU3nTmTgk0xoev1
AB7Un44/sVgh
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:44:20 2024 by rpki-client on console-ams.rpki-client.org