Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/BMCWXPuxCwAcELbtz8XwMzNHiih3cGwePSmHXgAzB96w/0/34352e342e3132342e302f32322d3232203d3e20323636303636.roa
File:                     34352e342e3132342e302f32322d3232203d3e20323636303636.roa (raw, json)
Hash identifier:          XG4QmPXeTonnkDWLzTu+KZF1jwus+hxE7usriTKpFxY=
Subject key identifier:   4B:C5:87:C0:C9:07:02:93:5C:6E:AC:DC:F5:42:0A:D4:48:0A:D8:57
Certificate issuer:       /CN=D976D8643DDAC04E9DF4107DC27106249788AF8F
Certificate serial:       5BFC3384989E71F82F1B84DBCC9B770C758E75FF
Authority key identifier: D9:76:D8:64:3D:DA:C0:4E:9D:F4:10:7D:C2:71:06:24:97:88:AF:8F
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/0/D976D8643DDAC04E9DF4107DC27106249788AF8F.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/BMCWXPuxCwAcELbtz8XwMzNHiih3cGwePSmHXgAzB96w/0/34352e342e3132342e302f32322d3232203d3e20323636303636.roa
Signing time:             Fri 20 Oct 2023 23:32:07 +0000
ROA not before:           Fri 20 Oct 2023 23:27:07 +0000
ROA not after:            Fri 18 Oct 2024 23:32:07 +0000
asID:                     266066
IP address blocks:        45.4.124.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5b:fc:33:84:98:9e:71:f8:2f:1b:84:db:cc:9b:77:0c:75:8e:75:ff
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D976D8643DDAC04E9DF4107DC27106249788AF8F
        Validity
            Not Before: Oct 20 23:27:07 2023 GMT
            Not After : Oct 18 23:32:07 2024 GMT
        Subject: CN=4BC587C0C90702935C6EACDCF5420AD4480AD857
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:2f:e0:e0:c3:e8:c6:3f:30:a8:5d:3e:e1:a3:
                    05:0f:8e:50:d2:c9:94:b0:eb:46:02:5f:c4:0a:67:
                    ee:63:2d:bd:d3:fe:94:19:69:ad:e4:bc:c0:45:b8:
                    f7:1a:bf:c1:fc:2d:6a:64:59:0a:18:a0:63:c0:cb:
                    15:e0:5b:0a:aa:ba:4b:5f:04:f3:7a:3a:5a:53:ee:
                    fb:87:2c:fd:ea:48:09:86:83:b9:56:b8:fc:f0:a5:
                    65:fd:ed:b3:ca:67:74:12:24:3c:6f:a1:f2:eb:ec:
                    02:d9:9e:ed:62:5a:9c:a2:bb:62:b6:b8:20:31:1e:
                    16:8d:56:d2:4c:95:11:40:5d:b0:01:81:6d:57:cd:
                    ad:41:a8:61:6e:b0:62:f9:92:52:ea:f1:23:f4:c6:
                    4c:41:5f:5f:53:74:d5:d0:05:ab:d6:76:0f:6e:ec:
                    fa:10:a0:3f:fa:dc:13:5b:30:a8:3a:6a:c0:9a:0a:
                    42:71:33:f0:19:a5:ce:ec:05:3d:2c:22:64:b0:aa:
                    01:ed:9e:14:20:4b:75:15:fb:7b:67:2e:59:75:3f:
                    61:3c:09:81:6b:05:88:35:36:39:86:66:79:18:47:
                    14:fc:1c:36:c2:46:aa:4a:96:71:0f:32:41:12:44:
                    17:61:5e:e8:93:57:23:09:3f:ff:1c:62:90:f6:a2:
                    ca:67
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:C5:87:C0:C9:07:02:93:5C:6E:AC:DC:F5:42:0A:D4:48:0A:D8:57
            X509v3 Authority Key Identifier:
                keyid:D9:76:D8:64:3D:DA:C0:4E:9D:F4:10:7D:C2:71:06:24:97:88:AF:8F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/BMCWXPuxCwAcELbtz8XwMzNHiih3cGwePSmHXgAzB96w/0/D976D8643DDAC04E9DF4107DC27106249788AF8F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/0/D976D8643DDAC04E9DF4107DC27106249788AF8F.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/BMCWXPuxCwAcELbtz8XwMzNHiih3cGwePSmHXgAzB96w/0/34352e342e3132342e302f32322d3232203d3e20323636303636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.4.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         5b:3e:34:ea:3b:83:d5:3b:14:cc:83:9d:df:5f:4b:e4:a9:1f:
         df:0f:b9:84:62:f8:2e:fa:db:19:f5:b6:51:2f:27:46:2e:1f:
         63:e4:c7:45:b5:b1:6a:f8:11:8c:dc:3c:41:cd:81:2d:2d:6f:
         d0:fa:af:1e:2b:c1:8d:2f:b2:c7:01:a6:1a:e2:40:78:7e:4e:
         16:12:e1:09:82:69:b5:92:b5:eb:e1:58:f4:7a:13:f9:40:f7:
         7a:82:b5:e0:4b:41:f5:9f:5b:fb:67:b1:f0:d4:80:62:2a:ca:
         61:f4:24:68:7a:e6:a8:36:3b:b4:ac:e2:63:70:1a:d7:f5:0f:
         91:ad:d0:f1:c7:b3:7e:9a:60:05:f6:d3:fd:b1:c4:cb:a7:ed:
         b6:ef:69:98:9b:fa:f8:fa:76:f1:86:a3:bb:85:89:1a:d0:d2:
         88:c5:d7:3d:da:42:ef:bc:30:18:8d:b3:3a:69:c9:a9:ed:96:
         50:32:29:bc:c5:e0:f6:75:99:f6:00:e8:9b:bb:e6:f8:e7:41:
         b3:3d:eb:3e:55:07:7b:d6:b6:89:58:86:15:6b:b8:75:e5:be:
         2d:ff:7c:d7:84:c1:5d:27:06:43:2c:0f:b5:8e:b2:68:ff:1e:
         ff:1d:28:04:95:68:93:8c:d9:76:16:69:51:8d:77:3e:31:fe:
         d1:3c:18:07
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUW/wzhJiecfgvG4TbzJt3DHWOdf8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDk3NkQ4NjQzRERBQzA0RTlERjQxMDdEQzI3MTA2MjQ5
Nzg4QUY4RjAeFw0yMzEwMjAyMzI3MDdaFw0yNDEwMTgyMzMyMDdaMDMxMTAvBgNV
BAMTKDRCQzU4N0MwQzkwNzAyOTM1QzZFQUNEQ0Y1NDIwQUQ0NDgwQUQ4NTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9L+Dgw+jGPzCoXT7howUPjlDS
yZSw60YCX8QKZ+5jLb3T/pQZaa3kvMBFuPcav8H8LWpkWQoYoGPAyxXgWwqquktf
BPN6OlpT7vuHLP3qSAmGg7lWuPzwpWX97bPKZ3QSJDxvofLr7ALZnu1iWpyiu2K2
uCAxHhaNVtJMlRFAXbABgW1Xza1BqGFusGL5klLq8SP0xkxBX19TdNXQBavWdg9u
7PoQoD/63BNbMKg6asCaCkJxM/AZpc7sBT0sImSwqgHtnhQgS3UV+3tnLll1P2E8
CYFrBYg1NjmGZnkYRxT8HDbCRqpKlnEPMkESRBdhXuiTVyMJP/8cYpD2ospnAgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUS8WHwMkHApNcbqzc9UIK1EgK2FcwHwYDVR0j
BBgwFoAU2XbYZD3awE6d9BB9wnEGJJeIr48wDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vQk1DV1hQdXhDd0FjRUxidHo4WHdNek5IaWloM2NHd2VQU21IWGdBekI5
NncvMC9EOTc2RDg2NDNEREFDMDRFOURGNDEwN0RDMjcxMDYyNDk3ODhBRjhGLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8wL0Q5NzZEODY0M0REQUMwNEU5
REY0MTA3REMyNzEwNjI0OTc4OEFGOEYuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0JNQ1dYUHV4Q3dBY0VMYnR6OFh3TXpOSGlpaDNjR3dlUFNtSFhnQXpCOTZ3LzAv
MzQzNTJlMzQyZTMxMzIzNDJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzYzNjMw
MzYzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB
/wQQMA4wDAQCAAEwBgMEAi0EfDANBgkqhkiG9w0BAQsFAAOCAQEAWz406juD1TsU
zIOd319L5Kkf3w+5hGL4LvrbGfW2US8nRi4fY+THRbWxavgRjNw8Qc2BLS1v0Pqv
HivBjS+yxwGmGuJAeH5OFhLhCYJptZK16+FY9HoT+UD3eoK14EtB9Z9b+2ex8NSA
YirKYfQkaHrmqDY7tKziY3Aa1/UPka3Q8cezfppgBfbT/bHEy6fttu9pmJv6+Pp2
8Yaju4WJGtDSiMXXPdpC77wwGI2zOmnJqe2WUDIpvMXg9nWZ9gDom7vm+OdBsz3r
PlUHe9a2iViGFWu4deW+Lf9814TBXScGQywPtY6yaP8e/x0oBJVok4zZdhZpUY13
PjH+0TwYBw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:41:52 2024 by rpki-client on console-ams.rpki-client.org