Route Origin Authorization

$ rpki-client -vvf rpki-repo.registro.br/repo/bqipfjTFrVGPSGzm1PqFsetLjr6XXWPEcUXksbdVzwF/0/3137302e37382e32302e302f32322d3332203d3e20323633323932.roa
File:                     3137302e37382e32302e302f32322d3332203d3e20323633323932.roa (raw, json)
Hash identifier:          0cKwWxMgVtgo3drZZRVpWkdlXkAfaO9iCrles4xFmSw=
Subject key identifier:   36:F8:7E:5A:FA:51:7B:B9:B9:C4:A7:DB:4E:C9:51:F3:C7:B2:D1:FB
Certificate issuer:       /CN=E191DE3900DF8BA232F6BBC8D029D80A32B4CB7B
Certificate serial:       18BDA1BD46C906E6B48CE2D76D8954122538373D
Authority key identifier: E1:91:DE:39:00:DF:8B:A2:32:F6:BB:C8:D0:29:D8:0A:32:B4:CB:7B
Authority info access:    rsync://rpki-repo.registro.br/repo/nicbr_repo/1/E191DE3900DF8BA232F6BBC8D029D80A32B4CB7B.cer
Subject info access:      rsync://rpki-repo.registro.br/repo/bqipfjTFrVGPSGzm1PqFsetLjr6XXWPEcUXksbdVzwF/0/3137302e37382e32302e302f32322d3332203d3e20323633323932.roa
Signing time:             Wed 08 May 2024 20:21:10 +0000
ROA not before:           Wed 08 May 2024 20:16:10 +0000
ROA not after:            Wed 07 May 2025 20:21:10 +0000
asID:                     263292
IP address blocks:        170.78.20.0/22 maxlen: 32

