Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/HYUHERJsUAGNNZza4YuYZ1eCqizGa8dcwtFxPpnzE5sV/0/323830343a366230343a3a2f33322d3338203d3e20323730333732.roa
File:                     323830343a366230343a3a2f33322d3338203d3e20323730333732.roa (raw, json)
Hash identifier:          2tBpMMP53jBDF9xfBCfIq9GzaHgVcj4OVYnW5SGbKwE=
Subject key identifier:   AF:AB:C8:F2:B0:8D:4F:FA:81:7D:98:32:A6:2E:D1:74:9C:D5:42:BE
Certificate issuer:       /CN=2D7D054EC0EA14BF7017E2F0D1306132D9F375AD
Certificate serial:       686BA930F7F6B41C2A957BE3BDBADD6FC63AEEE6
Authority key identifier: 2D:7D:05:4E:C0:EA:14:BF:70:17:E2:F0:D1:30:61:32:D9:F3:75:AD
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/0/2D7D054EC0EA14BF7017E2F0D1306132D9F375AD.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/HYUHERJsUAGNNZza4YuYZ1eCqizGa8dcwtFxPpnzE5sV/0/323830343a366230343a3a2f33322d3338203d3e20323730333732.roa
Signing time:             Mon 11 Dec 2023 21:00:00 +0000
ROA not before:           Mon 11 Dec 2023 20:55:00 +0000
ROA not after:            Mon 09 Dec 2024 21:00:00 +0000
asID:                     270372
IP address blocks:        2804:6b04::/32 maxlen: 38

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            68:6b:a9:30:f7:f6:b4:1c:2a:95:7b:e3:bd:ba:dd:6f:c6:3a:ee:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2D7D054EC0EA14BF7017E2F0D1306132D9F375AD
        Validity
            Not Before: Dec 11 20:55:00 2023 GMT
            Not After : Dec  9 21:00:00 2024 GMT
        Subject: CN=3082010A0282010100DDB7F23B47BB0CD056C0F0F466A4B3B5590A4A0B18ECA173A98218CC7921EF830B2DF8240A09B207F90D7E53F481509CC1B9E55E4ED9A7D436013829823D513A2893C77638705152A6C7E6279C6924048E8C89FF6CBBF73801D2CC94404D9E64C196FB4BDEE143D9F5D307653C4801B35BE9E1CC3C08A020557CDAAA87D2E743190144F5E7C9E9BD8D7A6CC28E90B0565C7C18197DD8A22AABFB2B9D448283F7428DE77012B23BFCCCF9820BFC02D233306670C52B8D8DCCCCA80AA474746321318CF7500ED4B88BB9E526EE65CF295D18B36B065B1FA1A033C79DC7E7B5E38668AD507A63970E26263E8E31F8CC1BC9400A5FCF5D60C41464B3B1DC17BC0D470203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:b7:f2:3b:47:bb:0c:d0:56:c0:f0:f4:66:a4:
                    b3:b5:59:0a:4a:0b:18:ec:a1:73:a9:82:18:cc:79:
                    21:ef:83:0b:2d:f8:24:0a:09:b2:07:f9:0d:7e:53:
                    f4:81:50:9c:c1:b9:e5:5e:4e:d9:a7:d4:36:01:38:
                    29:82:3d:51:3a:28:93:c7:76:38:70:51:52:a6:c7:
                    e6:27:9c:69:24:04:8e:8c:89:ff:6c:bb:f7:38:01:
                    d2:cc:94:40:4d:9e:64:c1:96:fb:4b:de:e1:43:d9:
