Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/H2HNNFVSSnCm46j82yAaUDAdDvi1yyBL5qrZpSGrrnEv/0/34352e3137312e3132322e302f32332d3332203d3e20323638383736.roa
File:                     34352e3137312e3132322e302f32332d3332203d3e20323638383736.roa (raw, json)
Hash identifier:          k7HttQg7XBumu48LeT+l1rG8MIQLuh/pO9m32KacZlg=
Subject key identifier:   71:59:1E:9C:E4:D8:93:CE:E5:04:47:5D:F3:30:AD:62:72:68:1B:B7
Certificate issuer:       /CN=C5B9910C7B4E71FD2BF9FC1A66967A2B7D758786
Certificate serial:       020ACE6100DAA9426A4B1113389D06440DE88D47
Authority key identifier: C5:B9:91:0C:7B:4E:71:FD:2B:F9:FC:1A:66:96:7A:2B:7D:75:87:86
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/0/C5B9910C7B4E71FD2BF9FC1A66967A2B7D758786.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/H2HNNFVSSnCm46j82yAaUDAdDvi1yyBL5qrZpSGrrnEv/0/34352e3137312e3132322e302f32332d3332203d3e20323638383736.roa
Signing time:             Wed 20 Mar 2024 14:44:07 +0000
ROA not before:           Wed 20 Mar 2024 14:39:07 +0000
ROA not after:            Wed 19 Mar 2025 14:44:07 +0000
asID:                     268876
IP address blocks:        45.171.122.0/23 maxlen: 32

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            02:0a:ce:61:00:da:a9:42:6a:4b:11:13:38:9d:06:44:0d:e8:8d:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C5B9910C7B4E71FD2BF9FC1A66967A2B7D758786
        Validity
            Not Before: Mar 20 14:39:07 2024 GMT
            Not After : Mar 19 14:44:07 2025 GMT
        Subject: CN=71591E9CE4D893CEE504475DF330AD6272681BB7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:23:9e:62:ee:8f:54:73:24:99:dd:63:6a:fb:
                    89:5e:ed:08:60:46:1b:f7:86:f1:ee:5b:18:7a:6e:
                    f6:cd:13:c1:b0:e0:66:41:fe:a8:70:e0:58:99:39:
                    b8:cb:4f:8a:e8:9e:28:d4:4b:fd:1c:85:cf:73:dd:
                    3f:fa:d4:7a:df:3f:dc:47:d6:1a:50:cc:95:27:ed:
                    72:a0:ff:31:32:b5:b3:71:43:65:7a:fa:d5:52:93:
                    76:6e:93:5f:71:41:8d:31:b1:3a:cd:6d:c9:fe:d8:
                    22:48:6a:84:ec:9b:14:14:9a:28:a5:60:82:da:f7:
                    26:c7:3a:fc:5a:c8:7a:f8:9e:07:bd:75:f5:51:43:
                    2d:28:34:a0:13:8b:19:cf:f5:7b:29:77:18:d0:06:
                    9d:07:15:cf:16:11:52:eb:82:5e:e8:ea:d2:66:8d:
                    c6:dc:d1:47:03:7f:60:78:12:38:30:7d:aa:66:e4:
                    f2:b0:32:5c:1d:22:42:ec:7f:e7:12:dd:4d:cc:e7:
                    bb:5b:41:fe:b3:0b:48:76:6d:ef:4d:18:b5:31:28:
                    d8:e1:41:d8:d2:8b:22:d8:84:78:93:5b:74:28:ce:
                    05:00:25:73:e3:b2:da:70:eb:a7:4d:9a:40:9a:26:
                    b2:be:4e:dd:ea:31:6c:7e:47:06:bf:45:16:5c:bd:
                    49:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:59:1E:9C:E4:D8:93:CE:E5:04:47:5D:F3:30:AD:62:72:68:1B:B7
            X509v3 Authority Key Identifier:
