Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/9YU3uLQgUXu5EbRk7uWMaZdfLCKBgjQmX9Fg2tCw5LDU/0/3138372e38342e34332e302f32342d3234203d3e203533303532.roa
File:                     3138372e38342e34332e302f32342d3234203d3e203533303532.roa (raw, json)
Hash identifier:          cc44Hsrlq5mH0IWDYLgtLdyhUdwipHoM4JUKQfZw5U8=
Subject key identifier:   A8:1D:3B:AC:A2:AC:2A:DB:53:D3:37:DC:CE:55:62:25:15:09:38:B5
Certificate issuer:       /CN=EBC99FF89ED089CB32980A722A112E63E5B2D567
Certificate serial:       577AAAF10482CEBF5876EE7A9B05A9E91B87D450
Authority key identifier: EB:C9:9F:F8:9E:D0:89:CB:32:98:0A:72:2A:11:2E:63:E5:B2:D5:67
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/0/EBC99FF89ED089CB32980A722A112E63E5B2D567.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/9YU3uLQgUXu5EbRk7uWMaZdfLCKBgjQmX9Fg2tCw5LDU/0/3138372e38342e34332e302f32342d3234203d3e203533303532.roa
Signing time:             Tue 13 Jun 2023 01:00:00 +0000
ROA not before:           Tue 13 Jun 2023 00:55:00 +0000
ROA not after:            Tue 11 Jun 2024 01:00:00 +0000
asID:                     53052
IP address blocks:        187.84.43.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:7a:aa:f1:04:82:ce:bf:58:76:ee:7a:9b:05:a9:e9:1b:87:d4:50
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=EBC99FF89ED089CB32980A722A112E63E5B2D567
        Validity
            Not Before: Jun 13 00:55:00 2023 GMT
            Not After : Jun 11 01:00:00 2024 GMT
        Subject: CN=3082010A0282010100B9351F2FDAE8E3FDA1F2FF34E534F1C2BC93EE8F20FC391361D0D0B8A9C1CEE537EEB530F97F8EB45BBE58538AF83B0DD5B834BEAA96A21542AE1E22D3D8E1AD561E14A9A52C429970DE357409B4CB671A95E1E8BBD7813D89860A11F59F8C03C1B4BF037717BAC69361E807CBB5A641F1D7225B208E6D475F5AF8C76812692A2D30344FC7B21520BA39DDA1EF583A0A72D1451C6C44CC4E94169BECA9917D3FA5225C5491352313E4F7C9C02FA9F019C900CF19C88D4E528781CBAC6B56E4FD001AFE6C8747CF2EDB2ED24B7F9D639C7B238F5698D0CD126BEC4418A776DBD0A7A44153BF1FF023E8755333DFAE49E8E70E8B769DCB6D4712E6D8DEBCDD8B6D0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:35:1f:2f:da:e8:e3:fd:a1:f2:ff:34:e5:34:
                    f1:c2:bc:93:ee:8f:20:fc:39:13:61:d0:d0:b8:a9:
                    c1:ce:e5:37:ee:b5:30:f9:7f:8e:b4:5b:be:58:53:
                    8a:f8:3b:0d:d5:b8:34:be:aa:96:a2:15:42:ae:1e:
                    22:d3:d8:e1:ad:56:1e:14:a9:a5:2c:42:99:70:de:
                    35:74:09:b4:cb:67:1a:95:e1:e8:bb:d7:81:3d:89:
                    86:0a:11:f5:9f:8c:03:c1:b4:bf:03:77:17:ba:c6:
