Route Origin Authorization

$ rpki-client -vvf rpki1.terratransit.de/repo/TerraTransit/4/33312e3232302e33302e302f32342d3234203d3e203530363733.roa
File:                     33312e3232302e33302e302f32342d3234203d3e203530363733.roa (raw, json)
Hash identifier:          yMlKEzCgw2hmCFNgaSEHadGRy85URWw4VhV0TOznSXY=
Subject key identifier:   BF:D8:13:D8:A7:52:10:6A:FC:BE:F2:1E:71:B6:27:B3:03:39:6E:E9
Certificate issuer:       /CN=a6b65d4709f6cfd999a287789392baa6d3a5dcea
Certificate serial:       0C194D5A66D044F64F7B80F2863F6006C558B057
Authority key identifier: A6:B6:5D:47:09:F6:CF:D9:99:A2:87:78:93:92:BA:A6:D3:A5:DC:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/prZdRwn2z9mZood4k5K6ptOl3Oo.cer
Subject info access:      rsync://rpki1.terratransit.de/repo/TerraTransit/4/33312e3232302e33302e302f32342d3234203d3e203530363733.roa
Signing time:             Sat 22 Oct 2022 04:34:34 +0000
ROA not before:           Sat 22 Oct 2022 04:29:34 +0000
ROA not after:            Sat 21 Oct 2023 04:34:34 +0000
asID:                     50673
IP address blocks:        31.220.30.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:19:4d:5a:66:d0:44:f6:4f:7b:80:f2:86:3f:60:06:c5:58:b0:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6b65d4709f6cfd999a287789392baa6d3a5dcea
        Validity
            Not Before: Oct 22 04:29:34 2022 GMT
            Not After : Oct 21 04:34:34 2023 GMT
        Subject: CN=BFD813D8A752106AFCBEF21E71B627B303396EE9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:04:a7:be:20:15:a9:89:b5:a6:61:a9:78:94:
                    1a:42:1e:25:59:4a:eb:01:a1:21:d9:6d:a0:39:e9:
                    24:66:4a:16:43:c4:fc:5c:38:87:8e:78:10:43:f5:
                    dc:88:01:6f:f6:45:e0:51:9e:d5:ef:50:7a:f1:0d:
                    13:45:ce:ee:7e:4f:95:a9:7e:0c:11:87:ef:0b:72:
                    63:a8:2c:64:e9:43:32:30:30:af:3c:1e:d8:2f:1c:
                    a6:5a:e6:18:7d:a2:6e:10:08:8c:b8:82:c4:2c:20:
                    6f:34:ca:48:eb:ed:60:5d:68:64:f5:8c:f8:71:f9:
                    cb:76:b9:b7:68:e3:53:5a:78:5b:b7:fb:c4:72:fa:
                    22:08:88:d4:65:e5:69:c2:df:74:47:83:5c:18:4c:
                    f3:6d:7c:69:49:9f:3b:1e:c9:24:21:72:0c:d6:97:
                    12:62:3e:78:b4:33:bb:31:9b:92:a2:25:4b:71:33:
                    21:5f:02:f0:34:18:0b:3d:c8:9d:48:7e:83:a3:88:
                    fe:d3:5d:4b:6a:97:c7:b9:bb:7d:b1:16:cd:05:3f:
                    03:62:ae:23:7c:59:6b:c5:9f:b0:23:52:c1:cb:b0:
                    e6:e4:ff:6c:3f:16:3f:71:0b:24:75:3f:8c:ef:72:
                    c9:fe:90:bf:fa:b7:c0:21:3c:bd:56:08:e5:80:5f:
                    e4:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:D8:13:D8:A7:52:10:6A:FC:BE:F2:1E:71:B6:27:B3:03:39:6E:E9
            X509v3 Authority Key Identifier:
