Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/3qw5KsbFQbpuc5SmMx22h2E71SgavFiDMaP1Dx3pZsu7/0/3139302e3131312e3138342e302f32322d3234203d3e20323730343238.roa
File:                     3139302e3131312e3138342e302f32322d3234203d3e20323730343238.roa (raw, json)
Hash identifier:          5+kLD/wSQ4sb8zDSdApLFLkIhMI5ZY2jRhXU7+y9cAo=
Subject key identifier:   1D:F5:D2:0C:84:1C:8F:61:54:E3:C5:E6:15:69:07:34:7A:73:FB:88
Certificate issuer:       /CN=6320CD7E38D87C910B5072CD7D4824F3E72D236C
Certificate serial:       04FDA3884110D9B330F1E63F168BAE61A04B4ECE
Authority key identifier: 63:20:CD:7E:38:D8:7C:91:0B:50:72:CD:7D:48:24:F3:E7:2D:23:6C
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/0/6320CD7E38D87C910B5072CD7D4824F3E72D236C.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/3qw5KsbFQbpuc5SmMx22h2E71SgavFiDMaP1Dx3pZsu7/0/3139302e3131312e3138342e302f32322d3234203d3e20323730343238.roa
Signing time:             Mon 25 Mar 2024 19:25:14 +0000
ROA not before:           Mon 25 Mar 2024 19:20:14 +0000
ROA not after:            Mon 24 Mar 2025 19:25:14 +0000
asID:                     270428
IP address blocks:        190.111.184.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:fd:a3:88:41:10:d9:b3:30:f1:e6:3f:16:8b:ae:61:a0:4b:4e:ce
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6320CD7E38D87C910B5072CD7D4824F3E72D236C
        Validity
            Not Before: Mar 25 19:20:14 2024 GMT
            Not After : Mar 24 19:25:14 2025 GMT
        Subject: CN=1DF5D20C841C8F6154E3C5E6156907347A73FB88
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:c2:df:4f:da:81:d9:70:3c:28:c1:12:2f:65:
                    94:e4:b8:d7:c6:07:dd:a7:03:bd:3b:2e:22:e3:cf:
                    1a:e6:64:ba:e9:10:54:da:47:44:4e:7e:c5:48:6f:
                    0c:29:8b:77:7a:51:34:08:ea:45:8c:31:d9:95:76:
                    dd:e6:12:43:6b:22:f7:2e:05:bc:ca:ba:8f:21:0c:
                    2d:d7:19:3c:80:12:0a:5b:4b:a5:76:45:f9:4a:30:
                    78:22:04:4d:d7:7f:3d:22:68:47:41:bf:65:42:9b:
                    5e:e3:1c:4e:85:a9:18:98:b8:a7:11:52:1e:d2:92:
                    f0:c6:52:d2:86:65:35:ed:e3:54:50:e9:38:16:15:
                    3b:85:bf:16:10:99:21:74:11:df:87:cc:ea:85:6e:
                    52:65:ad:ca:52:97:22:87:f1:6e:18:b3:88:d8:02:
                    6f:6a:aa:0a:cf:de:d3:31:a4:df:41:74:2d:eb:28:
                    91:e3:d6:fb:49:4b:2b:b3:78:b5:86:8f:a6:c1:0b:
                    9b:05:10:56:6e:dd:4b:75:91:89:93:ed:07:29:6c:
                    89:4a:54:dc:06:33:d4:b9:29:b5:db:ca:7a:f6:d7:
                    8d:ae:2c:e8:47:cd:5d:8b:b5:22:2c:e2:cd:ca:47:
                    c5:9a:aa:56:5a:82:93:14:43:ae:44:ec:3f:ef:f1:
                    db:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:F5:D2:0C:84:1C:8F:61:54:E3:C5:E6:15:69:07:34:7A:73:FB:88
            X509v3 Authority Key Identifier:
