Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/3bd7mmKj1NtLVCaQALxUsEFChyuBLogdirhQq3jGKQq1/0/34352e3137322e3137352e302f32342d3234203d3e20323733343030.roa
File:                     34352e3137322e3137352e302f32342d3234203d3e20323733343030.roa (raw, json)
Hash identifier:          b9ul9ZoRB2MM6z/zim/GHxMWl2wrpB9Gw+MNEBu2b/g=
Subject key identifier:   E3:88:DB:30:96:4D:A4:44:DC:B4:10:5C:B4:55:51:76:FE:FA:5C:92
Certificate issuer:       /CN=58BFD58B56019A8D8D70578235BD8FA5BDB8F825
Certificate serial:       65B8E8C067B4DF09498567D0CB8706A8D11615AF
Authority key identifier: 58:BF:D5:8B:56:01:9A:8D:8D:70:57:82:35:BD:8F:A5:BD:B8:F8:25
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/58BFD58B56019A8D8D70578235BD8FA5BDB8F825.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/3bd7mmKj1NtLVCaQALxUsEFChyuBLogdirhQq3jGKQq1/0/34352e3137322e3137352e302f32342d3234203d3e20323733343030.roa
Signing time:             Thu 27 Jun 2024 12:11:06 +0000
ROA not before:           Thu 27 Jun 2024 12:06:06 +0000
ROA not after:            Thu 26 Jun 2025 12:11:06 +0000
asID:                     273400
IP address blocks:        45.172.175.0/24 maxlen: 24

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:b8:e8:c0:67:b4:df:09:49:85:67:d0:cb:87:06:a8:d1:16:15:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58BFD58B56019A8D8D70578235BD8FA5BDB8F825
        Validity
            Not Before: Jun 27 12:06:06 2024 GMT
            Not After : Jun 26 12:11:06 2025 GMT
        Subject: CN=E388DB30964DA444DCB4105CB4555176FEFA5C92
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:e1:c3:28:93:e4:37:6e:f2:23:d3:38:fa:83:
                    07:10:37:2c:4a:41:98:fc:95:e3:e7:a0:87:78:d5:
                    98:9a:b0:64:df:cf:36:db:14:cd:36:9a:df:2a:f4:
                    19:5d:1b:a2:d8:5e:f8:cf:63:7a:52:c3:87:9d:36:
                    1f:5b:44:31:3e:76:66:6f:2a:d6:e1:5a:8b:f3:0d:
                    60:8b:ad:23:67:6f:ad:52:7f:9d:80:ea:dc:c6:a5:
                    c5:5f:55:2c:bf:e2:8d:f4:25:84:a9:48:c0:7d:aa:
                    46:5e:aa:e3:4d:88:82:91:7d:ef:ab:c0:e9:21:27:
                    90:9b:fd:36:77:a4:55:6a:5f:16:7b:93:00:55:3d:
                    12:f9:bb:bb:24:9b:8b:8a:99:af:b2:7f:f0:04:5c:
                    f8:e5:73:92:10:39:a3:8d:2a:e7:18:22:27:5e:d0:
                    cd:8f:15:51:5e:06:33:c9:ef:50:c8:e5:59:08:40:
                    1e:78:35:8a:e2:47:03:34:73:61:bd:67:6e:19:b6:
                    19:0b:5a:50:60:d9:a4:13:3a:47:49:a8:5f:54:db:
                    f1:10:0f:af:b4:df:5f:4e:45:25:d8:e3:60:08:69:
                    35:2c:aa:32:ec:ed:f2:de:f5:58:d9:6a:a0:f1:5d:
                    49:5c:03:dc:19:73:18:10:f1:71:eb:77:2c:31:78:
                    0c:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E3:88:DB:30:96:4D:A4:44:DC:B4:10:5C:B4:55:51:76:FE:FA:5C:92
            X509v3 Authority Key Identifier:
                keyid:58:BF:D5:8B:56:01:9A:8D:8D:70:57:82:35:BD:8F:A5:BD:B8:F8:25

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/3bd7mmKj1NtLVCaQALxUsEFChyuBLogdirhQq3jGKQq1/0/58BFD58B56019A8D8D70578235BD8FA5BDB8F825.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/58BFD58B56019A8D8D70578235BD8FA5BDB8F825.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/3bd7mmKj1NtLVCaQALxUsEFChyuBLogdirhQq3jGKQq1/0/34352e3137322e3137352e302f32342d3234203d3e20323733343030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.172.175.0/24

