Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/57vPNzngE8fEDVgicFXJAZytfM818jXo9PFk6T1LKGJX/1/3133312e37322e342e302f32342d3234203d3e203631373137.roa
File:                     3133312e37322e342e302f32342d3234203d3e203631373137.roa (raw, json)
Hash identifier:          y0rpjorbYnVw8lO2aWgSDI+5cpY816wmlZRNGIQhQvQ=
Subject key identifier:   A3:77:72:50:5C:51:32:15:F9:74:BA:A0:54:3D:BE:4B:D5:5D:97:4A
Certificate issuer:       /CN=818877B39D32BF83248D22BD29D162AD2243D97A
Certificate serial:       31D3F143F617E0F8089A068FDA95A420B765ED8B
Authority key identifier: 81:88:77:B3:9D:32:BF:83:24:8D:22:BD:29:D1:62:AD:22:43:D9:7A
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/818877B39D32BF83248D22BD29D162AD2243D97A.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/57vPNzngE8fEDVgicFXJAZytfM818jXo9PFk6T1LKGJX/1/3133312e37322e342e302f32342d3234203d3e203631373137.roa
Signing time:             Thu 04 Apr 2024 15:37:52 +0000
ROA not before:           Thu 04 Apr 2024 15:32:52 +0000
ROA not after:            Thu 03 Apr 2025 15:37:52 +0000
asID:                     61717
IP address blocks:        131.72.4.0/24 maxlen: 24

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            31:d3:f1:43:f6:17:e0:f8:08:9a:06:8f:da:95:a4:20:b7:65:ed:8b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=818877B39D32BF83248D22BD29D162AD2243D97A
        Validity
            Not Before: Apr  4 15:32:52 2024 GMT
            Not After : Apr  3 15:37:52 2025 GMT
        Subject: CN=A37772505C513215F974BAA0543DBE4BD55D974A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dc:e9:4f:c5:60:4d:9a:d1:06:b7:2a:d4:74:53:
                    1f:28:03:07:55:a7:b6:41:e6:84:8e:91:5d:5d:6e:
                    2c:1f:37:30:07:7e:33:3f:af:75:e3:1a:75:33:23:
                    6e:10:d5:19:18:71:71:93:0a:5d:bd:08:5c:02:0c:
                    b7:10:50:4a:cf:80:f6:06:26:fa:fb:cc:8d:31:89:
                    a5:08:7f:e3:9c:df:7b:7c:cd:01:3e:b6:34:ea:03:
                    82:51:0c:b8:9a:bd:f2:54:1d:91:2e:00:72:7a:f1:
                    cb:15:52:e3:cd:78:fb:c9:2a:60:a9:17:87:70:ea:
                    e3:9e:4c:0b:cb:3e:5b:db:8e:76:f7:6f:4f:7c:98:
                    79:fd:39:50:47:ab:2a:18:38:39:d6:75:2e:59:ce:
                    a6:fd:f6:4d:32:6b:ed:2e:27:50:dd:ac:67:2a:d8:
                    ca:df:57:9f:2d:fa:fa:98:5f:0f:ad:37:15:f4:1e:
                    fb:4d:1d:6b:9a:20:54:37:ea:37:1f:22:3d:94:fe:
                    ea:21:84:64:3f:31:ac:43:50:d2:17:00:68:98:67:
                    7e:d0:d7:9f:73:64:22:89:4e:7c:9d:d7:4c:ca:81:
                    a7:57:9d:8a:ca:c0:39:5b:44:b3:f3:a2:82:56:79:
                    25:41:d0:2e:29:28:85:ad:b6:db:2c:8d:cd:6b:03:
                    33:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A3:77:72:50:5C:51:32:15:F9:74:BA:A0:54:3D:BE:4B:D5:5D:97:4A
            X509v3 Authority Key Identifier:
                keyid:81:88:77:B3:9D:32:BF:83:24:8D:22:BD:29:D1:62:AD:22:43:D9:7A

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/57vPNzngE8fEDVgicFXJAZytfM818jXo9PFk6T1LKGJX/1/818877B39D32BF83248D22BD29D162AD2243D97A.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/818877B39D32BF83248D22BD29D162AD2243D97A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/57vPNzngE8fEDVgicFXJAZytfM818jXo9PFk6T1LKGJX/1/3133312e37322e342e302f32342d3234203d3e203631373137.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.72.4.0/24

