Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/EpwPfswW9NgLeVJuqGCdYNTKEin1zVBT6oGzes9ardSd/0/3139382e35382e382e302f32322d3232203d3e20323633323536.roa
File:                     3139382e35382e382e302f32322d3232203d3e20323633323536.roa (raw, json)
Hash identifier:          6dQbFq1cJsTWBX1NmYUFNbuddastu5py5hWZ1nA097o=
Subject key identifier:   B4:E1:53:2E:B7:DD:E8:61:87:4B:66:31:AD:13:7D:7E:6A:60:8F:04
Certificate issuer:       /CN=0156B956215AE4C7F951D9FABA7689B0C1830680
Certificate serial:       09CF72350CEBC6909DC81492735FEA82B76C1103
Authority key identifier: 01:56:B9:56:21:5A:E4:C7:F9:51:D9:FA:BA:76:89:B0:C1:83:06:80
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0156B956215AE4C7F951D9FABA7689B0C1830680.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/EpwPfswW9NgLeVJuqGCdYNTKEin1zVBT6oGzes9ardSd/0/3139382e35382e382e302f32322d3232203d3e20323633323536.roa
Signing time:             Fri 23 May 2025 16:53:05 +0000
ROA not before:           Fri 23 May 2025 16:48:05 +0000
ROA not after:            Fri 22 May 2026 16:53:05 +0000
asID:                     263256
IP address blocks:        198.58.8.0/22 maxlen: 22
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            09:cf:72:35:0c:eb:c6:90:9d:c8:14:92:73:5f:ea:82:b7:6c:11:03
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0156B956215AE4C7F951D9FABA7689B0C1830680
        Validity
            Not Before: May 23 16:48:05 2025 GMT
            Not After : May 22 16:53:05 2026 GMT
        Subject: CN=B4E1532EB7DDE861874B6631AD137D7E6A608F04
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:b3:52:29:6a:99:32:c3:80:4e:70:28:5c:0f:
                    16:83:6d:07:e7:6d:59:44:b9:57:63:9b:a1:40:db:
                    b8:f8:5a:2d:97:0b:aa:85:6a:5e:9a:35:5f:4b:97:
                    ac:6e:76:45:06:2c:79:5e:f2:32:ad:27:c5:12:e8:
                    14:f6:e2:95:49:c8:ff:da:8f:9d:3c:50:ab:9a:6c:
                    2a:d8:40:c5:b0:64:c6:4d:08:c1:5b:98:5f:25:7b:
                    58:35:9a:fc:d0:9c:5e:0e:ef:bf:3a:c8:75:e4:44:
                    46:c6:2b:a5:02:e3:43:71:d0:c5:9a:d8:d1:4a:2c:
                    6b:5e:b2:fb:92:80:18:b9:25:5d:75:dc:81:50:13:
                    c4:5c:45:6d:30:41:92:96:89:b3:2a:47:5e:5b:24:
                    89:df:af:dd:ad:fe:82:25:8d:73:d3:d4:c7:64:4c:
                    74:22:c6:4a:f2:1b:5b:5c:be:42:2c:7e:77:5b:8d:
                    e0:1a:4b:4b:55:97:49:8d:22:0c:6e:7b:3b:d0:88:
                    b8:92:20:bb:fb:04:80:35:58:d6:e4:82:0a:28:72:
                    01:34:d8:4d:ab:9f:00:8a:2a:40:99:0b:ec:d8:d8:
                    b4:6c:6b:ee:5d:b9:06:b3:2a:e8:02:e6:4b:af:59:
                    03:6b:2b:bf:52:10:09:43:29:d3:48:fc:41:c9:6d:
                    74:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:E1:53:2E:B7:DD:E8:61:87:4B:66:31:AD:13:7D:7E:6A:60:8F:04
            X509v3 Authority Key Identifier:
