Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/4MsNDpeAhvv8wdjWHgj4yHttVDcVM8PXyydtzYT9irUP/0/3133382e39372e32302e302f32322d3234203d3e20323634313132.roa
File:                     3133382e39372e32302e302f32322d3234203d3e20323634313132.roa (raw, json)
Hash identifier:          E8dh/MLuZ7Lav8zzuHSRqLXPTSHuQzylBhfRCIljRf4=
Subject key identifier:   F7:29:93:10:3A:53:17:AD:1C:8F:AD:2C:48:F3:77:10:E7:FF:AF:24
Certificate issuer:       /CN=F4A538D51018B64785720A1F4F2377DE184D1023
Certificate serial:       2A322E88C903555FE167FE715B300C3BF7F5203F
Authority key identifier: F4:A5:38:D5:10:18:B6:47:85:72:0A:1F:4F:23:77:DE:18:4D:10:23
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/0/F4A538D51018B64785720A1F4F2377DE184D1023.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/4MsNDpeAhvv8wdjWHgj4yHttVDcVM8PXyydtzYT9irUP/0/3133382e39372e32302e302f32322d3234203d3e20323634313132.roa
Signing time:             Wed 24 Jan 2024 12:57:44 +0000
ROA not before:           Wed 24 Jan 2024 12:52:44 +0000
ROA not after:            Wed 22 Jan 2025 12:57:44 +0000
asID:                     264112
IP address blocks:        138.97.20.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2a:32:2e:88:c9:03:55:5f:e1:67:fe:71:5b:30:0c:3b:f7:f5:20:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F4A538D51018B64785720A1F4F2377DE184D1023
        Validity
            Not Before: Jan 24 12:52:44 2024 GMT
            Not After : Jan 22 12:57:44 2025 GMT
        Subject: CN=F72993103A5317AD1C8FAD2C48F37710E7FFAF24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:58:84:57:19:c8:0e:76:c9:55:4d:24:73:80:
                    0b:e1:a6:15:8c:f2:92:4a:63:75:93:77:03:f3:32:
                    36:49:e4:cb:2c:b2:3e:6e:bc:31:9b:30:5a:45:1a:
                    ee:94:59:57:32:db:02:77:97:71:29:f9:1d:a3:4e:
                    39:c7:48:6c:ea:a2:ba:3f:32:ba:96:fc:c0:35:8b:
                    e6:7e:b9:45:f9:9d:45:3e:e9:a3:ab:9b:9c:3d:9b:
                    ae:71:ed:99:b4:ee:12:df:ab:02:2d:b8:39:02:cd:
                    e2:cd:01:79:9b:5e:c3:39:e4:a5:09:3c:75:1f:bc:
                    9f:29:d7:c1:fe:5c:83:01:10:3f:87:14:90:09:bf:
                    53:d0:43:91:f1:3d:7e:1d:ca:f3:a1:6c:fa:19:52:
                    06:22:0d:9b:93:61:b4:41:81:e3:4c:62:fc:3b:7c:
                    e0:0f:75:05:72:ea:cf:06:15:9a:e6:b3:03:d3:24:
                    16:6f:75:50:78:7c:03:e5:e2:9b:aa:2b:1b:f4:0c:
                    c7:f9:16:ea:eb:db:ea:23:c3:1c:de:27:5d:a5:3e:
                    5d:f9:fd:32:29:71:c4:57:3e:dd:bc:3a:c4:72:ab:
                    d0:89:0f:eb:1b:01:d8:2e:f2:be:84:3b:97:2d:c1:
                    b9:ed:cf:6b:84:d3:b5:60:e8:34:a1:2d:a2:1f:1d:
                    3f:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F7:29:93:10:3A:53:17:AD:1C:8F:AD:2C:48:F3:77:10:E7:FF:AF:24
            X509v3 Authority Key Identifier:
                keyid:F4:A5:38:D5:10:18:B6:47:85:72:0A:1F:4F:23:77:DE:18:4D:10:23

