Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/KiEkP5zy2dnvxp3ZeGdG1aPAhA6s5ZYxjuJYh8vCVBx/0/3136382e3139372e37362e302f32322d3234203d3e20323633363536.roa
File:                     3136382e3139372e37362e302f32322d3234203d3e20323633363536.roa (raw, json)
Hash identifier:          IqyqKjBSx/LtVmISLZjPX6mEG+Uza+NXOFl7Yh6Oiqk=
Subject key identifier:   32:CC:FA:C9:5E:04:1D:A2:D6:7C:D7:6D:4D:B5:ED:55:C0:57:A2:A1
Certificate issuer:       /CN=9129AD41D8674385271EFA3A05D3D27494319FC0
Certificate serial:       3C5E5DEF21C96341942923EFAC7E1456EBF13BA7
Authority key identifier: 91:29:AD:41:D8:67:43:85:27:1E:FA:3A:05:D3:D2:74:94:31:9F:C0
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/0/9129AD41D8674385271EFA3A05D3D27494319FC0.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/KiEkP5zy2dnvxp3ZeGdG1aPAhA6s5ZYxjuJYh8vCVBx/0/3136382e3139372e37362e302f32322d3234203d3e20323633363536.roa
Signing time:             Thu 12 Oct 2023 18:24:00 +0000
ROA not before:           Thu 12 Oct 2023 18:19:00 +0000
ROA not after:            Thu 10 Oct 2024 18:24:00 +0000
asID:                     263656
IP address blocks:        168.197.76.0/22 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:5e:5d:ef:21:c9:63:41:94:29:23:ef:ac:7e:14:56:eb:f1:3b:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9129AD41D8674385271EFA3A05D3D27494319FC0
        Validity
            Not Before: Oct 12 18:19:00 2023 GMT
            Not After : Oct 10 18:24:00 2024 GMT
        Subject: CN=3082010A0282010100FAAC33392B8FA861832E80D9C3AB3FBB3B054B0592524A86AA117ABEEE6E2A89B87D1EF6E2782FD18C7BF927F9F318292D40B8E7CB0B6AD29DEE16D111224FF6F59FF36BAB32E0848F41E8F796ACE548312CE6883E3859F35C12F4B9BD62639F65E34B4BC2B457DD920681E1802C5B3E15EB10BA80749DB6038C66EEFC9E5F637E68F3A24C76C5A261C8A029349DADE28667428882427354A6C65413AEFC9F0CA0C4978D950B65C465ECA39754ED596065405940468EBBBA987C980CF937486A7F37771047A5F9E0217E1943222545BE216FB548D87D20A7B1BFE440315E427DEA32E93385106DB465FC40476B4C21AFF8CACDE5FDE190BA74E559BF29793E4F0203010001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fa:ac:33:39:2b:8f:a8:61:83:2e:80:d9:c3:ab:
                    3f:bb:3b:05:4b:05:92:52:4a:86:aa:11:7a:be:ee:
                    6e:2a:89:b8:7d:1e:f6:e2:78:2f:d1:8c:7b:f9:27:
                    f9:f3:18:29:2d:40:b8:e7:cb:0b:6a:d2:9d:ee:16:
                    d1:11:22:4f:f6:f5:9f:f3:6b:ab:32:e0:84:8f:41:
                    e8:f7:96:ac:e5:48:31:2c:e6:88:3e:38:59:f3:5c:
                    12:f4:b9:bd:62:63:9f:65:e3:4b:4b:c2:b4:57:dd:
                    92:06:81:e1:80:2c:5b:3e:15:eb:10:ba:80:74:9d:
                    b6:03:8c:66:ee:fc:9e:5f:63:7e:68:f3:a2:4c:76:
                    c5:a2:61:c8:a0:29:34:9d:ad:e2:86:67:42:88:82:
                    42:73:54:a6:c6:54:13:ae:fc:9f:0c:a0:c4:97:8d:
                    95:0b:65:c4:65:ec:a3:97:54:ed:59:60:65:40:59:
                    40:46:8e:bb:ba:98:7c:98:0c:f9:37:48:6a:7f:37:
                    77:10:47:a5:f9:e0:21:7e:19:43:22:25:45:be:21:
                    6f:b5:48:d8:7d:20:a7:b1:bf:e4:40:31:5e:42:7d:
                    ea:32:e9:33:85:10:6d:b4:65:fc:40:47:6b:4c:21:
                    af:f8:ca:cd:e5:fd:e1:90:ba:74:e5:59:bf:29:79:
                    3e:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:CC:FA:C9:5E:04:1D:A2:D6:7C:D7:6D:4D:B5:ED:55:C0:57:A2:A1
            X509v3 Authority Key Identifier:
                keyid:91:29:AD:41:D8:67:43:85:27:1E:FA:3A:05:D3:D2:74:94:31:9F:C0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/KiEkP5zy2dnvxp3ZeGdG1aPAhA6s5ZYxjuJYh8vCVBx/0/9129AD41D8674385271EFA3A05D3D27494319FC0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/0/9129AD41D8674385271EFA3A05D3D27494319FC0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/KiEkP5zy2dnvxp3ZeGdG1aPAhA6s5ZYxjuJYh8vCVBx/0/3136382e3139372e37362e302f32322d3234203d3e20323633363536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  168.197.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         0a:15:70:89:a4:01:c6:38:44:2e:b0:6e:33:00:f8:bb:19:e2:
         81:aa:0b:be:f5:b0:d6:32:c3:26:4e:3c:1d:1a:14:c7:42:2b:
         2c:a1:27:32:e2:60:e0:32:72:e7:92:24:7f:18:2f:a4:83:f5:
         ab:6d:95:03:a8:09:bf:79:ce:45:78:4b:f3:9d:90:bd:ca:b8:
         3d:51:51:3f:5d:91:b4:11:71:38:4a:44:0c:5e:19:b3:86:4f:
         d9:b4:c4:88:9d:dd:1c:70:e0:87:c8:80:b5:92:f9:79:c9:9c:
         61:40:74:9e:cb:04:85:f7:a2:67:33:18:82:cb:22:07:c9:30:
         a7:46:40:c0:ba:94:ed:6c:27:10:a6:6f:f9:cd:cc:9a:3c:a3:
         02:16:29:f5:65:0d:31:da:56:16:a2:2e:05:7d:a3:7a:82:bc:
         e2:df:39:6a:0b:0f:2b:eb:99:95:e1:34:80:5a:e2:a5:02:60:
         12:a3:eb:ed:f5:06:2f:f7:1a:6c:42:c6:1f:d8:1e:ed:c0:fd:
         71:98:23:81:5d:a7:f3:25:c2:31:6a:1a:67:b7:15:21:47:f5:
         ff:d3:5b:18:d4:52:3d:7b:07:3e:33:e6:4a:f7:7b:c0:46:f9:
         e3:f5:39:ac:aa:57:9a:f2:b7:45:2a:9c:df:6c:26:03:0f:4f:
         38:ef:47:ff
-----BEGIN CERTIFICATE-----
MIIHQDCCBiigAwIBAgIUPF5d7yHJY0GUKSPvrH4UVuvxO6cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOTEyOUFENDFEODY3NDM4NTI3MUVGQTNBMDVEM0QyNzQ5
