Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/HUcu1SCz63zDiEnhX5DG2uqwBFhc1vrtUDLzDdvwRbdC/0/323830343a363163303a343030303a3a2f33342d3334203d3e20323639323534.roa
File:                     323830343a363163303a343030303a3a2f33342d3334203d3e20323639323534.roa (raw, json)
Hash identifier:          L5I3ZOEmKpK9qqTUbW+QPyJhNNH9ZoTn2eq1Yf07nHI=
Subject key identifier:   23:97:83:40:FC:BE:19:B7:8B:2F:B3:C6:62:36:C5:BF:39:18:C9:49
Certificate issuer:       /CN=4703DF576DCFAC4B11DA9AF278028714F3ECD9FC
Certificate serial:       4FE2A89735DC7D6A2C6F1BAF8EDCFA153563390E
Authority key identifier: 47:03:DF:57:6D:CF:AC:4B:11:DA:9A:F2:78:02:87:14:F3:EC:D9:FC
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/0/4703DF576DCFAC4B11DA9AF278028714F3ECD9FC.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/HUcu1SCz63zDiEnhX5DG2uqwBFhc1vrtUDLzDdvwRbdC/0/323830343a363163303a343030303a3a2f33342d3334203d3e20323639323534.roa
Signing time:             Tue 15 Aug 2023 14:31:28 +0000
ROA not before:           Tue 15 Aug 2023 14:26:28 +0000
ROA not after:            Tue 13 Aug 2024 14:31:28 +0000
asID:                     269254
IP address blocks:        2804:61c0:4000::/34 maxlen: 34

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:e2:a8:97:35:dc:7d:6a:2c:6f:1b:af:8e:dc:fa:15:35:63:39:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4703DF576DCFAC4B11DA9AF278028714F3ECD9FC
        Validity
            Not Before: Aug 15 14:26:28 2023 GMT
            Not After : Aug 13 14:31:28 2024 GMT
        Subject: CN=3082010A02820101009D3D921986A54E0FFC366EF4A2DC495598EAA46FE2C4B3F5D7CE30BF1CB5CD2DE1BD896F4FF0962345C176DA1CFFD5DCC376541F4AB0B4076446F0B3CB4CC7577B93395BA9A82C879D413D9077419A48A7693793F95D10788295750BA2C7716F7DC726C86BFA2B6BF00157AEC9A5BE70175F6B89F7C7B7479C5058C7650703845B9319509E5B89A35A9DCF68D3E3C7F5C2C3C8D07E2C4ABEDEF409AAB1C3FBB0F2398861D1130CCA74E9D003446442DED6B50C420C0277EE13B46AF375D0797F4E9E9C0271C62E1DB5B588AAED99D42A1A3E6290B3C8474B52C563EF625CECB97FFA95592B1312F12D980463CE5A90CBAE02050FE6FB5E7EE2C9AB6FC1673CDD0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:3d:92:19:86:a5:4e:0f:fc:36:6e:f4:a2:dc:
                    49:55:98:ea:a4:6f:e2:c4:b3:f5:d7:ce:30:bf:1c:
                    b5:cd:2d:e1:bd:89:6f:4f:f0:96:23:45:c1:76:da:
                    1c:ff:d5:dc:c3:76:54:1f:4a:b0:b4:07:64:46:f0:
                    b3:cb:4c:c7:57:7b:93:39:5b:a9:a8:2c:87:9d:41:
                    3d:90:77:41:9a:48:a7:69:37:93:f9:5d:10:78:82:
                    95:75:0b:a2:c7:71:6f:7d:c7:26:c8:6b:fa:2b:6b:
