Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/5aRseHMT7bHtNPiaPv8RFaCw5kRE1WG9ysjCGKNEbwtp/0/323830343a366432303a3a2f33322d3332203d3e20323730353134.roa
File:                     323830343a366432303a3a2f33322d3332203d3e20323730353134.roa (raw, json)
Hash identifier:          u1KJEbsXoBlh0IHEw7Cujn/8CkrIM+5nyhFp/VodaOk=
Subject key identifier:   99:5C:93:05:63:5D:51:B5:DB:50:3D:82:90:A2:CA:37:D3:15:86:E0
Certificate issuer:       /CN=35F6CB498D4B581CD56EFC2125053A8C6BF1D329
Certificate serial:       1357F92D30D9DC1209E99E3B31F8A4380B25BB26
Authority key identifier: 35:F6:CB:49:8D:4B:58:1C:D5:6E:FC:21:25:05:3A:8C:6B:F1:D3:29
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/0/35F6CB498D4B581CD56EFC2125053A8C6BF1D329.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/5aRseHMT7bHtNPiaPv8RFaCw5kRE1WG9ysjCGKNEbwtp/0/323830343a366432303a3a2f33322d3332203d3e20323730353134.roa
Signing time:             Mon 25 Sep 2023 17:00:00 +0000
ROA not before:           Mon 25 Sep 2023 16:55:00 +0000
ROA not after:            Mon 23 Sep 2024 17:00:00 +0000
asID:                     270514
IP address blocks:        2804:6d20::/32 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:57:f9:2d:30:d9:dc:12:09:e9:9e:3b:31:f8:a4:38:0b:25:bb:26
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=35F6CB498D4B581CD56EFC2125053A8C6BF1D329
        Validity
            Not Before: Sep 25 16:55:00 2023 GMT
            Not After : Sep 23 17:00:00 2024 GMT
        Subject: CN=3082010A0282010100FA0A6720B9B246EB261BF7E17BB1B79C424BC3EB5A6A4B0C9F143726D667912D8EEB59440E3AEA6FE9D703CB771E09ED6B85A864D0509E08D2C7BE7CDBF41D010B0DF601DC823A0F04AC8EED38D71B36297B62E100DC4E0346E3E734309103D67231C70B032EAF4F312B3E0080352F1D5596F2CCF65EAF2ADDD6B25DE6B678C5747E45DCEB482DD5F5B38AE695267583FC7C032F9B8C31D46B5B487C973C6BC283DBE5235C4415A7BAEAE5F37548054CDF5625F8FA9728DEC64F91A907C4CE2D5A7ABC16C1D7C7E2E6B67372D0E9A5EB6782E812425123D7F8279D5877701CDB0FC19D1EA1962BBE95E269420E32E60864E8C517934827031CCCC68EEC3855ED0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:0a:67:20:b9:b2:46:eb:26:1b:f7:e1:7b:b1:
                    b7:9c:42:4b:c3:eb:5a:6a:4b:0c:9f:14:37:26:d6:
                    67:91:2d:8e:eb:59:44:0e:3a:ea:6f:e9:d7:03:cb:
                    77:1e:09:ed:6b:85:a8:64:d0:50:9e:08:d2:c7:be:
                    7c:db:f4:1d:01:0b:0d:f6:01:dc:82:3a:0f:04:ac:
                    8e:ed:38:d7:1b:36:29:7b:62:e1:00:dc:4e:03:46:
                    e3:e7:34:30:91:03:d6:72:31:c7:0b:03:2e:af:4f:
                    31:2b:3e:00:80:35:2f:1d:55:96:f2:cc:f6:5e:af:
                    2a:dd:d6:b2:5d:e6:b6:78:c5:74:7e:45:dc:eb:48:
                    2d:d5:f5:b3:8a:e6:95:26:75:83:fc:7c:03:2f:9b:
                    8c:31:d4:6b:5b:48:7c:97:3c:6b:c2:83:db:e5:23:
                    5c:44:15:a7:ba:ea:e5:f3:75:48:05:4c:df:56:25:
                    f8:fa:97:28:de:c6:4f:91:a9:07:c4:ce:2d:5a:7a:
                    bc:16:c1:d7:c7:e2:e6:b6:73:72:d0:e9:a5:eb:67:
                    82:e8:12:42:51:23:d7:f8:27:9d:58:77:70:1c:db:
                    0f:c1:9d:1e:a1:96:2b:be:95:e2:69:42:0e:32:e6:
                    08:64:e8:c5:17:93:48:27:03:1c:cc:c6:8e:ec:38:
                    55:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:5C:93:05:63:5D:51:B5:DB:50:3D:82:90:A2:CA:37:D3:15:86:E0
            X509v3 Authority Key Identifier:
                keyid:35:F6:CB:49:8D:4B:58:1C:D5:6E:FC:21:25:05:3A:8C:6B:F1:D3:29

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/5aRseHMT7bHtNPiaPv8RFaCw5kRE1WG9ysjCGKNEbwtp/0/35F6CB498D4B581CD56EFC2125053A8C6BF1D329.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/0/35F6CB498D4B581CD56EFC2125053A8C6BF1D329.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/5aRseHMT7bHtNPiaPv8RFaCw5kRE1WG9ysjCGKNEbwtp/0/323830343a366432303a3a2f33322d3332203d3e20323730353134.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:6d20::/32

    Signature Algorithm: sha256WithRSAEncryption
         5a:cd:7f:6f:aa:03:a4:3d:57:0c:bb:c8:30:72:3d:4f:59:da:
         8a:d7:f2:b5:ba:c5:bc:f3:c5:9c:ef:c0:9f:5f:c3:d5:88:7e:
         94:24:07:08:a7:fe:f1:ba:ff:6e:f3:8a:3b:10:40:eb:49:d2:
         aa:fe:bb:8d:d9:0a:0e:fe:0c:f4:58:27:0e:bf:13:ae:1e:f4:
         40:bc:48:c5:22:ab:0e:9f:d1:67:0d:12:de:5e:8f:cb:ad:e0:
         81:b7:c7:8d:9d:78:67:2f:18:8a:c7:8b:b0:6d:95:1c:8f:17:
         7b:54:2d:c3:fb:ff:ec:26:a6:9a:ae:2d:b0:5c:d8:41:91:4a:
         17:17:26:b7:b7:aa:d6:f4:48:26:3d:95:2b:54:31:e8:30:f6:
         51:41:dd:29:a8:4b:09:07:0e:bc:b3:c1:50:28:27:a8:cb:df:
         80:87:0e:49:3b:58:27:8a:70:b3:f8:b1:a5:e1:cd:73:7b:a6:
         be:2a:5f:83:a9:bf:27:30:1c:88:27:e9:7b:cf:89:62:24:96:
         86:2a:0b:0d:9c:d8:eb:31:b0:b8:22:f0:39:b1:bf:a2:5c:20:
         e6:24:4c:62:aa:d8:13:ff:39:28:19:dc:42:a5:25:da:0b:4f:
         12:b2:14:3f:ce:1d:43:1e:55:cf:a1:6d:59:64:cc:de:15:0c:
         22:f3:27:45
-----BEGIN CERTIFICATE-----
MIIHQjCCBiqgAwIBAgIUE1f5LTDZ3BIJ6Z47MfikOAsluyYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzVGNkNCNDk4RDRCNTgxQ0Q1NkVGQzIxMjUwNTNBOEM2
