Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/4xcLWXC7hdQTkJrcabpTqP5wA1hRpHZvfQGUnXKdAG3W/1/323830343a3838633a383030303a3a2f33332d3333203d3e203532383732.roa
File:                     323830343a3838633a383030303a3a2f33332d3333203d3e203532383732.roa (raw, json)
Hash identifier:          CN5HPZLwVYwTv+YWQVTeg+UheQi7XKts3J8u56ge+Gg=
Subject key identifier:   DF:23:2B:3B:F1:15:10:D0:3A:18:2A:66:02:87:55:DD:2E:98:93:D7
Certificate issuer:       /CN=9D94162FCA29B10C2A202C439F0AD2F480E45627
Certificate serial:       5DB1D3D5D1325FD7B44065235CA20792FFFB80BE
Authority key identifier: 9D:94:16:2F:CA:29:B1:0C:2A:20:2C:43:9F:0A:D2:F4:80:E4:56:27
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/9D94162FCA29B10C2A202C439F0AD2F480E45627.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/4xcLWXC7hdQTkJrcabpTqP5wA1hRpHZvfQGUnXKdAG3W/1/323830343a3838633a383030303a3a2f33332d3333203d3e203532383732.roa
Signing time:             Thu 04 Apr 2024 11:23:22 +0000
ROA not before:           Thu 04 Apr 2024 11:18:22 +0000
ROA not after:            Thu 03 Apr 2025 11:23:22 +0000
asID:                     52872
IP address blocks:        2804:88c:8000::/33 maxlen: 33

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:b1:d3:d5:d1:32:5f:d7:b4:40:65:23:5c:a2:07:92:ff:fb:80:be
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9D94162FCA29B10C2A202C439F0AD2F480E45627
        Validity
            Not Before: Apr  4 11:18:22 2024 GMT
            Not After : Apr  3 11:23:22 2025 GMT
        Subject: CN=DF232B3BF11510D03A182A66028755DD2E9893D7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ab:a7:d7:14:84:76:34:84:bb:0f:f5:d4:a8:
                    d5:54:93:b5:c2:95:93:3d:23:c4:27:04:e5:ef:1f:
                    7f:df:bb:a4:e3:25:27:29:c7:9f:a1:80:f7:9c:c8:
                    77:cb:34:86:aa:46:a9:ff:4a:4d:dc:d3:fd:79:65:
                    7c:78:b6:10:74:1b:28:5b:e7:75:2c:ba:7a:68:25:
                    7b:26:06:32:93:f4:74:31:f7:08:1c:64:29:f2:dd:
                    12:03:97:f7:0d:b6:ab:36:d5:f2:cb:64:db:bf:2b:
                    5c:d7:94:2b:10:d6:90:95:a7:32:2e:fe:72:c8:63:
                    0e:cb:76:09:87:ae:d5:84:56:56:7f:d5:db:f7:49:
                    1b:0d:65:7e:9f:2e:58:11:a7:49:cd:6e:cb:71:6a:
                    87:cf:bf:9d:1c:f4:d6:5f:bb:18:e3:4c:d6:39:72:
                    92:a3:7a:a0:06:3c:47:b8:61:cb:67:a6:b5:67:a0:
                    96:33:ab:33:7b:7c:65:5f:0f:d8:0b:4e:8b:77:cb:
                    a8:6e:a6:83:a7:9a:a5:3d:69:69:18:b1:dc:70:e9:
                    ce:c3:03:70:9a:88:16:e0:22:8b:47:bc:77:9f:a6:
                    65:6a:96:ac:b2:8c:74:44:47:4e:4a:b7:e3:d4:68:
                    ce:a6:fb:1b:ca:1f:61:29:d6:64:43:93:d5:ae:e1:
                    b7:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:23:2B:3B:F1:15:10:D0:3A:18:2A:66:02:87:55:DD:2E:98:93:D7
            X509v3 Authority Key Identifier:
                keyid:9D:94:16:2F:CA:29:B1:0C:2A:20:2C:43:9F:0A:D2:F4:80:E4:56:27

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/4xcLWXC7hdQTkJrcabpTqP5wA1hRpHZvfQGUnXKdAG3W/1/9D94162FCA29B10C2A202C439F0AD2F480E45627.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/9D94162FCA29B10C2A202C439F0AD2F480E45627.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/4xcLWXC7hdQTkJrcabpTqP5wA1hRpHZvfQGUnXKdAG3W/1/323830343a3838633a383030303a3a2f33332d3333203d3e203532383732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:88c:8000::/33

