Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/B2kSgNDzxeuVXWerC2LiuYQTdt3G3nGKvKXqJajjHc7y/1/3137302e38322e37362e302f32322d3235203d3e20323636343335.roa
File:                     3137302e38322e37362e302f32322d3235203d3e20323636343335.roa (raw, json)
Hash identifier:          BTx+jwsTVGbwzPhbjER6e+N42s6hIJXiM82eauX38Kc=
Subject key identifier:   AB:52:05:FE:25:B2:A6:9C:57:07:C1:B6:F3:83:CC:B5:E7:FA:37:0F
Certificate issuer:       /CN=409869FE48EE7DF53C68EF5B513E0ADA7977FF53
Certificate serial:       68C1B9C8EAABAC2F94463F9CFED25B5230B44CB7
Authority key identifier: 40:98:69:FE:48:EE:7D:F5:3C:68:EF:5B:51:3E:0A:DA:79:77:FF:53
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/409869FE48EE7DF53C68EF5B513E0ADA7977FF53.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/B2kSgNDzxeuVXWerC2LiuYQTdt3G3nGKvKXqJajjHc7y/1/3137302e38322e37362e302f32322d3235203d3e20323636343335.roa
Signing time:             Thu 04 Apr 2024 09:15:08 +0000
ROA not before:           Thu 04 Apr 2024 09:10:08 +0000
ROA not after:            Thu 03 Apr 2025 09:15:08 +0000
asID:                     266435
IP address blocks:        170.82.76.0/22 maxlen: 25

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:c1:b9:c8:ea:ab:ac:2f:94:46:3f:9c:fe:d2:5b:52:30:b4:4c:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=409869FE48EE7DF53C68EF5B513E0ADA7977FF53
        Validity
            Not Before: Apr  4 09:10:08 2024 GMT
            Not After : Apr  3 09:15:08 2025 GMT
        Subject: CN=AB5205FE25B2A69C5707C1B6F383CCB5E7FA370F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:db:6e:d5:fb:6f:f7:47:29:48:95:bb:7a:33:5a:
                    d1:69:1e:85:82:64:30:0e:3b:5d:da:66:e4:3c:ff:
                    e5:4f:c6:13:14:73:3b:3a:93:8e:f4:69:a5:a0:fc:
                    e7:21:37:2a:ec:82:b7:09:1f:3a:5f:1b:c1:8a:b2:
                    eb:bf:ee:1f:5f:26:a0:f7:a8:2f:6c:ac:f8:c4:85:
                    e0:c3:53:e7:f6:3c:4e:f6:56:00:62:4a:9c:7f:01:
                    f6:68:2a:f4:e6:8c:a9:57:03:b4:c9:0a:10:37:3d:
                    ae:4b:ee:a9:5f:57:e7:b3:a5:7c:38:cf:b6:40:22:
                    c1:f5:07:02:8e:63:a9:8e:85:68:81:32:cf:da:79:
                    f3:c2:13:a8:96:25:97:83:e7:12:70:2a:be:d5:ce:
                    0a:14:a9:a7:db:5e:40:7c:eb:9a:61:1d:f9:59:4e:
                    b6:5f:71:e9:45:6b:be:2f:25:a8:41:76:39:c7:d4:
                    e9:a9:25:01:a3:01:51:39:cf:4c:68:4f:c4:2d:ed:
                    a6:fc:72:51:f0:c4:c6:63:e3:ed:93:8b:b2:c0:89:
                    22:38:38:5b:33:db:25:d1:7e:73:86:de:5e:60:69:
                    ba:bc:ec:19:cc:62:34:a5:04:f9:8b:85:89:7d:cf:
                    e1:40:e7:f3:5f:79:ec:f2:87:92:2a:d6:fd:58:4f:
                    23:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:52:05:FE:25:B2:A6:9C:57:07:C1:B6:F3:83:CC:B5:E7:FA:37:0F
            X509v3 Authority Key Identifier:
                keyid:40:98:69:FE:48:EE:7D:F5:3C:68:EF:5B:51:3E:0A:DA:79:77:FF:53

