Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/Fyq5Pd5SHowmEwmqdN4ivBJTZBLv14yazRkWRq6BmzVe/0/3230302e35332e36392e302f32342d3234203d3e20323731333034.roa
File:                     3230302e35332e36392e302f32342d3234203d3e20323731333034.roa (raw, json)
Hash identifier:          oZXCrXgEQHcokwJ97aWmtnrJhannY3MuK+vR78tOtc4=
Subject key identifier:   B7:57:7B:D1:E6:CE:A4:E4:D8:D0:45:A4:6D:FC:B5:B7:1B:7C:13:4C
Certificate issuer:       /CN=DF1BF4C8AF5714489FC67733E3835BAE3260825C
Certificate serial:       38B18C03D2A38A09EBF1505993AB0CF2F783DD7B
Authority key identifier: DF:1B:F4:C8:AF:57:14:48:9F:C6:77:33:E3:83:5B:AE:32:60:82:5C
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/0/DF1BF4C8AF5714489FC67733E3835BAE3260825C.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/Fyq5Pd5SHowmEwmqdN4ivBJTZBLv14yazRkWRq6BmzVe/0/3230302e35332e36392e302f32342d3234203d3e20323731333034.roa
Signing time:             Wed 17 May 2023 10:00:00 +0000
ROA not before:           Wed 17 May 2023 09:55:00 +0000
ROA not after:            Wed 15 May 2024 10:00:00 +0000
asID:                     271304
IP address blocks:        200.53.69.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:b1:8c:03:d2:a3:8a:09:eb:f1:50:59:93:ab:0c:f2:f7:83:dd:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=DF1BF4C8AF5714489FC67733E3835BAE3260825C
        Validity
            Not Before: May 17 09:55:00 2023 GMT
            Not After : May 15 10:00:00 2024 GMT
        Subject: CN=3082010A0282010100B9DE5A417D6840083D6A953006D8B39904B6DFBD7C39150AE26FFD99E96B33CBF2B9916BDE19C863184C7026A4F4C013D5946B9C93C9AE4331DAE6BE8F071CFA895E9AECBCAD5A72B5580267E9296B11AF975F8526F27E8971ACFBA3BC1214434FE18D5F149F51E7EBC0C9E1CCD53551506FA21884D77F60043BDC132228442A9CD1464C2DC88EF2CCCD5DCAFAD0FAA74A38A15A90B5C7769EF326A9E887BA5D4FA2EDED903ECE2BB76E4B3F6CDF5CF1ED94ECB3DDBD6620B608CB6F5AF5DC3FF488B0B667318C37FF8BACF887B5FE7B44878DE9DE7AEFD80EDA306D52D09429CEAE4A603DBF95939C468EC902BF521EDDEC2B0E15F7EDF3EC010DAEDFF3C07D0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:de:5a:41:7d:68:40:08:3d:6a:95:30:06:d8:
                    b3:99:04:b6:df:bd:7c:39:15:0a:e2:6f:fd:99:e9:
                    6b:33:cb:f2:b9:91:6b:de:19:c8:63:18:4c:70:26:
                    a4:f4:c0:13:d5:94:6b:9c:93:c9:ae:43:31:da:e6:
                    be:8f:07:1c:fa:89:5e:9a:ec:bc:ad:5a:72:b5:58:
                    02:67:e9:29:6b:11:af:97:5f:85:26:f2:7e:89:71:
                    ac:fb:a3:bc:12:14:43:4f:e1:8d:5f:14:9f:51:e7:
