Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/84cPB6KkxcR9XZoiL8pho3aYpJ1durKEsGHDjpHbtG7c/1/34352e372e302e302f32322d3234203d3e20323637333838.roa
File:                     34352e372e302e302f32322d3234203d3e20323637333838.roa (raw, json)
Hash identifier:          DsxTCxrIeD2mhuCp9uRLtOPhynW0kbRwjKdIX7r1Qew=
Subject key identifier:   6B:52:19:D7:96:06:E9:15:57:B0:CA:F2:07:AB:86:F4:A2:E9:62:D6
Certificate issuer:       /CN=8A9A31995D56C92279C59971190F9CDC7E94D924
Certificate serial:       5212D94FF4CBE97870F4ABC7C02806350485527C
Authority key identifier: 8A:9A:31:99:5D:56:C9:22:79:C5:99:71:19:0F:9C:DC:7E:94:D9:24
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8A9A31995D56C92279C59971190F9CDC7E94D924.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/84cPB6KkxcR9XZoiL8pho3aYpJ1durKEsGHDjpHbtG7c/1/34352e372e302e302f32322d3234203d3e20323637333838.roa
Signing time:             Thu 04 Apr 2024 14:44:54 +0000
ROA not before:           Thu 04 Apr 2024 14:39:54 +0000
ROA not after:            Thu 03 Apr 2025 14:44:54 +0000
asID:                     267388
IP address blocks:        45.7.0.0/22 maxlen: 24

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:12:d9:4f:f4:cb:e9:78:70:f4:ab:c7:c0:28:06:35:04:85:52:7c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8A9A31995D56C92279C59971190F9CDC7E94D924
        Validity
            Not Before: Apr  4 14:39:54 2024 GMT
            Not After : Apr  3 14:44:54 2025 GMT
        Subject: CN=6B5219D79606E91557B0CAF207AB86F4A2E962D6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:fc:5d:f3:62:58:57:84:75:c7:e2:3a:7e:a7:
                    6c:c9:71:b0:3f:89:34:51:6e:28:df:b2:ef:ec:97:
                    55:e7:9b:46:d6:af:52:d6:0c:84:6e:aa:99:ad:9e:
                    e6:ca:73:fa:98:6a:ba:3f:3b:40:0a:e2:73:0a:a7:
                    57:43:f7:16:04:00:53:fd:12:d0:49:78:fc:c7:7a:
                    1c:eb:62:19:3c:9b:65:28:18:c9:2b:fd:e3:2d:5d:
                    66:6a:07:fa:01:0a:89:8f:a9:66:c3:00:ef:b2:a5:
                    f4:9f:aa:df:51:8a:8c:d3:d5:06:90:3a:e7:fc:dd:
                    78:5c:21:bc:78:87:4a:60:9d:eb:c7:b7:14:73:91:
                    50:ff:bf:98:c5:39:c1:57:a8:f5:2d:f2:57:ae:61:
                    0d:1c:01:94:80:66:8b:52:f7:0d:cc:35:a6:51:89:
                    ea:f1:1c:b7:2b:f8:68:d8:d2:91:81:00:e0:58:f5:
                    c3:2a:b7:15:f5:18:18:cd:a4:b1:51:46:80:8e:93:
                    ef:fb:77:1b:20:95:83:65:e5:f6:e6:89:1a:80:32:
                    91:be:16:93:6b:34:14:10:33:bb:8f:fb:42:8c:88:
                    dc:99:ae:af:bb:80:34:eb:5b:1e:67:0b:44:3c:38:
                    cb:9b:04:63:86:1f:50:5f:da:84:67:50:b6:b6:d9:
                    eb:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:52:19:D7:96:06:E9:15:57:B0:CA:F2:07:AB:86:F4:A2:E9:62:D6
            X509v3 Authority Key Identifier:
                keyid:8A:9A:31:99:5D:56:C9:22:79:C5:99:71:19:0F:9C:DC:7E:94:D9:24

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/84cPB6KkxcR9XZoiL8pho3aYpJ1durKEsGHDjpHbtG7c/1/8A9A31995D56C92279C59971190F9CDC7E94D924.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/8A9A31995D56C92279C59971190F9CDC7E94D924.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/84cPB6KkxcR9XZoiL8pho3aYpJ1durKEsGHDjpHbtG7c/1/34352e372e302e302f32322d3234203d3e20323637333838.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.7.0.0/22

