Route Origin Authorization

$ rpki-client -vvf rpki1.terratransit.de/repo/TerraTransit/3/3138352e3231342e3132342e302f32332d3234203d3e203437353833.roa
File:                     3138352e3231342e3132342e302f32332d3234203d3e203437353833.roa (raw, json)
Hash identifier:          q07ejp5SRi7GmB10UAJCzfqde+KWiHp7aqlbjBulrn0=
Subject key identifier:   E9:57:D0:0D:77:9E:8F:C1:B8:9B:65:71:9B:02:84:19:F7:08:AA:4C
Certificate issuer:       /CN=22d29c996abcc72c72279ef78987951b825ae400
Certificate serial:       082A588EECA52F0655B5A7C9DF905DCAA6DDA204
Authority key identifier: 22:D2:9C:99:6A:BC:C7:2C:72:27:9E:F7:89:87:95:1B:82:5A:E4:00
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ItKcmWq8xyxyJ573iYeVG4Ja5AA.cer
Subject info access:      rsync://rpki1.terratransit.de/repo/TerraTransit/3/3138352e3231342e3132342e302f32332d3234203d3e203437353833.roa
Signing time:             Sat 22 Oct 2022 04:34:08 +0000
ROA not before:           Sat 22 Oct 2022 04:29:08 +0000
ROA not after:            Sat 21 Oct 2023 04:34:08 +0000
asID:                     47583
IP address blocks:        185.214.124.0/23 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            08:2a:58:8e:ec:a5:2f:06:55:b5:a7:c9:df:90:5d:ca:a6:dd:a2:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=22d29c996abcc72c72279ef78987951b825ae400
        Validity
            Not Before: Oct 22 04:29:08 2022 GMT
            Not After : Oct 21 04:34:08 2023 GMT
        Subject: CN=E957D00D779E8FC1B89B65719B028419F708AA4C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:f3:e4:4c:20:06:04:08:75:da:a6:6f:87:37:
                    01:e5:27:f8:d2:05:6e:83:85:21:e0:bc:4e:e2:2e:
                    ad:bd:aa:69:46:fb:10:9f:6e:a6:93:67:3c:1e:99:
                    62:1d:29:c6:54:e2:e3:b3:41:d5:0c:d9:b1:ae:1d:
                    52:d5:0c:35:c0:0b:cf:84:a3:03:41:39:b8:b5:f6:
                    ae:9e:e6:a3:17:0b:ff:13:af:bf:c2:53:52:fe:37:
                    36:40:8c:55:54:5e:82:88:32:25:9a:a4:a2:d1:34:
                    02:cd:f1:34:1a:c0:8f:0f:39:81:95:a7:91:bc:e6:
                    d4:5f:4c:73:10:8e:f0:ed:db:c9:68:6f:0e:4b:4d:
                    0c:c4:8b:87:eb:e7:63:67:18:d3:ca:7a:61:ce:e7:
                    1b:2f:3b:bc:f7:85:d2:dd:c4:97:f4:43:39:35:d7:
                    35:e1:71:83:d0:a9:46:1d:e1:d8:80:9f:14:46:97:
                    00:94:8d:2a:fb:2d:25:25:76:67:db:0d:1e:c7:c6:
                    0b:f0:b3:19:26:d9:f9:62:84:08:0b:ff:83:81:03:
                    6b:b7:d7:ac:00:4c:59:9f:53:19:14:a6:9d:65:98:
                    ec:66:50:32:98:39:71:4b:04:d8:f8:0d:89:95:93:
                    74:97:12:42:84:e6:d0:46:51:92:cb:93:5b:0c:c2:
                    ad:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E9:57:D0:0D:77:9E:8F:C1:B8:9B:65:71:9B:02:84:19:F7:08:AA:4C
            X509v3 Authority Key Identifier:
                keyid:22:D2:9C:99:6A:BC:C7:2C:72:27:9E:F7:89:87:95:1B:82:5A:E4:00

