Route Origin Authorization

$ rpki-client -vvf rpki1.terratransit.de/repo/TerraTransit/180/34352e3135322e3138382e302f32342d3234203d3e2031323339.roa
File:                     34352e3135322e3138382e302f32342d3234203d3e2031323339.roa (raw, json)
Hash identifier:          5NC5nDSMoUYccAxD2phcec0oJji43in4o60rZrCzxRo=
Subject key identifier:   FC:73:67:C4:45:DD:A2:40:FD:6A:0E:36:F5:98:DA:0C:06:D1:4E:20
Certificate issuer:       /CN=dfe89bf7daa0f8aa7d022df984e6ea37e6f60a3d
Certificate serial:       35307A5CA2CF900E091F2846ED89F40E930F5EBF
Authority key identifier: DF:E8:9B:F7:DA:A0:F8:AA:7D:02:2D:F9:84:E6:EA:37:E6:F6:0A:3D
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/3-ib99qg-Kp9Ai35hObqN-b2Cj0.cer
Subject info access:      rsync://rpki1.terratransit.de/repo/TerraTransit/180/34352e3135322e3138382e302f32342d3234203d3e2031323339.roa
Signing time:             Sat 22 Oct 2022 04:33:47 +0000
ROA not before:           Sat 22 Oct 2022 04:28:47 +0000
ROA not after:            Sat 21 Oct 2023 04:33:47 +0000
asID:                     1239
IP address blocks:        45.152.188.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:30:7a:5c:a2:cf:90:0e:09:1f:28:46:ed:89:f4:0e:93:0f:5e:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=dfe89bf7daa0f8aa7d022df984e6ea37e6f60a3d
        Validity
            Not Before: Oct 22 04:28:47 2022 GMT
            Not After : Oct 21 04:33:47 2023 GMT
        Subject: CN=FC7367C445DDA240FD6A0E36F598DA0C06D14E20
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:72:44:50:c6:ff:02:2c:e9:4e:da:fd:06:3c:
                    26:be:88:c0:c9:68:1d:93:bf:7e:b7:12:14:ea:be:
                    92:34:0d:0b:ac:e9:db:ff:b7:f6:43:54:b7:02:55:
                    ea:42:79:6b:31:e0:94:54:09:8c:c5:a9:17:fb:5c:
                    82:17:36:de:bd:33:67:0d:84:79:f1:80:cc:a1:52:
                    5a:24:25:18:91:fa:47:26:1b:6c:9f:fb:68:75:b9:
                    49:9c:76:f2:c7:f2:08:68:50:58:fd:f2:d0:bd:3c:
                    98:3f:eb:0c:59:b5:fa:49:6b:91:4a:34:cb:cc:18:
                    1e:82:0d:b7:66:9a:e8:7c:61:55:a5:86:00:68:42:
                    53:ec:34:3c:0b:7a:8b:a3:15:55:2c:8d:62:a3:a1:
                    84:eb:d8:52:60:b2:3d:09:88:33:50:2f:6c:0e:8a:
                    a3:01:36:3c:8c:3e:0a:da:0e:bc:38:d4:1b:65:9e:
                    84:84:af:bd:20:7c:ff:89:8b:d7:6c:6d:27:d8:be:
                    ec:af:dc:96:c0:5a:cd:73:eb:cf:f4:a8:1d:5d:94:
                    46:09:3d:e3:b8:2c:74:c3:32:cb:04:0d:33:4d:8f:
                    c2:a5:ee:49:60:7e:28:5b:e5:05:24:6c:6b:fd:c1:
                    d5:04:7a:fc:7e:81:91:85:b1:d8:f7:be:67:d3:db:
                    b0:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FC:73:67:C4:45:DD:A2:40:FD:6A:0E:36:F5:98:DA:0C:06:D1:4E:20
            X509v3 Authority Key Identifier:
                keyid:DF:E8:9B:F7:DA:A0:F8:AA:7D:02:2D:F9:84:E6:EA:37:E6:F6:0A:3D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki1.terratransit.de/repo/TerraTransit/180/DFE89BF7DAA0F8AA7D022DF984E6EA37E6F60A3D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3-ib99qg-Kp9Ai35hObqN-b2Cj0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki1.terratransit.de/repo/TerraTransit/180/34352e3135322e3138382e302f32342d3234203d3e2031323339.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.152.188.0/24

