Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/EpwPfswW9NgLeVJuqGCdYNTKEin1zVBT6oGzes9ardSd/0/3139382e35382e392e302f32342d3234203d3e20323633323536.roa
File:                     3139382e35382e392e302f32342d3234203d3e20323633323536.roa (raw, json)
Hash identifier:          t8qe9jZcqImh1d9f2mUGugYBcG53zEKnHjRF8HqVyHE=
Subject key identifier:   14:61:EB:3A:29:77:17:33:BE:8B:27:21:ED:B3:89:8F:1E:C2:8A:91
Certificate issuer:       /CN=0156B956215AE4C7F951D9FABA7689B0C1830680
Certificate serial:       7D2B00A48B37D6A4681BF13E014337ADE6729187
Authority key identifier: 01:56:B9:56:21:5A:E4:C7:F9:51:D9:FA:BA:76:89:B0:C1:83:06:80
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0156B956215AE4C7F951D9FABA7689B0C1830680.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/EpwPfswW9NgLeVJuqGCdYNTKEin1zVBT6oGzes9ardSd/0/3139382e35382e392e302f32342d3234203d3e20323633323536.roa
Signing time:             Fri 23 May 2025 16:53:05 +0000
ROA not before:           Fri 23 May 2025 16:48:05 +0000
ROA not after:            Fri 22 May 2026 16:53:05 +0000
asID:                     263256
IP address blocks:        198.58.9.0/24 maxlen: 24
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:2b:00:a4:8b:37:d6:a4:68:1b:f1:3e:01:43:37:ad:e6:72:91:87
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0156B956215AE4C7F951D9FABA7689B0C1830680
        Validity
            Not Before: May 23 16:48:05 2025 GMT
            Not After : May 22 16:53:05 2026 GMT
        Subject: CN=1461EB3A29771733BE8B2721EDB3898F1EC28A91
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:87:02:40:09:ac:88:f7:83:2a:a6:df:f9:33:
                    6b:cd:93:12:03:6f:32:86:e2:58:c7:3e:f6:ba:b1:
                    ae:e8:7b:49:d8:5f:7b:82:72:07:c2:fd:64:b6:89:
                    7a:2d:b6:e5:04:c2:9a:e2:ff:60:76:a6:dc:04:e7:
                    5f:24:3f:49:1b:59:28:05:3c:4f:d3:86:44:14:e7:
                    85:bf:b8:ad:d1:44:58:fd:a3:07:6b:e5:cd:ad:6d:
                    e7:dc:09:d9:1a:25:0c:bd:b7:50:79:f3:1a:df:4c:
                    93:54:d0:fa:36:7d:7d:04:0c:d5:1e:c1:23:d2:35:
                    df:77:c7:68:52:ad:a0:a1:b0:2f:d9:35:6d:c9:e6:
                    19:27:0e:3a:f0:18:45:3f:df:83:01:01:16:03:4f:
                    16:90:73:7f:17:93:d6:01:61:74:d8:28:93:63:92:
                    8c:e1:3f:2a:97:ca:f6:a1:2f:cd:54:7d:5d:1c:01:
                    10:2b:83:af:96:90:5a:66:71:2a:2d:a3:fa:8a:9f:
                    96:5f:72:11:77:67:c8:0f:57:a9:3c:19:d2:ff:f6:
                    0b:b7:27:0a:ea:8b:8a:af:b3:e5:13:73:c8:f5:d4:
                    8e:ae:8b:d3:3c:dc:1a:38:23:cc:e5:e2:67:0e:8a:
                    14:19:bf:27:2a:de:a0:4d:e7:cc:b2:db:58:ca:f5:
                    52:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:61:EB:3A:29:77:17:33:BE:8B:27:21:ED:B3:89:8F:1E:C2:8A:91
            X509v3 Authority Key Identifier:
