Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/RKmrZAKEVeoH7YVe7YGgUjVpJoYTqSGKnHTeXbEqF3b/1/3137302e38322e37322e302f32322d3232203d3e20323632353639.roa
File:                     3137302e38322e37322e302f32322d3232203d3e20323632353639.roa (raw, json)
Hash identifier:          sLSq/dYnNsIp4aerM6oKILh4nb7NkIkFKpKXHHAjhbw=
Subject key identifier:   D9:A1:3F:DE:B6:38:62:26:9A:38:54:49:02:4B:CF:94:43:2D:9F:5B
Certificate issuer:       /CN=22191C91C699626F1DF3C3B76D44F235C4976110
Certificate serial:       3ED6020666C41427CB1290E69AA3C64958CDD781
Authority key identifier: 22:19:1C:91:C6:99:62:6F:1D:F3:C3:B7:6D:44:F2:35:C4:97:61:10
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/22191C91C699626F1DF3C3B76D44F235C4976110.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/RKmrZAKEVeoH7YVe7YGgUjVpJoYTqSGKnHTeXbEqF3b/1/3137302e38322e37322e302f32322d3232203d3e20323632353639.roa
Signing time:             Thu 04 Apr 2024 07:20:42 +0000
ROA not before:           Thu 04 Apr 2024 07:15:42 +0000
ROA not after:            Thu 03 Apr 2025 07:20:42 +0000
asID:                     262569
IP address blocks:        170.82.72.0/22 maxlen: 22

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:d6:02:06:66:c4:14:27:cb:12:90:e6:9a:a3:c6:49:58:cd:d7:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22191C91C699626F1DF3C3B76D44F235C4976110
        Validity
            Not Before: Apr  4 07:15:42 2024 GMT
            Not After : Apr  3 07:20:42 2025 GMT
        Subject: CN=D9A13FDEB63862269A385449024BCF94432D9F5B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:dd:98:ab:c2:21:04:e3:df:fc:14:de:76:b0:
                    25:95:29:60:aa:10:09:49:9b:87:43:b4:71:ea:18:
                    a6:ed:73:e2:5f:90:61:99:2c:25:7b:0e:3e:c7:98:
                    e7:25:67:bb:57:99:a0:44:ae:c0:99:8e:2c:21:5f:
                    f2:5c:3c:ca:d5:c6:81:ea:32:4d:bb:94:fe:72:0f:
                    b7:93:bf:7a:6a:6f:8b:dd:7a:6a:37:2a:ac:c2:69:
                    97:19:db:4c:ec:e6:83:b4:c4:4b:d2:64:b6:37:bf:
                    4e:c9:6f:34:4f:83:23:51:c6:61:78:f3:8f:47:35:
                    cc:30:57:3e:fe:ad:cb:6f:0a:51:4b:b4:be:ef:15:
                    f3:4a:be:82:07:0c:91:fe:2c:45:e1:02:12:15:96:
                    2b:31:02:11:8b:fa:32:95:31:45:3f:38:75:8b:c2:
                    63:ef:2b:99:ba:43:1b:a1:26:aa:69:5d:db:d9:04:
                    a7:8f:ad:a1:07:38:43:e3:d7:01:45:45:55:bb:f1:
                    c9:57:38:37:e1:28:98:51:65:0f:7a:b3:75:25:de:
                    a5:03:56:3d:0f:39:39:ae:88:63:8e:57:da:66:d8:
                    f6:fd:85:75:1b:a3:c5:1b:f8:3a:c6:8c:1e:b8:95:
                    95:26:ff:5e:a5:37:51:38:c8:95:90:c8:20:1e:a3:
                    f0:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D9:A1:3F:DE:B6:38:62:26:9A:38:54:49:02:4B:CF:94:43:2D:9F:5B
            X509v3 Authority Key Identifier:
                keyid:22:19:1C:91:C6:99:62:6F:1D:F3:C3:B7:6D:44:F2:35:C4:97:61:10

