Route Origin Authorization

$ rpki-client -vvf rpki1.terratransit.de/repo/TerraTransit/2/34352e31332e35382e302f32342d3234203d3e203430363736.roa
File:                     34352e31332e35382e302f32342d3234203d3e203430363736.roa (raw, json)
Hash identifier:          8UrVfAH+1/9Br2dqfaDby3q0/LGCKbRn83aXmirHI6o=
Subject key identifier:   2B:53:75:27:DC:1F:92:C2:54:70:4C:B7:B5:FF:EE:67:06:23:05:39
Certificate issuer:       /CN=07a8af2b5fe831ff589eb38ae3c025ce871f23e7
Certificate serial:       588A4F245D058E3C31B7156CA6ADFDF99FB1EB81
Authority key identifier: 07:A8:AF:2B:5F:E8:31:FF:58:9E:B3:8A:E3:C0:25:CE:87:1F:23:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/B6ivK1_oMf9YnrOK48AlzocfI-c.cer
Subject info access:      rsync://rpki1.terratransit.de/repo/TerraTransit/2/34352e31332e35382e302f32342d3234203d3e203430363736.roa
Signing time:             Sat 22 Oct 2022 04:33:32 +0000
ROA not before:           Sat 22 Oct 2022 04:28:32 +0000
ROA not after:            Sat 21 Oct 2023 04:33:32 +0000
asID:                     40676
IP address blocks:        45.13.58.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:8a:4f:24:5d:05:8e:3c:31:b7:15:6c:a6:ad:fd:f9:9f:b1:eb:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07a8af2b5fe831ff589eb38ae3c025ce871f23e7
        Validity
            Not Before: Oct 22 04:28:32 2022 GMT
            Not After : Oct 21 04:33:32 2023 GMT
        Subject: CN=2B537527DC1F92C254704CB7B5FFEE6706230539
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:f4:02:00:be:d0:87:d6:4a:f9:59:2f:6d:0d:
                    d5:8a:50:0e:d4:ca:8c:0c:3b:aa:62:f2:5d:85:0f:
                    ae:ef:5a:5b:43:da:e3:b1:c7:25:22:ae:fd:38:f1:
                    05:37:f1:74:2b:d9:89:0d:d3:70:52:05:1e:70:07:
                    9d:45:51:0b:57:d3:26:1a:a3:4d:8c:f2:1e:2f:79:
                    e0:47:e6:8f:b3:8c:b0:20:ed:d0:bc:57:fd:19:b8:
                    63:cd:b9:72:63:39:fc:f3:32:3d:c6:68:cd:13:f8:
                    0e:da:38:19:df:39:d3:0f:70:0c:ff:9c:25:49:7b:
                    ce:9c:b7:71:e8:47:b6:16:f8:3d:ab:e4:8d:ae:b3:
                    5c:ba:84:cf:fc:73:10:89:8e:e8:2f:0f:c7:89:51:
                    d8:54:6e:8c:e1:4d:d9:28:61:5e:5c:f1:ab:9b:d1:
                    e9:87:8d:23:7d:e3:c4:60:69:b3:b8:80:19:cb:fa:
                    05:79:da:37:d3:8e:56:df:d9:ff:eb:2d:b6:87:cb:
                    dd:03:84:c7:d2:c1:36:fb:39:f8:b9:96:b6:0c:35:
                    36:19:f0:01:ea:db:3a:b4:9b:7b:bc:2d:6a:f4:9c:
                    6f:92:2d:be:53:e0:35:be:27:dd:ca:ff:9f:03:07:
                    92:34:5f:38:d2:6a:b7:f6:f5:04:85:4c:dd:66:0a:
                    f2:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:53:75:27:DC:1F:92:C2:54:70:4C:B7:B5:FF:EE:67:06:23:05:39
            X509v3 Authority Key Identifier:
                keyid:07:A8:AF:2B:5F:E8:31:FF:58:9E:B3:8A:E3:C0:25:CE:87:1F:23:E7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki1.terratransit.de/repo/TerraTransit/2/07A8AF2B5FE831FF589EB38AE3C025CE871F23E7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6ivK1_oMf9YnrOK48AlzocfI-c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki1.terratransit.de/repo/TerraTransit/2/34352e31332e35382e302f32342d3234203d3e203430363736.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.13.58.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:8b:51:50:79:81:8d:21:1f:43:26:fb:78:09:a9:d1:cd:ce:
         56:02:87:fa:45:24:fc:b9:9f:e8:87:05:2e:96:db:1d:cf:77:
         25:a6:46:53:44:0b:1a:61:1e:7e:0f:c3:73:71:06:5b:9f:fc:
         cf:b5:c2:16:91:85:17:77:a0:d2:2c:7e:15:a7:a0:90:20:77:
         f9:fb:da:d0:99:93:d6:f7:2c:74:5e:02:2f:ed:29:a0:65:e4:
         21:c0:15:09:0d:f9:28:92:3b:eb:fc:7d:39:47:31:6b:ba:ee:
         ec:8d:87:bf:30:80:21:61:7a:ea:b4:62:da:7e:ec:f3:78:0a:
         1d:71:8e:fa:cf:fb:64:7f:7f:4e:33:30:e3:00:6d:b3:c2:f7:
         4f:93:67:78:98:55:33:3b:5c:87:83:1f:4c:67:b4:41:54:71:
         b2:34:40:80:94:ee:d6:6f:e2:75:25:da:75:19:72:7a:d7:1c:
         57:9d:c5:aa:be:23:7b:3a:07:2a:78:95:1b:e7:a2:75:b4:a4:
         0e:7c:e1:91:5d:48:34:4d:5b:00:35:c6:ef:82:af:10:8a:15:
         ed:e1:48:1b:ed:ae:7c:f8:79:4c:fd:7e:c6:84:18:f1:ea:ba:
         11:8a:23:bb:f6:9b:c9:e2:16:15:a2:45:a4:c8:4a:57:ef:47:
         f4:4b:39:88
-----BEGIN CERTIFICATE-----
MIIE4zCCA8ugAwIBAgIUWIpPJF0FjjwxtxVspq39+Z+x64EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDdhOGFmMmI1ZmU4MzFmZjU4OWViMzhhZTNjMDI1Y2U4
NzFmMjNlNzAeFw0yMjEwMjIwNDI4MzJaFw0yMzEwMjEwNDMzMzJaMDMxMTAvBgNV
BAMTKDJCNTM3NTI3REMxRjkyQzI1NDcwNENCN0I1RkZFRTY3MDYyMzA1MzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC69AIAvtCH1kr5WS9tDdWKUA7U
yowMO6pi8l2FD67vWltD2uOxxyUirv048QU38XQr2YkN03BSBR5wB51FUQtX0yYa
o02M8h4veeBH5o+zjLAg7dC8V/0ZuGPNuXJjOfzzMj3GaM0T+A7aOBnfOdMPcAz/
nCVJe86ct3HoR7YW+D2r5I2us1y6hM/8cxCJjugvD8eJUdhUbozhTdkoYV5c8aub
0emHjSN948RgabO4gBnL+gV52jfTjlbf2f/rLbaHy90DhMfSwTb7Ofi5lrYMNTYZ
8AHq2zq0m3u8LWr0nG+SLb5T4DW+J93K/58DB5I0XzjSarf29QSFTN1mCvIpAgMB
AAGjggHtMIIB6TAdBgNVHQ4EFgQUK1N1J9wfksJUcEy3tf/uZwYjBTkwHwYDVR0j
BBgwFoAUB6ivK1/oMf9YnrOK48AlzocfI+cwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vcnBraTEudGVycmF0cmFuc2l0LmRlL3JlcG8v
VGVycmFUcmFuc2l0LzIvMDdBOEFGMkI1RkU4MzFGRjU4OUVCMzhBRTNDMDI1Q0U4
NzFGMjNFNy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov
L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0I2aXZLMV9vTWY5WW5y
T0s0OEFsem9jZkktYy5jZXIwgYQGCCsGAQUFBwELBHgwdjB0BggrBgEFBQcwC4Zo
cnN5bmM6Ly9ycGtpMS50ZXJyYXRyYW5zaXQuZGUvcmVwby9UZXJyYVRyYW5zaXQv
Mi8zNDM1MmUzMTMzMmUzNTM4MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzQzMDM2
MzczNi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB
/wQQMA4wDAQCAAEwBgMEAC0NOjANBgkqhkiG9w0BAQsFAAOCAQEAEotRUHmBjSEf
Qyb7eAmp0c3OVgKH+kUk/Lmf6IcFLpbbHc93JaZGU0QLGmEefg/Dc3EGW5/8z7XC
FpGFF3eg0ix+FaegkCB3+fva0JmT1vcsdF4CL+0poGXkIcAVCQ35KJI76/x9OUcx
a7ru7I2HvzCAIWF66rRi2n7s83gKHXGO+s/7ZH9/TjMw4wBts8L3T5NneJhVMztc
h4MfTGe0QVRxsjRAgJTu1m/idSXadRlyetccV53Fqr4jezoHKniVG+eidbSkDnzh
kV1INE1bADXG74KvEIoV7eFIG+2ufPh5TP1+xoQY8eq6EYoju/abyeIWFaJFpMhK
V+9H9Es5iA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:37 2023 by rpki-client on console-ams.rpki-client.org