QkYxRDMyOTAeFw0yMzA5MjUxNjU1MDBaFw0yNDA5MjMxNzAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRkEwQTY3MjBCOUIyNDZFQjI2
MUJGN0UxN0JCMUI3OUM0MjRCQzNFQjVBNkE0QjBDOUYxNDM3MjZENjY3OTEyRDhF
RUI1OTQ0MEUzQUVBNkZFOUQ3MDNDQjc3MUUwOUVENkI4NUE4NjREMDUwOUUwOEQy
QzdCRTdDREJGNDFEMDEwQjBERjYwMURDODIzQTBGMDRBQzhFRUQzOEQ3MUIzNjI5
N0I2MkUxMDBEQzRFMDM0NkUzRTczNDMwOTEwM0Q2NzIzMUM3MEIwMzJFQUY0RjMx
MkIzRTAwODAzNTJGMUQ1NTk2RjJDQ0Y2NUVBRjJBRERENkIyNURFNkI2NzhDNTc0
N0U0NURDRUI0ODJERDVGNUIzOEFFNjk1MjY3NTgzRkM3QzAzMkY5QjhDMzFENDZC
NUI0ODdDOTczQzZCQzI4M0RCRTUyMzVDNDQxNUE3QkFFQUU1RjM3NTQ4MDU0Q0RG
NTYyNUY4RkE5NzI4REVDNjRGOTFBOTA3QzRDRTJENUE3QUJDMTZDMUQ3QzdFMkU2
QjY3MzcyRDBFOUE1RUI2NzgyRTgxMjQyNTEyM0Q3RjgyNzlENTg3NzcwMUNEQjBG
QzE5RDFFQTE5NjJCQkU5NUUyNjk0MjBFMzJFNjA4NjRFOEM1MTc5MzQ4MjcwMzFD
Q0NDNjhFRUMzODU1RUQwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA+gpnILmyRusmG/fhe7G3nEJLw+taaksMnxQ3JtZnkS2O61lEDjrq
b+nXA8t3Hgnta4WoZNBQngjSx7582/QdAQsN9gHcgjoPBKyO7TjXGzYpe2LhANxO
A0bj5zQwkQPWcjHHCwMur08xKz4AgDUvHVWW8sz2Xq8q3dayXea2eMV0fkXc60gt
1fWziuaVJnWD/HwDL5uMMdRrW0h8lzxrwoPb5SNcRBWnuurl83VIBUzfViX4+pco
3sZPkakHxM4tWnq8FsHXx+LmtnNy0Oml62eC6BJCUSPX+CedWHdwHNsPwZ0eoZYr
vpXiaUIOMuYIZOjFF5NIJwMczMaO7DhV7QIDAQABo4ICUDCCAkwwHQYDVR0OBBYE
FJlckwVjXVG121A9gpCiyjfTFYbgMB8GA1UdIwQYMBaAFDX2y0mNS1gc1W78ISUF
Ooxr8dMpMA4GA1UdDwEB/wQEAwIHgDCBlAYDVR0fBIGMMIGJMIGGoIGDoIGAhn5y
c3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBvLzVhUnNlSE1UN2JIdE5Q
aWFQdjhSRmFDdzVrUkUxV0c5eXNqQ0dLTkVid3RwLzAvMzVGNkNCNDk4RDRCNTgx
Q0Q1NkVGQzIxMjUwNTNBOEM2QkYxRDMyOS5jcmwweAYIKwYBBQUHAQEEbDBqMGgG
CCsGAQUFBzAChlxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBvL25p
Y2JyX3JlcG8vMC8zNUY2Q0I0OThENEI1ODFDRDU2RUZDMjEyNTA1M0E4QzZCRjFE
MzI5LmNlcjCBrAYIKwYBBQUHAQsEgZ8wgZwwgZkGCCsGAQUFBzALhoGMcnN5bmM6
Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby81YVJzZUhNVDdiSHROUGlhUHY4
UkZhQ3c1a1JFMVdHOXlzakNHS05FYnd0cC8wLzMyMzgzMDM0M2EzNjY0MzIzMDNh
M2EyZjMzMzIyZDMzMzIyMDNkM2UyMDMyMzczMDM1MzEzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgE
bSAwDQYJKoZIhvcNAQELBQADggEBAFrNf2+qA6Q9Vwy7yDByPU9Z2orX8rW6xbzz
xZzvwJ9fw9WIfpQkBwin/vG6/27zijsQQOtJ0qr+u43ZCg7+DPRYJw6/E64e9EC8
SMUiqw6f0WcNEt5ej8ut4IG3x42deGcvGIrHi7BtlRyPF3tULcP7/+wmppquLbBc
2EGRShcXJre3qtb0SCY9lStUMegw9lFB3SmoSwkHDryzwVAoJ6jL34CHDkk7WCeK
cLP4saXhzXN7pr4qX4OpvycwHIgn6XvPiWIkloYqCw2c2OsxsLgi8Dmxv6JcIOYk
TGKq2BP/OSgZ3EKlJdoLTxKyFD/OHUMeVc+hbVlkzN4VDCLzJ0U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:08 2024 by rpki-client on console-ams.rpki-client.org