Route Origin Authorization

$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212609.roa
File:                     AS212609.roa (raw, json)
Hash identifier:          zDnkFzztcpFhUK1GJY9Tfqy6WNREdSa1utAXxHb7dbI=
Subject key identifier:   CC:E9:1D:28:53:EF:B7:89:4C:A4:BB:3C:4E:10:1E:A6:35:7F:FB:F5
Certificate issuer:       /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial:       4C2D4E5AB8C40DAD4BC913F52952EEFF6C731802
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access:      rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212609.roa
Signing time:             Sat 28 Sep 2024 00:43:22 +0000
ROA not before:           Sat 28 Sep 2024 00:38:22 +0000
ROA not after:            Sat 27 Sep 2025 00:43:22 +0000
asID:                     212609
IP address blocks:        82.140.183.0/24 maxlen: 24
                          86.38.24.0/24 maxlen: 24
                          89.116.242.0/24 maxlen: 24
                          89.117.5.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
                          rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 11 Dec 2024 06:33:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4c:2d:4e:5a:b8:c4:0d:ad:4b:c9:13:f5:29:52:ee:ff:6c:73:18:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
        Validity
            Not Before: Sep 28 00:38:22 2024 GMT
            Not After : Sep 27 00:43:22 2025 GMT
        Subject: CN=CCE91D2853EFB7894CA4BB3C4E101EA6357FFBF5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:fa:81:d4:1f:e3:34:44:a6:40:b1:7b:95:be:
                    8c:a4:28:3c:47:60:45:6d:22:76:e9:bf:84:3c:c0:
                    27:84:67:67:38:c3:0a:d8:73:99:a9:a2:e1:5a:63:
                    38:59:cb:a4:59:d4:af:2a:44:71:8b:17:4e:20:a4:
                    f7:f1:f7:e5:f0:8e:c8:16:8e:30:33:22:f7:bd:5e:
                    84:72:f0:e7:b6:23:9a:a0:bc:9c:be:3c:01:48:cf:
                    6a:da:8d:e9:3c:f8:89:03:9e:6a:46:ab:36:8b:74:
                    81:2a:f3:f5:10:5d:10:59:ea:a3:2c:53:f2:bc:2c:
                    07:93:69:88:0d:d8:4e:5e:c1:ad:85:97:0c:ee:e3:
                    0b:d7:a4:ad:2d:1e:a3:03:84:80:49:2e:62:ed:38:
                    5f:22:0e:0d:b3:a5:05:1d:13:63:45:16:a3:48:5c:
                    84:ab:38:b7:ba:bf:f6:d8:95:09:2b:ab:05:af:79:
                    62:cd:65:49:1f:d3:14:15:4d:db:f4:15:45:ac:5e:
                    ef:88:ae:90:27:02:87:1e:29:1b:a1:cd:25:78:95:
                    98:8e:17:e7:5f:2c:bd:17:5c:bf:58:e3:f1:f9:2a:
                    05:d9:91:04:1b:6c:5c:c8:b9:ed:8e:b3:b8:d6:2d:
                    54:7e:e3:30:e0:23:bb:1d:43:1d:f9:b1:23:6b:c0:
                    e6:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:E9:1D:28:53:EF:B7:89:4C:A4:BB:3C:4E:10:1E:A6:35:7F:FB:F5
            X509v3 Authority Key Identifier:
                keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer

            Subject Information Access:
                Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS212609.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  82.140.183.0/24
                  86.38.24.0/24
                  89.116.242.0/24
                  89.117.5.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:dd:55:c5:fb:9f:29:39:bf:63:00:82:84:65:ae:be:5d:6e:
         67:5f:1a:1d:95:29:ca:5d:5b:2f:3d:3c:56:07:14:cc:e0:80:
         20:cc:f4:53:d0:6c:3e:28:34:98:f9:d4:e9:28:49:f5:18:13:
         a9:4b:7b:d7:a2:4f:0e:67:ae:a3:ea:7c:32:c1:3f:a8:d1:c9:
         11:2d:69:08:aa:54:00:4a:8e:24:4c:fe:8b:59:59:e9:16:a7:
         d0:4f:0e:99:66:fb:55:e0:42:f6:33:92:ba:e8:23:53:31:b8:
         2b:b3:7e:af:4d:ca:16:86:c9:8b:84:44:d5:61:02:fe:c3:b0:
         d5:fd:5a:3b:fc:f2:e6:d3:81:4c:7e:7c:b6:31:44:ff:b4:35:
         2d:d3:66:a9:96:6e:69:94:cc:a1:7f:70:da:33:c1:1c:91:a7:
         a2:2f:a8:9c:3f:16:d4:79:9e:60:f3:71:58:35:1d:a8:bb:6d:
         ba:38:b1:49:2d:70:ff:e8:02:35:4c:bc:5e:95:0c:57:d4:fa:
         25:82:97:ac:61:70:0f:0e:b9:95:74:06:c5:1c:f7:23:20:b3:
         e0:af:56:36:62:23:eb:86:8a:0e:ad:b3:95:6b:0c:3a:da:67:
         4f:78:7c:23:01:77:6d:76:e5:fb:05:af:e7:c6:28:2c:de:9a:
         c2:47:9e:7c
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUTC1OWrjEDa1LyRP1KVLu/2xzGAIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNDA5MjgwMDM4MjJaFw0yNTA5MjcwMDQzMjJaMDMxMTAvBgNV
BAMTKENDRTkxRDI4NTNFRkI3ODk0Q0E0QkIzQzRFMTAxRUE2MzU3RkZCRjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDS+oHUH+M0RKZAsXuVvoykKDxH
YEVtInbpv4Q8wCeEZ2c4wwrYc5mpouFaYzhZy6RZ1K8qRHGLF04gpPfx9+XwjsgW
jjAzIve9XoRy8Oe2I5qgvJy+PAFIz2rajek8+IkDnmpGqzaLdIEq8/UQXRBZ6qMs
U/K8LAeTaYgN2E5ewa2Flwzu4wvXpK0tHqMDhIBJLmLtOF8iDg2zpQUdE2NFFqNI
XISrOLe6v/bYlQkrqwWveWLNZUkf0xQVTdv0FUWsXu+IrpAnAoceKRuhzSV4lZiO
F+dfLL0XXL9Y4/H5KgXZkQQbbFzIue2Os7jWLVR+4zDgI7sdQx35sSNrwObXAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUzOkdKFPvt4lMpLs8ThAepjV/+/UwHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMHIGCCsGAQUFBwELBGYwZDBiBggrBgEFBQcwC4ZWcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzIxMjYwOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAFKMtwMEAFYmGAMEAFl0
8gMEAFl1BTANBgkqhkiG9w0BAQsFAAOCAQEAkN1VxfufKTm/YwCChGWuvl1uZ18a
HZUpyl1bLz08VgcUzOCAIMz0U9BsPig0mPnU6ShJ9RgTqUt716JPDmeuo+p8MsE/
qNHJES1pCKpUAEqOJEz+i1lZ6Ran0E8OmWb7VeBC9jOSuugjUzG4K7N+r03KFobJ
i4RE1WEC/sOw1f1aO/zy5tOBTH58tjFE/7Q1LdNmqZZuaZTMoX9w2jPBHJGnoi+o
nD8W1HmeYPNxWDUdqLttujixSS1w/+gCNUy8XpUMV9T6JYKXrGFwDw65lXQGxRz3
IyCz4K9WNmIj64aKDq2zlWsMOtpnT3h8IwF3bXbl+wWv58YoLN6awkeefA==
-----END CERTIFICATE-----
Generated at Tue Dec 10 15:36:18 2024 by rpki-client on console-fra.rpki-client.org