Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/3bd7mmKj1NtLVCaQALxUsEFChyuBLogdirhQq3jGKQq1/0/34352e3137322e3137342e302f32332d3233203d3e20323733343030.roa
File:                     34352e3137322e3137342e302f32332d3233203d3e20323733343030.roa (raw, json)
Hash identifier:          M9H+1CzIQ235Y0H0ydx+uSJeK+Ymnhnjoc4vblUxZP8=
Subject key identifier:   27:64:DB:22:4B:C8:91:45:05:DB:50:05:2C:5B:24:F9:86:F7:B7:D7
Certificate issuer:       /CN=58BFD58B56019A8D8D70578235BD8FA5BDB8F825
Certificate serial:       13AFD6E0156751CA8B6B394AAD8953E8EC5F721C
Authority key identifier: 58:BF:D5:8B:56:01:9A:8D:8D:70:57:82:35:BD:8F:A5:BD:B8:F8:25
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/58BFD58B56019A8D8D70578235BD8FA5BDB8F825.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/3bd7mmKj1NtLVCaQALxUsEFChyuBLogdirhQq3jGKQq1/0/34352e3137322e3137342e302f32332d3233203d3e20323733343030.roa
Signing time:             Thu 27 Jun 2024 12:11:06 +0000
ROA not before:           Thu 27 Jun 2024 12:06:06 +0000
ROA not after:            Thu 26 Jun 2025 12:11:06 +0000
asID:                     273400
IP address blocks:        45.172.174.0/23 maxlen: 23

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:af:d6:e0:15:67:51:ca:8b:6b:39:4a:ad:89:53:e8:ec:5f:72:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58BFD58B56019A8D8D70578235BD8FA5BDB8F825
        Validity
            Not Before: Jun 27 12:06:06 2024 GMT
            Not After : Jun 26 12:11:06 2025 GMT
        Subject: CN=2764DB224BC8914505DB50052C5B24F986F7B7D7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:8a:b0:58:df:d8:07:eb:33:4e:b2:6f:38:b9:
                    0f:f0:43:e4:13:01:5c:c1:ce:23:60:97:a4:08:fd:
                    e3:cb:53:81:50:c4:67:63:67:12:94:71:3a:c2:4f:
                    bf:d1:30:c7:0b:0f:3d:0e:9f:ba:bc:1a:d8:3e:90:
                    f0:64:d0:a2:e0:d9:bb:00:f5:ee:13:66:28:e9:80:
                    e4:1e:b3:90:18:05:b7:73:45:b2:4e:7f:5a:75:28:
                    91:2a:dc:dc:b3:89:30:7e:60:89:33:b2:1a:45:83:
                    98:59:5a:73:f3:7d:35:b9:2f:8e:df:a5:95:bb:c0:
                    5b:55:b9:b7:60:33:51:7e:d1:9a:c0:27:af:c4:7d:
                    a6:a2:6e:50:18:4a:24:d0:f3:a5:73:dd:68:8d:88:
                    61:69:ee:1f:59:3b:77:aa:64:f2:66:ba:78:92:0b:
                    dc:59:ea:5c:d1:f9:6a:c9:77:cc:ee:2f:07:d0:49:
                    69:3f:07:10:c0:95:e6:aa:2a:b7:d0:c1:3a:bf:03:
                    e3:d0:92:d8:bc:00:4b:26:8a:2f:c7:fb:2a:32:c2:
                    7b:b6:14:8c:63:35:70:6f:4b:08:94:c3:99:93:e6:
                    c3:71:8d:84:37:36:a3:e0:90:76:2d:38:3c:d4:f8:
                    e4:da:9e:ce:68:e2:68:44:b4:59:ea:c8:2e:f0:fa:
                    0f:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                27:64:DB:22:4B:C8:91:45:05:DB:50:05:2C:5B:24:F9:86:F7:B7:D7
            X509v3 Authority Key Identifier:
                keyid:58:BF:D5:8B:56:01:9A:8D:8D:70:57:82:35:BD:8F:A5:BD:B8:F8:25

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/3bd7mmKj1NtLVCaQALxUsEFChyuBLogdirhQq3jGKQq1/0/58BFD58B56019A8D8D70578235BD8FA5BDB8F825.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/58BFD58B56019A8D8D70578235BD8FA5BDB8F825.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/3bd7mmKj1NtLVCaQALxUsEFChyuBLogdirhQq3jGKQq1/0/34352e3137322e3137342e302f32332d3233203d3e20323733343030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.172.174.0/23

