Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/Fyq5Pd5SHowmEwmqdN4ivBJTZBLv14yazRkWRq6BmzVe/0/3230302e35332e36382e302f32322d3232203d3e20323731333034.roa
File:                     3230302e35332e36382e302f32322d3232203d3e20323731333034.roa (raw, json)
Hash identifier:          SL83vSu4TkrNR7eA5a/3f4fe5J2ASf7HN3GL0BQx6Gg=
Subject key identifier:   00:1B:94:E2:F3:5F:2D:F4:7F:1E:AE:AF:92:F3:B6:6B:27:AC:AD:D6
Certificate issuer:       /CN=DF1BF4C8AF5714489FC67733E3835BAE3260825C
Certificate serial:       74E36A190D564D7C006C1484E29EB48ECF08FA11
Authority key identifier: DF:1B:F4:C8:AF:57:14:48:9F:C6:77:33:E3:83:5B:AE:32:60:82:5C
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/0/DF1BF4C8AF5714489FC67733E3835BAE3260825C.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/Fyq5Pd5SHowmEwmqdN4ivBJTZBLv14yazRkWRq6BmzVe/0/3230302e35332e36382e302f32322d3232203d3e20323731333034.roa
Signing time:             Wed 17 May 2023 10:00:00 +0000
ROA not before:           Wed 17 May 2023 09:55:00 +0000
ROA not after:            Wed 15 May 2024 10:00:00 +0000
asID:                     271304
IP address blocks:        200.53.68.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            74:e3:6a:19:0d:56:4d:7c:00:6c:14:84:e2:9e:b4:8e:cf:08:fa:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DF1BF4C8AF5714489FC67733E3835BAE3260825C
        Validity
            Not Before: May 17 09:55:00 2023 GMT
            Not After : May 15 10:00:00 2024 GMT
        Subject: CN=3082010A0282010100AF3A1681B5DF2BFB8677082397B51869C9868559CA0BD65C643B84708FCD7A1B3BD07DEE4117CC62C3226855AE07DCA0E9D011F44FC84DE8FF0A1E751F1CA2E31D205173E278256AD69A4517394730333C7580966B0648818861CAC6B202D4CFFC627495677EC70A16B5CF2CE2EF1CCF2E1CD69CA836FED47334EAAC04AB7AE1283CC371995C2660D23513419A4D67AD87AC8BF25182283E6275722142747B1D6E9350BD594B013228CCEF1CFAA0A359EB262EB49923AE0C7E31280B6C4AFAE7C494C9409248C4D4AD204474EAF23A4983E383FA3E109BB8B1ACB87E48246204603833605786944B64F3EDE42A637772D4F7A393D519776AFD2A64127D168C770203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:3a:16:81:b5:df:2b:fb:86:77:08:23:97:b5:
                    18:69:c9:86:85:59:ca:0b:d6:5c:64:3b:84:70:8f:
                    cd:7a:1b:3b:d0:7d:ee:41:17:cc:62:c3:22:68:55:
                    ae:07:dc:a0:e9:d0:11:f4:4f:c8:4d:e8:ff:0a:1e:
                    75:1f:1c:a2:e3:1d:20:51:73:e2:78:25:6a:d6:9a:
                    45:17:39:47:30:33:3c:75:80:96:6b:06:48:81:88:
                    61:ca:c6:b2:02:d4:cf:fc:62:74:95:67:7e:c7:0a:
