Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/4AryoyJ34nGGGcfE1WnGCEciUck8Rdh1gX2AuFFiDtv4/1/34352e3233392e3137332e302f32342d3234203d3e20323638333733.roa
File:                     34352e3233392e3137332e302f32342d3234203d3e20323638333733.roa (raw, json)
Hash identifier:          T4hZ8E1NsslGANg0Tiq+6NiACHm5V4hP7/8MAymLGDM=
Subject key identifier:   FB:58:92:37:F0:62:A3:F7:42:4B:3F:22:BD:86:88:48:2F:47:90:4A
Certificate issuer:       /CN=8D973A12CAB923FDAFD9F9FBAE3D5825E9E16355
Certificate serial:       17C27AE53ADBEBF27F25DB3B790EB5062D8100B5
Authority key identifier: 8D:97:3A:12:CA:B9:23:FD:AF:D9:F9:FB:AE:3D:58:25:E9:E1:63:55
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8D973A12CAB923FDAFD9F9FBAE3D5825E9E16355.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/4AryoyJ34nGGGcfE1WnGCEciUck8Rdh1gX2AuFFiDtv4/1/34352e3233392e3137332e302f32342d3234203d3e20323638333733.roa
Signing time:             Thu 04 Apr 2024 16:51:53 +0000
ROA not before:           Thu 04 Apr 2024 16:46:53 +0000
ROA not after:            Thu 03 Apr 2025 16:51:53 +0000
asID:                     268373
IP address blocks:        45.239.173.0/24 maxlen: 24

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            17:c2:7a:e5:3a:db:eb:f2:7f:25:db:3b:79:0e:b5:06:2d:81:00:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8D973A12CAB923FDAFD9F9FBAE3D5825E9E16355
        Validity
            Not Before: Apr  4 16:46:53 2024 GMT
            Not After : Apr  3 16:51:53 2025 GMT
        Subject: CN=FB589237F062A3F7424B3F22BD8688482F47904A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:b7:2f:c4:ec:2e:c7:32:37:e1:3d:0d:49:5d:
                    63:f8:ff:a6:f9:94:0d:0d:9f:e2:da:ff:98:b0:18:
                    02:d5:08:7d:43:90:8f:4e:84:88:c5:11:58:f1:0f:
                    10:fd:2d:83:be:43:ea:52:66:5d:5f:c6:62:b9:75:
                    8d:20:81:fd:f6:6e:85:54:eb:88:59:0a:d7:5c:d5:
                    67:73:b0:ce:ea:e9:e1:13:54:a3:99:1e:b4:c4:05:
                    2d:34:41:bf:ad:00:c3:3a:93:02:72:e9:0d:b7:2f:
                    cd:08:9f:9f:c6:4c:db:6c:1a:e4:e7:1f:87:83:3e:
                    f5:8d:86:ba:db:d0:c2:f5:f5:00:67:e4:a1:33:86:
                    60:37:fa:a4:4b:51:b7:6a:00:74:f6:dc:4c:8a:5d:
                    b5:57:0b:1d:83:5f:60:2a:6a:5f:38:88:77:67:a8:
                    2a:41:88:f6:eb:fd:a2:11:b3:f9:17:50:05:2a:45:
                    7c:97:88:7c:3f:0a:84:c1:2b:b3:2b:80:a1:bc:8c:
                    a3:b7:c9:c2:c2:4b:2f:dc:97:0a:bf:6b:cc:25:67:
                    53:b0:18:3f:a5:4f:c5:00:e2:67:2a:8e:b3:ca:88:
                    f4:64:ca:a7:89:05:86:34:91:45:b1:fb:11:99:53:
                    d3:24:4f:76:eb:5f:fe:88:0f:0c:f1:87:9a:ae:05:
                    10:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:58:92:37:F0:62:A3:F7:42:4B:3F:22:BD:86:88:48:2F:47:90:4A
            X509v3 Authority Key Identifier:
                keyid:8D:97:3A:12:CA:B9:23:FD:AF:D9:F9:FB:AE:3D:58:25:E9:E1:63:55

