Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/HDKSis7YANFujr9dLEGVfFgiGG99gyZpQW7qvAtja9dt/0/3133312e302e3134322e302f32342d3234203d3e203631383835.roa
File:                     3133312e302e3134322e302f32342d3234203d3e203631383835.roa (raw, json)
Hash identifier:          b7PCXsg1RuZItimKfTuvWVCumv5u3kbW9CXSBMe583A=
Subject key identifier:   C1:42:6A:51:5E:59:62:8F:FD:39:BE:AE:12:40:FB:AD:65:DD:D7:F1
Certificate issuer:       /CN=3C7FA74CDFF1E4752479602672F26A883C7A6052
Certificate serial:       7225C56C585DD17184F2815FE87A93BA236FC883
Authority key identifier: 3C:7F:A7:4C:DF:F1:E4:75:24:79:60:26:72:F2:6A:88:3C:7A:60:52
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3C7FA74CDFF1E4752479602672F26A883C7A6052.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/HDKSis7YANFujr9dLEGVfFgiGG99gyZpQW7qvAtja9dt/0/3133312e302e3134322e302f32342d3234203d3e203631383835.roa
Signing time:             Thu 29 Aug 2024 18:19:07 +0000
ROA not before:           Thu 29 Aug 2024 18:14:07 +0000
ROA not after:            Thu 28 Aug 2025 18:19:07 +0000
asID:                     61885
IP address blocks:        131.0.142.0/24 maxlen: 24

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            72:25:c5:6c:58:5d:d1:71:84:f2:81:5f:e8:7a:93:ba:23:6f:c8:83
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=3C7FA74CDFF1E4752479602672F26A883C7A6052
        Validity
            Not Before: Aug 29 18:14:07 2024 GMT
            Not After : Aug 28 18:19:07 2025 GMT
        Subject: CN=C1426A515E59628FFD39BEAE1240FBAD65DDD7F1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:92:69:28:3a:db:62:a8:45:3e:5d:cb:03:fe:
                    4d:aa:b8:b5:df:7f:14:75:31:65:b0:32:73:a3:e9:
                    d4:c2:ed:3b:51:3f:2b:49:fd:ff:ca:dd:ba:3a:4f:
                    ad:d6:4f:39:b9:9e:e8:b3:71:1c:c6:c7:63:35:a3:
                    e1:b4:ce:ea:f4:54:c4:73:e0:c9:38:9d:4a:3a:d6:
                    0a:5e:cc:ce:c7:f1:aa:20:d0:f5:f4:c3:de:7b:a1:
                    8f:d0:5e:a4:e7:9f:e6:ea:13:06:bc:eb:b7:8f:0f:
                    b1:31:1d:50:c1:bd:ae:2c:d5:4f:f8:53:8d:d8:79:
                    d5:e2:d1:31:47:ad:72:f5:98:33:27:cc:97:64:88:
                    e9:c9:c8:0d:a9:be:15:5e:a5:4e:77:8f:56:60:0a:
                    75:1f:4f:ce:00:30:3d:5f:be:c4:c7:cb:ba:9a:4f:
                    44:33:1d:3b:76:b6:5b:31:ac:69:3e:2d:bf:73:07:
                    84:58:59:1a:a6:0e:b1:bc:b0:f6:61:6c:e8:cc:ce:
                    c9:2e:9d:af:ba:48:74:19:b2:ab:e0:2f:58:37:76:
                    29:0a:3f:c4:a5:99:a0:32:46:0b:e2:fa:c7:a9:ce:
                    80:23:40:1d:59:9f:8b:fa:c6:07:81:ee:8f:63:a2:
                    26:03:c3:7d:7e:8e:7c:4b:1b:6c:2e:60:25:07:5c:
                    3d:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:42:6A:51:5E:59:62:8F:FD:39:BE:AE:12:40:FB:AD:65:DD:D7:F1
            X509v3 Authority Key Identifier:
                keyid:3C:7F:A7:4C:DF:F1:E4:75:24:79:60:26:72:F2:6A:88:3C:7A:60:52

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/HDKSis7YANFujr9dLEGVfFgiGG99gyZpQW7qvAtja9dt/0/3C7FA74CDFF1E4752479602672F26A883C7A6052.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/3C7FA74CDFF1E4752479602672F26A883C7A6052.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/HDKSis7YANFujr9dLEGVfFgiGG99gyZpQW7qvAtja9dt/0/3133312e302e3134322e302f32342d3234203d3e203631383835.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  131.0.142.0/24