                    eb:c0:c9:e1:cc:d5:35:51:50:6f:a2:18:84:d7:7f:
                    60:04:3b:dc:13:22:28:44:2a:9c:d1:46:4c:2d:c8:
                    8e:f2:cc:cd:5d:ca:fa:d0:fa:a7:4a:38:a1:5a:90:
                    b5:c7:76:9e:f3:26:a9:e8:87:ba:5d:4f:a2:ed:ed:
                    90:3e:ce:2b:b7:6e:4b:3f:6c:df:5c:f1:ed:94:ec:
                    b3:dd:bd:66:20:b6:08:cb:6f:5a:f5:dc:3f:f4:88:
                    b0:b6:67:31:8c:37:ff:8b:ac:f8:87:b5:fe:7b:44:
                    87:8d:e9:de:7a:ef:d8:0e:da:30:6d:52:d0:94:29:
                    ce:ae:4a:60:3d:bf:95:93:9c:46:8e:c9:02:bf:52:
                    1e:dd:ec:2b:0e:15:f7:ed:f3:ec:01:0d:ae:df:f3:
                    c0:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:57:7B:D1:E6:CE:A4:E4:D8:D0:45:A4:6D:FC:B5:B7:1B:7C:13:4C
            X509v3 Authority Key Identifier:
                keyid:DF:1B:F4:C8:AF:57:14:48:9F:C6:77:33:E3:83:5B:AE:32:60:82:5C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/Fyq5Pd5SHowmEwmqdN4ivBJTZBLv14yazRkWRq6BmzVe/0/DF1BF4C8AF5714489FC67733E3835BAE3260825C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/0/DF1BF4C8AF5714489FC67733E3835BAE3260825C.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/Fyq5Pd5SHowmEwmqdN4ivBJTZBLv14yazRkWRq6BmzVe/0/3230302e35332e36392e302f32342d3234203d3e20323731333034.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.53.69.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4e:8f:d3:a7:ae:6b:fa:e5:22:f4:91:8d:70:a0:29:71:0b:70:
         8e:cd:02:80:aa:50:75:da:9c:f8:af:35:0e:57:2a:a3:bf:4e:
         01:74:31:00:4d:24:44:f5:a5:55:c3:73:b9:ad:4e:33:a2:68:
         6a:8c:3e:58:6c:cc:dc:8a:a6:53:9d:e4:31:7d:97:dd:c8:e5:
         dc:39:3d:27:2a:30:17:c8:88:4b:a1:ce:2e:9f:f9:3d:ec:c1:
         3d:ed:bf:0b:af:4b:d1:32:89:40:04:a3:f6:b4:7e:b8:12:9b:
         e0:de:23:6e:65:67:a8:e6:24:17:bf:b1:6a:41:0c:25:c4:a3:
         24:48:71:48:df:04:ea:45:52:42:59:19:7c:d5:71:e4:70:20:
         f5:91:0e:52:bb:45:c8:de:6f:97:66:10:5e:ef:13:86:52:5c:
         1e:e6:26:da:4e:42:ba:58:ae:ac:d5:3e:36:50:09:87:5a:9c:
         75:76:84:7c:3e:74:fa:ad:46:b7:6d:34:5f:a6:2c:ed:40:7a:
         6a:3f:e1:10:c5:4a:9e:ab:1c:c3:1f:08:97:8e:b4:df:a8:80:
         77:38:81:4c:1a:8f:f3:97:e1:2a:34:9e:04:80:68:05:e0:58:
         63:d9:f1:d8:22:e5:cd:d4:2c:0c:57:7f:e8:ef:d3:b5:fc:8f:
         8f:6b:40:68
-----BEGIN CERTIFICATE-----
MIIHQTCCBimgAwIBAgIUOLGMA9Kjignr8VBZk6sM8veD3XswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoREYxQkY0QzhBRjU3MTQ0ODlGQzY3NzMzRTM4MzVCQUUz