    Signature Algorithm: sha256WithRSAEncryption
         47:44:c8:d6:51:eb:e6:da:bf:20:a7:c5:89:6c:71:e9:30:6a:
         9a:ee:fc:09:af:a2:e5:36:fa:9c:04:88:e8:a7:35:f3:13:38:
         4f:af:75:40:5d:3a:27:b4:9d:7c:ef:03:25:71:4a:24:54:d0:
         83:57:f5:ae:2b:d5:d8:df:2e:cc:d4:ed:45:38:36:85:0f:8c:
         e7:e1:61:cd:6a:46:14:41:75:83:d0:13:99:64:bb:7a:e0:49:
         dd:c2:30:ee:db:37:d6:2b:9e:3e:04:63:4c:e1:84:5a:ea:60:
         42:f1:75:b7:bc:9f:f6:84:dc:ed:88:a5:ab:ef:32:0d:16:17:
         91:27:a0:00:c4:31:f4:7c:0d:cc:d6:e7:7e:3f:3c:92:82:8c:
         01:8b:6d:f9:bd:eb:5a:5b:a6:b5:07:10:6a:b9:80:6b:f7:5e:
         89:d1:f8:57:d5:77:52:12:5e:a2:72:5d:f2:3b:f9:07:31:c7:
         4d:cc:c8:36:78:35:77:2c:1c:88:4f:18:c4:8c:c9:2d:07:b7:
         49:c2:3e:17:22:f9:5e:e6:ca:7a:82:f8:5f:a1:38:b4:19:a2:
         ce:08:8c:89:8f:96:e3:1c:e3:18:77:d8:fa:c5:c0:2a:63:65:
         d6:6a:e7:05:fa:64:f7:f6:7e:6b:53:2d:b4:d3:3f:4c:45:86:
         6e:d7:24:4b
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIUMdPxQ/YX4PgImgaP2pWkILdl7YswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoODE4ODc3QjM5RDMyQkY4MzI0OEQyMkJEMjlEMTYyQUQy
MjQzRDk3QTAeFw0yNDA0MDQxNTMyNTJaFw0yNTA0MDMxNTM3NTJaMDMxMTAvBgNV
BAMTKEEzNzc3MjUwNUM1MTMyMTVGOTc0QkFBMDU0M0RCRTRCRDU1RDk3NEEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc6U/FYE2a0Qa3KtR0Ux8oAwdV
p7ZB5oSOkV1dbiwfNzAHfjM/r3XjGnUzI24Q1RkYcXGTCl29CFwCDLcQUErPgPYG
Jvr7zI0xiaUIf+Oc33t8zQE+tjTqA4JRDLiavfJUHZEuAHJ68csVUuPNePvJKmCp
F4dw6uOeTAvLPlvbjnb3b098mHn9OVBHqyoYODnWdS5Zzqb99k0ya+0uJ1DdrGcq
2MrfV58t+vqYXw+tNxX0HvtNHWuaIFQ36jcfIj2U/uohhGQ/MaxDUNIXAGiYZ37Q
159zZCKJTnyd10zKgadXnYrKwDlbRLPzooJWeSVB0C4pKIWtttssjc1rAzMtAgMB
AAGjggJLMIICRzAdBgNVHQ4EFgQUo3dyUFxRMhX5dLqgVD2+S9Vdl0owHwYDVR0j
BBgwFoAUgYh3s50yv4MkjSK9KdFirSJD2XowDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vNTd2UE56bmdFOGZFRFZnaWNGWEpBWnl0Zk04MThqWG85UEZrNlQxTEtH
SlgvMS84MTg4NzdCMzlEMzJCRjgzMjQ4RDIyQkQyOUQxNjJBRDIyNDNEOTdBLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzgxODg3N0IzOUQzMkJGODMy
NDhEMjJCRDI5RDE2MkFEMjI0M0Q5N0EuY2VyMIGoBggrBgEFBQcBCwSBmzCBmDCB
lQYIKwYBBQUHMAuGgYhyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
LzU3dlBOem5nRThmRURWZ2ljRlhKQVp5dGZNODE4alhvOVBGazZUMUxLR0pYLzEv
MzEzMzMxMmUzNzMyMmUzNDJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM2MzEzNzMx
Mzcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBACDSAQwDQYJKoZIhvcNAQELBQADggEBAEdEyNZR6+bavyCn
xYlscekwapru/AmvouU2+pwEiOinNfMTOE+vdUBdOie0nXzvAyVxSiRU0INX9a4r
1djfLszU7UU4NoUPjOfhYc1qRhRBdYPQE5lku3rgSd3CMO7bN9Yrnj4EY0zhhFrq
YELxdbe8n/aE3O2IpavvMg0WF5EnoADEMfR8DczW534/PJKCjAGLbfm961pbprUH
EGq5gGv3XonR+FfVd1ISXqJyXfI7+Qcxx03MyDZ4NXcsHIhPGMSMyS0Ht0nCPhci
+V7mynqC+F+hOLQZos4IjImPluMc4xh32PrFwCpjZdZq5wX6ZPf2fmtTLbTTP0xF
hm7XJEs=
-----END CERTIFICATE-----
Generated at Wed Nov 20 17:30:18 2024 by rpki-client on console-fra.rpki-client.org