Route Origin Authorization

$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS16509.roa
File:                     AS16509.roa (raw, json)
Hash identifier:          UTzdCb5exFMhyUEv1TyCvzgxHklKZ5aBR3FzP72Wh6w=
Subject key identifier:   ED:29:78:E7:D5:DE:5E:3D:07:2E:5B:3C:EC:15:C4:83:0D:7A:AD:C1
Certificate issuer:       /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial:       3F8877A589D7B2B0891C53372CD87D98F0B3BC1C
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access:      rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS16509.roa
Signing time:             Thu 07 Mar 2024 12:51:17 +0000
ROA not before:           Thu 07 Mar 2024 12:46:17 +0000
ROA not after:            Thu 06 Mar 2025 12:51:17 +0000
asID:                     16509
IP address blocks:        86.38.232.0/24 maxlen: 24
                          89.116.141.0/24 maxlen: 24
                          89.116.244.0/24 maxlen: 24
                          89.117.15.0/24 maxlen: 24
                          89.117.28.0/24 maxlen: 24
                          89.117.81.0/24 maxlen: 24
                          89.117.129.0/24 maxlen: 24
                          89.117.153.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
                          rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 31 Oct 2024 05:17:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:88:77:a5:89:d7:b2:b0:89:1c:53:37:2c:d8:7d:98:f0:b3:bc:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
        Validity
            Not Before: Mar  7 12:46:17 2024 GMT
            Not After : Mar  6 12:51:17 2025 GMT
        Subject: CN=ED2978E7D5DE5E3D072E5B3CEC15C4830D7AADC1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:ff:90:bf:bc:29:e8:ed:a3:e7:4f:0a:c2:5f:
                    09:47:90:55:13:9f:f5:ea:05:cd:b5:2a:a5:94:cc:
                    dc:a9:0f:e8:48:1a:3b:a9:93:0d:a5:1e:9d:35:00:
                    f9:3c:ab:39:ee:53:9e:c9:35:6b:3f:46:f2:4b:d8:
                    07:a9:28:b8:9c:a4:49:c9:b0:d4:eb:7b:88:d7:b8:
                    85:ab:a1:51:3e:55:75:1e:21:5e:16:8d:53:fa:c2:
                    68:cc:f9:cb:7a:95:21:6c:93:3a:ac:0a:f4:35:46:
                    ed:d6:7d:ea:4a:9c:bb:8d:bd:ee:ef:70:5b:74:70:
                    83:d7:61:fa:aa:a8:d5:cb:5e:a5:05:53:6f:73:2d:
                    8a:3b:fa:f6:82:06:04:bf:1e:0d:23:e0:77:76:b2:
                    6e:e9:e6:8d:52:0d:31:a4:15:8a:47:5a:40:d7:a8:
                    d4:eb:a3:11:1e:99:99:53:2b:a5:5c:a2:3d:ce:a3:
                    21:2a:ae:18:69:ea:f3:b5:ec:37:d8:7e:08:26:24:
                    7f:a5:34:0e:d1:28:56:ed:d8:3d:72:f2:ae:ad:2f:
                    77:fe:75:6b:45:c6:ce:53:90:57:f0:25:a3:ee:b1:
                    9c:cc:8c:9e:35:22:12:86:01:8b:cd:70:82:83:f7:
                    38:a8:fd:f9:8c:71:0f:46:3e:7b:f8:8e:f3:24:96:
                    54:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:29:78:E7:D5:DE:5E:3D:07:2E:5B:3C:EC:15:C4:83:0D:7A:AD:C1
            X509v3 Authority Key Identifier:
                keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer

            Subject Information Access:
                Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS16509.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.38.232.0/24
                  89.116.141.0/24
                  89.116.244.0/24
                  89.117.15.0/24
                  89.117.28.0/24
                  89.117.81.0/24
                  89.117.129.0/24
                  89.117.153.0/24