                    f0:01:57:ae:c9:a5:be:70:17:5f:6b:89:f7:c7:b7:
                    47:9c:50:58:c7:65:07:03:84:5b:93:19:50:9e:5b:
                    89:a3:5a:9d:cf:68:d3:e3:c7:f5:c2:c3:c8:d0:7e:
                    2c:4a:be:de:f4:09:aa:b1:c3:fb:b0:f2:39:88:61:
                    d1:13:0c:ca:74:e9:d0:03:44:64:42:de:d6:b5:0c:
                    42:0c:02:77:ee:13:b4:6a:f3:75:d0:79:7f:4e:9e:
                    9c:02:71:c6:2e:1d:b5:b5:88:aa:ed:99:d4:2a:1a:
                    3e:62:90:b3:c8:47:4b:52:c5:63:ef:62:5c:ec:b9:
                    7f:fa:95:59:2b:13:12:f1:2d:98:04:63:ce:5a:90:
                    cb:ae:02:05:0f:e6:fb:5e:7e:e2:c9:ab:6f:c1:67:
                    3c:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:97:83:40:FC:BE:19:B7:8B:2F:B3:C6:62:36:C5:BF:39:18:C9:49
            X509v3 Authority Key Identifier:
                keyid:47:03:DF:57:6D:CF:AC:4B:11:DA:9A:F2:78:02:87:14:F3:EC:D9:FC

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/HUcu1SCz63zDiEnhX5DG2uqwBFhc1vrtUDLzDdvwRbdC/0/4703DF576DCFAC4B11DA9AF278028714F3ECD9FC.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/0/4703DF576DCFAC4B11DA9AF278028714F3ECD9FC.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/HUcu1SCz63zDiEnhX5DG2uqwBFhc1vrtUDLzDdvwRbdC/0/323830343a363163303a343030303a3a2f33342d3334203d3e20323639323534.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:61c0:4000::/34

    Signature Algorithm: sha256WithRSAEncryption
         45:94:73:c2:8e:be:8a:48:45:17:25:58:0c:ee:3e:5e:16:bf:
         6a:1d:d2:b9:27:4e:1c:51:63:58:73:dc:b5:de:12:53:2b:dd:
         07:b2:d7:44:be:09:30:9e:0a:a8:a1:55:61:22:9e:5e:13:1f:
         0a:f9:a1:12:2e:36:59:d8:a2:4a:58:f7:4b:78:4e:e9:3a:b6:
         e3:ee:f8:db:10:f5:fc:ae:06:db:bb:24:7b:2f:83:b7:07:79:
         0b:bd:30:39:57:6d:df:43:34:30:d9:3d:cc:92:67:57:d1:7d:
         6f:0c:b0:9b:3b:8e:47:b7:6a:fe:13:0a:00:df:00:e1:6e:1c:
         8e:a4:34:2c:f3:6e:22:f2:41:16:2e:90:20:0f:86:30:f8:75:
         f6:13:54:6b:f3:e0:bf:81:5e:68:21:d3:7c:b7:1f:0e:41:4d:
         32:fb:27:8a:c4:5f:8e:46:e9:a6:0d:61:20:da:ed:36:b0:50:
         72:99:fb:77:ec:31:13:a0:17:db:aa:64:b3:08:98:3e:9c:18:
         fa:7f:6f:1e:27:a7:ca:33:a2:1a:c2:cf:37:70:ad:31:b0:51:
         2f:06:be:69:5b:a5:e2:60:f2:ae:59:d6:2f:42:0e:fb:a6:ad:
         de:75:15:3b:67:cd:67:26:bb:9b:ea:6c:40:b3:26:5e:05:c8:
         20:4e:03:e5
-----BEGIN CERTIFICATE-----
MIIHTTCCBjWgAwIBAgIUT+KolzXcfWosbxuvjtz6FTVjOQ4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDcwM0RGNTc2RENGQUM0QjExREE5QUYyNzgwMjg3MTRG