                    93:61:e8:07:cb:b5:a6:41:f1:d7:22:5b:20:8e:6d:
                    47:5f:5a:f8:c7:68:12:69:2a:2d:30:34:4f:c7:b2:
                    15:20:ba:39:dd:a1:ef:58:3a:0a:72:d1:45:1c:6c:
                    44:cc:4e:94:16:9b:ec:a9:91:7d:3f:a5:22:5c:54:
                    91:35:23:13:e4:f7:c9:c0:2f:a9:f0:19:c9:00:cf:
                    19:c8:8d:4e:52:87:81:cb:ac:6b:56:e4:fd:00:1a:
                    fe:6c:87:47:cf:2e:db:2e:d2:4b:7f:9d:63:9c:7b:
                    23:8f:56:98:d0:cd:12:6b:ec:44:18:a7:76:db:d0:
                    a7:a4:41:53:bf:1f:f0:23:e8:75:53:33:df:ae:49:
                    e8:e7:0e:8b:76:9d:cb:6d:47:12:e6:d8:de:bc:dd:
                    8b:6d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A8:1D:3B:AC:A2:AC:2A:DB:53:D3:37:DC:CE:55:62:25:15:09:38:B5
            X509v3 Authority Key Identifier:
                keyid:EB:C9:9F:F8:9E:D0:89:CB:32:98:0A:72:2A:11:2E:63:E5:B2:D5:67

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/9YU3uLQgUXu5EbRk7uWMaZdfLCKBgjQmX9Fg2tCw5LDU/0/EBC99FF89ED089CB32980A722A112E63E5B2D567.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/0/EBC99FF89ED089CB32980A722A112E63E5B2D567.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/9YU3uLQgUXu5EbRk7uWMaZdfLCKBgjQmX9Fg2tCw5LDU/0/3138372e38342e34332e302f32342d3234203d3e203533303532.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  187.84.43.0/24

    Signature Algorithm: sha256WithRSAEncryption
         68:2f:15:1f:74:42:65:82:12:b0:7c:38:4e:2c:d5:da:f3:c3:
         ef:94:c2:99:c0:96:b6:de:29:8f:9e:3b:f7:68:54:37:2d:fc:
         66:5b:e1:17:41:af:d3:04:6a:c4:fa:bb:dc:eb:a0:15:24:4e:
         43:15:75:cd:63:b7:fe:65:05:19:68:42:bd:1f:dc:e5:21:86:
         06:df:c9:bb:e9:83:b3:2a:a1:9d:5d:4e:66:30:3e:c8:47:e3:
         d0:25:17:79:4b:46:19:66:c0:dd:98:a4:01:27:dd:bc:b3:ac:
         ee:b4:1b:b8:37:13:2d:ab:35:85:68:ee:f8:88:f6:e1:a5:ef:
         b4:1b:61:30:a8:9b:2d:6d:f3:1a:1a:8c:35:7d:ba:09:b0:6f:
         c3:a0:f9:6b:6c:71:09:4b:3a:eb:44:a3:8d:0b:73:3f:5d:cf:
         e1:ad:2a:d4:70:ac:c2:c1:29:af:18:e0:7a:ab:b1:54:59:b3:
         88:da:68:8c:5e:70:5a:bd:28:c4:cf:12:08:69:ed:55:27:00:
         8e:13:e6:5f:87:cf:a2:61:d9:26:35:f9:f9:d8:d6:e4:1f:7c:
         cc:27:4e:28:a4:40:08:ea:06:27:b1:62:f8:0a:cb:f4:2a:7d:
         7b:01:04:2f:18:50:bf:75:a9:f0:48:48:a0:6a:46:87:e2:e0:
         84:46:83:7f
-----BEGIN CERTIFICATE-----
MIIHPzCCBiegAwIBAgIUV3qq8QSCzr9Ydu56mwWp6RuH1FAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRUJDOTlGRjg5RUQwODlDQjMyOTgwQTcyMkExMTJFNjNF