    Signature Algorithm: sha256WithRSAEncryption
         10:53:20:e4:d8:ae:de:8f:d7:f6:da:e5:25:77:44:cb:a8:98:
         78:82:62:33:7e:8c:e9:a3:b2:e4:a0:b4:a1:65:0c:3b:86:9c:
         bf:7f:7b:52:5f:26:a1:d1:8f:ca:85:ba:04:31:5f:5b:ab:e0:
         4d:3e:2b:c0:6c:bb:c8:a7:d7:2c:b8:08:c4:4c:ca:11:fa:9a:
         49:76:2a:88:e7:bb:cd:28:c6:b2:02:b7:57:b1:8c:a6:42:38:
         d8:60:c2:51:47:1f:1c:29:02:86:0b:c9:76:a6:54:87:96:59:
         fb:a2:c7:f2:0a:64:26:88:a0:e8:05:ae:00:72:e9:b5:bf:4d:
         5f:9f:c6:56:d9:b2:32:bb:16:ec:15:6e:47:01:ca:f3:03:c9:
         37:4b:20:13:33:6d:cd:5a:9d:ca:0f:05:b8:a0:84:a5:65:c8:
         a4:58:a6:49:76:66:30:e7:ba:4a:82:01:16:24:34:38:50:10:
         a4:93:02:0d:66:c4:de:9e:47:f6:2d:6c:75:18:94:0b:91:77:
         5b:a3:8d:22:e8:95:ec:99:35:d1:68:9b:0b:72:64:9d:ca:0e:
         b5:f9:8e:83:a5:1e:b4:a1:1e:07:f7:bb:38:ee:17:1b:df:86:
         1f:42:43:c3:91:1d:3f:d1:c6:93:ab:a9:15:61:63:f9:10:c7:
         9d:7c:16:0c
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUE6/W4BVnUcqLazlKrYlT6OxfchwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNThCRkQ1OEI1NjAxOUE4RDhENzA1NzgyMzVCRDhGQTVC
REI4RjgyNTAeFw0yNDA2MjcxMjA2MDZaFw0yNTA2MjYxMjExMDZaMDMxMTAvBgNV
BAMTKDI3NjREQjIyNEJDODkxNDUwNURCNTAwNTJDNUIyNEY5ODZGN0I3RDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCirBY39gH6zNOsm84uQ/wQ+QT
AVzBziNgl6QI/ePLU4FQxGdjZxKUcTrCT7/RMMcLDz0On7q8Gtg+kPBk0KLg2bsA
9e4TZijpgOQes5AYBbdzRbJOf1p1KJEq3NyziTB+YIkzshpFg5hZWnPzfTW5L47f
pZW7wFtVubdgM1F+0ZrAJ6/EfaaiblAYSiTQ86Vz3WiNiGFp7h9ZO3eqZPJmuniS
C9xZ6lzR+WrJd8zuLwfQSWk/BxDAleaqKrfQwTq/A+PQkti8AEsmii/H+yoywnu2
FIxjNXBvSwiUw5mT5sNxjYQ3NqPgkHYtODzU+OTans5o4mhEtFnqyC7w+g99AgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUJ2TbIkvIkUUF21AFLFsk+Yb3t9cwHwYDVR0j
BBgwFoAUWL/Vi1YBmo2NcFeCNb2Ppb24+CUwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vM2JkN21tS2oxTnRMVkNhUUFMeFVzRUZDaHl1QkxvZ2RpcmhRcTNqR0tR
cTEvMC81OEJGRDU4QjU2MDE5QThEOEQ3MDU3ODIzNUJEOEZBNUJEQjhGODI1LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzU4QkZENThCNTYwMTlBOEQ4
RDcwNTc4MjM1QkQ4RkE1QkRCOEY4MjUuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzNiZDdtbUtqMU50TFZDYVFBTHhVc0VGQ2h5dUJMb2dkaXJoUXEzakdLUXExLzAv
MzQzNTJlMzEzNzMyMmUzMTM3MzQyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzMjM3
MzMzNDMwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAEtrK4wDQYJKoZIhvcNAQELBQADggEBABBTIOTY
rt6P1/ba5SV3RMuomHiCYjN+jOmjsuSgtKFlDDuGnL9/e1JfJqHRj8qFugQxX1ur
4E0+K8Bsu8in1yy4CMRMyhH6mkl2Kojnu80oxrICt1exjKZCONhgwlFHHxwpAoYL
yXamVIeWWfuix/IKZCaIoOgFrgBy6bW/TV+fxlbZsjK7FuwVbkcByvMDyTdLIBMz
bc1ancoPBbighKVlyKRYpkl2ZjDnukqCARYkNDhQEKSTAg1mxN6eR/YtbHUYlAuR
d1ujjSLoleyZNdFomwtyZJ3KDrX5joOlHrShHgf3uzjuFxvfhh9CQ8ORHT/RxpOr
qRVhY/kQx518Fgw=
-----END CERTIFICATE-----
Generated at Fri Jul 5 22:29:07 2024 by rpki-client on console-fra.rpki-client.org