                    16:b5:cf:2c:e2:ef:1c:cf:2e:1c:d6:9c:a8:36:fe:
                    d4:73:34:ea:ac:04:ab:7a:e1:28:3c:c3:71:99:5c:
                    26:60:d2:35:13:41:9a:4d:67:ad:87:ac:8b:f2:51:
                    82:28:3e:62:75:72:21:42:74:7b:1d:6e:93:50:bd:
                    59:4b:01:32:28:cc:ef:1c:fa:a0:a3:59:eb:26:2e:
                    b4:99:23:ae:0c:7e:31:28:0b:6c:4a:fa:e7:c4:94:
                    c9:40:92:48:c4:d4:ad:20:44:74:ea:f2:3a:49:83:
                    e3:83:fa:3e:10:9b:b8:b1:ac:b8:7e:48:24:62:04:
                    60:38:33:60:57:86:94:4b:64:f3:ed:e4:2a:63:77:
                    72:d4:f7:a3:93:d5:19:77:6a:fd:2a:64:12:7d:16:
                    8c:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:1B:94:E2:F3:5F:2D:F4:7F:1E:AE:AF:92:F3:B6:6B:27:AC:AD:D6
            X509v3 Authority Key Identifier:
                keyid:DF:1B:F4:C8:AF:57:14:48:9F:C6:77:33:E3:83:5B:AE:32:60:82:5C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/Fyq5Pd5SHowmEwmqdN4ivBJTZBLv14yazRkWRq6BmzVe/0/DF1BF4C8AF5714489FC67733E3835BAE3260825C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/0/DF1BF4C8AF5714489FC67733E3835BAE3260825C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/Fyq5Pd5SHowmEwmqdN4ivBJTZBLv14yazRkWRq6BmzVe/0/3230302e35332e36382e302f32322d3232203d3e20323731333034.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.53.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         3c:83:60:3a:fa:ce:46:08:f5:01:9b:df:5d:c7:e9:b0:de:00:
         1e:eb:5c:81:76:bf:90:fd:93:1c:8d:7b:4e:4b:c4:57:7d:c8:
         4f:1d:ed:1e:fb:6e:10:bc:e6:e7:57:31:59:78:78:26:18:30:
         62:ca:7d:8b:e0:75:67:43:68:34:48:5c:37:99:53:9c:c6:4f:
         f6:ee:d0:d3:1a:9b:c7:54:c5:be:7a:d5:96:fb:4c:e1:54:46:
         0b:ec:f8:64:ac:06:4c:8d:e1:4e:39:05:ad:dc:5c:0f:a4:0f:
         0f:7d:9c:f6:a0:80:cf:b7:e3:a8:f4:94:0d:c4:a5:3b:9f:89:
         64:2a:5e:f9:a1:3c:d3:8e:ee:3b:0d:6a:16:60:ee:34:f6:53:
         f8:9b:52:48:1d:43:65:1b:53:fa:ba:33:71:e0:dd:37:ff:19:
         12:9d:b3:77:0c:5f:e4:44:cb:a1:63:8f:19:58:05:36:86:e3:
         0e:15:17:2b:3c:2e:99:8f:23:25:16:63:72:ae:c9:46:4d:92:
         5e:20:f4:35:b5:a1:00:f7:44:30:44:60:39:47:b8:5b:8a:5b:
         af:a0:53:1a:48:33:13:a5:b8:17:ac:f0:9b:f5:51:e4:a3:19:
         89:91:ad:13:89:0b:32:37:60:6e:99:ba:0c:b4:da:b6:76:ab:
         02:88:98:fd
-----BEGIN CERTIFICATE-----
MIIHQTCCBimgAwIBAgIUdONqGQ1WTXwAbBSE4p60js8I+hEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREYxQkY0QzhBRjU3MTQ0ODlGQzY3NzMzRTM4MzVCQUUz
