Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/2vPKgoXhoVNBNfX4H2REEFZ1PVmF8R8XmU8q1UUdimGb/0/34352e3137342e3139382e302f32332d3233203d3e20323731353939.roa
File:                     34352e3137342e3139382e302f32332d3233203d3e20323731353939.roa (raw, json)
Hash identifier:          +wuH2u7+eJQxtAHM+8OP5Rq1jCZ3dhJ1RfskBhRLLxI=
Subject key identifier:   EF:42:2F:7B:AF:C4:70:D9:C1:CB:DF:8F:C6:C0:97:83:6F:53:39:96
Certificate issuer:       /CN=3CE59A2255B0F6DB40FED1C97D0EB393550AFAA5
Certificate serial:       0513D9B7096C33353AB531C1214F88D283CD160D
Authority key identifier: 3C:E5:9A:22:55:B0:F6:DB:40:FE:D1:C9:7D:0E:B3:93:55:0A:FA:A5
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/0/3CE59A2255B0F6DB40FED1C97D0EB393550AFAA5.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/2vPKgoXhoVNBNfX4H2REEFZ1PVmF8R8XmU8q1UUdimGb/0/34352e3137342e3139382e302f32332d3233203d3e20323731353939.roa
Signing time:             Thu 28 Mar 2024 22:04:54 +0000
ROA not before:           Thu 28 Mar 2024 21:59:54 +0000
ROA not after:            Thu 27 Mar 2025 22:04:54 +0000
asID:                     271599
IP address blocks:        45.174.198.0/23 maxlen: 23

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:13:d9:b7:09:6c:33:35:3a:b5:31:c1:21:4f:88:d2:83:cd:16:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3CE59A2255B0F6DB40FED1C97D0EB393550AFAA5
        Validity
            Not Before: Mar 28 21:59:54 2024 GMT
            Not After : Mar 27 22:04:54 2025 GMT
        Subject: CN=EF422F7BAFC470D9C1CBDF8FC6C097836F533996
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:e1:ee:d7:be:42:d9:3f:6b:47:c0:d3:71:a9:
                    60:f4:51:5f:2f:2a:ae:3d:f8:00:d0:73:0a:bd:9f:
                    33:c9:3d:3d:68:28:d4:88:48:92:5f:68:c6:9f:48:
                    1e:54:c6:67:ea:dd:41:2e:43:02:9d:6a:0d:85:8f:
                    e3:0b:4c:d5:34:d1:8c:81:5f:79:29:84:3e:db:f5:
                    3f:4a:ba:2f:b2:38:82:5e:15:9c:bf:c4:0c:f0:71:
                    ad:2e:4d:b5:1a:9a:60:97:9f:91:18:e9:4c:c2:2e:
                    c0:ca:2c:c2:d3:8a:d0:fa:81:4d:4e:1c:9b:18:04:
                    5f:0b:85:a3:70:c2:e0:c6:c4:e9:9d:08:b8:45:2f:
                    cf:1e:3e:56:a8:a3:bd:2a:1c:74:cc:32:38:63:79:
                    6e:26:bd:13:61:51:79:b4:10:a7:70:9c:90:47:8e:
                    88:6a:61:c7:92:12:28:55:6b:50:0f:ce:a0:8c:f7:
                    e4:06:2a:cb:83:96:25:ba:dd:09:d4:eb:6c:79:53:
                    e5:ac:ed:83:d0:92:dd:6b:7b:2c:3e:2c:bd:fe:64:
                    84:22:fd:fc:e1:9a:de:ac:ab:47:1a:1c:4f:45:90:
                    c8:a4:01:70:42:a9:e9:f1:02:c2:fe:d6:0d:68:49:
                    dd:1e:ae:57:65:b8:d3:b4:9d:de:bd:ee:c5:55:ee:
                    c1:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:42:2F:7B:AF:C4:70:D9:C1:CB:DF:8F:C6:C0:97:83:6F:53:39:96
            X509v3 Authority Key Identifier:
                keyid:3C:E5:9A:22:55:B0:F6:DB:40:FE:D1:C9:7D:0E:B3:93:55:0A:FA:A5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/2vPKgoXhoVNBNfX4H2REEFZ1PVmF8R8XmU8q1UUdimGb/0/3CE59A2255B0F6DB40FED1C97D0EB393550AFAA5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/0/3CE59A2255B0F6DB40FED1C97D0EB393550AFAA5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/2vPKgoXhoVNBNfX4H2REEFZ1PVmF8R8XmU8q1UUdimGb/0/34352e3137342e3139382e302f32332d3233203d3e20323731353939.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.174.198.0/23

    Signature Algorithm: sha256WithRSAEncryption
         68:55:94:49:62:1d:d1:87:c9:3b:64:35:5f:47:bb:27:c4:3e:
         35:72:01:79:3f:b5:9d:00:14:f8:77:aa:a2:68:0c:03:c3:97:
         a0:c3:9c:47:d6:ed:92:2e:bb:4b:35:5b:f3:dd:93:c2:04:b5:
         c9:e5:88:ae:42:94:95:9c:d7:b1:33:5b:f5:4b:e7:77:ae:11:
         c7:05:7d:99:89:23:36:ea:48:a3:87:a6:c8:21:5a:a7:28:d9:
         19:3a:e5:ff:5f:9c:93:b8:8d:a1:73:90:7d:5e:9f:49:71:86:
         33:59:85:f0:c8:87:6f:b2:5e:c4:48:60:e9:0b:a0:de:80:bd:
         b8:26:c7:6e:d3:f6:0c:fe:f2:de:e1:f3:4f:13:70:d1:b8:d6:
         f9:35:fa:30:86:9e:0b:98:05:49:78:f3:90:89:4d:28:00:5c:
         01:f6:27:b7:e3:c2:75:80:7b:25:2e:a7:aa:b5:03:f8:30:18:
         45:e5:b8:d2:0f:25:f7:60:6b:82:bb:24:1e:30:6e:f7:40:cb:
         aa:6e:88:6d:13:ce:b9:62:59:5b:04:fe:1b:31:be:dd:eb:e6:
         01:57:78:fd:e6:5e:2e:41:0a:82:02:39:7e:1c:37:fa:c3:76:
         6b:17:76:15:e0:ab:a3:35:68:26:be:66:bf:d8:ff:7a:65:62:
         16:19:91:a5
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUBRPZtwlsMzU6tTHBIU+I0oPNFg0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0NFNTlBMjI1NUIwRjZEQjQwRkVEMUM5N0QwRUIzOTM1
NTBBRkFBNTAeFw0yNDAzMjgyMTU5NTRaFw0yNTAzMjcyMjA0NTRaMDMxMTAvBgNV
BAMTKEVGNDIyRjdCQUZDNDcwRDlDMUNCREY4RkM2QzA5NzgzNkY1MzM5OTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo4e7XvkLZP2tHwNNxqWD0UV8v
Kq49+ADQcwq9nzPJPT1oKNSISJJfaMafSB5Uxmfq3UEuQwKdag2Fj+MLTNU00YyB
X3kphD7b9T9Kui+yOIJeFZy/xAzwca0uTbUammCXn5EY6UzCLsDKLMLTitD6gU1O
HJsYBF8LhaNwwuDGxOmdCLhFL88ePlaoo70qHHTMMjhjeW4mvRNhUXm0EKdwnJBH
johqYceSEihVa1APzqCM9+QGKsuDliW63QnU62x5U+Ws7YPQkt1reyw+LL3+ZIQi
/fzhmt6sq0caHE9FkMikAXBCqenxAsL+1g1oSd0erldluNO0nd697sVV7sExAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQU70Ive6/EcNnBy9+PxsCXg29TOZYwHwYDVR0j
BBgwFoAUPOWaIlWw9ttA/tHJfQ6zk1UK+qUwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vMnZQS2dvWGhvVk5CTmZYNEgyUkVFRloxUFZtRjhSOFhtVThxMVVVZGlt
R2IvMC8zQ0U1OUEyMjU1QjBGNkRCNDBGRUQxQzk3RDBFQjM5MzU1MEFGQUE1LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8wLzNDRTU5QTIyNTVCMEY2REI0
MEZFRDFDOTdEMEVCMzkzNTUwQUZBQTUuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzJ2UEtnb1hob1ZOQk5mWDRIMlJFRUZaMVBWbUY4UjhYbVU4cTFVVWRpbUdiLzAv
MzQzNTJlMzEzNzM0MmUzMTM5MzgyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjM3
MzEzNTM5Mzkucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAEtrsYwDQYJKoZIhvcNAQELBQADggEBAGhVlEli
HdGHyTtkNV9HuyfEPjVyAXk/tZ0AFPh3qqJoDAPDl6DDnEfW7ZIuu0s1W/Pdk8IE
tcnliK5ClJWc17EzW/VL53euEccFfZmJIzbqSKOHpsghWqco2Rk65f9fnJO4jaFz
kH1en0lxhjNZhfDIh2+yXsRIYOkLoN6Avbgmx27T9gz+8t7h808TcNG41vk1+jCG
nguYBUl485CJTSgAXAH2J7fjwnWAeyUup6q1A/gwGEXluNIPJfdga4K7JB4wbvdA
y6puiG0TzrliWVsE/hsxvt3r5gFXeP3mXi5BCoICOX4cN/rDdmsXdhXgq6M1aCa+
Zr/Y/3plYhYZkaU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:24 2024 by rpki-client on console-fra.rpki-client.org