MjYwODI1QzAeFw0yMzA1MTcwOTU1MDBaFw0yNDA1MTUxMDAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwQjlERTVBNDE3RDY4NDAwODNE
NkE5NTMwMDZEOEIzOTkwNEI2REZCRDdDMzkxNTBBRTI2RkZEOTlFOTZCMzNDQkYy
Qjk5MTZCREUxOUM4NjMxODRDNzAyNkE0RjRDMDEzRDU5NDZCOUM5M0M5QUU0MzMx
REFFNkJFOEYwNzFDRkE4OTVFOUFFQ0JDQUQ1QTcyQjU1ODAyNjdFOTI5NkIxMUFG
OTc1Rjg1MjZGMjdFODk3MUFDRkJBM0JDMTIxNDQzNEZFMThENUYxNDlGNTFFN0VC
QzBDOUUxQ0NENTM1NTE1MDZGQTIxODg0RDc3RjYwMDQzQkRDMTMyMjI4NDQyQTlD
RDE0NjRDMkRDODhFRjJDQ0NENURDQUZBRDBGQUE3NEEzOEExNUE5MEI1Qzc3NjlF
RjMyNkE5RTg4N0JBNUQ0RkEyRURFRDkwM0VDRTJCQjc2RTRCM0Y2Q0RGNUNGMUVE
OTRFQ0IzRERCRDY2MjBCNjA4Q0I2RjVBRjVEQzNGRjQ4OEIwQjY2NzMxOEMzN0ZG
OEJBQ0Y4ODdCNUZFN0I0NDg3OERFOURFN0FFRkQ4MEVEQTMwNkQ1MkQwOTQyOUNF
QUU0QTYwM0RCRjk1OTM5QzQ2OEVDOTAyQkY1MjFFRERFQzJCMEUxNUY3RURGM0VD
MDEwREFFREZGM0MwN0QwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAud5aQX1oQAg9apUwBtizmQS23718ORUK4m/9melrM8vyuZFr3hnI
YxhMcCak9MAT1ZRrnJPJrkMx2ua+jwcc+olemuy8rVpytVgCZ+kpaxGvl1+FJvJ+
iXGs+6O8EhRDT+GNXxSfUefrwMnhzNU1UVBvohiE139gBDvcEyIoRCqc0UZMLciO
8szNXcr60PqnSjihWpC1x3ae8yap6Ie6XU+i7e2QPs4rt25LP2zfXPHtlOyz3b1m
ILYIy29a9dw/9IiwtmcxjDf/i6z4h7X+e0SHjeneeu/YDtowbVLQlCnOrkpgPb+V
k5xGjskCv1Ie3ewrDhX37fPsAQ2u3/PAfQIDAQABo4ICTzCCAkswHQYDVR0OBBYE
FLdXe9HmzqTk2NBFpG38tbcbfBNMMB8GA1UdIwQYMBaAFN8b9MivVxRIn8Z3M+OD
W64yYIJcMA4GA1UdDwEB/wQEAwIHgDCBlAYDVR0fBIGMMIGJMIGGoIGDoIGAhn5y
c3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBvL0Z5cTVQZDVTSG93bUV3
bXFkTjRpdkJKVFpCTHYxNHlhelJrV1JxNkJtelZlLzAvREYxQkY0QzhBRjU3MTQ0
ODlGQzY3NzMzRTM4MzVCQUUzMjYwODI1Qy5jcmwweAYIKwYBBQUHAQEEbDBqMGgG
CCsGAQUFBzAChlxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBvL25p
Y2JyX3JlcG8vMC9ERjFCRjRDOEFGNTcxNDQ4OUZDNjc3MzNFMzgzNUJBRTMyNjA4
MjVDLmNlcjCBrAYIKwYBBQUHAQsEgZ8wgZwwgZkGCCsGAQUFBzALhoGMcnN5bmM6
Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby9GeXE1UGQ1U0hvd21Fd21xZE40
aXZCSlRaQkx2MTR5YXpSa1dScTZCbXpWZS8wLzMyMzAzMDJlMzUzMzJlMzYzOTJl
MzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzczMTMzMzAzNC5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg1
RTANBgkqhkiG9w0BAQsFAAOCAQEATo/Tp65r+uUi9JGNcKApcQtwjs0CgKpQddqc
+K81Dlcqo79OAXQxAE0kRPWlVcNzua1OM6Joaow+WGzM3IqmU53kMX2X3cjl3Dk9
JyowF8iIS6HOLp/5PezBPe2/C69L0TKJQASj9rR+uBKb4N4jbmVnqOYkF7+xakEM
JcSjJEhxSN8E6kVSQlkZfNVx5HAg9ZEOUrtFyN5vl2YQXu8ThlJcHuYm2k5Culiu
rNU+NlAJh1qcdXaEfD50+q1Gt200X6Ys7UB6aj/hEMVKnqscwx8Il46036iAdziB
TBqP85fhKjSeBIBoBeBYY9nx2CLlzdQsDFd/6O/TtfyPj2tAaA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:39:48 2024 by rpki-client on console-fra.rpki-client.org