M0VDRDlGQzAeFw0yMzA4MTUxNDI2MjhaFw0yNDA4MTMxNDMxMjhaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwOUQzRDkyMTk4NkE1NEUwRkZD
MzY2RUY0QTJEQzQ5NTU5OEVBQTQ2RkUyQzRCM0Y1RDdDRTMwQkYxQ0I1Q0QyREUx
QkQ4OTZGNEZGMDk2MjM0NUMxNzZEQTFDRkZENURDQzM3NjU0MUY0QUIwQjQwNzY0
NDZGMEIzQ0I0Q0M3NTc3QjkzMzk1QkE5QTgyQzg3OUQ0MTNEOTA3NzQxOUE0OEE3
NjkzNzkzRjk1RDEwNzg4Mjk1NzUwQkEyQzc3MTZGN0RDNzI2Qzg2QkZBMkI2QkYw
MDE1N0FFQzlBNUJFNzAxNzVGNkI4OUY3QzdCNzQ3OUM1MDU4Qzc2NTA3MDM4NDVC
OTMxOTUwOUU1Qjg5QTM1QTlEQ0Y2OEQzRTNDN0Y1QzJDM0M4RDA3RTJDNEFCRURF
RjQwOUFBQjFDM0ZCQjBGMjM5ODg2MUQxMTMwQ0NBNzRFOUQwMDM0NDY0NDJERUQ2
QjUwQzQyMEMwMjc3RUUxM0I0NkFGMzc1RDA3OTdGNEU5RTlDMDI3MUM2MkUxREI1
QjU4OEFBRUQ5OUQ0MkExQTNFNjI5MEIzQzg0NzRCNTJDNTYzRUY2MjVDRUNCOTdG
RkE5NTU5MkIxMzEyRjEyRDk4MDQ2M0NFNUE5MENCQUUwMjA1MEZFNkZCNUU3RUUy
QzlBQjZGQzE2NzNDREQwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAnT2SGYalTg/8Nm70otxJVZjqpG/ixLP1184wvxy1zS3hvYlvT/CW
I0XBdtoc/9Xcw3ZUH0qwtAdkRvCzy0zHV3uTOVupqCyHnUE9kHdBmkinaTeT+V0Q
eIKVdQuix3FvfccmyGv6K2vwAVeuyaW+cBdfa4n3x7dHnFBYx2UHA4RbkxlQnluJ
o1qdz2jT48f1wsPI0H4sSr7e9AmqscP7sPI5iGHREwzKdOnQA0RkQt7WtQxCDAJ3
7hO0avN10Hl/Tp6cAnHGLh21tYiq7ZnUKho+YpCzyEdLUsVj72Jc7Ll/+pVZKxMS
8S2YBGPOWpDLrgIFD+b7Xn7iyatvwWc83QIDAQABo4ICWzCCAlcwHQYDVR0OBBYE
FCOXg0D8vhm3iy+zxmI2xb85GMlJMB8GA1UdIwQYMBaAFEcD31dtz6xLEdqa8ngC
hxTz7Nn8MA4GA1UdDwEB/wQEAwIHgDCBlAYDVR0fBIGMMIGJMIGGoIGDoIGAhn5y
c3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBvL0hVY3UxU0N6NjN6RGlF
bmhYNURHMnVxd0JGaGMxdnJ0VURMekRkdndSYmRDLzAvNDcwM0RGNTc2RENGQUM0
QjExREE5QUYyNzgwMjg3MTRGM0VDRDlGQy5jcmwweAYIKwYBBQUHAQEEbDBqMGgG
CCsGAQUFBzAChlxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBvL25p
Y2JyX3JlcG8vMC80NzAzREY1NzZEQ0ZBQzRCMTFEQTlBRjI3ODAyODcxNEYzRUNE
OUZDLmNlcjCBtgYIKwYBBQUHAQsEgakwgaYwgaMGCCsGAQUFBzALhoGWcnN5bmM6
Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby9IVWN1MVNDejYzekRpRW5oWDVE
RzJ1cXdCRmhjMXZydFVETHpEZHZ3UmJkQy8wLzMyMzgzMDM0M2EzNjMxNjMzMDNh
MzQzMDMwMzAzYTNhMmYzMzM0MmQzMzM0MjAzZDNlMjAzMjM2MzkzMjM1MzQucm9h
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgYoBGHAQDANBgkqhkiG9w0BAQsFAAOCAQEARZRzwo6+ikhFFyVYDO4+
Xha/ah3SuSdOHFFjWHPctd4SUyvdB7LXRL4JMJ4KqKFVYSKeXhMfCvmhEi42Wdii
Slj3S3hO6Tq24+742xD1/K4G27skey+Dtwd5C70wOVdt30M0MNk9zJJnV9F9bwyw
mzuOR7dq/hMKAN8A4W4cjqQ0LPNuIvJBFi6QIA+GMPh19hNUa/Pgv4FeaCHTfLcf
DkFNMvsnisRfjkbppg1hINrtNrBQcpn7d+wxE6AX26pkswiYPpwY+n9vHienyjOi
GsLPN3CtMbBRLwa+aVul4mDyrlnWL0IO+6at3nUVO2fNZya7m+psQLMmXgXIIE4D
5Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:43:38 2024 by rpki-client on console-ams.rpki-client.org