                keyid:01:56:B9:56:21:5A:E4:C7:F9:51:D9:FA:BA:76:89:B0:C1:83:06:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/EpwPfswW9NgLeVJuqGCdYNTKEin1zVBT6oGzes9ardSd/0/0156B956215AE4C7F951D9FABA7689B0C1830680.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0156B956215AE4C7F951D9FABA7689B0C1830680.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/EpwPfswW9NgLeVJuqGCdYNTKEin1zVBT6oGzes9ardSd/0/3139382e35382e382e302f32322d3232203d3e20323633323536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.58.8.0/22

    Signature Algorithm: sha256WithRSAEncryption
         03:65:6b:7e:bb:38:51:89:05:7a:bb:4c:20:cc:1a:31:64:ed:
         1c:a4:01:e3:37:24:ce:4f:78:fc:b1:93:95:69:29:2d:5b:60:
         ea:3f:b1:a0:d6:9f:fe:ec:a8:f0:fc:f1:95:16:f8:c6:3d:d5:
         77:82:87:50:ec:32:d6:09:cb:3f:c8:1c:76:07:7b:2f:86:e5:
         61:c1:05:60:60:5b:ea:05:bf:77:1c:7e:55:66:2a:ae:a6:80:
         e4:a5:ea:4f:fe:98:61:02:f7:8a:aa:6f:5a:f6:6f:26:80:1a:
         79:92:00:7f:55:a3:ed:09:68:92:c4:da:6f:b4:e4:2e:cf:04:
         32:5f:79:e7:7e:c5:81:b5:ba:eb:f0:e9:6b:20:c5:c8:18:f3:
         38:ab:a3:1c:66:04:f7:33:33:31:c4:28:ca:1c:e7:30:d1:cc:
         47:b7:ef:9d:5c:cd:27:e1:e8:5e:a4:b7:43:29:a7:01:8e:3b:
         4f:02:2e:12:cb:41:ea:64:f3:4c:83:50:9b:57:90:95:5c:07:
         b2:08:d1:94:14:52:21:69:70:76:21:b4:f5:e0:46:14:ad:2c:
         7d:cd:0a:6a:d1:0b:4a:e2:d3:41:62:be:68:f7:ae:f8:dd:78:
         76:f6:d4:64:e5:7f:5e:cf:97:f8:12:05:88:ed:a0:7d:63:aa:
         fe:6d:a3:03
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUCc9yNQzrxpCdyBSSc1/qgrdsEQMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDE1NkI5NTYyMTVBRTRDN0Y5NTFEOUZBQkE3Njg5QjBD
MTgzMDY4MDAeFw0yNTA1MjMxNjQ4MDVaFw0yNjA1MjIxNjUzMDVaMDMxMTAvBgNV
BAMTKEI0RTE1MzJFQjdEREU4NjE4NzRCNjYzMUFEMTM3RDdFNkE2MDhGMDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCs1Ipapkyw4BOcChcDxaDbQfn
bVlEuVdjm6FA27j4Wi2XC6qFal6aNV9Ll6xudkUGLHle8jKtJ8US6BT24pVJyP/a
j508UKuabCrYQMWwZMZNCMFbmF8le1g1mvzQnF4O7786yHXkREbGK6UC40Nx0MWa
2NFKLGtesvuSgBi5JV113IFQE8RcRW0wQZKWibMqR15bJInfr92t/oIljXPT1Mdk
THQixkryG1tcvkIsfndbjeAaS0tVl0mNIgxuezvQiLiSILv7BIA1WNbkggoocgE0
2E2rnwCKKkCZC+zY2LRsa+5duQazKugC5kuvWQNrK79SEAlDKdNI/EHJbXRxAgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUtOFTLrfd6GGHS2YxrRN9fmpgjwQwHwYDVR0j
BBgwFoAUAVa5ViFa5Mf5Udn6unaJsMGDBoAwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRXB3UGZzd1c5TmdMZVZKdXFHQ2RZTlRLRWluMXpWQlQ2b0d6ZXM5YXJk
U2QvMC8wMTU2Qjk1NjIxNUFFNEM3Rjk1MUQ5RkFCQTc2ODlCMEMxODMwNjgwLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzAxNTZCOTU2MjE1QUU0QzdG
OTUxRDlGQUJBNzY4OUIwQzE4MzA2ODAuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0Vwd1Bmc3dXOU5nTGVWSnVxR0NkWU5US0VpbjF6VkJUNm9HemVzOWFyZFNkLzAv
MzEzOTM4MmUzNTM4MmUzODJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzYzMzMy
MzUzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB
/wQQMA4wDAQCAAEwBgMEAsY6CDANBgkqhkiG9w0BAQsFAAOCAQEAA2Vrfrs4UYkF
ertMIMwaMWTtHKQB4zckzk94/LGTlWkpLVtg6j+xoNaf/uyo8PzxlRb4xj3Vd4KH
UOwy1gnLP8gcdgd7L4blYcEFYGBb6gW/dxx+VWYqrqaA5KXqT/6YYQL3iqpvWvZv
JoAaeZIAf1Wj7QloksTab7TkLs8EMl95537FgbW66/DpayDFyBjzOKujHGYE9zMz
McQoyhznMNHMR7fvnVzNJ+HoXqS3QymnAY47TwIuEstB6mTzTINQm1eQlVwHsgjR
lBRSIWlwdiG09eBGFK0sfc0KatELSuLTQWK+aPeu+N14dvbUZOV/Xs+X+BIFiO2g
fWOq/m2jAw==
-----END CERTIFICATE-----
Generated at Thu Jun 12 05:25:27 2025 by rpki-client