NDMxOUZDMDAeFw0yMzEwMTIxODE5MDBaFw0yNDEwMTAxODI0MDBaMIICLTGCAikw
ggIlBgNVBAMTggIcMzA4MjAxMEEwMjgyMDEwMTAwRkFBQzMzMzkyQjhGQTg2MTgz
MkU4MEQ5QzNBQjNGQkIzQjA1NEIwNTkyNTI0QTg2QUExMTdBQkVFRTZFMkE4OUI4
N0QxRUY2RTI3ODJGRDE4QzdCRjkyN0Y5RjMxODI5MkQ0MEI4RTdDQjBCNkFEMjlE
RUUxNkQxMTEyMjRGRjZGNTlGRjM2QkFCMzJFMDg0OEY0MUU4Rjc5NkFDRTU0ODMx
MkNFNjg4M0UzODU5RjM1QzEyRjRCOUJENjI2MzlGNjVFMzRCNEJDMkI0NTdERDky
MDY4MUUxODAyQzVCM0UxNUVCMTBCQTgwNzQ5REI2MDM4QzY2RUVGQzlFNUY2MzdF
NjhGM0EyNEM3NkM1QTI2MUM4QTAyOTM0OURBREUyODY2NzQyODg4MjQyNzM1NEE2
QzY1NDEzQUVGQzlGMENBMEM0OTc4RDk1MEI2NUM0NjVFQ0EzOTc1NEVENTk2MDY1
NDA1OTQwNDY4RUJCQkE5ODdDOTgwQ0Y5Mzc0ODZBN0YzNzc3MTA0N0E1RjlFMDIx
N0UxOTQzMjIyNTQ1QkUyMTZGQjU0OEQ4N0QyMEE3QjFCRkU0NDAzMTVFNDI3REVB
MzJFOTMzODUxMDZEQjQ2NUZDNDA0NzZCNEMyMUFGRjhDQUNERTVGREUxOTBCQTc0
RTU1OUJGMjk3OTNFNEYwMjAzMDEwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA+qwzOSuPqGGDLoDZw6s/uzsFSwWSUkqGqhF6vu5uKom4fR724ngv
0Yx7+Sf58xgpLUC458sLatKd7hbRESJP9vWf82urMuCEj0Ho95as5UgxLOaIPjhZ
81wS9Lm9YmOfZeNLS8K0V92SBoHhgCxbPhXrELqAdJ22A4xm7vyeX2N+aPOiTHbF
omHIoCk0na3ihmdCiIJCc1SmxlQTrvyfDKDEl42VC2XEZeyjl1TtWWBlQFlARo67
uph8mAz5N0hqfzd3EEel+eAhfhlDIiVFviFvtUjYfSCnsb/kQDFeQn3qMukzhRBt
tGX8QEdrTCGv+MrN5f3hkLp05Vm/KXk+TwIDAQABo4ICTjCCAkowHQYDVR0OBBYE
FDLM+sleBB2i1nzXbU217VXAV6KhMB8GA1UdIwQYMBaAFJEprUHYZ0OFJx76OgXT
0nSUMZ/AMA4GA1UdDwEB/wQEAwIHgDCBkgYDVR0fBIGKMIGHMIGEoIGBoH+GfXJz
eW5jOi8vcnBraS1yZXBvLnJlZ2lzdHJvLmJyL3JlcG8vS2lFa1A1enkyZG52eHAz
WmVHZEcxYVBBaEE2czVaWXhqdUpZaDh2Q1ZCeC8wLzkxMjlBRDQxRDg2NzQzODUy
NzFFRkEzQTA1RDNEMjc0OTQzMTlGQzAuY3JsMHgGCCsGAQUFBwEBBGwwajBoBggr
BgEFBQcwAoZccnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby9uaWNi
cl9yZXBvLzAvOTEyOUFENDFEODY3NDM4NTI3MUVGQTNBMDVEM0QyNzQ5NDMxOUZD
MC5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5jOi8v
cnBraS1yZXBvLnJlZ2lzdHJvLmJyL3JlcG8vS2lFa1A1enkyZG52eHAzWmVHZEcx
YVBBaEE2czVaWXhqdUpZaDh2Q1ZCeC8wLzMxMzYzODJlMzEzOTM3MmUzNzM2MmUz
MDJmMzIzMjJkMzIzNDIwM2QzZTIwMzIzNjMzMzYzNTM2LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCqMVM
MA0GCSqGSIb3DQEBCwUAA4IBAQAKFXCJpAHGOEQusG4zAPi7GeKBqgu+9bDWMsMm
TjwdGhTHQissoScy4mDgMnLnkiR/GC+kg/WrbZUDqAm/ec5FeEvznZC9yrg9UVE/
XZG0EXE4SkQMXhmzhk/ZtMSInd0ccOCHyIC1kvl5yZxhQHSeywSF96JnMxiCyyIH
yTCnRkDAupTtbCcQpm/5zcyaPKMCFin1ZQ0x2lYWoi4FfaN6grzi3zlqCw8r65mV
4TSAWuKlAmASo+vt9QYv9xpsQsYf2B7twP1xmCOBXafzJcIxahpntxUhR/X/01sY
1FI9ewc+M+ZK93vARvnj9Tmsqlea8rdFKpzfbCYDD08470f/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:43:56 2024 by rpki-client on console-ams.rpki-client.org