Route Origin Authorization

$ rpki-client -vvf r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/33372e3233302e36312e302f32342d3234203d3e2032383536.roa
File:                     33372e3233302e36312e302f32342d3234203d3e2032383536.roa (raw, json)
Hash identifier:          Jfy6PMf0QZTv6FoPsScwMqtZhIt+iL+nTuxJ2PXRk3k=
Subject key identifier:   00:4C:DA:DF:06:03:56:CC:DF:BB:FF:75:80:2B:BB:76:E8:FA:41:DB
Certificate issuer:       /CN=2A2FB4DB0AA4D006958316872E467B554E0FD0BE
Certificate serial:       34157A9852E912FAE4FDCB4C1F92FED0E222AB13
Authority key identifier: 2A:2F:B4:DB:0A:A4:D0:06:95:83:16:87:2E:46:7B:55:4E:0F:D0:BE
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.cer
Subject info access:      rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/33372e3233302e36312e302f32342d3234203d3e2032383536.roa
Signing time:             Wed 04 Jun 2025 20:01:38 +0000
ROA not before:           Wed 04 Jun 2025 19:56:38 +0000
ROA not after:            Wed 03 Jun 2026 20:01:38 +0000
asID:                     2856
IP address blocks:        37.230.61.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.crl
                          rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 10 Jun 2025 02:06:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:15:7a:98:52:e9:12:fa:e4:fd:cb:4c:1f:92:fe:d0:e2:22:ab:13
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A2FB4DB0AA4D006958316872E467B554E0FD0BE
        Validity
            Not Before: Jun  4 19:56:38 2025 GMT
            Not After : Jun  3 20:01:38 2026 GMT
        Subject: CN=004CDADF060356CCDFBBFF75802BBB76E8FA41DB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:80:6a:a3:2d:65:94:d5:e1:4a:af:5c:10:b0:6e:
                    9c:1a:34:80:49:f4:c7:49:ba:3f:97:28:6f:0d:25:
                    d0:d4:54:45:85:1d:28:fb:66:6e:86:4a:9e:ab:1c:
                    dd:ef:89:0e:77:92:71:3a:5b:f3:8e:e1:50:c4:cc:
                    40:d9:69:45:a2:7a:ab:74:d1:83:6f:6b:ff:81:1e:
                    15:f8:17:e0:b2:9a:45:17:c4:a4:d4:10:fe:ca:6f:
                    88:40:01:91:4e:d2:50:ea:f6:84:e9:1c:55:c1:e8:
                    3f:28:57:1f:cb:b9:26:f5:22:90:0c:f3:54:e5:78:
                    48:f7:46:98:81:4e:f4:b4:22:f6:13:8a:ea:21:5a:
                    98:cf:1f:0f:2a:86:f0:52:bf:ac:97:b5:f4:c6:32:
                    98:fa:c1:84:96:3d:85:5a:c8:63:f5:3b:9d:3b:79:
                    e5:67:71:a7:97:a8:f9:d6:f4:fa:b5:ff:7a:00:69:
                    3c:3e:15:95:4a:74:27:13:e2:fe:49:9d:99:80:5a:
                    d5:6e:c8:0c:06:50:f3:64:6b:2f:89:8d:81:b0:e7:
                    2b:a1:0b:eb:a9:bf:cb:fc:6d:50:62:59:5f:7e:03:
                    d6:25:37:69:4a:d8:00:60:f0:da:e2:3e:f4:9c:c6:
                    0a:98:69:90:64:18:f3:85:eb:9f:cc:ed:40:ec:b8:
                    b1:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                00:4C:DA:DF:06:03:56:CC:DF:BB:FF:75:80:2B:BB:76:E8:FA:41:DB
            X509v3 Authority Key Identifier:
                keyid:2A:2F:B4:DB:0A:A4:D0:06:95:83:16:87:2E:46:7B:55:4E:0F:D0:BE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.cer