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki1.terratransit.de/repo/TerraTransit/3/22D29C996ABCC72C72279EF78987951B825AE400.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ItKcmWq8xyxyJ573iYeVG4Ja5AA.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki1.terratransit.de/repo/TerraTransit/3/3138352e3231342e3132342e302f32332d3234203d3e203437353833.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.214.124.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b2:9d:6d:8a:14:e4:b7:a2:63:c9:97:40:59:88:ca:89:62:ae:
         f5:f7:e0:26:22:bf:8e:af:0c:4f:25:cb:f7:0e:04:83:20:a7:
         80:23:47:a6:34:35:d8:4f:bd:d6:df:f4:2f:49:0a:13:d7:5b:
         90:03:46:c3:87:a4:ef:b6:9e:f3:b1:19:f8:0e:f0:52:34:a0:
         d0:5f:5c:7c:f3:de:61:d5:a9:38:cd:41:d8:91:e2:60:a5:c8:
         54:31:00:65:b3:88:aa:dc:d9:52:10:f9:e4:c5:f2:61:73:68:
         b6:41:23:a0:e8:4f:8b:70:70:89:41:9c:71:2d:a7:d1:bb:bb:
         83:4a:bd:f4:f2:b4:36:46:a7:a4:61:23:ba:96:c0:7e:c9:b8:
         a4:38:22:55:5e:5e:a7:a4:bd:79:ce:47:6f:40:b7:95:af:d4:
         6e:d7:04:0b:a3:47:04:82:46:a6:1f:50:3c:87:f1:79:a0:83:
         13:86:8a:04:8b:08:6c:91:74:d9:02:06:ad:bb:8a:97:b1:ec:
         26:9a:01:90:3f:f2:4d:4b:23:53:c0:b0:f9:65:eb:c2:29:78:
         4b:54:0b:d9:0e:61:ec:d1:92:9c:6b:7c:e5:73:ca:47:bf:bf:
         2b:67:5d:50:32:e0:5b:50:2c:dd:7f:fb:dc:04:85:af:11:62:
         08:b8:a3:ac
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgIUCCpYjuylLwZVtafJ35BdyqbdogQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjJkMjljOTk2YWJjYzcyYzcyMjc5ZWY3ODk4Nzk1MWI4
MjVhZTQwMDAeFw0yMjEwMjIwNDI5MDhaFw0yMzEwMjEwNDM0MDhaMDMxMTAvBgNV
BAMTKEU5NTdEMDBENzc5RThGQzFCODlCNjU3MTlCMDI4NDE5RjcwOEFBNEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD8+RMIAYECHXapm+HNwHlJ/jS
BW6DhSHgvE7iLq29qmlG+xCfbqaTZzwemWIdKcZU4uOzQdUM2bGuHVLVDDXAC8+E
owNBObi19q6e5qMXC/8Tr7/CU1L+NzZAjFVUXoKIMiWapKLRNALN8TQawI8POYGV
p5G85tRfTHMQjvDt28lobw5LTQzEi4fr52NnGNPKemHO5xsvO7z3hdLdxJf0Qzk1
1zXhcYPQqUYd4diAnxRGlwCUjSr7LSUldmfbDR7Hxgvwsxkm2flihAgL/4OBA2u3
16wATFmfUxkUpp1lmOxmUDKYOXFLBNj4DYmVk3SXEkKE5tBGUZLLk1sMwq1zAgMB
AAGjggHzMIIB7zAdBgNVHQ4EFgQU6VfQDXeej8G4m2VxmwKEGfcIqkwwHwYDVR0j
BBgwFoAUItKcmWq8xyxyJ573iYeVG4Ja5AAwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vcnBraTEudGVycmF0cmFuc2l0LmRlL3JlcG8v
VGVycmFUcmFuc2l0LzMvMjJEMjlDOTk2QUJDQzcyQzcyMjc5RUY3ODk4Nzk1MUI4
MjVBRTQwMC5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov
L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0l0S2NtV3E4eHl4eUo1
NzNpWWVWRzRKYTVBQS5jZXIwgYoGCCsGAQUFBwELBH4wfDB6BggrBgEFBQcwC4Zu
cnN5bmM6Ly9ycGtpMS50ZXJyYXRyYW5zaXQuZGUvcmVwby9UZXJyYVRyYW5zaXQv
My8zMTM4MzUyZTMyMzEzNDJlMzEzMjM0MmUzMDJmMzIzMzJkMzIzNDIwM2QzZTIw
MzQzNzM1MzgzMy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAbnWfDANBgkqhkiG9w0BAQsFAAOCAQEAsp1t
ihTkt6JjyZdAWYjKiWKu9ffgJiK/jq8MTyXL9w4EgyCngCNHpjQ12E+91t/0L0kK
E9dbkANGw4ek77ae87EZ+A7wUjSg0F9cfPPeYdWpOM1B2JHiYKXIVDEAZbOIqtzZ
UhD55MXyYXNotkEjoOhPi3BwiUGccS2n0bu7g0q99PK0NkanpGEjupbAfsm4pDgi
VV5ep6S9ec5Hb0C3la/UbtcEC6NHBIJGph9QPIfxeaCDE4aKBIsIbJF02QIGrbuK
l7HsJpoBkD/yTUsjU8Cw+WXrwil4S1QL2Q5h7NGSnGt85XPKR7+/K2ddUDLgW1As
3X/73ASFrxFiCLijrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:59:55 2024 by rpki-client on console-ams.rpki-client.org