                keyid:C5:B9:91:0C:7B:4E:71:FD:2B:F9:FC:1A:66:96:7A:2B:7D:75:87:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/H2HNNFVSSnCm46j82yAaUDAdDvi1yyBL5qrZpSGrrnEv/0/C5B9910C7B4E71FD2BF9FC1A66967A2B7D758786.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/0/C5B9910C7B4E71FD2BF9FC1A66967A2B7D758786.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/H2HNNFVSSnCm46j82yAaUDAdDvi1yyBL5qrZpSGrrnEv/0/34352e3137312e3132322e302f32332d3332203d3e20323638383736.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.171.122.0/23

    Signature Algorithm: sha256WithRSAEncryption
         49:3f:7b:33:9a:16:30:c1:91:59:f0:0e:82:a0:c0:1c:18:ed:
         4c:5b:a7:fa:6b:a6:f8:88:c2:a2:01:c0:d5:8c:51:09:3b:1a:
         6a:b2:e2:a4:5e:17:0d:4c:27:df:ea:f0:12:34:ad:0c:9a:d8:
         d1:32:9a:86:ad:06:2f:22:dc:72:03:76:f4:52:3e:81:1c:2d:
         0b:d8:93:aa:00:3c:0d:ff:10:06:40:c3:8c:c0:d6:51:6a:a1:
         62:62:45:4e:cf:3d:56:f2:c9:74:38:e3:92:fd:9d:8d:bc:39:
         44:43:dd:03:c9:66:84:55:2b:20:36:57:fb:ab:55:c4:92:ac:
         d0:91:b2:95:e0:e1:26:66:70:d5:35:62:4f:57:f1:ad:4e:7b:
         a8:31:ee:37:85:c2:a6:0a:74:b1:14:1d:c3:96:20:56:34:ec:
         28:b8:4b:87:a7:16:df:9c:aa:13:b9:3f:f5:11:32:5f:90:00:
         bf:02:8a:5a:63:1b:80:f1:42:d5:f1:8a:c5:30:db:77:aa:71:
         01:db:8e:bb:85:77:cb:49:96:27:a4:64:b7:c2:aa:cc:aa:bb:
         27:2a:d6:3d:5e:35:3e:8a:bf:84:74:7a:28:06:f3:3b:0b:5c:
         28:d9:60:e3:96:1b:b5:cc:b7:2d:26:62:11:08:e9:98:4a:2f:
         d4:b3:90:aa
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUAgrOYQDaqUJqSxETOJ0GRA3ojUcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzVCOTkxMEM3QjRFNzFGRDJCRjlGQzFBNjY5NjdBMkI3
RDc1ODc4NjAeFw0yNDAzMjAxNDM5MDdaFw0yNTAzMTkxNDQ0MDdaMDMxMTAvBgNV
BAMTKDcxNTkxRTlDRTREODkzQ0VFNTA0NDc1REYzMzBBRDYyNzI2ODFCQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJI55i7o9UcySZ3WNq+4le7Qhg
Rhv3hvHuWxh6bvbNE8Gw4GZB/qhw4FiZObjLT4ronijUS/0chc9z3T/61HrfP9xH
1hpQzJUn7XKg/zEytbNxQ2V6+tVSk3Zuk19xQY0xsTrNbcn+2CJIaoTsmxQUmiil
YILa9ybHOvxayHr4nge9dfVRQy0oNKATixnP9XspdxjQBp0HFc8WEVLrgl7o6tJm
jcbc0UcDf2B4Ejgwfapm5PKwMlwdIkLsf+cS3U3M57tbQf6zC0h2be9NGLUxKNjh
QdjSiyLYhHiTW3QozgUAJXPjstpw66dNmkCaJrK+Tt3qMWx+Rwa/RRZcvUmlAgMB
AAGjggJRMIICTTAdBgNVHQ4EFgQUcVkenOTYk87lBEdd8zCtYnJoG7cwHwYDVR0j
BBgwFoAUxbmRDHtOcf0r+fwaZpZ6K311h4YwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vSDJITk5GVlNTbkNtNDZqODJ5QWFVREFkRHZpMXl5Qkw1cXJacFNHcnJu
RXYvMC9DNUI5OTEwQzdCNEU3MUZEMkJGOUZDMUE2Njk2N0EyQjdENzU4Nzg2LmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8wL0M1Qjk5MTBDN0I0RTcxRkQy
QkY5RkMxQTY2OTY3QTJCN0Q3NTg3ODYuY2VyMIGuBggrBgEFBQcBCwSBoTCBnjCB
mwYIKwYBBQUHMAuGgY5yc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0gySE5ORlZTU25DbTQ2ajgyeUFhVURBZER2aTF5eUJMNXFyWnBTR3JybkV2LzAv
MzQzNTJlMzEzNzMxMmUzMTMyMzIyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzMjM2
MzgzODM3MzYucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAEtq3owDQYJKoZIhvcNAQELBQADggEBAEk/ezOa
FjDBkVnwDoKgwBwY7Uxbp/prpviIwqIBwNWMUQk7Gmqy4qReFw1MJ9/q8BI0rQya
2NEymoatBi8i3HIDdvRSPoEcLQvYk6oAPA3/EAZAw4zA1lFqoWJiRU7PPVbyyXQ4
45L9nY28OURD3QPJZoRVKyA2V/urVcSSrNCRspXg4SZmcNU1Yk9X8a1Oe6gx7jeF
wqYKdLEUHcOWIFY07Ci4S4enFt+cqhO5P/URMl+QAL8CilpjG4DxQtXxisUw23eq
cQHbjruFd8tJliekZLfCqsyquycq1j1eNT6Kv4R0eigG8zsLXCjZYOOWG7XMty0m
YhEI6ZhKL9SzkKo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:43:34 2024 by rpki-client on console-ams.rpki-client.org