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/RKmrZAKEVeoH7YVe7YGgUjVpJoYTqSGKnHTeXbEqF3b/1/22191C91C699626F1DF3C3B76D44F235C4976110.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/22191C91C699626F1DF3C3B76D44F235C4976110.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/RKmrZAKEVeoH7YVe7YGgUjVpJoYTqSGKnHTeXbEqF3b/1/3137302e38322e37322e302f32322d3232203d3e20323632353639.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.82.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         31:12:8b:3a:27:c8:a0:73:81:e2:b7:ab:11:e1:19:b6:b7:c0:
         d4:03:3b:a5:41:96:a0:b4:98:cd:1a:70:cb:d5:eb:76:5e:1e:
         4f:f1:74:02:79:96:a2:af:79:a3:bd:6a:bb:c9:14:20:85:e6:
         4b:43:7e:0c:a0:4b:fc:ff:68:cd:08:a6:56:4a:52:e9:c2:ba:
         17:fb:03:1a:a3:a9:c4:ba:80:e4:6f:09:56:0a:98:f3:b9:85:
         65:23:d0:60:65:d1:ca:c6:9d:de:fd:41:07:98:5f:d1:ec:dd:
         c6:db:95:6d:b4:49:ee:95:80:1c:f4:bc:5e:1f:34:ee:40:e4:
         b2:60:53:97:c2:e3:b0:cf:8a:05:a2:45:f1:7a:8d:99:b9:57:
         5f:2d:32:89:12:f9:d6:be:84:3f:4f:3a:0f:81:dc:aa:63:7e:
         39:0e:bd:69:77:c0:7e:32:69:48:28:e6:36:2f:d7:a4:93:92:
         0c:b6:fc:23:0f:72:2f:6c:a2:92:5b:ff:c6:34:c5:94:2d:33:
         af:60:79:c4:c1:5f:4a:a4:65:8d:b1:66:b4:e1:1c:f2:ec:98:
         3e:be:bd:cb:1c:0c:4c:aa:2c:61:63:0a:bb:9e:61:3a:4b:00:
         cd:27:09:ef:6e:3a:ea:b7:f5:ec:ff:09:6d:31:37:92:94:1a:
         b8:27:f6:57
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUPtYCBmbEFCfLEpDmmqPGSVjN14EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjIxOTFDOTFDNjk5NjI2RjFERjNDM0I3NkQ0NEYyMzVD
NDk3NjExMDAeFw0yNDA0MDQwNzE1NDJaFw0yNTA0MDMwNzIwNDJaMDMxMTAvBgNV
BAMTKEQ5QTEzRkRFQjYzODYyMjY5QTM4NTQ0OTAyNEJDRjk0NDMyRDlGNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCY3ZirwiEE49/8FN52sCWVKWCq
EAlJm4dDtHHqGKbtc+JfkGGZLCV7Dj7HmOclZ7tXmaBErsCZjiwhX/JcPMrVxoHq
Mk27lP5yD7eTv3pqb4vdemo3KqzCaZcZ20zs5oO0xEvSZLY3v07JbzRPgyNRxmF4
849HNcwwVz7+rctvClFLtL7vFfNKvoIHDJH+LEXhAhIVlisxAhGL+jKVMUU/OHWL
wmPvK5m6QxuhJqppXdvZBKePraEHOEPj1wFFRVW78clXODfhKJhRZQ96s3Ul3qUD
Vj0POTmuiGOOV9pm2Pb9hXUbo8Ub+DrGjB64lZUm/16lN1E4yJWQyCAeo/AbAgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQU2aE/3rY4YiaaOFRJAkvPlEMtn1swHwYDVR0j
BBgwFoAUIhkckcaZYm8d88O3bUTyNcSXYRAwDgYDVR0PAQH/BAQDAgeAMIGSBgNV
HR8EgYowgYcwgYSggYGgf4Z9cnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIv
cmVwby9SS21yWkFLRVZlb0g3WVZlN1lHZ1VqVnBKb1lUcVNHS25IVGVYYkVxRjNi
LzEvMjIxOTFDOTFDNjk5NjI2RjFERjNDM0I3NkQ0NEYyMzVDNDk3NjExMC5jcmww
eAYIKwYBBQUHAQEEbDBqMGgGCCsGAQUFBzAChlxyc3luYzovL3Jwa2ktcmVwby5y
ZWdpc3Ryby5ici9yZXBvL25pY2JyX3JlcG8vMS8yMjE5MUM5MUM2OTk2MjZGMURG
M0MzQjc2RDQ0RjIzNUM0OTc2MTEwLmNlcjCBqwYIKwYBBQUHAQsEgZ4wgZswgZgG
CCsGAQUFBzALhoGLcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby9S
S21yWkFLRVZlb0g3WVZlN1lHZ1VqVnBKb1lUcVNHS25IVGVYYkVxRjNiLzEvMzEz
NzMwMmUzODMyMmUzNzMyMmUzMDJmMzIzMjJkMzIzMjIwM2QzZTIwMzIzNjMyMzUz
NjM5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQCqlJIMA0GCSqGSIb3DQEBCwUAA4IBAQAxEos6J8igc4Hi
t6sR4Rm2t8DUAzulQZagtJjNGnDL1et2Xh5P8XQCeZair3mjvWq7yRQgheZLQ34M
oEv8/2jNCKZWSlLpwroX+wMao6nEuoDkbwlWCpjzuYVlI9BgZdHKxp3e/UEHmF/R
7N3G25VttEnulYAc9LxeHzTuQOSyYFOXwuOwz4oFokXxeo2ZuVdfLTKJEvnWvoQ/
TzoPgdyqY345Dr1pd8B+MmlIKOY2L9ekk5IMtvwjD3IvbKKSW//GNMWULTOvYHnE
wV9KpGWNsWa04Rzy7Jg+vr3LHAxMqixhYwq7nmE6SwDNJwnvbjrqt/Xs/wltMTeS
lBq4J/ZX
-----END CERTIFICATE-----
Generated at Tue Jul 23 12:21:38 2024 by rpki-client on console-fra.rpki-client.org