                    f5:d3:07:65:3c:48:01:b3:5b:e9:e1:cc:3c:08:a0:
                    20:55:7c:da:aa:87:d2:e7:43:19:01:44:f5:e7:c9:
                    e9:bd:8d:7a:6c:c2:8e:90:b0:56:5c:7c:18:19:7d:
                    d8:a2:2a:ab:fb:2b:9d:44:82:83:f7:42:8d:e7:70:
                    12:b2:3b:fc:cc:f9:82:0b:fc:02:d2:33:30:66:70:
                    c5:2b:8d:8d:cc:cc:a8:0a:a4:74:74:63:21:31:8c:
                    f7:50:0e:d4:b8:8b:b9:e5:26:ee:65:cf:29:5d:18:
                    b3:6b:06:5b:1f:a1:a0:33:c7:9d:c7:e7:b5:e3:86:
                    68:ad:50:7a:63:97:0e:26:26:3e:8e:31:f8:cc:1b:
                    c9:40:0a:5f:cf:5d:60:c4:14:64:b3:b1:dc:17:bc:
                    0d:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AF:AB:C8:F2:B0:8D:4F:FA:81:7D:98:32:A6:2E:D1:74:9C:D5:42:BE
            X509v3 Authority Key Identifier:
                keyid:2D:7D:05:4E:C0:EA:14:BF:70:17:E2:F0:D1:30:61:32:D9:F3:75:AD

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/HYUHERJsUAGNNZza4YuYZ1eCqizGa8dcwtFxPpnzE5sV/0/2D7D054EC0EA14BF7017E2F0D1306132D9F375AD.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/0/2D7D054EC0EA14BF7017E2F0D1306132D9F375AD.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/HYUHERJsUAGNNZza4YuYZ1eCqizGa8dcwtFxPpnzE5sV/0/323830343a366230343a3a2f33322d3338203d3e20323730333732.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2804:6b04::/32

    Signature Algorithm: sha256WithRSAEncryption
         19:e4:21:ba:da:57:5e:05:fc:08:66:58:c8:d6:79:ab:93:23:
         4d:47:d5:37:69:d2:ad:2d:ea:00:ce:64:a5:b6:aa:9d:2e:d6:
         15:53:fe:35:1a:fc:28:07:90:de:5f:3d:8a:04:86:e4:12:9e:
         28:99:e9:33:6e:8c:bc:e0:ae:df:30:61:8e:66:8d:ad:70:5a:
         10:de:8e:09:bd:67:19:15:4f:6c:30:32:4f:a4:fd:9b:81:d9:
         42:02:bd:a7:8e:d5:60:d5:f6:99:dc:5e:4d:71:4f:e4:74:86:
         a0:07:47:d9:7c:49:b8:be:ce:20:55:34:2f:d5:3f:61:91:4e:
         38:c8:f9:8a:b2:dd:b6:b3:1c:d2:a0:89:1e:0f:01:a3:af:99:
         10:a8:89:bb:c4:f9:32:7b:fb:fe:71:cb:63:78:cc:e7:a6:59:
         58:b0:ae:34:b6:4f:42:6f:20:b7:ea:dc:16:f5:6a:bb:ea:fe:
         bc:3f:87:f6:84:1b:64:32:3c:e6:7d:d9:b9:95:23:5a:82:3a:
         9a:3d:78:64:c9:53:04:c1:65:d4:52:72:30:41:23:42:f2:53:
         b3:96:b2:0f:76:e6:69:6e:67:b1:d3:3f:8e:52:a9:33:47:cf:
         64:d7:0e:ea:e7:6e:40:db:33:90:db:b2:71:7d:3a:43:b5:cc:
         87:23:d7:13
-----BEGIN CERTIFICATE-----
MIIHQjCCBiqgAwIBAgIUaGupMPf2tBwqlXvjvbrdb8Y67uYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkQ3RDA1NEVDMEVBMTRCRjcwMTdFMkYwRDEzMDYxMzJE