    Signature Algorithm: sha256WithRSAEncryption
         89:1e:6f:09:91:23:4f:16:e2:23:f5:8e:e8:93:2b:6e:a2:c0:
         a7:a0:c2:10:27:86:45:aa:5b:fe:9a:1f:87:82:98:03:f1:0d:
         95:72:8e:d6:91:b1:ff:9f:fa:06:9b:08:95:df:29:ed:06:72:
         10:a2:81:24:3e:67:e7:f6:51:4f:9a:bc:cd:5a:4f:cc:58:50:
         78:9c:a8:44:ab:00:0c:79:30:3f:f1:a0:20:44:22:0b:f3:60:
         9e:da:ab:77:47:c5:15:71:2a:8b:2f:ce:e7:6f:db:4f:01:dd:
         40:5f:48:77:44:e5:3a:a4:d9:10:df:de:94:72:f1:85:66:2a:
         e3:26:0f:d1:27:0d:02:99:29:1b:c2:24:e7:94:58:05:22:4b:
         22:78:d4:3b:0c:23:d1:52:f5:46:db:c8:4c:71:f6:40:0e:ce:
         38:28:40:23:e4:fe:52:1e:2d:d1:7a:70:d2:a1:07:0c:7e:bc:
         b7:73:40:69:f6:97:5a:53:a8:4f:40:6d:b6:8c:65:4d:f9:39:
         da:6a:71:0c:b6:78:99:64:86:40:55:81:f2:75:72:b6:53:a9:
         0d:f9:f8:4e:0a:2c:dc:db:ff:1b:35:03:56:88:67:65:e1:f7:
         cc:4a:48:cb:ef:2e:35:69:59:41:52:12:9d:0d:2f:a4:52:fb:
         64:b2:1d:66
-----BEGIN CERTIFICATE-----
MIIE6TCCA9GgAwIBAgIUNTB6XKLPkA4JHyhG7Yn0DpMPXr8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoZGZlODliZjdkYWEwZjhhYTdkMDIyZGY5ODRlNmVhMzdl
NmY2MGEzZDAeFw0yMjEwMjIwNDI4NDdaFw0yMzEwMjEwNDMzNDdaMDMxMTAvBgNV
BAMTKEZDNzM2N0M0NDVEREEyNDBGRDZBMEUzNkY1OThEQTBDMDZEMTRFMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfckRQxv8CLOlO2v0GPCa+iMDJ
aB2Tv363EhTqvpI0DQus6dv/t/ZDVLcCVepCeWsx4JRUCYzFqRf7XIIXNt69M2cN
hHnxgMyhUlokJRiR+kcmG2yf+2h1uUmcdvLH8ghoUFj98tC9PJg/6wxZtfpJa5FK
NMvMGB6CDbdmmuh8YVWlhgBoQlPsNDwLeoujFVUsjWKjoYTr2FJgsj0JiDNQL2wO
iqMBNjyMPgraDrw41BtlnoSEr70gfP+Ji9dsbSfYvuyv3JbAWs1z68/0qB1dlEYJ
PeO4LHTDMssEDTNNj8Kl7klgfihb5QUkbGv9wdUEevx+gZGFsdj3vmfT27BhAgMB
AAGjggHzMIIB7zAdBgNVHQ4EFgQU/HNnxEXdokD9ag429ZjaDAbRTiAwHwYDVR0j
BBgwFoAU3+ib99qg+Kp9Ai35hObqN+b2Cj0wDgYDVR0PAQH/BAQDAgeAMHEGA1Ud
HwRqMGgwZqBkoGKGYHJzeW5jOi8vcnBraTEudGVycmF0cmFuc2l0LmRlL3JlcG8v
VGVycmFUcmFuc2l0LzE4MC9ERkU4OUJGN0RBQTBGOEFBN0QwMjJERjk4NEU2RUEz
N0U2RjYwQTNELmNybDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5j
Oi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMy1pYjk5cWctS3A5
QWkzNWhPYnFOLWIyQ2owLmNlcjCBiAYIKwYBBQUHAQsEfDB6MHgGCCsGAQUFBzAL
hmxyc3luYzovL3Jwa2kxLnRlcnJhdHJhbnNpdC5kZS9yZXBvL1RlcnJhVHJhbnNp
dC8xODAvMzQzNTJlMzEzNTMyMmUzMTM4MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzMTMyMzMzOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2YvDANBgkqhkiG9w0BAQsFAAOCAQEAiR5v
CZEjTxbiI/WO6JMrbqLAp6DCECeGRapb/pofh4KYA/ENlXKO1pGx/5/6BpsIld8p
7QZyEKKBJD5n5/ZRT5q8zVpPzFhQeJyoRKsADHkwP/GgIEQiC/Ngntqrd0fFFXEq
iy/O52/bTwHdQF9Id0TlOqTZEN/elHLxhWYq4yYP0ScNApkpG8Ik55RYBSJLInjU
Owwj0VL1RtvITHH2QA7OOChAI+T+Uh4t0Xpw0qEHDH68t3NAafaXWlOoT0Bttoxl
Tfk52mpxDLZ4mWSGQFWB8nVytlOpDfn4Tgos3Nv/GzUDVohnZeH3zEpIy+8uNWlZ
QVISnQ0vpFL7ZLIdZg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:37 2023 by rpki-client on console-ams.rpki-client.org