    Signature Algorithm: sha256WithRSAEncryption
         83:16:87:6f:b3:14:f0:6f:6a:bf:d1:ab:e4:71:94:2f:f9:3c:
         01:2f:8c:8e:69:e5:dd:ef:cc:1b:7f:d5:48:6b:0b:b6:eb:f9:
         18:9c:29:d2:6f:dd:04:12:36:07:e4:23:e0:4f:b8:d5:27:c1:
         24:80:56:3c:ca:b6:f7:d0:1b:23:e0:f1:e3:21:00:1a:0b:a5:
         c3:1a:ca:0b:1e:84:c7:7a:cc:f4:52:5f:20:c8:cb:3a:a4:8e:
         3a:ad:2c:a5:6f:68:18:ac:6c:63:16:29:7e:60:96:a8:f9:d3:
         4f:84:44:e6:a1:78:50:c5:d8:d4:06:9e:6b:41:14:76:c4:97:
         2d:4a:8c:c1:40:92:4b:1a:7e:f4:ac:97:4d:ef:d0:5e:e2:47:
         79:1d:6e:8d:fe:56:10:2f:d6:01:34:ef:52:d5:dc:f4:66:6c:
         9c:db:d9:a4:9f:c8:65:39:5d:9c:ec:b6:c3:c6:0c:9d:44:00:
         2d:0b:c0:c6:d1:7f:ce:e9:d9:30:99:64:b7:21:90:54:51:0f:
         3a:64:29:30:99:b1:8d:69:5e:12:9b:27:63:4d:a9:0e:a9:a0:
         08:e7:c8:bf:44:08:ac:72:68:73:f7:6b:7c:4e:41:e2:ff:99:
         f9:97:99:eb:8e:16:55:e4:1b:2c:a0:8c:93:82:ff:3d:59:d7:
         2c:c8:01:c9
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIUciXFbFhd0XGE8oFf6HqTuiNvyIMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoM0M3RkE3NENERkYxRTQ3NTI0Nzk2MDI2NzJGMjZBODgz
QzdBNjA1MjAeFw0yNDA4MjkxODE0MDdaFw0yNTA4MjgxODE5MDdaMDMxMTAvBgNV
BAMTKEMxNDI2QTUxNUU1OTYyOEZGRDM5QkVBRTEyNDBGQkFENjVEREQ3RjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6kmkoOttiqEU+XcsD/k2quLXf
fxR1MWWwMnOj6dTC7TtRPytJ/f/K3bo6T63WTzm5nuizcRzGx2M1o+G0zur0VMRz
4Mk4nUo61gpezM7H8aog0PX0w957oY/QXqTnn+bqEwa867ePD7ExHVDBva4s1U/4
U43YedXi0TFHrXL1mDMnzJdkiOnJyA2pvhVepU53j1ZgCnUfT84AMD1fvsTHy7qa
T0QzHTt2tlsxrGk+Lb9zB4RYWRqmDrG8sPZhbOjMzskuna+6SHQZsqvgL1g3dikK
P8SlmaAyRgvi+sepzoAjQB1Zn4v6xgeB7o9joiYDw31+jnxLG2wuYCUHXD37AgMB
AAGjggJNMIICSTAdBgNVHQ4EFgQUwUJqUV5ZYo/9Ob6uEkD7rWXd1/EwHwYDVR0j
BBgwFoAUPH+nTN/x5HUkeWAmcvJqiDx6YFIwDgYDVR0PAQH/BAQDAgeAMIGUBgNV
HR8EgYwwgYkwgYaggYOggYCGfnJzeW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJy
L3JlcG8vSERLU2lzN1lBTkZ1anI5ZExFR1ZmRmdpR0c5OWd5WnBRVzdxdkF0amE5
ZHQvMC8zQzdGQTc0Q0RGRjFFNDc1MjQ3OTYwMjY3MkYyNkE4ODNDN0E2MDUyLmNy
bDB4BggrBgEFBQcBAQRsMGowaAYIKwYBBQUHMAKGXHJzeW5jOi8vcnBraS1yZXBv
LnJlZ2lzdHJvLmJyL3JlcG8vbmljYnJfcmVwby8xLzNDN0ZBNzRDREZGMUU0NzUy
NDc5NjAyNjcyRjI2QTg4M0M3QTYwNTIuY2VyMIGqBggrBgEFBQcBCwSBnTCBmjCB
lwYIKwYBBQUHMAuGgYpyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBv
L0hES1NpczdZQU5GdWpyOWRMRUdWZkZnaUdHOTlneVpwUVc3cXZBdGphOWR0LzAv
MzEzMzMxMmUzMDJlMzEzNDMyMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzYzMTM4
MzgzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB
/wQQMA4wDAQCAAEwBgMEAIMAjjANBgkqhkiG9w0BAQsFAAOCAQEAgxaHb7MU8G9q
v9Gr5HGUL/k8AS+Mjmnl3e/MG3/VSGsLtuv5GJwp0m/dBBI2B+Qj4E+41SfBJIBW
PMq299AbI+Dx4yEAGgulwxrKCx6Ex3rM9FJfIMjLOqSOOq0spW9oGKxsYxYpfmCW
qPnTT4RE5qF4UMXY1Aaea0EUdsSXLUqMwUCSSxp+9KyXTe/QXuJHeR1ujf5WEC/W
ATTvUtXc9GZsnNvZpJ/IZTldnOy2w8YMnUQALQvAxtF/zunZMJlktyGQVFEPOmQp
MJmxjWleEpsnY02pDqmgCOfIv0QIrHJoc/drfE5B4v+Z+ZeZ644WVeQbLKCMk4L/
PVnXLMgByQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:55:19 2024 by rpki-client on console-fra.rpki-client.org