NUIyRDU2NzAeFw0yMzA2MTMwMDU1MDBaFw0yNDA2MTEwMTAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjkzNTFGMkZEQUU4RTNGREEx
RjJGRjM0RTUzNEYxQzJCQzkzRUU4RjIwRkMzOTEzNjFEMEQwQjhBOUMxQ0VFNTM3
RUVCNTMwRjk3RjhFQjQ1QkJFNTg1MzhBRjgzQjBERDVCODM0QkVBQTk2QTIxNTQy
QUUxRTIyRDNEOEUxQUQ1NjFFMTRBOUE1MkM0Mjk5NzBERTM1NzQwOUI0Q0I2NzFB
OTVFMUU4QkJENzgxM0Q4OTg2MEExMUY1OUY4QzAzQzFCNEJGMDM3NzE3QkFDNjkz
NjFFODA3Q0JCNUE2NDFGMUQ3MjI1QjIwOEU2RDQ3NUY1QUY4Qzc2ODEyNjkyQTJE
MzAzNDRGQzdCMjE1MjBCQTM5RERBMUVGNTgzQTBBNzJEMTQ1MUM2QzQ0Q0M0RTk0
MTY5QkVDQTk5MTdEM0ZBNTIyNUM1NDkxMzUyMzEzRTRGN0M5QzAyRkE5RjAxOUM5
MDBDRjE5Qzg4RDRFNTI4NzgxQ0JBQzZCNTZFNEZEMDAxQUZFNkM4NzQ3Q0YyRURC
MkVEMjRCN0Y5RDYzOUM3QjIzOEY1Njk4RDBDRDEyNkJFQzQ0MThBNzc2REJEMEE3
QTQ0MTUzQkYxRkYwMjNFODc1NTMzM0RGQUU0OUU4RTcwRThCNzY5RENCNkQ0NzEy
RTZEOERFQkNERDhCNkQwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAuTUfL9ro4/2h8v805TTxwryT7o8g/DkTYdDQuKnBzuU37rUw+X+O
tFu+WFOK+DsN1bg0vqqWohVCrh4i09jhrVYeFKmlLEKZcN41dAm0y2caleHou9eB
PYmGChH1n4wDwbS/A3cXusaTYegHy7WmQfHXIlsgjm1HX1r4x2gSaSotMDRPx7IV
ILo53aHvWDoKctFFHGxEzE6UFpvsqZF9P6UiXFSRNSMT5PfJwC+p8BnJAM8ZyI1O
UoeBy6xrVuT9ABr+bIdHzy7bLtJLf51jnHsjj1aY0M0Sa+xEGKd229CnpEFTvx/w
I+h1UzPfrkno5w6Ldp3LbUcS5tjevN2LbQIDAQABo4ICTTCCAkkwHQYDVR0OBBYE
FKgdO6yirCrbU9M33M5VYiUVCTi1MB8GA1UdIwQYMBaAFOvJn/ie0InLMpgKcioR
LmPlstVnMA4GA1UdDwEB/wQEAwIHgDCBlAYDVR0fBIGMMIGJMIGGoIGDoIGAhn5y
c3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBvLzlZVTN1TFFnVVh1NUVi
Ums3dVdNYVpkZkxDS0JnalFtWDlGZzJ0Q3c1TERVLzAvRUJDOTlGRjg5RUQwODlD
QjMyOTgwQTcyMkExMTJFNjNFNUIyRDU2Ny5jcmwweAYIKwYBBQUHAQEEbDBqMGgG
CCsGAQUFBzAChlxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBvL25p
Y2JyX3JlcG8vMC9FQkM5OUZGODlFRDA4OUNCMzI5ODBBNzIyQTExMkU2M0U1QjJE
NTY3LmNlcjCBqgYIKwYBBQUHAQsEgZ0wgZowgZcGCCsGAQUFBzALhoGKcnN5bmM6
Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby85WVUzdUxRZ1VYdTVFYlJrN3VX
TWFaZGZMQ0tCZ2pRbVg5RmcydEN3NUxEVS8wLzMxMzgzNzJlMzgzNDJlMzQzMzJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDM1MzMzMDM1MzIucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC7VCsw
DQYJKoZIhvcNAQELBQADggEBAGgvFR90QmWCErB8OE4s1drzw++UwpnAlrbeKY+e
O/doVDct/GZb4RdBr9MEasT6u9zroBUkTkMVdc1jt/5lBRloQr0f3OUhhgbfybvp
g7MqoZ1dTmYwPshH49AlF3lLRhlmwN2YpAEn3byzrO60G7g3Ey2rNYVo7viI9uGl
77QbYTComy1t8xoajDV9ugmwb8Og+WtscQlLOutEo40Lcz9dz+GtKtRwrMLBKa8Y
4HqrsVRZs4jaaIxecFq9KMTPEghp7VUnAI4T5l+Hz6Jh2SY1+fnY1uQffMwnTiik
QAjqBiexYvgKy/QqfXsBBC8YUL91qfBISKBqRofi4IRGg38=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:39:05 2024 by rpki-client on console-fra.rpki-client.org