                keyid:63:20:CD:7E:38:D8:7C:91:0B:50:72:CD:7D:48:24:F3:E7:2D:23:6C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/3qw5KsbFQbpuc5SmMx22h2E71SgavFiDMaP1Dx3pZsu7/0/6320CD7E38D87C910B5072CD7D4824F3E72D236C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/0/6320CD7E38D87C910B5072CD7D4824F3E72D236C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/3qw5KsbFQbpuc5SmMx22h2E71SgavFiDMaP1Dx3pZsu7/0/3139302e3131312e3138342e302f32322d3234203d3e20323730343238.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  190.111.184.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0d:16:0f:b8:e5:d6:7e:cb:c5:7d:e0:9d:5d:bb:fa:47:81:b7:
         ea:fc:db:fe:cf:5e:be:9a:04:53:69:9b:e5:d0:eb:69:d7:1b:
         3a:9a:2e:c0:59:f2:4c:16:3f:bf:c2:94:cf:b7:f0:25:96:c2:
         f3:3c:6d:34:31:04:95:6e:89:2a:d4:9a:f2:0e:b4:06:12:c5:
         70:bf:70:3f:c4:97:e3:6c:bd:b1:8c:80:1e:45:ad:92:2e:7c:
         27:1e:f8:d7:34:c3:e5:c6:78:7f:52:36:cd:a6:4c:b4:6c:cf:
         f9:20:49:b7:43:65:76:ea:8e:6b:83:34:d8:27:45:ad:f4:ed:
         00:7a:fa:f5:3c:07:11:26:fb:0b:6c:b6:3b:d8:eb:25:a5:50:
         fc:d9:b2:1d:7e:07:26:e6:b4:1e:31:14:f7:6f:41:52:86:2c:
         f2:c7:f3:aa:ab:ff:97:95:bf:a4:73:42:bf:1c:8b:e8:1a:73:
         6b:01:7c:d0:5f:e0:f6:81:b3:7f:48:8b:02:48:b3:ca:e8:33:
         c7:ec:42:e8:33:ea:da:c8:50:93:04:83:9c:0b:0a:e9:d0:13:
         77:58:18:fa:c5:fd:f7:4e:f9:a7:2f:78:fd:c0:fe:3c:e3:af:
         08:36:cf:2c:3c:67:2f:dc:8a:84:aa:b3:1b:71:99:98:75:a1:
         ec:3f:06:13
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUBP2jiEEQ2bMw8eY/FouuYaBLTs4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjMyMENEN0UzOEQ4N0M5MTBCNTA3MkNEN0Q0ODI0RjNF
NzJEMjM2QzAeFw0yNDAzMjUxOTIwMTRaFw0yNTAzMjQxOTI1MTRaMDMxMTAvBgNV
BAMTKDFERjVEMjBDODQxQzhGNjE1NEUzQzVFNjE1NjkwNzM0N0E3M0ZCODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCywt9P2oHZcDwowRIvZZTkuNfG
B92nA707LiLjzxrmZLrpEFTaR0ROfsVIbwwpi3d6UTQI6kWMMdmVdt3mEkNrIvcu
BbzKuo8hDC3XGTyAEgpbS6V2RflKMHgiBE3Xfz0iaEdBv2VCm17jHE6FqRiYuKcR
Uh7SkvDGUtKGZTXt41RQ6TgWFTuFvxYQmSF0Ed+HzOqFblJlrcpSlyKH8W4Ys4jY
Am9qqgrP3tMxpN9BdC3rKJHj1vtJSyuzeLWGj6bBC5sFEFZu3Ut1kYmT7QcpbIlK
VNwGM9S5KbXbynr2142uLOhHzV2LtSIs4s3KR8WaqlZagpMUQ65E7D/v8dvhAgMB
AAGjggJTMIICTzAdBgNVHQ4EFgQUHfXSDIQcj2FU48XmFWkHNHpz+4gwHwYDVR0j
BBgwFoAUYyDNfjjYfJELUHLNfUgk8+ctI2wwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vM3F3NUtzYkZRYnB1YzVTbU14MjJoMkU3MVNnYXZGaURNYVAxRHgzcFpz
dTcvMC82MzIwQ0Q3RTM4RDg3QzkxMEI1MDcyQ0Q3RDQ4MjRGM0U3MkQyMzZDLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8wLzYzMjBDRDdFMzhEODdDOTEw
QjUwNzJDRDdENDgyNEYzRTcyRDIzNkMuY2VyMIGwBggrBgEFBQcBCwSBozCBoDCB
nQYIKwYBBQUHMAuGgZByc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzNxdzVLc2JGUWJwdWM1U21NeDIyaDJFNzFTZ2F2RmlETWFQMUR4M3Bac3U3LzAv
MzEzOTMwMmUzMTMxMzEyZTMxMzgzNDJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDMy
MzczMDM0MzIzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAr5vuDANBgkqhkiG9w0BAQsFAAOCAQEADRYP
uOXWfsvFfeCdXbv6R4G36vzb/s9evpoEU2mb5dDradcbOpouwFnyTBY/v8KUz7fw
JZbC8zxtNDEElW6JKtSa8g60BhLFcL9wP8SX42y9sYyAHkWtki58Jx741zTD5cZ4
f1I2zaZMtGzP+SBJt0NlduqOa4M02CdFrfTtAHr69TwHESb7C2y2O9jrJaVQ/Nmy
HX4HJua0HjEU929BUoYs8sfzqqv/l5W/pHNCvxyL6BpzawF80F/g9oGzf0iLAkiz
yugzx+xC6DPq2shQkwSDnAsK6dATd1gY+sX99075py94/cD+POOvCDbPLDxnL9yK
hKqzG3GZmHWh7D8GEw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:29 2024 by rpki-client on console-fra.rpki-client.org