Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/QJZjKCm6U2AQhPFF2V8qZXeUDWVbmjk9AY5oqNaeDn9/0/3133382e3138362e3131322e302f32322d3232203d3e20323633383636.roa
File:                     3133382e3138362e3131322e302f32322d3232203d3e20323633383636.roa (raw, json)
Hash identifier:          SzDNttml+a9K+9hSHNLxHD8svWIYL9xGfME4kJ+48D4=
Subject key identifier:   01:AA:E2:54:46:56:60:50:92:D8:93:FE:8D:1F:1E:9A:C2:68:29:AC
Certificate issuer:       /CN=4A621C555E0A637F8A588F23BDFAF9CBF530BD49
Certificate serial:       4F8E36C0AB957BE51AC92C6DBC445EBAFA018EB7
Authority key identifier: 4A:62:1C:55:5E:0A:63:7F:8A:58:8F:23:BD:FA:F9:CB:F5:30:BD:49
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/0/4A621C555E0A637F8A588F23BDFAF9CBF530BD49.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/QJZjKCm6U2AQhPFF2V8qZXeUDWVbmjk9AY5oqNaeDn9/0/3133382e3138362e3131322e302f32322d3232203d3e20323633383636.roa
Signing time:             Thu 19 Oct 2023 20:40:58 +0000
ROA not before:           Thu 19 Oct 2023 20:35:58 +0000
ROA not after:            Thu 17 Oct 2024 20:40:58 +0000
asID:                     263866
IP address blocks:        138.186.112.0/22 maxlen: 22

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4f:8e:36:c0:ab:95:7b:e5:1a:c9:2c:6d:bc:44:5e:ba:fa:01:8e:b7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=4A621C555E0A637F8A588F23BDFAF9CBF530BD49
        Validity
            Not Before: Oct 19 20:35:58 2023 GMT
            Not After : Oct 17 20:40:58 2024 GMT
        Subject: CN=01AAE2544656605092D893FE8D1F1E9AC26829AC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:65:14:1b:c1:0d:93:82:ad:57:80:17:87:0f:
                    d7:3e:25:27:16:9a:bb:33:33:ab:a4:e4:73:4e:70:
                    ec:d2:a9:ef:a0:39:b2:7d:6c:0e:4d:6c:0b:12:7d:
                    c4:14:f7:db:6f:5c:d9:81:e1:b0:0a:1f:6c:ab:03:
                    ba:78:bf:88:2d:19:54:22:1d:b5:82:0b:ac:e9:0b:
                    52:e2:8d:81:0c:30:bc:3c:39:41:fd:84:db:1a:79:
                    f7:e8:e4:5c:47:a4:6c:b2:3c:80:72:09:b4:bb:1f:
                    c6:72:d0:fc:b8:fe:ad:4d:44:ea:1e:4a:61:25:27:
                    78:a6:33:81:22:94:8e:3d:8a:b8:64:2a:26:17:61:
                    de:79:aa:3b:6d:64:65:11:b5:4c:48:8e:02:92:26:
                    42:8d:95:e8:63:2c:67:07:f2:ad:ab:eb:ff:d3:0a:
                    dd:f1:70:b0:32:b8:61:1f:1f:fd:c4:eb:a8:6a:43:
                    66:df:0f:98:4d:5a:56:25:64:df:f7:cf:ef:52:81:
                    54:bf:5c:89:81:2d:9e:1b:33:dc:16:7d:6f:53:fe:
                    6d:6e:ab:62:2c:d4:9f:4a:7a:4e:6d:56:99:34:c1:
                    5d:be:c7:2c:f0:28:0b:ad:f7:9c:cb:26:9b:56:63:
                    81:4c:7e:28:2b:52:73:d5:15:a4:cc:eb:82:d5:1d:
                    ba:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:AA:E2:54:46:56:60:50:92:D8:93:FE:8D:1F:1E:9A:C2:68:29:AC
            X509v3 Authority Key Identifier:
                keyid:4A:62:1C:55:5E:0A:63:7F:8A:58:8F:23:BD:FA:F9:CB:F5:30:BD:49

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/QJZjKCm6U2AQhPFF2V8qZXeUDWVbmjk9AY5oqNaeDn9/0/4A621C555E0A637F8A588F23BDFAF9CBF530BD49.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/0/4A621C555E0A637F8A588F23BDFAF9CBF530BD49.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/QJZjKCm6U2AQhPFF2V8qZXeUDWVbmjk9AY5oqNaeDn9/0/3133382e3138362e3131322e302f32322d3232203d3e20323633383636.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.186.112.0/22