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/4MsNDpeAhvv8wdjWHgj4yHttVDcVM8PXyydtzYT9irUP/0/F4A538D51018B64785720A1F4F2377DE184D1023.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/0/F4A538D51018B64785720A1F4F2377DE184D1023.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/4MsNDpeAhvv8wdjWHgj4yHttVDcVM8PXyydtzYT9irUP/0/3133382e39372e32302e302f32322d3234203d3e20323634313132.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.97.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c5:20:cb:31:dd:28:9b:b3:01:ef:4a:c3:51:16:2e:1d:be:1c:
         85:91:79:34:2b:77:e8:51:a1:33:8d:97:49:f7:4a:1e:06:88:
         dd:fe:6c:d1:f6:81:97:28:f8:c9:40:da:13:79:2e:34:c0:a3:
         a2:b9:8d:40:52:3b:80:3c:03:38:ba:24:b5:fd:b1:dd:82:ab:
         67:09:21:56:66:e5:9c:68:ee:a1:11:67:df:e8:0a:df:55:58:
         84:95:67:10:d2:e8:20:61:f1:df:16:69:28:b3:3c:93:f9:9c:
         ba:30:89:3a:aa:8e:3d:64:d0:0d:b8:83:af:cf:47:98:56:30:
         43:ce:76:fa:bf:5a:f4:f2:73:13:8f:c5:9e:d4:31:58:61:30:
         bb:67:c7:ce:68:61:31:73:49:bc:69:86:e7:7b:a6:63:a3:0a:
         c6:5f:9b:b1:60:92:24:b5:2d:2b:07:a7:ea:d3:fe:f2:f2:64:
         a1:da:d5:f9:3a:b2:80:38:3c:90:3b:fa:77:4f:9f:95:2b:92:
         cc:e4:67:77:15:37:6d:6d:6b:23:f9:7e:30:47:92:e8:de:f3:
         1e:52:a2:31:86:0e:e2:12:39:f2:11:49:1d:f4:69:28:f0:ad:
         94:1d:b5:99:9d:2b:80:0d:50:d0:f9:bf:70:ae:19:10:6e:02:
         fc:65:30:24
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUKjIuiMkDVV/hZ/5xWzAMO/f1ID8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRjRBNTM4RDUxMDE4QjY0Nzg1NzIwQTFGNEYyMzc3REUx
ODREMTAyMzAeFw0yNDAxMjQxMjUyNDRaFw0yNTAxMjIxMjU3NDRaMDMxMTAvBgNV
BAMTKEY3Mjk5MzEwM0E1MzE3QUQxQzhGQUQyQzQ4RjM3NzEwRTdGRkFGMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtWIRXGcgOdslVTSRzgAvhphWM
8pJKY3WTdwPzMjZJ5Msssj5uvDGbMFpFGu6UWVcy2wJ3l3Ep+R2jTjnHSGzqoro/
MrqW/MA1i+Z+uUX5nUU+6aOrm5w9m65x7Zm07hLfqwItuDkCzeLNAXmbXsM55KUJ
PHUfvJ8p18H+XIMBED+HFJAJv1PQQ5HxPX4dyvOhbPoZUgYiDZuTYbRBgeNMYvw7
fOAPdQVy6s8GFZrmswPTJBZvdVB4fAPl4puqKxv0DMf5Furr2+ojwxzeJ12lPl35
/TIpccRXPt28OsRyq9CJD+sbAdgu8r6EO5ctwbntz2uE07Vg6DShLaIfHT8bAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQU9ymTEDpTF60cj60sSPN3EOf/ryQwHwYDVR0j
BBgwFoAU9KU41RAYtkeFcgofTyN33hhNECMwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNE1zTkRwZUFodnY4d2RqV0hnajR5SHR0VkRjVk04UFh5eWR0ellUOWly
VVAvMC9GNEE1MzhENTEwMThCNjQ3ODU3MjBBMUY0RjIzNzdERTE4NEQxMDIzLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8wL0Y0QTUzOEQ1MTAxOEI2NDc4
NTcyMEExRjRGMjM3N0RFMTg0RDEwMjMuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzRNc05EcGVBaHZ2OHdkaldIZ2o0eUh0dFZEY1ZNOFBYeXlkdHpZVDlpclVQLzAv
MzEzMzM4MmUzOTM3MmUzMjMwMmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM0
MzEzMTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCimEUMA0GCSqGSIb3DQEBCwUAA4IBAQDFIMsx3Sib
swHvSsNRFi4dvhyFkXk0K3foUaEzjZdJ90oeBojd/mzR9oGXKPjJQNoTeS40wKOi
uY1AUjuAPAM4uiS1/bHdgqtnCSFWZuWcaO6hEWff6ArfVViElWcQ0uggYfHfFmko
szyT+Zy6MIk6qo49ZNANuIOvz0eYVjBDznb6v1r08nMTj8We1DFYYTC7Z8fOaGEx
c0m8aYbne6ZjowrGX5uxYJIktS0rB6fq0/7y8mSh2tX5OrKAODyQO/p3T5+VK5LM
5Gd3FTdtbWsj+X4wR5Lo3vMeUqIxhg7iEjnyEUkd9Gko8K2UHbWZnSuADVDQ+b9w
rhkQbgL8ZTAk
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:38:34 2024 by rpki-client on console-fra.rpki-client.org