    Signature Algorithm: sha256WithRSAEncryption
         20:84:b1:9c:02:1b:59:9f:ea:fa:d3:b6:d5:be:77:9a:fc:85:
         83:30:95:51:0e:88:49:65:a8:ee:a1:e1:43:ea:1e:10:27:86:
         4e:d8:32:6d:d0:41:2a:ed:30:34:d4:cb:1f:70:2d:c9:90:b7:
         55:fb:51:5d:ef:ea:03:17:a3:42:b0:e0:08:aa:6a:e0:53:f0:
         eb:0b:eb:c4:95:a6:b1:3d:31:7e:4c:be:82:50:02:19:cf:df:
         c5:3a:97:72:ab:44:26:c3:5a:6c:f0:b0:0a:f9:ff:64:76:c5:
         36:50:6b:0d:95:b9:c5:8a:22:f1:a7:da:6c:a7:70:8c:78:3a:
         c0:b8:4c:68:18:7c:1f:a3:67:f8:e1:d3:b4:3e:b9:7a:68:d8:
         e2:f9:b1:b8:de:b8:e9:6e:40:bb:72:39:a1:8b:35:1b:80:b2:
         6f:e5:e0:cc:71:0e:9a:46:c3:d5:00:36:eb:e8:ad:06:16:ec:
         7c:68:74:af:24:34:ce:8b:9f:ca:c5:1b:1a:5a:0b:23:b9:04:
         94:1b:ef:a4:b0:bd:75:b9:b1:f9:23:c5:b5:35:02:aa:af:da:
         6a:0b:8e:6e:7d:1b:c2:3b:e0:69:9a:d5:1d:12:18:c5:f2:7e:
         83:72:1e:0e:23:81:1c:32:25:b0:32:2a:68:a5:5b:ed:ae:b0:
         0c:f8:bb:45
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUZbjowGe03wlJhWfQy4cGqNEWFa8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNThCRkQ1OEI1NjAxOUE4RDhENzA1NzgyMzVCRDhGQTVC
REI4RjgyNTAeFw0yNDA2MjcxMjA2MDZaFw0yNTA2MjYxMjExMDZaMDMxMTAvBgNV
BAMTKEUzODhEQjMwOTY0REE0NDREQ0I0MTA1Q0I0NTU1MTc2RkVGQTVDOTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCy4cMok+Q3bvIj0zj6gwcQNyxK
QZj8lePnoId41ZiasGTfzzbbFM02mt8q9BldG6LYXvjPY3pSw4edNh9bRDE+dmZv
KtbhWovzDWCLrSNnb61Sf52A6tzGpcVfVSy/4o30JYSpSMB9qkZequNNiIKRfe+r
wOkhJ5Cb/TZ3pFVqXxZ7kwBVPRL5u7skm4uKma+yf/AEXPjlc5IQOaONKucYIide
0M2PFVFeBjPJ71DI5VkIQB54NYriRwM0c2G9Z24ZthkLWlBg2aQTOkdJqF9U2/EQ
D6+0319ORSXY42AIaTUsqjLs7fLe9VjZaqDxXUlcA9wZcxgQ8XHrdywxeAwrAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQU44jbMJZNpETctBBctFVRdv76XJIwHwYDVR0j
BBgwFoAUWL/Vi1YBmo2NcFeCNb2Ppb24+CUwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vM2JkN21tS2oxTnRMVkNhUUFMeFVzRUZDaHl1QkxvZ2RpcmhRcTNqR0tR
cTEvMC81OEJGRDU4QjU2MDE5QThEOEQ3MDU3ODIzNUJEOEZBNUJEQjhGODI1LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzU4QkZENThCNTYwMTlBOEQ4
RDcwNTc4MjM1QkQ4RkE1QkRCOEY4MjUuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzNiZDdtbUtqMU50TFZDYVFBTHhVc0VGQ2h5dUJMb2dkaXJoUXEzakdLUXExLzAv
MzQzNTJlMzEzNzMyMmUzMTM3MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM3
MzMzNDMwMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAAtrK8wDQYJKoZIhvcNAQELBQADggEBACCEsZwC
G1mf6vrTttW+d5r8hYMwlVEOiEllqO6h4UPqHhAnhk7YMm3QQSrtMDTUyx9wLcmQ
t1X7UV3v6gMXo0Kw4AiqauBT8OsL68SVprE9MX5MvoJQAhnP38U6l3KrRCbDWmzw
sAr5/2R2xTZQaw2VucWKIvGn2myncIx4OsC4TGgYfB+jZ/jh07Q+uXpo2OL5sbje
uOluQLtyOaGLNRuAsm/l4MxxDppGw9UANuvorQYW7HxodK8kNM6Ln8rFGxpaCyO5
BJQb76SwvXW5sfkjxbU1Aqqv2moLjm59G8I74Gma1R0SGMXyfoNyHg4jgRwyJbAy
KmilW+2usAz4u0U=
-----END CERTIFICATE-----
Generated at Fri Jul 5 23:14:46 2024 by rpki-client on console-ams.rpki-client.org