                keyid:01:56:B9:56:21:5A:E4:C7:F9:51:D9:FA:BA:76:89:B0:C1:83:06:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/EpwPfswW9NgLeVJuqGCdYNTKEin1zVBT6oGzes9ardSd/0/0156B956215AE4C7F951D9FABA7689B0C1830680.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/0156B956215AE4C7F951D9FABA7689B0C1830680.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/EpwPfswW9NgLeVJuqGCdYNTKEin1zVBT6oGzes9ardSd/0/3139382e35382e392e302f32342d3234203d3e20323633323536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  198.58.9.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8e:5c:94:c3:8f:ea:4c:e0:6e:50:2d:7b:16:b5:52:a3:f6:80:
         eb:57:e4:46:3b:e3:57:32:3d:ef:8e:3a:45:0a:76:84:d2:c7:
         ba:76:43:f1:c5:d2:0d:40:73:a7:00:5f:05:57:ad:36:0f:76:
         3b:65:7c:1f:80:98:2b:fa:ba:b5:45:10:c6:4f:10:d5:85:c5:
         4b:18:8f:4d:5b:c3:c0:80:39:30:ac:f9:ab:f5:b0:95:8e:80:
         87:4f:71:df:3a:0a:30:ed:74:99:64:5e:b2:b1:5b:90:3c:5c:
         92:91:60:78:d1:a1:71:f2:a2:b8:ca:55:01:b4:81:01:ba:1a:
         c7:d2:2c:66:41:b7:cc:51:9c:08:46:df:6b:fc:58:08:79:30:
         c1:ae:2f:9c:5c:69:6b:12:7b:88:69:7c:d2:85:0c:8e:d0:84:
         46:a6:af:df:48:a8:af:23:a6:40:47:45:e6:58:96:30:71:6c:
         00:db:51:1e:3e:4d:d0:df:47:76:1b:13:4c:12:4f:d4:6f:c7:
         5d:9e:02:47:64:22:65:9f:8e:cf:46:5d:6d:12:a3:85:99:eb:
         80:a1:da:90:5d:ee:28:f3:e9:b3:18:83:9e:82:81:5d:94:e6:
         fe:10:8e:09:4d:cc:cc:4b:21:7a:ce:85:24:e2:04:70:41:b5:
         41:8b:00:88
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUfSsApIs31qRoG/E+AUM3reZykYcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDE1NkI5NTYyMTVBRTRDN0Y5NTFEOUZBQkE3Njg5QjBD
MTgzMDY4MDAeFw0yNTA1MjMxNjQ4MDVaFw0yNjA1MjIxNjUzMDVaMDMxMTAvBgNV
BAMTKDE0NjFFQjNBMjk3NzE3MzNCRThCMjcyMUVEQjM4OThGMUVDMjhBOTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDhwJACayI94Mqpt/5M2vNkxID
bzKG4ljHPva6sa7oe0nYX3uCcgfC/WS2iXottuUEwpri/2B2ptwE518kP0kbWSgF
PE/ThkQU54W/uK3RRFj9owdr5c2tbefcCdkaJQy9t1B58xrfTJNU0Po2fX0EDNUe
wSPSNd93x2hSraChsC/ZNW3J5hknDjrwGEU/34MBARYDTxaQc38Xk9YBYXTYKJNj
kozhPyqXyvahL81UfV0cARArg6+WkFpmcSoto/qKn5ZfchF3Z8gPV6k8GdL/9gu3
Jwrqi4qvs+UTc8j11I6ui9M83Bo4I8zl4mcOihQZvycq3qBN58yy21jK9VKFAgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUFGHrOil3FzO+iych7bOJjx7CipEwHwYDVR0j
BBgwFoAUAVa5ViFa5Mf5Udn6unaJsMGDBoAwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vRXB3UGZzd1c5TmdMZVZKdXFHQ2RZTlRLRWluMXpWQlQ2b0d6ZXM5YXJk
U2QvMC8wMTU2Qjk1NjIxNUFFNEM3Rjk1MUQ5RkFCQTc2ODlCMEMxODMwNjgwLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzAxNTZCOTU2MjE1QUU0QzdG
OTUxRDlGQUJBNzY4OUIwQzE4MzA2ODAuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0Vwd1Bmc3dXOU5nTGVWSnVxR0NkWU5US0VpbjF6VkJUNm9HemVzOWFyZFNkLzAv
MzEzOTM4MmUzNTM4MmUzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzYzMzMy
MzUzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB
/wQQMA4wDAQCAAEwBgMEAMY6CTANBgkqhkiG9w0BAQsFAAOCAQEAjlyUw4/qTOBu
UC17FrVSo/aA61fkRjvjVzI97446RQp2hNLHunZD8cXSDUBzpwBfBVetNg92O2V8
H4CYK/q6tUUQxk8Q1YXFSxiPTVvDwIA5MKz5q/WwlY6Ah09x3zoKMO10mWResrFb
kDxckpFgeNGhcfKiuMpVAbSBAboax9IsZkG3zFGcCEbfa/xYCHkwwa4vnFxpaxJ7
iGl80oUMjtCERqav30ioryOmQEdF5liWMHFsANtRHj5N0N9HdhsTTBJP1G/HXZ4C
R2QiZZ+Oz0ZdbRKjhZnrgKHakF3uKPPpsxiDnoKBXZTm/hCOCU3MzEshes6FJOIE
cEG1QYsAiA==
-----END CERTIFICATE-----
Generated at Thu Jun 12 16:54:30 2025 by rpki-client