Route Origin Authorization

$ rpki-client -vvf rpki1.terratransit.de/repo/TerraTransit/2/34352e382e3135312e302f32342d3234203d3e20333935373837.roa
File:                     34352e382e3135312e302f32342d3234203d3e20333935373837.roa (raw, json)
Hash identifier:          T2H92Tr5M+vI/hYu8XB8ZPCHP3lSgKT7mx64pDBXJWQ=
Subject key identifier:   17:AF:10:E4:82:85:36:3B:63:30:33:FA:3A:F2:83:FA:58:C2:4D:58
Certificate issuer:       /CN=07a8af2b5fe831ff589eb38ae3c025ce871f23e7
Certificate serial:       43256EAEBF4A940BD9A73D3DE3EA34C27C0D5E2F
Authority key identifier: 07:A8:AF:2B:5F:E8:31:FF:58:9E:B3:8A:E3:C0:25:CE:87:1F:23:E7
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/B6ivK1_oMf9YnrOK48AlzocfI-c.cer
Subject info access:      rsync://rpki1.terratransit.de/repo/TerraTransit/2/34352e382e3135312e302f32342d3234203d3e20333935373837.roa
Signing time:             Sat 22 Oct 2022 04:33:25 +0000
ROA not before:           Sat 22 Oct 2022 04:28:25 +0000
ROA not after:            Sat 21 Oct 2023 04:33:25 +0000
asID:                     395787
IP address blocks:        45.8.151.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:25:6e:ae:bf:4a:94:0b:d9:a7:3d:3d:e3:ea:34:c2:7c:0d:5e:2f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=07a8af2b5fe831ff589eb38ae3c025ce871f23e7
        Validity
            Not Before: Oct 22 04:28:25 2022 GMT
            Not After : Oct 21 04:33:25 2023 GMT
        Subject: CN=17AF10E48285363B633033FA3AF283FA58C24D58
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:f2:c6:85:ff:64:98:ff:f5:19:67:b3:46:0d:
                    f4:8f:5b:37:87:ef:9c:00:4c:5c:0e:b5:25:0d:ae:
                    45:05:af:4c:16:10:b1:57:13:57:d7:f7:8e:b3:ae:
                    cb:16:82:af:64:8e:8d:39:bb:16:4a:9f:b8:9d:67:
                    3d:08:8b:e8:f6:55:fe:8e:ea:4a:f3:cb:47:96:56:
                    e1:e0:26:00:fb:3b:54:7f:62:e4:db:44:32:35:e7:
                    09:92:1e:4d:7c:ba:ec:31:ab:09:81:ab:e3:82:d1:
                    47:1f:36:2a:9c:96:f6:9b:69:ed:54:6e:1e:a2:5c:
                    94:2a:f3:82:5a:3f:2a:cc:4b:89:5c:c7:c0:61:35:
                    c1:04:f1:ca:67:8b:a4:4a:e8:06:3a:5f:44:43:d7:
                    a2:dc:22:83:8a:e0:9b:08:68:69:87:29:8e:15:91:
                    52:b0:d9:f8:fb:30:fc:38:13:fa:12:34:a0:10:e7:
                    22:49:1a:ab:67:34:2b:98:6f:52:4e:94:13:52:44:
                    13:71:7a:58:3e:80:41:5b:dc:a9:1e:ac:28:85:ee:
                    c5:39:cf:07:38:6e:b8:50:f0:47:87:6b:c7:a8:ed:
                    0b:77:3f:9b:6a:ed:ad:65:33:98:fa:71:b2:29:61:
                    8b:d2:49:60:84:ff:e3:e0:60:97:27:fe:31:8a:95:
                    24:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:AF:10:E4:82:85:36:3B:63:30:33:FA:3A:F2:83:FA:58:C2:4D:58
            X509v3 Authority Key Identifier:
                keyid:07:A8:AF:2B:5F:E8:31:FF:58:9E:B3:8A:E3:C0:25:CE:87:1F:23:E7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki1.terratransit.de/repo/TerraTransit/2/07A8AF2B5FE831FF589EB38AE3C025CE871F23E7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6ivK1_oMf9YnrOK48AlzocfI-c.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki1.terratransit.de/repo/TerraTransit/2/34352e382e3135312e302f32342d3234203d3e20333935373837.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.8.151.0/24