    Signature Algorithm: sha256WithRSAEncryption
         9d:43:4c:d9:c3:77:77:0e:2f:12:db:2d:35:4b:2f:e3:b2:c3:
         4b:42:bf:ad:b9:7f:bf:2e:b6:aa:0e:2e:64:5d:0b:06:87:11:
         25:ac:ca:47:76:f2:64:27:da:a4:f6:92:9f:2c:50:9e:81:4d:
         02:2c:12:f2:e7:af:0d:cc:92:8e:22:fe:ed:81:2e:ca:38:b1:
         d9:cc:5d:dc:01:e0:dd:44:ba:d0:bc:b9:f3:a2:33:31:16:a9:
         5c:25:5e:bd:a0:57:c0:5e:bf:ac:62:8c:78:50:84:77:b3:21:
         6a:cf:c3:68:0f:ed:5f:9c:39:e8:d3:b5:ca:ba:0c:70:f4:be:
         a4:8a:01:32:ad:9b:65:8c:31:b6:e1:20:30:f8:aa:c1:bb:f0:
         6d:f5:f6:c2:23:b2:d5:1e:e6:46:92:34:e6:9e:63:87:73:b2:
         93:ae:49:97:f4:c3:bb:58:38:e0:9a:71:3a:49:95:f1:68:aa:
         02:09:31:e0:0e:da:6a:b0:44:1f:3e:d2:52:57:2b:b0:f2:ad:
         01:38:96:82:0c:ae:b4:e4:d4:22:98:65:2c:d2:fb:eb:f8:ae:
         d6:dd:c9:9e:bb:43:97:90:ab:7a:4d:77:78:2b:a2:29:a2:ea:
         df:38:88:ca:03:14:b5:23:17:46:ae:50:11:75:46:62:78:75:
         d3:66:f0:be
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIUXbHT1dEyX9e0QGUjXKIHkv/7gL4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOUQ5NDE2MkZDQTI5QjEwQzJBMjAyQzQzOUYwQUQyRjQ4
MEU0NTYyNzAeFw0yNDA0MDQxMTE4MjJaFw0yNTA0MDMxMTIzMjJaMDMxMTAvBgNV
BAMTKERGMjMyQjNCRjExNTEwRDAzQTE4MkE2NjAyODc1NUREMkU5ODkzRDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCq6fXFIR2NIS7D/XUqNVUk7XC
lZM9I8QnBOXvH3/fu6TjJScpx5+hgPecyHfLNIaqRqn/Sk3c0/15ZXx4thB0Gyhb
53UsunpoJXsmBjKT9HQx9wgcZCny3RIDl/cNtqs21fLLZNu/K1zXlCsQ1pCVpzIu
/nLIYw7LdgmHrtWEVlZ/1dv3SRsNZX6fLlgRp0nNbstxaofPv50c9NZfuxjjTNY5
cpKjeqAGPEe4YctnprVnoJYzqzN7fGVfD9gLTot3y6hupoOnmqU9aWkYsdxw6c7D
A3CaiBbgIotHvHefpmVqlqyyjHRER05Kt+PUaM6m+xvKH2Ep1mRDk9Wu4bfpAgMB
AAGjggJXMIICUzAdBgNVHQ4EFgQU3yMrO/EVENA6GCpmAodV3S6Yk9cwHwYDVR0j
BBgwFoAUnZQWL8opsQwqICxDnwrS9IDkVicwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNHhjTFdYQzdoZFFUa0pyY2FicFRxUDV3QTFoUnBIWnZmUUdVblhLZEFH
M1cvMS85RDk0MTYyRkNBMjlCMTBDMkEyMDJDNDM5RjBBRDJGNDgwRTQ1NjI3LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzlEOTQxNjJGQ0EyOUIxMEMy
QTIwMkM0MzlGMEFEMkY0ODBFNDU2MjcuY2VyMIGyBggrBgEFBQcBCwSBpTCBojCB
nwYIKwYBBQUHMAuGgZJyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzR4Y0xXWEM3aGRRVGtKcmNhYnBUcVA1d0ExaFJwSFp2ZlFHVW5YS2RBRzNXLzEv
MzIzODMwMzQzYTM4Mzg2MzNhMzgzMDMwMzAzYTNhMmYzMzMzMmQzMzMzMjAzZDNl
MjAzNTMyMzgzNzMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsG
AQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYHKAQIjIAwDQYJKoZIhvcNAQELBQADggEB
AJ1DTNnDd3cOLxLbLTVLL+Oyw0tCv625f78utqoOLmRdCwaHESWsykd28mQn2qT2
kp8sUJ6BTQIsEvLnrw3Mko4i/u2BLso4sdnMXdwB4N1EutC8ufOiMzEWqVwlXr2g
V8Bev6xijHhQhHezIWrPw2gP7V+cOejTtcq6DHD0vqSKATKtm2WMMbbhIDD4qsG7
8G319sIjstUe5kaSNOaeY4dzspOuSZf0w7tYOOCacTpJlfFoqgIJMeAO2mqwRB8+
0lJXK7DyrQE4loIMrrTk1CKYZSzS++v4rtbdyZ67Q5eQq3pNd3groimi6t84iMoD
FLUjF0auUBF1RmJ4ddNm8L4=
-----END CERTIFICATE-----
Generated at Sun Oct 6 16:43:52 2024 by rpki-client on console-fra.rpki-client.org