Route Origin Authorization

$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS16509.roa
File:                     AS16509.roa (raw, json)
Hash identifier:          A+3BER9mWxm4wKJha06BptN667KONm1jXevyfkiip5g=
Subject key identifier:   21:75:CD:A1:D8:E5:F6:C1:00:7C:D4:44:CE:EB:62:E5:5B:2D:1C:2F
Certificate issuer:       /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial:       44D00EE387CE5924FE60C0D896E4B6EA78D74494
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access:      rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS16509.roa
Signing time:             Tue 08 Jul 2025 00:01:08 +0000
ROA not before:           Mon 07 Jul 2025 23:56:08 +0000
ROA not after:            Tue 07 Jul 2026 00:01:08 +0000
asID:                     16509
IP address blocks:        89.117.15.0/24 maxlen: 24
                          89.117.28.0/24 maxlen: 24
                          89.117.81.0/24 maxlen: 24
                          89.117.153.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
                          rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 21 Jul 2025 19:54:54 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:d0:0e:e3:87:ce:59:24:fe:60:c0:d8:96:e4:b6:ea:78:d7:44:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
        Validity
            Not Before: Jul  7 23:56:08 2025 GMT
            Not After : Jul  7 00:01:08 2026 GMT
        Subject: CN=2175CDA1D8E5F6C1007CD444CEEB62E55B2D1C2F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:b1:b3:78:f1:e7:b8:98:03:ae:f0:c0:15:fb:
                    eb:f3:e2:90:e6:23:6d:3e:95:6a:d0:4e:90:9c:b0:
                    24:6c:8b:1d:3a:34:99:b4:22:67:b3:07:53:53:af:
                    17:91:35:59:0c:b9:5a:56:83:85:2f:a5:cd:83:dc:
                    9b:b9:ac:b1:98:41:d2:3e:44:bb:ef:fa:45:16:fa:
                    6b:55:22:55:55:78:43:ab:3b:64:be:f9:97:47:a6:
                    89:88:47:aa:81:be:b9:59:e2:ea:86:f7:93:3a:95:
                    8f:42:c0:f2:13:2f:e2:87:e2:a1:ea:26:3d:e0:26:
                    8b:7e:66:ad:d2:36:47:94:96:84:f7:e2:db:4a:a0:
                    ff:10:55:24:44:44:4d:c9:7b:ed:88:6a:11:6e:9a:
                    e8:ac:e6:0a:20:1f:fb:e0:bb:38:93:d6:5f:bd:99:
                    81:e6:2a:9f:d6:d0:49:69:e5:8b:fd:cb:de:cc:f6:
                    96:8d:00:f8:3e:32:d5:53:c8:17:2b:24:5a:b1:1a:
                    b0:90:e9:5a:6c:e9:b6:5a:51:b7:6a:d0:aa:11:48:
                    4c:a2:c9:ad:db:9e:d5:90:73:90:34:fe:56:a5:20:
                    9d:7e:f9:67:cf:f1:43:b2:7d:8b:5e:05:49:e8:5a:
                    d1:90:d0:cc:78:ae:24:bc:3a:5e:b9:92:e5:d9:c2:
                    4c:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                21:75:CD:A1:D8:E5:F6:C1:00:7C:D4:44:CE:EB:62:E5:5B:2D:1C:2F
            X509v3 Authority Key Identifier:
                keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer

            Subject Information Access:
                Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS16509.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  89.117.15.0/24
                  89.117.28.0/24
                  89.117.81.0/24
                  89.117.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b1:10:63:48:d0:21:29:ae:de:48:31:1f:8e:ea:a4:c7:f6:a0:
         86:e1:49:d0:71:83:d7:0d:70:2e:95:49:01:c6:da:11:c9:21:
         57:10:d3:68:34:3b:13:50:42:a5:75:8c:c1:a6:c9:35:b3:43:
         7e:ad:34:f8:df:27:99:8f:e6:dc:4e:de:2e:82:ed:c5:26:f0:
         2f:34:9d:a1:78:fa:34:26:c1:69:d1:c1:cd:54:fe:dc:cb:d6:
         d3:ed:a7:d2:fb:84:47:08:37:9e:ea:f1:d0:aa:b7:10:57:72:
         b6:45:1d:55:dc:5d:de:bc:84:08:f0:21:49:91:bd:4d:f8:03:
         9e:f3:8e:1b:cc:24:de:37:53:14:e3:38:9d:5f:fd:43:25:11:
         66:5f:d5:7f:e4:ab:3c:1d:58:03:26:dc:e4:fb:cb:37:3f:05:
         8a:b6:66:65:4b:04:53:82:f2:60:63:69:d2:4e:cb:88:3b:70:
         b2:e4:cb:33:00:71:9e:13:d8:84:6e:31:3f:c2:c6:b0:2a:49:
         bf:43:c3:56:12:81:35:8b:44:d5:75:f5:7c:7b:ee:f5:c5:88:
         82:10:bd:54:d2:44:ee:b6:f3:cd:05:91:b4:50:79:b1:07:9b:
         e5:df:7d:d2:45:cd:35:4e:7d:f6:41:9d:62:51:7f:72:cd:66:
         b3:d2:00:77
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIURNAO44fOWST+YMDYluS26njXRJQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNTA3MDcyMzU2MDhaFw0yNjA3MDcwMDAxMDhaMDMxMTAvBgNV
BAMTKDIxNzVDREExRDhFNUY2QzEwMDdDRDQ0NENFRUI2MkU1NUIyRDFDMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKsbN48ee4mAOu8MAV++vz4pDm
I20+lWrQTpCcsCRsix06NJm0ImezB1NTrxeRNVkMuVpWg4Uvpc2D3Ju5rLGYQdI+
RLvv+kUW+mtVIlVVeEOrO2S++ZdHpomIR6qBvrlZ4uqG95M6lY9CwPITL+KH4qHq
Jj3gJot+Zq3SNkeUloT34ttKoP8QVSRERE3Je+2IahFumuis5gogH/vguziT1l+9
mYHmKp/W0Elp5Yv9y97M9paNAPg+MtVTyBcrJFqxGrCQ6Vps6bZaUbdq0KoRSEyi
ya3bntWQc5A0/lalIJ1++WfP8UOyfYteBUnoWtGQ0Mx4riS8Ol65kuXZwkxxAgMB
AAGjggJAMIICPDAdBgNVHQ4EFgQUIXXNodjl9sEAfNREzuti5VstHC8wHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMHEGCCsGAQUFBwELBGUwYzBhBggrBgEFBQcwC4ZVcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzE2NTA5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWXUPAwQAWXUcAwQAWXVR
AwQAWXWZMA0GCSqGSIb3DQEBCwUAA4IBAQCxEGNI0CEprt5IMR+O6qTH9qCG4UnQ
cYPXDXAulUkBxtoRySFXENNoNDsTUEKldYzBpsk1s0N+rTT43yeZj+bcTt4ugu3F
JvAvNJ2hePo0JsFp0cHNVP7cy9bT7afS+4RHCDee6vHQqrcQV3K2RR1V3F3evIQI
8CFJkb1N+AOe844bzCTeN1MU4zidX/1DJRFmX9V/5Ks8HVgDJtzk+8s3PwWKtmZl
SwRTgvJgY2nSTsuIO3Cy5MszAHGeE9iEbjE/wsawKkm/Q8NWEoE1i0TVdfV8e+71
xYiCEL1U0kTutvPNBZG0UHmxB5vl333SRc01Tn32QZ1iUX9yzWaz0gB3
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:38:27 2025 by rpki-client