                keyid:A6:B6:5D:47:09:F6:CF:D9:99:A2:87:78:93:92:BA:A6:D3:A5:DC:EA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki1.terratransit.de/repo/TerraTransit/4/A6B65D4709F6CFD999A287789392BAA6D3A5DCEA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/prZdRwn2z9mZood4k5K6ptOl3Oo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki1.terratransit.de/repo/TerraTransit/4/33312e3232302e33302e302f32342d3234203d3e203530363733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.220.30.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:e0:20:66:e1:5d:fa:1c:16:a4:d1:dc:78:eb:4b:3c:2b:8d:
         fe:b1:58:5d:0e:18:8f:3c:74:76:c1:3f:d1:f0:b3:76:c3:ab:
         60:5f:1a:47:4b:e6:e0:a1:f3:dc:ae:61:58:8d:5f:e8:39:06:
         36:2f:51:c5:43:57:79:b8:13:ff:7a:f5:72:1e:9a:58:fe:29:
         73:46:9e:e2:99:8e:22:28:25:3f:e3:68:27:4a:f5:d0:51:95:
         bc:23:ec:ac:0c:1c:73:a8:b7:32:54:0c:0e:2d:7c:10:81:2c:
         e4:d8:9b:2a:27:a5:a1:89:e7:be:c9:7e:34:5b:d8:b2:c4:c8:
         29:31:3d:51:f8:c6:f1:c7:1d:01:65:c3:81:5d:31:f1:ff:dd:
         30:f5:8d:28:28:b7:a2:5e:8a:b3:c4:7f:cc:38:d6:fd:1c:8e:
         0a:af:59:f1:8d:3c:5d:21:42:80:e9:4b:c7:97:23:82:f4:15:
         35:c8:1e:75:89:d6:bb:b4:fc:b3:bf:34:32:47:a5:1e:4d:d9:
         35:b9:99:14:06:4c:69:b0:0c:57:06:b3:b2:89:ef:13:20:63:
         b7:d4:43:ef:8e:aa:10:a2:8b:cc:52:9a:09:1c:36:22:99:fb:
         47:f7:20:45:74:f4:30:c2:99:3e:1b:5c:82:31:69:fb:ba:39:
         d6:a7:25:99
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUDBlNWmbQRPZPe4Dyhj9gBsVYsFcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTZiNjVkNDcwOWY2Y2ZkOTk5YTI4Nzc4OTM5MmJhYTZk
M2E1ZGNlYTAeFw0yMjEwMjIwNDI5MzRaFw0yMzEwMjEwNDM0MzRaMDMxMTAvBgNV
BAMTKEJGRDgxM0Q4QTc1MjEwNkFGQ0JFRjIxRTcxQjYyN0IzMDMzOTZFRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoBKe+IBWpibWmYal4lBpCHiVZ
SusBoSHZbaA56SRmShZDxPxcOIeOeBBD9dyIAW/2ReBRntXvUHrxDRNFzu5+T5Wp
fgwRh+8LcmOoLGTpQzIwMK88HtgvHKZa5hh9om4QCIy4gsQsIG80ykjr7WBdaGT1
jPhx+ct2ubdo41NaeFu3+8Ry+iIIiNRl5WnC33RHg1wYTPNtfGlJnzseySQhcgzW
lxJiPni0M7sxm5KiJUtxMyFfAvA0GAs9yJ1IfoOjiP7TXUtql8e5u32xFs0FPwNi
riN8WWvFn7AjUsHLsObk/2w/Fj9xCyR1P4zvcsn+kL/6t8AhPL1WCOWAX+R3AgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQUv9gT2KdSEGr8vvIecbYnswM5bukwHwYDVR0j
BBgwFoAUprZdRwn2z9mZood4k5K6ptOl3OowDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vcnBraTEudGVycmF0cmFuc2l0LmRlL3JlcG8v
VGVycmFUcmFuc2l0LzQvQTZCNjVENDcwOUY2Q0ZEOTk5QTI4Nzc4OTM5MkJBQTZE
M0E1RENFQS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov
L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ByWmRSd24yejltWm9v
ZDRrNUs2cHRPbDNPby5jZXIwgYYGCCsGAQUFBwELBHoweDB2BggrBgEFBQcwC4Zq
cnN5bmM6Ly9ycGtpMS50ZXJyYXRyYW5zaXQuZGUvcmVwby9UZXJyYVRyYW5zaXQv
NC8zMzMxMmUzMjMyMzAyZTMzMzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNTMw
MzYzNzMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQAH9weMA0GCSqGSIb3DQEBCwUAA4IBAQA44CBm4V36
HBak0dx460s8K43+sVhdDhiPPHR2wT/R8LN2w6tgXxpHS+bgofPcrmFYjV/oOQY2
L1HFQ1d5uBP/evVyHppY/ilzRp7imY4iKCU/42gnSvXQUZW8I+ysDBxzqLcyVAwO
LXwQgSzk2JsqJ6Whiee+yX40W9iyxMgpMT1R+Mbxxx0BZcOBXTHx/90w9Y0oKLei
XoqzxH/MONb9HI4Kr1nxjTxdIUKA6UvHlyOC9BU1yB51ida7tPyzvzQyR6UeTdk1
uZkUBkxpsAxXBrOyie8TIGO31EPvjqoQoovMUpoJHDYimftH9yBFdPQwwpk+G1yC
MWn7ujnWpyWZ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:50 2023 by rpki-client on console-fra.rpki-client.org