    Signature Algorithm: sha256WithRSAEncryption
         11:c9:62:52:e1:fd:a8:9e:e9:fe:d0:0b:2c:6e:e2:e9:8f:5a:
         8b:be:5a:22:73:91:33:dc:33:2b:8b:1a:34:b7:71:fa:60:f3:
         77:4f:f7:2e:f2:fa:79:f2:b9:28:12:6d:52:e3:3a:55:61:1d:
         be:15:ba:69:d2:35:08:90:64:d4:81:1e:e5:8f:c7:4c:ec:3b:
         07:46:e9:e9:46:9e:1d:c6:f3:de:87:93:c7:bf:57:a0:e6:e5:
         3e:d0:a6:9b:6d:0c:1e:7b:52:0a:ed:30:5f:b4:ac:da:89:af:
         72:aa:2b:9d:db:e2:8e:2d:f6:a0:4d:56:42:26:bd:7d:5d:fb:
         f0:8c:ad:79:d9:1d:49:b3:8a:a6:eb:e5:c7:16:18:17:d7:1f:
         90:35:64:e5:63:c7:a5:3c:70:ea:bb:0f:4d:01:64:31:3e:7f:
         a7:2a:b5:a8:9d:3a:89:17:47:62:dc:37:c6:46:29:31:db:7e:
         2d:8a:80:8c:10:17:e4:6a:17:a4:a3:7c:1f:6a:b1:5e:cc:c8:
         bc:c8:35:85:65:5f:d6:1c:48:2b:0c:ad:93:29:fa:f8:63:fc:
         7f:5d:4d:2c:b3:3f:dc:bc:3e:9a:0a:86:8b:70:97:55:f1:1f:
         83:a9:7e:33:8d:4e:fb:72:c2:bb:28:78:e6:e0:c0:9f:16:64:
         f6:61:02:42
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgIUP4h3pYnXsrCJHFM3LNh9mPCzvBwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNDAzMDcxMjQ2MTdaFw0yNTAzMDYxMjUxMTdaMDMxMTAvBgNV
BAMTKEVEMjk3OEU3RDVERTVFM0QwNzJFNUIzQ0VDMTVDNDgzMEQ3QUFEQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3/5C/vCno7aPnTwrCXwlHkFUT
n/XqBc21KqWUzNypD+hIGjupkw2lHp01APk8qznuU57JNWs/RvJL2AepKLicpEnJ
sNTre4jXuIWroVE+VXUeIV4WjVP6wmjM+ct6lSFskzqsCvQ1Ru3WfepKnLuNve7v
cFt0cIPXYfqqqNXLXqUFU29zLYo7+vaCBgS/Hg0j4Hd2sm7p5o1SDTGkFYpHWkDX
qNTroxEemZlTK6Vcoj3OoyEqrhhp6vO17DfYfggmJH+lNA7RKFbt2D1y8q6tL3f+
dWtFxs5TkFfwJaPusZzMjJ41IhKGAYvNcIKD9zio/fmMcQ9GPnv4jvMkllQBAgMB
AAGjggJYMIICVDAdBgNVHQ4EFgQU7Sl459XeXj0HLls87BXEgw16rcEwHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMHEGCCsGAQUFBwELBGUwYzBhBggrBgEFBQcwC4ZVcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzE2NTA5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAViboAwQAWXSNAwQAWXT0
AwQAWXUPAwQAWXUcAwQAWXVRAwQAWXWBAwQAWXWZMA0GCSqGSIb3DQEBCwUAA4IB
AQARyWJS4f2onun+0AssbuLpj1qLvloic5Ez3DMrixo0t3H6YPN3T/cu8vp58rko
Em1S4zpVYR2+Fbpp0jUIkGTUgR7lj8dM7DsHRunpRp4dxvPeh5PHv1eg5uU+0Kab
bQwee1IK7TBftKzaia9yqiud2+KOLfagTVZCJr19XfvwjK152R1Js4qm6+XHFhgX
1x+QNWTlY8elPHDquw9NAWQxPn+nKrWonTqJF0di3DfGRikx234tioCMEBfkahek
o3wfarFezMi8yDWFZV/WHEgrDK2TKfr4Y/x/XU0ssz/cvD6aCoaLcJdV8R+DqX4z
jU77csK7KHjm4MCfFmT2YQJC
-----END CERTIFICATE-----
Generated at Wed Oct 30 15:16:43 2024 by rpki-client on console-fra.rpki-client.org