OUYzNzVBRDAeFw0yMzEyMTEyMDU1MDBaFw0yNDEyMDkyMTAwMDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRERCN0YyM0I0N0JCMENEMDU2
QzBGMEY0NjZBNEIzQjU1OTBBNEEwQjE4RUNBMTczQTk4MjE4Q0M3OTIxRUY4MzBC
MkRGODI0MEEwOUIyMDdGOTBEN0U1M0Y0ODE1MDlDQzFCOUU1NUU0RUQ5QTdENDM2
MDEzODI5ODIzRDUxM0EyODkzQzc3NjM4NzA1MTUyQTZDN0U2Mjc5QzY5MjQwNDhF
OEM4OUZGNkNCQkY3MzgwMUQyQ0M5NDQwNEQ5RTY0QzE5NkZCNEJERUUxNDNEOUY1
RDMwNzY1M0M0ODAxQjM1QkU5RTFDQzNDMDhBMDIwNTU3Q0RBQUE4N0QyRTc0MzE5
MDE0NEY1RTdDOUU5QkQ4RDdBNkNDMjhFOTBCMDU2NUM3QzE4MTk3REQ4QTIyQUFC
RkIyQjlENDQ4MjgzRjc0MjhERTc3MDEyQjIzQkZDQ0NGOTgyMEJGQzAyRDIzMzMw
NjY3MEM1MkI4RDhEQ0NDQ0E4MEFBNDc0NzQ2MzIxMzE4Q0Y3NTAwRUQ0Qjg4QkI5
RTUyNkVFNjVDRjI5NUQxOEIzNkIwNjVCMUZBMUEwMzNDNzlEQzdFN0I1RTM4NjY4
QUQ1MDdBNjM5NzBFMjYyNjNFOEUzMUY4Q0MxQkM5NDAwQTVGQ0Y1RDYwQzQxNDY0
QjNCMURDMTdCQzBENDcwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA3bfyO0e7DNBWwPD0ZqSztVkKSgsY7KFzqYIYzHkh74MLLfgkCgmy
B/kNflP0gVCcwbnlXk7Zp9Q2ATgpgj1ROiiTx3Y4cFFSpsfmJ5xpJASOjIn/bLv3
OAHSzJRATZ5kwZb7S97hQ9n10wdlPEgBs1vp4cw8CKAgVXzaqofS50MZAUT158np
vY16bMKOkLBWXHwYGX3Yoiqr+yudRIKD90KN53ASsjv8zPmCC/wC0jMwZnDFK42N
zMyoCqR0dGMhMYz3UA7UuIu55SbuZc8pXRizawZbH6GgM8edx+e144ZorVB6Y5cO
JiY+jjH4zBvJQApfz11gxBRks7HcF7wNRwIDAQABo4ICUDCCAkwwHQYDVR0OBBYE
FK+ryPKwjU/6gX2YMqYu0XSc1UK+MB8GA1UdIwQYMBaAFC19BU7A6hS/cBfi8NEw
YTLZ83WtMA4GA1UdDwEB/wQEAwIHgDCBlAYDVR0fBIGMMIGJMIGGoIGDoIGAhn5y
c3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBvL0hZVUhFUkpzVUFHTk5a
emE0WXVZWjFlQ3FpekdhOGRjd3RGeFBwbnpFNXNWLzAvMkQ3RDA1NEVDMEVBMTRC
RjcwMTdFMkYwRDEzMDYxMzJEOUYzNzVBRC5jcmwweAYIKwYBBQUHAQEEbDBqMGgG
CCsGAQUFBzAChlxyc3luYzovL3Jwa2ktcmVwby5yZWdpc3Ryby5ici9yZXBvL25p
Y2JyX3JlcG8vMC8yRDdEMDU0RUMwRUExNEJGNzAxN0UyRjBEMTMwNjEzMkQ5RjM3
NUFELmNlcjCBrAYIKwYBBQUHAQsEgZ8wgZwwgZkGCCsGAQUFBzALhoGMcnN5bmM6
Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby9IWVVIRVJKc1VBR05OWnphNFl1
WVoxZUNxaXpHYThkY3d0RnhQcG56RTVzVi8wLzMyMzgzMDM0M2EzNjYyMzAzNDNh
M2EyZjMzMzIyZDMzMzgyMDNkM2UyMDMyMzczMDMzMzczMi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACgE
awQwDQYJKoZIhvcNAQELBQADggEBABnkIbraV14F/AhmWMjWeauTI01H1Tdp0q0t
6gDOZKW2qp0u1hVT/jUa/CgHkN5fPYoEhuQSniiZ6TNujLzgrt8wYY5mja1wWhDe
jgm9ZxkVT2wwMk+k/ZuB2UICvaeO1WDV9pncXk1xT+R0hqAHR9l8Sbi+ziBVNC/V
P2GRTjjI+Yqy3bazHNKgiR4PAaOvmRCoibvE+TJ7+/5xy2N4zOemWViwrjS2T0Jv
ILfq3Bb1arvq/rw/h/aEG2QyPOZ92bmVI1qCOpo9eGTJUwTBZdRScjBBI0LyU7OW
sg925mluZ7HTP45SqTNHz2TXDurnbkDbM5DbsnF9OkO1zIcj1xM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:43:38 2024 by rpki-client on console-ams.rpki-client.org