            Subject Information Access:
                Signed Object - URI:rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/33372e3233302e36312e302f32342d3234203d3e2032383536.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  37.230.61.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:45:d6:1d:3b:cf:a9:b5:2f:a3:ce:6c:b5:59:d9:1b:7c:25:
         47:40:49:96:d0:62:a2:ad:ec:7f:fe:d1:6d:49:6b:75:dc:14:
         09:15:df:49:7d:95:4e:39:e2:2f:c1:ae:75:ed:2f:e7:6b:d4:
         85:0f:b7:0c:a2:16:a0:e4:21:52:88:0b:2f:35:60:3a:bf:66:
         1d:25:e1:d2:1b:89:e9:07:d5:99:c0:6e:1c:90:21:2c:d4:9c:
         a1:98:ab:7c:0c:b2:89:dd:ad:97:34:a6:78:36:ab:1f:13:47:
         4e:c0:f3:20:2f:c7:6f:98:cd:b5:96:b2:51:10:d2:b0:95:16:
         11:59:48:98:3f:78:03:02:8e:c5:0d:ce:b7:9e:ca:56:31:0c:
         9f:8b:15:76:12:f4:c1:bd:6a:91:8e:9e:99:9f:dc:e8:9d:32:
         8d:25:e6:b5:6d:aa:b6:da:d6:bd:4d:18:ae:24:63:10:29:ca:
         af:09:a8:83:ec:a6:65:ab:0e:59:25:f9:da:e9:6b:92:7b:a8:
         2a:5b:66:c6:ec:53:d1:3b:d9:46:a1:83:7d:75:b9:9b:aa:a4:
         ea:4c:30:9f:cd:5c:d5:ae:93:c8:ba:86:de:85:f2:88:47:74:
         25:04:46:68:3a:35:c6:bb:2b:4a:95:f2:c0:40:af:80:f4:ab:
         07:d7:30:74
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIUNBV6mFLpEvrk/ctMH5L+0OIiqxMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkEyRkI0REIwQUE0RDAwNjk1ODMxNjg3MkU0NjdCNTU0
RTBGRDBCRTAeFw0yNTA2MDQxOTU2MzhaFw0yNjA2MDMyMDAxMzhaMDMxMTAvBgNV
BAMTKDAwNENEQURGMDYwMzU2Q0NERkJCRkY3NTgwMkJCQjc2RThGQTQxREIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCAaqMtZZTV4UqvXBCwbpwaNIBJ
9MdJuj+XKG8NJdDUVEWFHSj7Zm6GSp6rHN3viQ53knE6W/OO4VDEzEDZaUWieqt0
0YNva/+BHhX4F+CymkUXxKTUEP7Kb4hAAZFO0lDq9oTpHFXB6D8oVx/LuSb1IpAM
81TleEj3RpiBTvS0IvYTiuohWpjPHw8qhvBSv6yXtfTGMpj6wYSWPYVayGP1O507
eeVncaeXqPnW9Pq1/3oAaTw+FZVKdCcT4v5JnZmAWtVuyAwGUPNkay+JjYGw5yuh
C+upv8v8bVBiWV9+A9YlN2lK2ABg8NriPvScxgqYaZBkGPOF65/M7UDsuLHdAgMB
AAGjggJeMIICWjAdBgNVHQ4EFgQUAEza3wYDVszfu/91gCu7duj6QdswHwYDVR0j
BBgwFoAUKi+02wqk0AaVgxaHLkZ7VU4P0L4wDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
YTZmMjE0N2EtZGU4YS00NDQwLWJjYTItNmQ4YjdjODc2ZmRhLTAvMC8yQTJGQjRE
QjBBQTREMDA2OTU4MzE2ODcyRTQ2N0I1NTRFMEZEMEJFLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzlkZjMzYTU3LTdlNGYtNDg0NC04NGUyLWI3MTUz
YjU1MTFiNC8wLzJBMkZCNERCMEFBNEQwMDY5NTgzMTY4NzJFNDY3QjU1NEUwRkQw
QkUuY2VyMIGgBggrBgEFBQcBCwSBkzCBkDCBjQYIKwYBBQUHMAuGgYByc3luYzov
L3IubWFnZWxsYW4uaXB4by5jb20vcmVwby9hNmYyMTQ3YS1kZThhLTQ0NDAtYmNh
Mi02ZDhiN2M4NzZmZGEtMC8wLzMzMzcyZTMyMzMzMDJlMzYzMTJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMyMzgzNTM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJeY9MA0GCSqGSIb3DQEB
CwUAA4IBAQA5RdYdO8+ptS+jzmy1WdkbfCVHQEmW0GKirex//tFtSWt13BQJFd9J
fZVOOeIvwa517S/na9SFD7cMohag5CFSiAsvNWA6v2YdJeHSG4npB9WZwG4ckCEs
1JyhmKt8DLKJ3a2XNKZ4NqsfE0dOwPMgL8dvmM21lrJRENKwlRYRWUiYP3gDAo7F
Dc63nspWMQyfixV2EvTBvWqRjp6Zn9zonTKNJea1baq22ta9TRiuJGMQKcqvCaiD
7KZlqw5ZJfna6WuSe6gqW2bG7FPRO9lGoYN9dbmbqqTqTDCfzVzVrpPIuobehfKI
R3QlBEZoOjXGuytKlfLAQK+A9KsH1zB0
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:23:32 2025 by rpki-client