MjYwODI1QzAeFw0yMzA1MTcwOTU1MDBaFw0yNDA1MTUxMDAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQUYzQTE2ODFCNURGMkJGQjg2
NzcwODIzOTdCNTE4NjlDOTg2ODU1OUNBMEJENjVDNjQzQjg0NzA4RkNEN0ExQjNC
RDA3REVFNDExN0NDNjJDMzIyNjg1NUFFMDdEQ0EwRTlEMDExRjQ0RkM4NERFOEZG
MEExRTc1MUYxQ0EyRTMxRDIwNTE3M0UyNzgyNTZBRDY5QTQ1MTczOTQ3MzAzMzND
NzU4MDk2NkIwNjQ4ODE4ODYxQ0FDNkIyMDJENENGRkM2Mjc0OTU2NzdFQzcwQTE2
QjVDRjJDRTJFRjFDQ0YyRTFDRDY5Q0E4MzZGRUQ0NzMzNEVBQUMwNEFCN0FFMTI4
M0NDMzcxOTk1QzI2NjBEMjM1MTM0MTlBNEQ2N0FEODdBQzhCRjI1MTgyMjgzRTYy
NzU3MjIxNDI3NDdCMUQ2RTkzNTBCRDU5NEIwMTMyMjhDQ0VGMUNGQUEwQTM1OUVC
MjYyRUI0OTkyM0FFMEM3RTMxMjgwQjZDNEFGQUU3QzQ5NEM5NDA5MjQ4QzRENEFE
MjA0NDc0RUFGMjNBNDk4M0UzODNGQTNFMTA5QkI4QjFBQ0I4N0U0ODI0NjIwNDYw
MzgzMzYwNTc4Njk0NEI2NEYzRURFNDJBNjM3NzcyRDRGN0EzOTNENTE5Nzc2QUZE
MkE2NDEyN0QxNjhDNzcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEArzoWgbXfK/uGdwgjl7UYacmGhVnKC9ZcZDuEcI/Nehs70H3uQRfM
YsMiaFWuB9yg6dAR9E/ITej/Ch51Hxyi4x0gUXPieCVq1ppFFzlHMDM8dYCWawZI
gYhhysayAtTP/GJ0lWd+xwoWtc8s4u8czy4c1pyoNv7UczTqrASreuEoPMNxmVwm
YNI1E0GaTWeth6yL8lGCKD5idXIhQnR7HW6TUL1ZSwEyKMzvHPqgo1nrJi60mSOu
DH4xKAtsSvrnxJTJQJJIxNStIER06vI6SYPjg/o+EJu4say4fkgkYgRgODNgV4aU
S2Tz7eQqY3dy1Pejk9UZd2r9KmQSfRaMdwIDAQABo4ICTzCCAkswHQYDVR0OBBYE
FAAblOLzXy30fx6ur5LztmsnrK3WMB8GA1UdIwQYMBaAFN8b9MivVxRIn8Z3M+OD
W64yYIJcMA4GA1UdDwEB/wQEAwIHgDCBlAYDVR0fBIGMMIGJMIGGoIGDoIGAhn5y
c3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBvL0Z5cTVQZDVTSG93bUV3
bXFkTjRpdkJKVFpCTHYxNHlhelJrV1JxNkJtelZlLzAvREYxQkY0QzhBRjU3MTQ0
ODlGQzY3NzMzRTM4MzVCQUUzMjYwODI1Qy5jcmwweAYIKwYBBQUHAQEEbDBqMGgG
CCsGAQUFBzAChlxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBvL25p
Y2JyX3JlcG8vMC9ERjFCRjRDOEFGNTcxNDQ4OUZDNjc3MzNFMzgzNUJBRTMyNjA4
MjVDLmNlcjCBrAYIKwYBBQUHAQsEgZ8wgZwwgZkGCCsGAQUFBzALhoGMcnN5bmM6
Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby9GeXE1UGQ1U0hvd21Fd21xZE40
aXZCSlRaQkx2MTR5YXpSa1dScTZCbXpWZS8wLzMyMzAzMDJlMzUzMzJlMzYzODJl
MzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzczMTMzMzAzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsg1
RDANBgkqhkiG9w0BAQsFAAOCAQEAPINgOvrORgj1AZvfXcfpsN4AHutcgXa/kP2T
HI17TkvEV33ITx3tHvtuELzm51cxWXh4JhgwYsp9i+B1Z0NoNEhcN5lTnMZP9u7Q
0xqbx1TFvnrVlvtM4VRGC+z4ZKwGTI3hTjkFrdxcD6QPD32c9qCAz7fjqPSUDcSl
O5+JZCpe+aE8047uOw1qFmDuNPZT+JtSSB1DZRtT+rozceDdN/8ZEp2zdwxf5ETL
oWOPGVgFNobjDhUXKzwumY8jJRZjcq7JRk2SXiD0NbWhAPdEMERgOUe4W4pbr6BT
GkgzE6W4F6zwm/VR5KMZiZGtE4kLMjdgbpm6DLTatnarAoiY/Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:43:09 2024 by rpki-client on console-ams.rpki-client.org