Route Origin Authorization

$ rpki-client -vvf rpki1.terratransit.de/repo/TerraTransit/4/33312e3232302e34342e302f32332d3233203d3e203530363733.roa
File:                     33312e3232302e34342e302f32332d3233203d3e203530363733.roa (raw, json)
Hash identifier:          DPN+NCduXkL81/EAnMKH5PAufPGOa+RChaTBuWluaPk=
Subject key identifier:   5A:B8:16:E7:54:B1:87:E6:E4:CD:9C:86:A1:E5:18:5B:01:33:8B:1E
Certificate issuer:       /CN=a6b65d4709f6cfd999a287789392baa6d3a5dcea
Certificate serial:       75E90736277649F804C4F72ECFF5B5F31250CA9A
Authority key identifier: A6:B6:5D:47:09:F6:CF:D9:99:A2:87:78:93:92:BA:A6:D3:A5:DC:EA
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/prZdRwn2z9mZood4k5K6ptOl3Oo.cer
Subject info access:      rsync://rpki1.terratransit.de/repo/TerraTransit/4/33312e3232302e34342e302f32332d3233203d3e203530363733.roa
Signing time:             Sat 22 Oct 2022 04:34:09 +0000
ROA not before:           Sat 22 Oct 2022 04:29:09 +0000
ROA not after:            Sat 21 Oct 2023 04:34:09 +0000
asID:                     50673
IP address blocks:        31.220.44.0/23 maxlen: 23

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:e9:07:36:27:76:49:f8:04:c4:f7:2e:cf:f5:b5:f3:12:50:ca:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a6b65d4709f6cfd999a287789392baa6d3a5dcea
        Validity
            Not Before: Oct 22 04:29:09 2022 GMT
            Not After : Oct 21 04:34:09 2023 GMT
        Subject: CN=5AB816E754B187E6E4CD9C86A1E5185B01338B1E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:89:f2:fd:42:ec:74:33:38:e2:cf:82:16:77:
                    74:36:ba:52:51:a8:7b:5c:3b:30:66:18:13:77:be:
                    a7:a2:5f:70:4b:fc:0f:55:b5:c4:41:25:cc:9a:c6:
                    2b:a5:8c:0f:6e:9b:48:a1:d5:01:8d:56:e3:93:24:
                    d3:73:2e:61:c9:fa:0e:8e:0a:39:6b:c9:2d:4f:2f:
                    96:75:63:52:4b:3b:51:df:21:77:54:c3:ed:b2:88:
                    f5:10:57:c1:87:25:93:fc:6d:9d:e7:0f:2e:b9:2e:
                    40:75:9f:88:b9:14:c6:17:62:e7:4c:3e:13:73:3d:
                    37:fd:f9:a6:e0:8e:00:67:ac:67:fd:ed:d9:74:b3:
                    fc:9f:3d:c7:ac:e5:a1:26:c0:ee:02:59:a7:93:60:
                    a7:6c:e5:54:d0:45:ef:cb:0a:13:82:bd:23:0f:c6:
                    16:09:2a:94:25:d3:49:e8:4b:a2:73:8b:2f:04:ba:
                    1f:c8:ad:cd:3f:88:2c:29:3d:74:e0:fb:5e:f2:d6:
                    73:59:8b:91:ed:d4:07:12:a7:da:18:13:ad:5a:18:
                    7d:d9:af:9b:3b:69:e9:b4:a4:7b:ff:73:7e:4c:ca:
                    11:e8:c0:b7:21:fb:51:af:c6:ca:81:75:33:58:bb:
                    75:6c:38:46:29:26:04:4f:ac:4f:ad:f1:7e:3b:82:
                    92:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5A:B8:16:E7:54:B1:87:E6:E4:CD:9C:86:A1:E5:18:5B:01:33:8B:1E
            X509v3 Authority Key Identifier:
                keyid:A6:B6:5D:47:09:F6:CF:D9:99:A2:87:78:93:92:BA:A6:D3:A5:DC:EA

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki1.terratransit.de/repo/TerraTransit/4/A6B65D4709F6CFD999A287789392BAA6D3A5DCEA.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/prZdRwn2z9mZood4k5K6ptOl3Oo.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki1.terratransit.de/repo/TerraTransit/4/33312e3232302e34342e302f32332d3233203d3e203530363733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  31.220.44.0/23