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/4AryoyJ34nGGGcfE1WnGCEciUck8Rdh1gX2AuFFiDtv4/1/8D973A12CAB923FDAFD9F9FBAE3D5825E9E16355.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8D973A12CAB923FDAFD9F9FBAE3D5825E9E16355.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/4AryoyJ34nGGGcfE1WnGCEciUck8Rdh1gX2AuFFiDtv4/1/34352e3233392e3137332e302f32342d3234203d3e20323638333733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.239.173.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:22:90:8a:9d:27:b0:00:0c:0f:71:d3:7c:46:df:3c:9c:21:
         29:d1:56:dd:11:41:64:e2:4b:30:49:11:a6:b4:34:b8:ac:ee:
         2c:16:7e:d1:5b:91:b8:1f:89:98:c4:ce:21:13:09:72:e9:3a:
         bc:e3:9f:97:67:ac:fe:d5:d5:4d:3a:bf:ab:aa:22:a3:a5:86:
         a3:b5:70:b3:89:7a:da:a1:d1:1c:d8:15:d6:85:d2:bc:e3:34:
         d8:ec:24:c7:d9:49:98:6e:c3:2f:b0:f9:99:e4:a1:48:29:da:
         00:00:9b:be:de:82:88:b7:0a:61:14:ab:be:2f:cf:12:54:d8:
         e7:e9:4c:18:16:70:46:41:1c:ef:48:c3:18:3a:01:75:4d:66:
         28:cb:31:26:70:dc:1a:51:2d:09:1b:96:2f:bb:22:f0:d7:29:
         79:c4:f0:97:d0:cc:62:9d:d7:4a:60:ce:62:24:ac:e3:3f:f3:
         40:de:15:65:76:1e:8d:fe:8d:2e:02:2c:ed:54:c8:fb:46:fd:
         91:93:82:9d:fe:4a:76:1c:2e:a1:70:7e:5a:bd:22:e9:3b:79:
         fa:59:53:95:0d:9c:bd:9a:0c:36:b0:9e:ba:84:ec:e8:a4:d4:
         3e:4b:a1:8a:d7:63:f5:ba:83:ca:92:8c:6f:01:f1:4e:e8:14:
         ab:cc:72:3e
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUF8J65Trb6/J/Jds7eQ61Bi2BALUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEQ5NzNBMTJDQUI5MjNGREFGRDlGOUZCQUUzRDU4MjVF
OUUxNjM1NTAeFw0yNDA0MDQxNjQ2NTNaFw0yNTA0MDMxNjUxNTNaMDMxMTAvBgNV
BAMTKEZCNTg5MjM3RjA2MkEzRjc0MjRCM0YyMkJEODY4ODQ4MkY0NzkwNEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbty/E7C7HMjfhPQ1JXWP4/6b5
lA0Nn+La/5iwGALVCH1DkI9OhIjFEVjxDxD9LYO+Q+pSZl1fxmK5dY0ggf32boVU
64hZCtdc1WdzsM7q6eETVKOZHrTEBS00Qb+tAMM6kwJy6Q23L80In5/GTNtsGuTn
H4eDPvWNhrrb0ML19QBn5KEzhmA3+qRLUbdqAHT23EyKXbVXCx2DX2Aqal84iHdn
qCpBiPbr/aIRs/kXUAUqRXyXiHw/CoTBK7MrgKG8jKO3ycLCSy/clwq/a8wlZ1Ow
GD+lT8UA4mcqjrPKiPRkyqeJBYY0kUWx+xGZU9MkT3brX/6IDwzxh5quBRA7AgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQU+1iSN/Bio/dCSz8ivYaISC9HkEowHwYDVR0j
BBgwFoAUjZc6Esq5I/2v2fn7rj1YJenhY1UwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNEFyeW95SjM0bkdHR2NmRTFXbkdDRWNpVWNrOFJkaDFnWDJBdUZGaUR0
djQvMS84RDk3M0ExMkNBQjkyM0ZEQUZEOUY5RkJBRTNENTgyNUU5RTE2MzU1LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzhEOTczQTEyQ0FCOTIzRkRB
RkQ5RjlGQkFFM0Q1ODI1RTlFMTYzNTUuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzRBcnlveUozNG5HR0djZkUxV25HQ0VjaVVjazhSZGgxZ1gyQXVGRmlEdHY0LzEv
MzQzNTJlMzIzMzM5MmUzMTM3MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjM2
MzgzMzM3MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAAt760wDQYJKoZIhvcNAQELBQADggEBADcikIqd
J7AADA9x03xG3zycISnRVt0RQWTiSzBJEaa0NLis7iwWftFbkbgfiZjEziETCXLp
Orzjn5dnrP7V1U06v6uqIqOlhqO1cLOJetqh0RzYFdaF0rzjNNjsJMfZSZhuwy+w
+ZnkoUgp2gAAm77egoi3CmEUq74vzxJU2OfpTBgWcEZBHO9Iwxg6AXVNZijLMSZw
3BpRLQkbli+7IvDXKXnE8JfQzGKd10pgzmIkrOM/80DeFWV2Ho3+jS4CLO1UyPtG
/ZGTgp3+SnYcLqFwflq9Iuk7efpZU5UNnL2aDDawnrqE7Oik1D5LoYrXY/W6g8qS
jG8B8U7oFKvMcj4=
-----END CERTIFICATE-----
Generated at Mon Nov 11 06:33:48 2024 by rpki-client on console-ams.rpki-client.org