Validation:               Failed, unable to get certificate CRL

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            18:bd:a1:bd:46:c9:06:e6:b4:8c:e2:d7:6d:89:54:12:25:38:37:3d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E191DE3900DF8BA232F6BBC8D029D80A32B4CB7B
        Validity
            Not Before: May  8 20:16:10 2024 GMT
            Not After : May  7 20:21:10 2025 GMT
        Subject: CN=36F87E5AFA517BB9B9C4A7DB4EC951F3C7B2D1FB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:eb:58:4e:73:3e:3e:13:99:92:8c:31:e6:e8:
                    74:5b:4d:73:23:1d:2a:ed:95:96:c5:15:28:09:b3:
                    76:2c:aa:26:a4:77:91:6f:d9:0e:eb:3b:89:3b:4a:
                    5c:64:93:02:c3:da:4b:87:1b:a4:b6:5f:d4:7f:2e:
                    81:ef:cf:28:a2:f4:a0:f7:23:a1:f0:23:d5:fe:0b:
                    3f:37:1b:a8:d5:b3:f6:5e:96:70:a3:e8:5a:ad:6f:
                    fc:f4:89:1d:a9:88:8c:f6:8a:e6:bd:69:a0:ea:74:
                    0d:30:96:72:96:14:09:b1:2d:65:3b:3c:d1:9c:2d:
                    61:b8:2e:92:97:22:63:4d:1f:49:f3:44:15:7e:9b:
                    30:4a:8b:f7:f1:52:62:92:00:1c:74:8e:0f:57:c4:
                    4d:ab:29:ca:6f:6a:18:f8:1e:fd:31:fe:b6:75:72:
                    80:f5:3a:3d:55:5b:cd:65:85:d7:8b:74:66:7b:81:
                    1f:e2:bf:13:2d:29:b3:33:d7:a1:92:37:f5:20:bf:
                    e7:47:3f:f5:8b:24:9f:8a:57:c1:85:19:3c:b7:03:
                    c5:2a:9e:29:71:0a:1a:25:71:2a:b4:5a:a8:a7:47:
                    5b:98:c9:37:85:81:01:0d:b3:80:63:96:46:bc:3c:
                    02:1f:9a:86:60:7f:82:5d:a0:72:db:48:ac:94:d6:
                    43:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                36:F8:7E:5A:FA:51:7B:B9:B9:C4:A7:DB:4E:C9:51:F3:C7:B2:D1:FB
            X509v3 Authority Key Identifier:
                keyid:E1:91:DE:39:00:DF:8B:A2:32:F6:BB:C8:D0:29:D8:0A:32:B4:CB:7B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repo.registro.br/repo/bqipfjTFrVGPSGzm1PqFsetLjr6XXWPEcUXksbdVzwF/0/E191DE3900DF8BA232F6BBC8D029D80A32B4CB7B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repo.registro.br/repo/nicbr_repo/1/E191DE3900DF8BA232F6BBC8D029D80A32B4CB7B.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-repo.registro.br/repo/bqipfjTFrVGPSGzm1PqFsetLjr6XXWPEcUXksbdVzwF/0/3137302e37382e32302e302f32322d3332203d3e20323633323932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  170.78.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         23:f2:40:c4:86:27:de:aa:96:ef:5a:0b:95:18:04:3a:9b:d0:
         0e:e8:c7:3a:f0:d7:b5:85:9e:3b:9c:a6:e1:35:f8:00:60:1a:
         d8:e1:d9:09:a4:20:9e:c1:52:50:f6:17:e3:63:8d:5b:05:49:
         c3:8b:0c:10:2f:73:f2:b9:a4:bd:6c:8f:d2:6e:b5:90:3d:62:
         0b:51:00:dd:34:7d:89:21:a9:02:c7:a7:08:94:5b:32:e7:54:
         65:7a:63:21:99:35:bd:84:b1:2b:81:d8:70:ec:bb:7e:48:52:
         aa:f1:cd:8d:5a:84:34:5f:d3:ee:25:20:ab:81:76:df:15:e0:
         15:ae:4e:1b:08:ec:4a:fd:88:82:70:0a:8d:0c:2a:cf:fa:b7:
         2d:e4:c7:14:99:87:6d:59:cd:a7:72:24:8b:50:d6:a0:4d:9f:
         15:a9:f9:e6:ea:ea:a5:bb:63:b5:d9:ce:87:ed:4b:60:0b:91:
         bc:56:2a:51:4d:99:ea:ba:09:9c:f2:ac:26:25:0d:0a:b6:5e:
         79:38:c2:ee:ba:ab:4b:ec:2e:5a:89:5a:19:88:b5:79:88:f3:
         0f:85:07:7b:5d:a6:1f:21:d1:ab:ea:c2:53:a6:83:c1:dc:cf:
         1e:ee:34:20:0a:1f:ae:54:a8:67:8d:c8:c2:9c:a5:b5:54:f6:
         32:98:86:0d
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIUGL2hvUbJBua0jOLXbYlUEiU4Nz0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRTE5MURFMzkwMERGOEJBMjMyRjZCQkM4RDAyOUQ4MEEz
MkI0Q0I3QjAeFw0yNDA1MDgyMDE2MTBaFw0yNTA1MDcyMDIxMTBaMDMxMTAvBgNV
BAMTKDM2Rjg3RTVBRkE1MTdCQjlCOUM0QTdEQjRFQzk1MUYzQzdCMkQxRkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ61hOcz4+E5mSjDHm6HRbTXMj
HSrtlZbFFSgJs3Ysqiakd5Fv2Q7rO4k7SlxkkwLD2kuHG6S2X9R/LoHvzyii9KD3
I6HwI9X+Cz83G6jVs/ZelnCj6Fqtb/z0iR2piIz2iua9aaDqdA0wlnKWFAmxLWU7
PNGcLWG4LpKXImNNH0nzRBV+mzBKi/fxUmKSABx0jg9XxE2rKcpvahj4Hv0x/rZ1
coD1Oj1VW81lhdeLdGZ7gR/ivxMtKbMz16GSN/Ugv+dHP/WLJJ+KV8GFGTy3A8Uq
nilxCholcSq0WqinR1uYyTeFgQENs4Bjlka8PAIfmoZgf4JdoHLbSKyU1kNVAgMB
AAGjggJMMIICSDAdBgNVHQ4EFgQUNvh+WvpRe7m5xKfbTslR88ey0fswHwYDVR0j
BBgwFoAU4ZHeOQDfi6Iy9rvI0CnYCjK0y3swDgYDVR0PAQH/BAQDAgeAMIGSBgNV
HR8EgYowgYcwgYSggYGgf4Z9cnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIv
cmVwby9icWlwZmpURnJWR1BTR3ptMVBxRnNldExqcjZYWFdQRWNVWGtzYmRWendG
LzAvRTE5MURFMzkwMERGOEJBMjMyRjZCQkM4RDAyOUQ4MEEzMkI0Q0I3Qi5jcmww
eAYIKwYBBQUHAQEEbDBqMGgGCCsGAQUFBzAChlxyc3luYzovL3Jwa2ktcmVwby5y
ZWdpc3Ryby5ici9yZXBvL25pY2JyX3JlcG8vMS9FMTkxREUzOTAwREY4QkEyMzJG
NkJCQzhEMDI5RDgwQTMyQjRDQjdCLmNlcjCBqwYIKwYBBQUHAQsEgZ4wgZswgZgG
CCsGAQUFBzALhoGLcnN5bmM6Ly9ycGtpLXJlcG8ucmVnaXN0cm8uYnIvcmVwby9i
cWlwZmpURnJWR1BTR3ptMVBxRnNldExqcjZYWFdQRWNVWGtzYmRWendGLzAvMzEz
NzMwMmUzNzM4MmUzMjMwMmUzMDJmMzIzMjJkMzMzMjIwM2QzZTIwMzIzNjMzMzIz
OTMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/
BBAwDjAMBAIAATAGAwQCqk4UMA0GCSqGSIb3DQEBCwUAA4IBAQAj8kDEhifeqpbv
WguVGAQ6m9AO6Mc68Ne1hZ47nKbhNfgAYBrY4dkJpCCewVJQ9hfjY41bBUnDiwwQ
L3PyuaS9bI/SbrWQPWILUQDdNH2JIakCx6cIlFsy51RlemMhmTW9hLErgdhw7Lt+
SFKq8c2NWoQ0X9PuJSCrgXbfFeAVrk4bCOxK/YiCcAqNDCrP+rct5McUmYdtWc2n
ciSLUNagTZ8Vqfnm6uqlu2O12c6H7UtgC5G8VipRTZnqugmc8qwmJQ0Ktl55OMLu
uqtL7C5aiVoZiLV5iPMPhQd7XaYfIdGr6sJTpoPB3M8e7jQgCh+uVKhnjcjCnKW1
VPYymIYN
-----END CERTIFICATE-----
Generated at Sun Aug 11 11:30:01 2024 by rpki-client on console-fra.rpki-client.org