    Signature Algorithm: sha256WithRSAEncryption
         88:4b:04:3c:e1:12:f2:fd:51:b9:30:02:eb:54:b1:b0:01:47:
         9b:f3:f5:7d:5f:75:3f:d7:ba:0f:ac:5a:a9:5a:7b:da:d2:86:
         73:dc:87:c2:95:c1:97:d5:18:f8:1f:6e:0b:c0:a7:2a:73:b7:
         5b:d1:a7:d1:7a:b7:22:1a:a6:fe:0b:c0:e3:fc:3b:9f:0f:64:
         49:57:ef:74:ea:1d:c9:73:93:91:c7:23:54:2c:bd:90:7d:44:
         c8:b4:f3:50:9e:e9:f1:5b:e3:53:13:0e:51:c4:88:25:39:41:
         26:c7:9c:04:14:c1:c2:57:87:e0:ca:66:df:9e:18:63:67:e9:
         5d:62:05:7f:0f:2c:17:50:19:f7:f2:7b:bb:5c:11:8c:1b:26:
         0c:9b:11:c4:bd:a2:37:9d:10:e3:0d:2c:d7:2c:15:00:c3:01:
         38:b2:11:e8:9e:01:5a:cb:1b:92:c2:62:18:9e:d5:99:1c:8a:
         f1:10:0e:e6:0d:5e:3e:37:65:e3:a4:76:7c:53:ac:e0:e2:c5:
         16:db:d1:23:2e:1d:ea:99:00:2d:69:48:1c:7a:de:cc:db:35:
         eb:ac:df:91:67:93:51:12:f2:53:16:7c:82:41:74:8e:53:9d:
         95:c9:5d:09:be:7e:3e:86:75:cf:47:31:75:64:1a:6c:9c:63:
         ad:14:a7:2c
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUdekHNid2SfgExPcuz/W18xJQypowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYTZiNjVkNDcwOWY2Y2ZkOTk5YTI4Nzc4OTM5MmJhYTZk
M2E1ZGNlYTAeFw0yMjEwMjIwNDI5MDlaFw0yMzEwMjEwNDM0MDlaMDMxMTAvBgNV
BAMTKDVBQjgxNkU3NTRCMTg3RTZFNENEOUM4NkExRTUxODVCMDEzMzhCMUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNifL9Qux0Mzjiz4IWd3Q2ulJR
qHtcOzBmGBN3vqeiX3BL/A9VtcRBJcyaxiuljA9um0ih1QGNVuOTJNNzLmHJ+g6O
CjlryS1PL5Z1Y1JLO1HfIXdUw+2yiPUQV8GHJZP8bZ3nDy65LkB1n4i5FMYXYudM
PhNzPTf9+abgjgBnrGf97dl0s/yfPces5aEmwO4CWaeTYKds5VTQRe/LChOCvSMP
xhYJKpQl00noS6Jziy8Euh/Irc0/iCwpPXTg+17y1nNZi5Ht1AcSp9oYE61aGH3Z
r5s7aem0pHv/c35MyhHowLch+1GvxsqBdTNYu3VsOEYpJgRPrE+t8X47gpJ5AgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQUWrgW51Sxh+bkzZyGoeUYWwEzix4wHwYDVR0j
BBgwFoAUprZdRwn2z9mZood4k5K6ptOl3OowDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vcnBraTEudGVycmF0cmFuc2l0LmRlL3JlcG8v
VGVycmFUcmFuc2l0LzQvQTZCNjVENDcwOUY2Q0ZEOTk5QTI4Nzc4OTM5MkJBQTZE
M0E1RENFQS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov
L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3ByWmRSd24yejltWm9v
ZDRrNUs2cHRPbDNPby5jZXIwgYYGCCsGAQUFBwELBHoweDB2BggrBgEFBQcwC4Zq
cnN5bmM6Ly9ycGtpMS50ZXJyYXRyYW5zaXQuZGUvcmVwby9UZXJyYVRyYW5zaXQv
NC8zMzMxMmUzMjMyMzAyZTM0MzQyZTMwMmYzMjMzMmQzMjMzMjAzZDNlMjAzNTMw
MzYzNzMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQBH9wsMA0GCSqGSIb3DQEBCwUAA4IBAQCISwQ84RLy
/VG5MALrVLGwAUeb8/V9X3U/17oPrFqpWnva0oZz3IfClcGX1Rj4H24LwKcqc7db
0afRerciGqb+C8Dj/DufD2RJV+906h3Jc5ORxyNULL2QfUTItPNQnunxW+NTEw5R
xIglOUEmx5wEFMHCV4fgymbfnhhjZ+ldYgV/DywXUBn38nu7XBGMGyYMmxHEvaI3
nRDjDSzXLBUAwwE4shHongFayxuSwmIYntWZHIrxEA7mDV4+N2XjpHZ8U6zg4sUW
29EjLh3qmQAtaUgcet7M2zXrrN+RZ5NREvJTFnyCQXSOU52VyV0Jvn4+hnXPRzF1
ZBpsnGOtFKcs
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:40 2023 by rpki-client on console-ams.rpki-client.org