    Signature Algorithm: sha256WithRSAEncryption
         1b:12:d0:51:64:90:34:1d:5f:cf:ad:ae:24:a5:31:74:ef:27:
         c6:77:d0:cc:fb:99:7f:9a:99:04:90:4e:b3:89:6c:29:11:27:
         df:e9:12:39:59:96:98:83:3f:ad:b3:93:4b:3d:a4:12:66:f8:
         03:dc:b0:fd:56:03:10:d6:ad:e0:43:9f:a3:13:44:42:a2:df:
         9e:0b:2c:e7:c9:7c:ce:f2:ed:ec:db:48:96:4b:23:a0:e7:04:
         77:8d:01:2d:fd:6d:d6:81:f1:ae:17:de:ca:24:60:2a:ad:5a:
         38:83:1b:f7:b1:ab:99:64:38:c8:bd:9a:85:62:3c:5f:c2:10:
         bc:a7:ca:63:17:b5:20:93:78:8e:89:05:b7:8c:d9:11:63:9a:
         5d:54:ea:7b:f6:c6:ab:9e:86:90:28:8b:02:75:42:99:09:ae:
         f6:55:df:80:2f:3e:41:b3:9a:09:e8:f7:d1:a8:37:60:64:87:
         15:20:68:96:3a:95:a4:78:b1:01:1d:2e:76:dd:35:62:5a:b4:
         0a:ed:52:a1:8c:32:f5:de:82:64:37:1a:af:0f:20:df:0b:76:
         41:c2:fc:a6:95:42:62:e3:ea:26:30:54:44:fd:0d:66:0b:55:
         66:f8:a7:e5:6a:0e:ac:92:61:e4:36:55:98:7f:71:08:e2:5e:
         49:43:9a:bc
-----BEGIN CERTIFICATE-----
MIIE5TCCA82gAwIBAgIUQyVurr9KlAvZpz094+o0wnwNXi8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDdhOGFmMmI1ZmU4MzFmZjU4OWViMzhhZTNjMDI1Y2U4
NzFmMjNlNzAeFw0yMjEwMjIwNDI4MjVaFw0yMzEwMjEwNDMzMjVaMDMxMTAvBgNV
BAMTKDE3QUYxMEU0ODI4NTM2M0I2MzMwMzNGQTNBRjI4M0ZBNThDMjRENTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC18saF/2SY//UZZ7NGDfSPWzeH
75wATFwOtSUNrkUFr0wWELFXE1fX946zrssWgq9kjo05uxZKn7idZz0Ii+j2Vf6O
6krzy0eWVuHgJgD7O1R/YuTbRDI15wmSHk18uuwxqwmBq+OC0UcfNiqclvabae1U
bh6iXJQq84JaPyrMS4lcx8BhNcEE8cpni6RK6AY6X0RD16LcIoOK4JsIaGmHKY4V
kVKw2fj7MPw4E/oSNKAQ5yJJGqtnNCuYb1JOlBNSRBNxelg+gEFb3KkerCiF7sU5
zwc4brhQ8EeHa8eo7Qt3P5tq7a1lM5j6cbIpYYvSSWCE/+PgYJcn/jGKlSQDAgMB
AAGjggHvMIIB6zAdBgNVHQ4EFgQUF68Q5IKFNjtjMDP6OvKD+ljCTVgwHwYDVR0j
BBgwFoAUB6ivK1/oMf9YnrOK48AlzocfI+cwDgYDVR0PAQH/BAQDAgeAMG8GA1Ud
HwRoMGYwZKBioGCGXnJzeW5jOi8vcnBraTEudGVycmF0cmFuc2l0LmRlL3JlcG8v
VGVycmFUcmFuc2l0LzIvMDdBOEFGMkI1RkU4MzFGRjU4OUVCMzhBRTNDMDI1Q0U4
NzFGMjNFNy5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzov
L3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0I2aXZLMV9vTWY5WW5y
T0s0OEFsem9jZkktYy5jZXIwgYYGCCsGAQUFBwELBHoweDB2BggrBgEFBQcwC4Zq
cnN5bmM6Ly9ycGtpMS50ZXJyYXRyYW5zaXQuZGUvcmVwby9UZXJyYVRyYW5zaXQv
Mi8zNDM1MmUzODJlMzEzNTMxMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzMzOTM1
MzczODM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEH
AQH/BBAwDjAMBAIAATAGAwQALQiXMA0GCSqGSIb3DQEBCwUAA4IBAQAbEtBRZJA0
HV/Pra4kpTF07yfGd9DM+5l/mpkEkE6ziWwpESff6RI5WZaYgz+ts5NLPaQSZvgD
3LD9VgMQ1q3gQ5+jE0RCot+eCyznyXzO8u3s20iWSyOg5wR3jQEt/W3WgfGuF97K
JGAqrVo4gxv3sauZZDjIvZqFYjxfwhC8p8pjF7Ugk3iOiQW3jNkRY5pdVOp79sar
noaQKIsCdUKZCa72Vd+ALz5Bs5oJ6PfRqDdgZIcVIGiWOpWkeLEBHS523TViWrQK
7VKhjDL13oJkNxqvDyDfC3ZBwvymlUJi4+omMFRE/Q1mC1Vm+Kflag6skmHkNlWY
f3EI4l5JQ5q8
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:11:38 2023 by rpki-client on console-ams.rpki-client.org