Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/3X5ufx2nrRCkv7seYquPGe1cHUSpjY1VYVoR4BgNCEAi/1/3138372e37332e39362e302f32302d3234203d3e203533303438.roa
File:                     3138372e37332e39362e302f32302d3234203d3e203533303438.roa (raw, json)
Hash identifier:          Hqjs/PbFSDkxrybRCxZeEVTtm2o+USDMcS3p7EQ5D5w=
Subject key identifier:   20:70:CF:DA:9D:96:B1:38:91:2F:6C:74:A3:B3:2C:09:68:59:2D:34
Certificate issuer:       /CN=DB0FB5DC1022408D3B32D7E947B0031E5EC18CC5
Certificate serial:       33C49AE1F2CC1DDCAB2AF9AEEBD6B088B9FD4B15
Authority key identifier: DB:0F:B5:DC:10:22:40:8D:3B:32:D7:E9:47:B0:03:1E:5E:C1:8C:C5
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DB0FB5DC1022408D3B32D7E947B0031E5EC18CC5.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/3X5ufx2nrRCkv7seYquPGe1cHUSpjY1VYVoR4BgNCEAi/1/3138372e37332e39362e302f32302d3234203d3e203533303438.roa
Signing time:             Thu 04 Apr 2024 17:31:51 +0000
ROA not before:           Thu 04 Apr 2024 17:26:51 +0000
ROA not after:            Thu 03 Apr 2025 17:31:51 +0000
asID:                     53048
IP address blocks:        187.73.96.0/20 maxlen: 24

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:c4:9a:e1:f2:cc:1d:dc:ab:2a:f9:ae:eb:d6:b0:88:b9:fd:4b:15
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DB0FB5DC1022408D3B32D7E947B0031E5EC18CC5
        Validity
            Not Before: Apr  4 17:26:51 2024 GMT
            Not After : Apr  3 17:31:51 2025 GMT
        Subject: CN=2070CFDA9D96B138912F6C74A3B32C0968592D34
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:f3:77:df:22:64:14:69:52:fe:fe:2f:f5:ce:
                    bc:8d:cc:c2:2c:ce:d6:16:dc:b0:c6:7f:89:6a:08:
                    08:81:5b:6b:2c:8a:8b:9b:13:b5:d4:42:c4:17:b0:
                    de:57:fa:13:08:4f:9a:55:24:b9:0a:cb:f9:d4:e9:
                    c5:0f:ab:f7:d7:da:25:f5:a6:5f:be:fb:f2:45:77:
                    d4:ec:e9:a1:b1:2f:02:f7:eb:ea:7c:c9:e9:e1:8e:
                    58:04:4a:0b:d2:08:0b:ad:a8:88:15:8d:e9:07:df:
                    40:37:37:ad:24:6d:97:01:64:79:42:38:3f:b5:eb:
                    6b:dc:9e:9e:e9:7a:ae:6e:4b:1e:3d:85:8d:cc:93:
                    cb:ca:4c:ce:81:3e:da:1b:f1:b1:e2:fb:f2:56:a8:
                    20:7d:e8:e7:96:46:a8:fc:0f:7d:36:84:99:f7:87:
                    25:ec:5f:a7:7f:7b:88:9b:e0:ce:b2:b7:32:2e:1e:
                    b6:49:c6:27:18:81:f0:39:cc:dc:f2:a2:7e:e4:b4:
                    d4:52:21:3b:82:e6:5f:d9:48:4f:9e:ae:c8:aa:d9:
                    4d:a1:2f:74:e3:af:ba:76:0c:49:32:78:6a:b3:55:
                    fd:07:3c:cf:d8:3e:ce:1c:c6:26:9a:5a:b6:2f:74:
                    54:b9:82:f8:88:cb:5e:d0:f9:50:2c:ff:b4:eb:f9:
                    16:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:70:CF:DA:9D:96:B1:38:91:2F:6C:74:A3:B3:2C:09:68:59:2D:34
            X509v3 Authority Key Identifier:
                keyid:DB:0F:B5:DC:10:22:40:8D:3B:32:D7:E9:47:B0:03:1E:5E:C1:8C:C5

