Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/5Jd5fpkjeDmi1tz2qY1Bet6rHRiCfAWVQd64gr6MYK2m/0/3137372e32332e34312e302f32342d3234203d3e20323633303338.roa
File:                     3137372e32332e34312e302f32342d3234203d3e20323633303338.roa (raw, json)
Hash identifier:          4K0lsx3QsL+QNEirq/U24WjfyDQZWDaF+004iShU/jo=
Subject key identifier:   E7:D2:85:10:33:80:E4:C9:6E:E0:4B:90:13:65:94:72:E2:2D:94:D9
Certificate issuer:       /CN=D24F0FB8CCC9129B5EE6F1E7DF8184CC34C42C2A
Certificate serial:       747ABEEC4A85D70793672CE0F5EF231C330ADCB2
Authority key identifier: D2:4F:0F:B8:CC:C9:12:9B:5E:E6:F1:E7:DF:81:84:CC:34:C4:2C:2A
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/0/D24F0FB8CCC9129B5EE6F1E7DF8184CC34C42C2A.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/5Jd5fpkjeDmi1tz2qY1Bet6rHRiCfAWVQd64gr6MYK2m/0/3137372e32332e34312e302f32342d3234203d3e20323633303338.roa
Signing time:             Mon 26 Feb 2024 13:57:56 +0000
ROA not before:           Mon 26 Feb 2024 13:52:56 +0000
ROA not after:            Mon 24 Feb 2025 13:57:56 +0000
asID:                     263038
IP address blocks:        177.23.41.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:7a:be:ec:4a:85:d7:07:93:67:2c:e0:f5:ef:23:1c:33:0a:dc:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D24F0FB8CCC9129B5EE6F1E7DF8184CC34C42C2A
        Validity
            Not Before: Feb 26 13:52:56 2024 GMT
            Not After : Feb 24 13:57:56 2025 GMT
        Subject: CN=3082010A0282010100CB4A3460BCD9A152DAF527B3327115C20DF2BD10C2EA9B77C26FAC6FA22240E81179162081EA08454D7F6A0C58F049C8FA3B62C906C094D4E3AA1B079DBF4370ABFB39ECBA47E60ED82207F969BAA8BE82CA1BC12DB1AB65B3CBCCE6BAB049992D455ED3E8236B2183BEF74DD355BF6DCE59B55B235DD98FE2F8B3C2B7B7C8ED7C28B8064FEE7959DAF821628B047590EFC276960DD38BF0D0D8D50E17A04C6AAD0C06D9235F52E2AB6C9A5291E87E0C9BD6BDCCDC8A828DE7D0C446E4E3DFDB7CCE177320178EBB9311B30EF6838E638035C6206C78A8F93CEB88BE681EF100DF96158325FF3DA654468E4AD6001FC21372FBF8603C3F8D352E3805C052CF830203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:4a:34:60:bc:d9:a1:52:da:f5:27:b3:32:71:
                    15:c2:0d:f2:bd:10:c2:ea:9b:77:c2:6f:ac:6f:a2:
                    22:40:e8:11:79:16:20:81:ea:08:45:4d:7f:6a:0c:
                    58:f0:49:c8:fa:3b:62:c9:06:c0:94:d4:e3:aa:1b:
                    07:9d:bf:43:70:ab:fb:39:ec:ba:47:e6:0e:d8:22:
                    07:f9:69:ba:a8:be:82:ca:1b:c1:2d:b1:ab:65:b3:
                    cb:cc:e6:ba:b0:49:99:2d:45:5e:d3:e8:23:6b:21:
                    83:be:f7:4d:d3:55:bf:6d:ce:59:b5:5b:23:5d:d9:
                    8f:e2:f8:b3:c2:b7:b7:c8:ed:7c:28:b8:06:4f:ee:
                    79:59:da:f8:21:62:8b:04:75:90:ef:c2:76:96:0d:
                    d3:8b:f0:d0:d8:d5:0e:17:a0:4c:6a:ad:0c:06:d9:
                    23:5f:52:e2:ab:6c:9a:52:91:e8:7e:0c:9b:d6:bd:
                    cc:dc:8a:82:8d:e7:d0:c4:46:e4:e3:df:db:7c:ce:
                    17:73:20:17:8e:bb:93:11:b3:0e:f6:83:8e:63:80:
                    35:c6:20:6c:78:a8:f9:3c:eb:88:be:68:1e:f1:00:
                    df:96:15:83:25:ff:3d:a6:54:46:8e:4a:d6:00:1f:
                    c2:13:72:fb:f8:60:3c:3f:8d:35:2e:38:05:c0:52:
                    cf:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:D2:85:10:33:80:E4:C9:6E:E0:4B:90:13:65:94:72:E2:2D:94:D9
            X509v3 Authority Key Identifier:
                keyid:D2:4F:0F:B8:CC:C9:12:9B:5E:E6:F1:E7:DF:81:84:CC:34:C4:2C:2A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/5Jd5fpkjeDmi1tz2qY1Bet6rHRiCfAWVQd64gr6MYK2m/0/D24F0FB8CCC9129B5EE6F1E7DF8184CC34C42C2A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/0/D24F0FB8CCC9129B5EE6F1E7DF8184CC34C42C2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/5Jd5fpkjeDmi1tz2qY1Bet6rHRiCfAWVQd64gr6MYK2m/0/3137372e32332e34312e302f32342d3234203d3e20323633303338.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  177.23.41.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:72:69:8f:f4:fb:6e:d8:02:20:5a:d1:dc:9f:04:f6:29:0d:
         bb:94:ad:3a:d8:c8:f3:f3:34:f5:54:09:6b:69:f9:98:0b:61:
         eb:86:af:de:ad:61:e3:2b:02:73:3d:10:22:ea:88:71:e0:e9:
         21:23:d5:bf:46:fe:73:4b:13:88:5a:4c:02:c3:e6:5e:85:6c:
         b3:3d:40:18:76:e1:74:ac:15:46:f1:8d:ec:2d:00:06:b8:ea:
         08:f2:7d:65:47:09:d0:77:ab:aa:83:0a:4e:7c:9a:3d:df:f1:
         d9:7c:e9:15:7b:20:47:72:b9:f9:5f:1d:9e:aa:05:5e:71:46:
         ff:56:23:b3:0d:f7:e0:6e:b4:3d:a8:fa:c2:5d:73:7f:ef:dd:
         04:c0:76:ca:c7:58:74:e1:41:77:ae:08:67:b9:04:f0:82:25:
         9d:01:09:e7:07:98:66:ed:3e:a2:d1:10:c6:05:e9:0c:87:ad:
         01:42:eb:3b:51:09:7d:79:68:87:79:d9:4f:29:ce:b2:4e:cc:
         08:95:3a:33:1f:6f:ba:62:3b:93:ce:7a:6d:40:f4:76:21:e8:
         cb:dc:de:5b:fd:51:43:e7:e5:76:3e:c6:2b:c8:9f:36:3e:49:
         f0:df:3f:ae:d0:d9:55:c3:16:3c:47:3e:9b:15:65:b6:85:f8:
         44:e2:d5:38
-----BEGIN CERTIFICATE-----
MIIHQTCCBimgAwIBAgIUdHq+7EqF1weTZyzg9e8jHDMK3LIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDI0RjBGQjhDQ0M5MTI5QjVFRTZGMUU3REY4MTg0Q0Mz
