Route Origin Authorization

$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS8100.roa
File:                     AS8100.roa (raw, json)
Hash identifier:          BWgmpgqiPu0tmDxhALmkGd1lOVpSoiiSr1nDD8vx5DI=
Subject key identifier:   F5:34:2C:10:9B:F6:79:56:48:CE:D6:DB:4E:06:A3:A3:6A:55:E0:A6
Certificate issuer:       /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial:       566FC1B5A677C8A4A716E9E03AF551AE6EAEBA30
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access:      rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS8100.roa
Signing time:             Tue 30 Jan 2024 12:33:57 +0000
ROA not before:           Tue 30 Jan 2024 12:28:57 +0000
ROA not after:            Tue 28 Jan 2025 12:33:57 +0000
asID:                     8100
IP address blocks:        86.38.226.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
                          rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 14:16:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:6f:c1:b5:a6:77:c8:a4:a7:16:e9:e0:3a:f5:51:ae:6e:ae:ba:30
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
        Validity
            Not Before: Jan 30 12:28:57 2024 GMT
            Not After : Jan 28 12:33:57 2025 GMT
        Subject: CN=F5342C109BF6795648CED6DB4E06A3A36A55E0A6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:80:bf:57:3d:ee:84:66:24:c5:10:bc:f1:c5:
                    d9:24:da:e7:5e:ef:70:d1:c6:69:90:c3:70:ac:70:
                    22:56:bc:14:2a:dd:b9:a3:f1:b6:fb:31:14:01:96:
                    de:d4:0a:da:ea:10:94:91:e4:37:c5:b9:4a:2d:fa:
                    cf:7c:87:f7:80:90:bb:e0:0c:08:8d:82:29:8d:93:
                    08:38:23:ff:c6:80:98:13:ec:e0:54:35:c9:1e:85:
                    58:ba:9e:af:f1:c5:37:38:1c:d1:27:3c:ea:2e:46:
                    86:9c:3a:7c:6c:bd:e1:c7:ac:a0:84:fb:6e:68:cf:
                    b5:88:41:5f:b0:fe:b4:20:58:d9:74:79:af:4e:6e:
                    47:22:8f:1e:6b:b7:8d:2a:75:ab:0d:0f:9d:ac:4c:
                    9a:f3:58:fd:8e:93:f7:7e:5c:a0:50:2f:b3:f6:e9:
                    6d:b0:0a:7d:94:7f:b6:a7:17:4c:68:60:73:ec:84:
                    44:8e:ae:50:d7:9d:fa:a8:b4:48:f8:8c:51:18:c5:
                    eb:07:be:81:29:8b:c3:a5:47:b3:c6:51:db:c7:7f:
                    15:2c:26:72:0e:b0:d8:e5:84:4a:9e:e8:74:24:55:
                    00:b4:5a:85:80:a8:16:64:fd:36:5c:0a:79:5a:e7:
                    0f:ad:b7:02:1f:99:a8:07:a9:52:97:81:10:ea:1f:
                    14:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:34:2C:10:9B:F6:79:56:48:CE:D6:DB:4E:06:A3:A3:6A:55:E0:A6
            X509v3 Authority Key Identifier:
                keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer

            Subject Information Access:
                Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS8100.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  86.38.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         d4:aa:fc:25:0e:8f:87:28:d0:02:e7:4f:aa:67:fc:33:03:58:
         52:4f:70:6f:71:27:df:1f:25:ba:61:ce:4a:c8:10:dd:b6:91:
         7b:31:a6:1d:c1:2d:cb:91:fd:d8:f3:5a:d4:dc:ac:6b:61:10:
         4b:dd:6c:77:f7:81:1f:31:28:ac:97:70:a1:5c:08:bc:b7:e1:
         63:1b:ed:e1:c6:fd:c2:d6:37:13:e4:ce:85:2d:cf:58:c9:e9:
         cc:41:0c:1d:3e:c3:7c:ad:eb:d1:a4:f4:5a:fb:78:c4:9d:f9:
         28:2f:a3:27:ef:d9:39:a6:18:5e:be:bb:19:29:7f:9d:7a:a1:
         55:2c:7a:60:28:d1:11:6f:1a:b5:eb:bb:3b:86:69:1c:a9:92:
         0d:a9:50:29:e9:6b:f9:3a:07:cc:8f:65:38:85:7c:66:9a:f8:
         47:c9:d5:a3:8c:62:0d:71:3f:1d:6d:41:4f:3b:48:e4:f7:1d:
         b6:a3:b0:d2:1b:fa:88:7d:3b:af:c6:24:44:24:d3:c9:87:42:
         0f:76:8a:8c:4b:5a:ea:83:d9:9e:fc:6d:0c:39:55:cf:f5:6a:
         08:82:e9:dc:6a:7a:82:8d:78:41:e6:b7:21:6f:63:dc:46:d4:
         27:0a:cc:5f:b8:85:a6:26:a0:5c:7f:b6:93:0d:e9:50:f8:3d:
         12:78:d8:d0
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIUVm/BtaZ3yKSnFungOvVRrm6uujAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNDAxMzAxMjI4NTdaFw0yNTAxMjgxMjMzNTdaMDMxMTAvBgNV
BAMTKEY1MzQyQzEwOUJGNjc5NTY0OENFRDZEQjRFMDZBM0EzNkE1NUUwQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKgL9XPe6EZiTFELzxxdkk2ude
73DRxmmQw3CscCJWvBQq3bmj8bb7MRQBlt7UCtrqEJSR5DfFuUot+s98h/eAkLvg
DAiNgimNkwg4I//GgJgT7OBUNckehVi6nq/xxTc4HNEnPOouRoacOnxsveHHrKCE
+25oz7WIQV+w/rQgWNl0ea9Obkcijx5rt40qdasND52sTJrzWP2Ok/d+XKBQL7P2
6W2wCn2Uf7anF0xoYHPshESOrlDXnfqotEj4jFEYxesHvoEpi8OlR7PGUdvHfxUs
JnIOsNjlhEqe6HQkVQC0WoWAqBZk/TZcCnla5w+ttwIfmagHqVKXgRDqHxTlAgMB
AAGjggItMIICKTAdBgNVHQ4EFgQU9TQsEJv2eVZIztbbTgajo2pV4KYwHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMHAGCCsGAQUFBwELBGQwYjBgBggrBgEFBQcwC4ZUcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzgxMDAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABWJuIwDQYJKoZIhvcNAQEL
BQADggEBANSq/CUOj4co0ALnT6pn/DMDWFJPcG9xJ98fJbphzkrIEN22kXsxph3B
LcuR/djzWtTcrGthEEvdbHf3gR8xKKyXcKFcCLy34WMb7eHG/cLWNxPkzoUtz1jJ
6cxBDB0+w3yt69Gk9Fr7eMSd+Sgvoyfv2TmmGF6+uxkpf516oVUsemAo0RFvGrXr
uzuGaRypkg2pUCnpa/k6B8yPZTiFfGaa+EfJ1aOMYg1xPx1tQU87SOT3HbajsNIb
+oh9O6/GJEQk08mHQg92ioxLWuqD2Z78bQw5Vc/1agiC6dxqeoKNeEHmtyFvY9xG
1CcKzF+4haYmoFx/tpMN6VD4PRJ42NA=
-----END CERTIFICATE-----
Generated at Fri Mar 29 03:42:32 2024 by rpki-client on console-fra.rpki-client.org