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/B2kSgNDzxeuVXWerC2LiuYQTdt3G3nGKvKXqJajjHc7y/1/409869FE48EE7DF53C68EF5B513E0ADA7977FF53.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/409869FE48EE7DF53C68EF5B513E0ADA7977FF53.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/B2kSgNDzxeuVXWerC2LiuYQTdt3G3nGKvKXqJajjHc7y/1/3137302e38322e37362e302f32322d3235203d3e20323636343335.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.82.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         a2:80:4a:f7:07:8c:83:2e:d9:4e:71:fb:9c:30:cd:64:2f:76:
         20:dc:77:8e:e1:e7:62:5c:6d:b8:ce:5b:5e:f9:03:b9:be:3e:
         71:eb:1e:78:2d:8d:e1:1b:50:00:56:69:fd:99:3d:13:e6:9b:
         8d:8a:95:17:7e:96:9d:da:eb:11:98:73:3f:0c:39:72:21:5c:
         3f:84:4a:a3:17:e1:ac:95:55:c3:92:3c:85:02:4a:5e:92:40:
         9c:fb:f9:4c:ea:b2:63:3b:cc:71:b2:fc:c9:7f:52:2d:29:1b:
         87:e4:74:43:9c:1d:0a:84:91:65:1a:c8:78:0c:08:74:e0:63:
         9b:e4:6b:0e:22:ba:2c:27:74:60:3c:04:53:d1:6b:24:a3:79:
         84:54:8a:0e:cc:ad:ef:a9:41:c2:5e:fb:c6:73:48:d6:08:46:
         7c:9b:43:71:c2:1a:07:bc:b5:fa:52:79:bc:92:31:f0:90:48:
         8b:dd:40:56:b6:2f:af:ee:4e:af:81:32:d9:21:45:7f:c8:f7:
         73:38:e0:99:b0:04:23:a7:f1:03:fd:26:fc:14:93:04:f3:79:
         db:21:c1:7f:67:8e:8b:2c:24:52:d0:d5:c7:13:60:23:9d:3c:
         f0:3e:8f:0d:2b:86:3c:33:25:2f:89:cb:e0:eb:98:15:8b:df:
         81:54:75:71
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgIUaMG5yOqrrC+URj+c/tJbUjC0TLcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDA5ODY5RkU0OEVFN0RGNTNDNjhFRjVCNTEzRTBBREE3
OTc3RkY1MzAeFw0yNDA0MDQwOTEwMDhaFw0yNTA0MDMwOTE1MDhaMDMxMTAvBgNV
BAMTKEFCNTIwNUZFMjVCMkE2OUM1NzA3QzFCNkYzODNDQ0I1RTdGQTM3MEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbbtX7b/dHKUiVu3ozWtFpHoWC
ZDAOO13aZuQ8/+VPxhMUczs6k470aaWg/OchNyrsgrcJHzpfG8GKsuu/7h9fJqD3
qC9srPjEheDDU+f2PE72VgBiSpx/AfZoKvTmjKlXA7TJChA3Pa5L7qlfV+ezpXw4
z7ZAIsH1BwKOY6mOhWiBMs/aefPCE6iWJZeD5xJwKr7VzgoUqafbXkB865phHflZ
TrZfcelFa74vJahBdjnH1OmpJQGjAVE5z0xoT8Qt7ab8clHwxMZj4+2Ti7LAiSI4
OFsz2yXRfnOG3l5gabq87BnMYjSlBPmLhYl9z+FA5/Nfeezyh5Iq1v1YTyOnAgMB
AAGjggJPMIICSzAdBgNVHQ4EFgQUq1IF/iWyppxXB8G284PMtef6Nw8wHwYDVR0j
BBgwFoAUQJhp/kjuffU8aO9bUT4K2nl3/1MwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQjJrU2dORHp4ZXVWWFdlckMyTGl1WVFUZHQzRzNuR0t2S1hxSmFqakhj
N3kvMS80MDk4NjlGRTQ4RUU3REY1M0M2OEVGNUI1MTNFMEFEQTc5NzdGRjUzLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzQwOTg2OUZFNDhFRTdERjUz
QzY4RUY1QjUxM0UwQURBNzk3N0ZGNTMuY2VyMIGsBggrBgEFBQcBCwSBnzCBnDCB
mQYIKwYBBQUHMAuGgYxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0Iya1NnTkR6eGV1VlhXZXJDMkxpdVlRVGR0M0czbkdLdktYcUphampIYzd5LzEv
MzEzNzMwMmUzODMyMmUzNzM2MmUzMDJmMzIzMjJkMzIzNTIwM2QzZTIwMzIzNjM2
MzQzMzM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQCqlJMMA0GCSqGSIb3DQEBCwUAA4IBAQCigEr3B4yD
LtlOcfucMM1kL3Yg3HeO4ediXG24zlte+QO5vj5x6x54LY3hG1AAVmn9mT0T5puN
ipUXfpad2usRmHM/DDlyIVw/hEqjF+GslVXDkjyFAkpekkCc+/lM6rJjO8xxsvzJ
f1ItKRuH5HRDnB0KhJFlGsh4DAh04GOb5GsOIrosJ3RgPART0Wsko3mEVIoOzK3v
qUHCXvvGc0jWCEZ8m0NxwhoHvLX6Unm8kjHwkEiL3UBWti+v7k6vgTLZIUV/yPdz
OOCZsAQjp/ED/Sb8FJME83nbIcF/Z46LLCRS0NXHE2AjnTzwPo8NK4Y8MyUvicvg
65gVi9+BVHVx
-----END CERTIFICATE-----
Generated at Tue Oct 8 22:29:11 2024 by rpki-client on console-ams.rpki-client.org