NEM0MkMyQTAeFw0yNDAyMjYxMzUyNTZaFw0yNTAyMjQxMzU3NTZaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQ0I0QTM0NjBCQ0Q5QTE1MkRB
RjUyN0IzMzI3MTE1QzIwREYyQkQxMEMyRUE5Qjc3QzI2RkFDNkZBMjIyNDBFODEx
NzkxNjIwODFFQTA4NDU0RDdGNkEwQzU4RjA0OUM4RkEzQjYyQzkwNkMwOTRENEUz
QUExQjA3OURCRjQzNzBBQkZCMzlFQ0JBNDdFNjBFRDgyMjA3Rjk2OUJBQThCRTgy
Q0ExQkMxMkRCMUFCNjVCM0NCQ0NFNkJBQjA0OTk5MkQ0NTVFRDNFODIzNkIyMTgz
QkVGNzRERDM1NUJGNkRDRTU5QjU1QjIzNUREOThGRTJGOEIzQzJCN0I3QzhFRDdD
MjhCODA2NEZFRTc5NTlEQUY4MjE2MjhCMDQ3NTkwRUZDMjc2OTYwREQzOEJGMEQw
RDhENTBFMTdBMDRDNkFBRDBDMDZEOTIzNUY1MkUyQUI2QzlBNTI5MUU4N0UwQzlC
RDZCRENDREM4QTgyOERFN0QwQzQ0NkU0RTNERkRCN0NDRTE3NzMyMDE3OEVCQjkz
MTFCMzBFRjY4MzhFNjM4MDM1QzYyMDZDNzhBOEY5M0NFQjg4QkU2ODFFRjEwMERG
OTYxNTgzMjVGRjNEQTY1NDQ2OEU0QUQ2MDAxRkMyMTM3MkZCRjg2MDNDM0Y4RDM1
MkUzODA1QzA1MkNGODMwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAy0o0YLzZoVLa9SezMnEVwg3yvRDC6pt3wm+sb6IiQOgReRYggeoI
RU1/agxY8EnI+jtiyQbAlNTjqhsHnb9DcKv7Oey6R+YO2CIH+Wm6qL6CyhvBLbGr
ZbPLzOa6sEmZLUVe0+gjayGDvvdN01W/bc5ZtVsjXdmP4vizwre3yO18KLgGT+55
Wdr4IWKLBHWQ78J2lg3Ti/DQ2NUOF6BMaq0MBtkjX1Liq2yaUpHofgyb1r3M3IqC
jefQxEbk49/bfM4XcyAXjruTEbMO9oOOY4A1xiBseKj5POuIvmge8QDflhWDJf89
plRGjkrWAB/CE3L7+GA8P401LjgFwFLPgwIDAQABo4ICTzCCAkswHQYDVR0OBBYE
FOfShRAzgOTJbuBLkBNllHLiLZTZMB8GA1UdIwQYMBaAFNJPD7jMyRKbXubx59+B
hMw0xCwqMA4GA1UdDwEB/wQEAwIHgDCBlAYDVR0fBIGMMIGJMIGGoIGDoIGAhn5y
c3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBvLzVKZDVmcGtqZURtaTF0
ejJxWTFCZXQ2ckhSaUNmQVdWUWQ2NGdyNk1ZSzJtLzAvRDI0RjBGQjhDQ0M5MTI5
QjVFRTZGMUU3REY4MTg0Q0MzNEM0MkMyQS5jcmwweAYIKwYBBQUHAQEEbDBqMGgG
CCsGAQUFBzAChlxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBvL25p
Y2JyX3JlcG8vMC9EMjRGMEZCOENDQzkxMjlCNUVFNkYxRTdERjgxODRDQzM0QzQy
QzJBLmNlcjCBrAYIKwYBBQUHAQsEgZ8wgZwwgZkGCCsGAQUFBzALhoGMcnN5bmM6
Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby81SmQ1ZnBramVEbWkxdHoycVkx
QmV0NnJIUmlDZkFXVlFkNjRncjZNWUsybS8wLzMxMzczNzJlMzIzMzJlMzQzMTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzMzMwMzMzOC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALEX
KTANBgkqhkiG9w0BAQsFAAOCAQEAiXJpj/T7btgCIFrR3J8E9ikNu5StOtjI8/M0
9VQJa2n5mAth64av3q1h4ysCcz0QIuqIceDpISPVv0b+c0sTiFpMAsPmXoVssz1A
GHbhdKwVRvGN7C0ABrjqCPJ9ZUcJ0HerqoMKTnyaPd/x2XzpFXsgR3K5+V8dnqoF
XnFG/1Yjsw334G60Paj6wl1zf+/dBMB2ysdYdOFBd64IZ7kE8IIlnQEJ5weYZu0+
otEQxgXpDIetAULrO1EJfXloh3nZTynOsk7MCJU6Mx9vumI7k856bUD0diHoy9ze
W/1RQ+fldj7GK8ifNj5J8N8/rtDZVcMWPEc+mxVltoX4ROLVOA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:39 2024 by rpki-client on console-fra.rpki-client.org