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/3X5ufx2nrRCkv7seYquPGe1cHUSpjY1VYVoR4BgNCEAi/1/DB0FB5DC1022408D3B32D7E947B0031E5EC18CC5.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/DB0FB5DC1022408D3B32D7E947B0031E5EC18CC5.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/3X5ufx2nrRCkv7seYquPGe1cHUSpjY1VYVoR4BgNCEAi/1/3138372e37332e39362e302f32302d3234203d3e203533303438.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  187.73.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         02:38:b9:01:0a:05:24:ce:77:a8:e1:83:3c:62:37:6c:04:f8:
         3b:21:a2:c1:0c:f8:5d:29:be:12:8a:f8:f9:78:69:f4:cb:33:
         42:72:06:5f:cb:71:01:f8:17:6e:84:62:d1:5a:c4:f8:b6:a5:
         d9:32:85:29:0b:66:0d:68:aa:9a:72:e3:21:9c:21:30:d0:ec:
         7c:2d:e1:84:5f:73:04:97:41:65:e7:68:04:e4:91:bb:0b:e8:
         b1:7f:ee:ec:97:e4:d0:ef:5c:aa:d9:83:92:90:90:d8:82:4b:
         bd:70:60:b7:f3:44:09:03:9b:fc:ca:ed:e6:a0:6f:95:97:4e:
         13:f2:cc:36:13:0d:b7:29:0a:6b:87:ef:f0:91:e3:90:79:07:
         85:75:ed:f6:52:aa:e0:5d:94:4a:5d:61:2e:5e:65:92:73:4b:
         66:4f:75:3f:68:2a:50:89:d0:ab:d0:5a:aa:c5:d5:54:95:1e:
         38:0f:3f:ef:21:65:d2:5d:9b:01:d1:d2:2b:64:8a:18:0e:ad:
         1a:14:3b:6c:3e:d6:dd:7d:65:61:3f:6d:4e:f2:cf:6b:dd:89:
         d9:12:03:e2:52:07:56:e0:78:f4:05:fa:03:f2:24:78:82:7a:
         26:06:7c:40:52:bd:be:6c:89:87:46:32:43:8a:de:c2:56:bb:
         fb:b4:64:2c
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUM8Sa4fLMHdyrKvmu69awiLn9SxUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREIwRkI1REMxMDIyNDA4RDNCMzJEN0U5NDdCMDAzMUU1
RUMxOENDNTAeFw0yNDA0MDQxNzI2NTFaFw0yNTA0MDMxNzMxNTFaMDMxMTAvBgNV
BAMTKDIwNzBDRkRBOUQ5NkIxMzg5MTJGNkM3NEEzQjMyQzA5Njg1OTJEMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI83ffImQUaVL+/i/1zryNzMIs
ztYW3LDGf4lqCAiBW2ssioubE7XUQsQXsN5X+hMIT5pVJLkKy/nU6cUPq/fX2iX1
pl+++/JFd9Ts6aGxLwL36+p8yenhjlgESgvSCAutqIgVjekH30A3N60kbZcBZHlC
OD+162vcnp7peq5uSx49hY3Mk8vKTM6BPtob8bHi+/JWqCB96OeWRqj8D302hJn3
hyXsX6d/e4ib4M6ytzIuHrZJxicYgfA5zNzyon7ktNRSITuC5l/ZSE+ersiq2U2h
L3Tjr7p2DEkyeGqzVf0HPM/YPs4cxiaaWrYvdFS5gviIy17Q+VAs/7Tr+RZFAgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUIHDP2p2WsTiRL2x0o7MsCWhZLTQwHwYDVR0j
BBgwFoAU2w+13BAiQI07MtfpR7ADHl7BjMUwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vM1g1dWZ4Mm5yUkNrdjdzZVlxdVBHZTFjSFVTcGpZMVZZVm9SNEJnTkNF
QWkvMS9EQjBGQjVEQzEwMjI0MDhEM0IzMkQ3RTk0N0IwMDMxRTVFQzE4Q0M1LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xL0RCMEZCNURDMTAyMjQwOEQz
QjMyRDdFOTQ3QjAwMzFFNUVDMThDQzUuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzNYNXVmeDJuclJDa3Y3c2VZcXVQR2UxY0hVU3BqWTFWWVZvUjRCZ05DRUFpLzEv
MzEzODM3MmUzNzMzMmUzOTM2MmUzMDJmMzIzMDJkMzIzNDIwM2QzZTIwMzUzMzMw
MzQzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB
/wQQMA4wDAQCAAEwBgMEBLtJYDANBgkqhkiG9w0BAQsFAAOCAQEAAji5AQoFJM53
qOGDPGI3bAT4OyGiwQz4XSm+Eor4+Xhp9MszQnIGX8txAfgXboRi0VrE+Lal2TKF
KQtmDWiqmnLjIZwhMNDsfC3hhF9zBJdBZedoBOSRuwvosX/u7Jfk0O9cqtmDkpCQ
2IJLvXBgt/NECQOb/Mrt5qBvlZdOE/LMNhMNtykKa4fv8JHjkHkHhXXt9lKq4F2U
Sl1hLl5lknNLZk91P2gqUInQq9BaqsXVVJUeOA8/7yFl0l2bAdHSK2SKGA6tGhQ7
bD7W3X1lYT9tTvLPa92J2RID4lIHVuB49AX6A/IkeIJ6JgZ8QFK9vmyJh0YyQ4re
wla7+7RkLA==
-----END CERTIFICATE-----
Generated at Sat Sep 28 18:42:08 2024 by rpki-client on console-fra.rpki-client.org