    Signature Algorithm: sha256WithRSAEncryption
         51:f2:ff:95:b6:20:60:2a:67:af:cb:fd:76:68:17:9c:87:e7:
         7b:dc:5a:ea:d8:f3:61:01:9e:ca:a9:ae:a6:b1:5c:a6:eb:c1:
         32:85:e9:19:42:7f:90:be:41:1c:fa:9e:ea:7c:e0:92:34:81:
         8c:fe:18:bf:36:d9:69:c3:c5:3b:9d:84:4c:c1:28:84:e7:e7:
         88:c5:83:3d:8d:67:b1:87:f2:2e:4d:17:fc:a1:c8:b5:39:65:
         75:6e:e4:8d:b3:30:71:1e:e9:b2:6a:f2:d9:c3:07:84:88:25:
         ec:94:43:5d:75:78:49:0a:5b:61:a2:89:16:73:f9:b7:21:c2:
         05:8b:77:ff:ee:27:81:98:c8:b3:4a:c8:05:29:39:ba:33:d1:
         01:c1:17:fb:88:01:5c:98:48:ae:7a:5b:34:81:81:35:05:07:
         be:bd:15:55:05:af:9a:84:02:13:9f:9d:aa:a9:32:ab:13:1c:
         8b:05:e5:0b:4f:b6:30:cc:01:04:c2:ae:65:ac:4d:54:2b:8f:
         03:30:08:a9:d6:ce:d4:21:29:1e:f6:b5:b5:63:c6:10:fb:80:
         24:f2:41:ad:7f:3c:7a:4c:e6:ab:92:7c:23:6c:db:96:23:c4:
         a6:a3:db:7d:ba:e6:5f:6e:5c:72:30:51:ef:24:1b:08:19:cf:
         fe:5e:e9:14
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIUT442wKuVe+UaySxtvEReuvoBjrcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNEE2MjFDNTU1RTBBNjM3RjhBNTg4RjIzQkRGQUY5Q0JG
NTMwQkQ0OTAeFw0yMzEwMTkyMDM1NThaFw0yNDEwMTcyMDQwNThaMDMxMTAvBgNV
BAMTKDAxQUFFMjU0NDY1NjYwNTA5MkQ4OTNGRThEMUYxRTlBQzI2ODI5QUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDZRQbwQ2Tgq1XgBeHD9c+JScW
mrszM6uk5HNOcOzSqe+gObJ9bA5NbAsSfcQU99tvXNmB4bAKH2yrA7p4v4gtGVQi
HbWCC6zpC1LijYEMMLw8OUH9hNsaeffo5FxHpGyyPIByCbS7H8Zy0Py4/q1NROoe
SmElJ3imM4EilI49irhkKiYXYd55qjttZGURtUxIjgKSJkKNlehjLGcH8q2r6//T
Ct3xcLAyuGEfH/3E66hqQ2bfD5hNWlYlZN/3z+9SgVS/XImBLZ4bM9wWfW9T/m1u
q2Is1J9Kek5tVpk0wV2+xyzwKAut95zLJptWY4FMfigrUnPVFaTM64LVHbrXAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUAariVEZWYFCS2JP+jR8emsJoKawwHwYDVR0j
BBgwFoAUSmIcVV4KY3+KWI8jvfr5y/UwvUkwDgYDVR0PAQH/BAQDAgeAMIGSBgNV
HR8EgYowgYcwgYSggYGgf4Z9cnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIv
cmVwby9RSlpqS0NtNlUyQVFoUEZGMlY4cVpYZVVEV1ZibWprOUFZNW9xTmFlRG45
LzAvNEE2MjFDNTU1RTBBNjM3RjhBNTg4RjIzQkRGQUY5Q0JGNTMwQkQ0OS5jcmww
eAYIKwYBBQUHAQEEbDBqMGgGCCsGAQUFBzAChlxyc3luYzovL3Jwa2ktcmVwby5y
ZWdpc3Ryby5ici9yZXBvL25pY2JyX3JlcG8vMC80QTYyMUM1NTVFMEE2MzdGOEE1
ODhGMjNCREZBRjlDQkY1MzBCRDQ5LmNlcjCBrwYIKwYBBQUHAQsEgaIwgZ8wgZwG
CCsGAQUFBzALhoGPcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby9R
SlpqS0NtNlUyQVFoUEZGMlY4cVpYZVVEV1ZibWprOUFZNW9xTmFlRG45LzAvMzEz
MzM4MmUzMTM4MzYyZTMxMzEzMjJlMzAyZjMyMzIyZDMyMzIyMDNkM2UyMDMyMzYz
MzM4MzYzNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcB
BwEB/wQQMA4wDAQCAAEwBgMEAoq6cDANBgkqhkiG9w0BAQsFAAOCAQEAUfL/lbYg
YCpnr8v9dmgXnIfne9xa6tjzYQGeyqmuprFcpuvBMoXpGUJ/kL5BHPqe6nzgkjSB
jP4YvzbZacPFO52ETMEohOfniMWDPY1nsYfyLk0X/KHItTlldW7kjbMwcR7psmry
2cMHhIgl7JRDXXV4SQpbYaKJFnP5tyHCBYt3/+4ngZjIs0rIBSk5ujPRAcEX+4gB
XJhIrnpbNIGBNQUHvr0VVQWvmoQCE5+dqqkyqxMciwXlC0+2MMwBBMKuZaxNVCuP
AzAIqdbO1CEpHva1tWPGEPuAJPJBrX88ekzmq5J8I2zbliPEpqPbfbrmX25ccjBR
7yQbCBnP/l7pFA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:06 2024 by rpki-client on console-fra.rpki-client.org