    Signature Algorithm: sha256WithRSAEncryption
         79:87:2e:d0:45:90:4a:e3:3f:95:3b:3e:dc:2a:4d:3c:a2:38:
         2e:43:2d:7b:df:55:b3:2e:2d:8e:eb:b1:f5:9a:d4:9c:0f:ae:
         2f:a5:6e:89:3a:0b:b1:c4:11:9f:a8:49:8b:3c:2c:9c:6c:f3:
         45:cf:8c:48:da:e3:9d:98:f0:f0:75:7f:c4:35:c4:a4:ae:3c:
         9b:12:48:65:bd:22:c0:11:1b:49:f3:2e:7c:27:ab:53:ed:09:
         c5:5a:14:9b:65:8d:95:32:86:08:ca:af:2c:b3:b8:10:3d:54:
         6a:ab:78:7e:f0:b3:eb:b9:0c:dc:57:35:9b:7a:de:3d:19:52:
         21:01:db:56:a3:56:75:7f:bb:cf:fe:7f:9f:18:8f:98:df:2e:
         d6:cc:c2:85:3e:df:7e:5c:da:14:c9:67:51:60:91:9f:58:b5:
         29:c5:55:0c:a9:48:07:2b:7a:c0:0e:f4:43:b7:17:ce:f4:ee:
         63:c8:ef:0a:4f:47:2c:c2:5d:52:a2:bc:00:65:56:b9:9b:84:
         ed:19:ad:65:83:b4:66:b8:ff:b3:1a:af:af:a5:14:82:03:26:
         2b:04:b6:9f:2d:0f:b4:37:58:cb:55:cd:e8:7d:e5:0f:6d:3c:
         86:a4:42:51:a3:cb:94:e9:d8:3a:f1:d5:26:ae:45:3a:de:17:
         bd:3e:b8:39
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIUUhLZT/TL6Xhw9KvHwCgGNQSFUnwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEE5QTMxOTk1RDU2QzkyMjc5QzU5OTcxMTkwRjlDREM3
RTk0RDkyNDAeFw0yNDA0MDQxNDM5NTRaFw0yNTA0MDMxNDQ0NTRaMDMxMTAvBgNV
BAMTKDZCNTIxOUQ3OTYwNkU5MTU1N0IwQ0FGMjA3QUI4NkY0QTJFOTYyRDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCq/F3zYlhXhHXH4jp+p2zJcbA/
iTRRbijfsu/sl1Xnm0bWr1LWDIRuqpmtnubKc/qYaro/O0AK4nMKp1dD9xYEAFP9
EtBJePzHehzrYhk8m2UoGMkr/eMtXWZqB/oBComPqWbDAO+ypfSfqt9RiozT1QaQ
Ouf83XhcIbx4h0pgnevHtxRzkVD/v5jFOcFXqPUt8leuYQ0cAZSAZotS9w3MNaZR
ierxHLcr+GjY0pGBAOBY9cMqtxX1GBjNpLFRRoCOk+/7dxsglYNl5fbmiRqAMpG+
FpNrNBQQM7uP+0KMiNyZrq+7gDTrWx5nC0Q8OMubBGOGH1Bf2oRnULa22eurAgMB
AAGjggJJMIICRTAdBgNVHQ4EFgQUa1IZ15YG6RVXsMryB6uG9KLpYtYwHwYDVR0j
BBgwFoAUipoxmV1WySJ5xZlxGQ+c3H6U2SQwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vODRjUEI2S2t4Y1I5WFpvaUw4cGhvM2FZcEoxZHVyS0VzR0hEanBIYnRH
N2MvMS84QTlBMzE5OTVENTZDOTIyNzlDNTk5NzExOTBGOUNEQzdFOTREOTI0LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzhBOUEzMTk5NUQ1NkM5MjI3
OUM1OTk3MTE5MEY5Q0RDN0U5NEQ5MjQuY2VyMIGmBggrBgEFBQcBCwSBmTCBljCB
kwYIKwYBBQUHMAuGgYZyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
Lzg0Y1BCNktreGNSOVhab2lMOHBobzNhWXBKMWR1cktFc0dIRGpwSGJ0RzdjLzEv
MzQzNTJlMzcyZTMwMmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjM3MzMzODM4
LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAw
DjAMBAIAATAGAwQCLQcAMA0GCSqGSIb3DQEBCwUAA4IBAQB5hy7QRZBK4z+VOz7c
Kk08ojguQy1731WzLi2O67H1mtScD64vpW6JOguxxBGfqEmLPCycbPNFz4xI2uOd
mPDwdX/ENcSkrjybEkhlvSLAERtJ8y58J6tT7QnFWhSbZY2VMoYIyq8ss7gQPVRq
q3h+8LPruQzcVzWbet49GVIhAdtWo1Z1f7vP/n+fGI+Y3y7WzMKFPt9+XNoUyWdR
YJGfWLUpxVUMqUgHK3rADvRDtxfO9O5jyO8KT0cswl1SorwAZVa5m4TtGa1lg7Rm
uP+zGq+vpRSCAyYrBLafLQ+0N1jLVc3ofeUPbTyGpEJRo8uU6dg68dUmrkU63he9
Prg5
-----END CERTIFICATE-----
Generated at Sun Oct 6 20:02:10 2024 by rpki-client on console-fra.rpki-client.org