Route Origin Authorization

$ rpki-client -vvf r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/352e38332e3231312e302f32342d3234203d3e203538303631.roa
File:                     352e38332e3231312e302f32342d3234203d3e203538303631.roa (raw, json)
Hash identifier:          ksbl5+sgqod4P8W0q80OX2n6H5q2FqNKDHuWoU/iEzY=
Subject key identifier:   B6:5A:1E:BC:DB:02:65:EE:BD:D1:19:3E:9E:84:52:1F:5D:E5:17:25
Certificate issuer:       /CN=2A2FB4DB0AA4D006958316872E467B554E0FD0BE
Certificate serial:       64D9D10BDD8D5B977BA0059218CA378B29BB7811
Authority key identifier: 2A:2F:B4:DB:0A:A4:D0:06:95:83:16:87:2E:46:7B:55:4E:0F:D0:BE
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.cer
Subject info access:      rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/352e38332e3231312e302f32342d3234203d3e203538303631.roa
Signing time:             Tue 28 Jan 2025 00:53:52 +0000
ROA not before:           Tue 28 Jan 2025 00:48:52 +0000
ROA not after:            Tue 27 Jan 2026 00:53:52 +0000
asID:                     58061
IP address blocks:        5.83.211.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.crl
                          rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 15 Feb 2025 03:37:47 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            64:d9:d1:0b:dd:8d:5b:97:7b:a0:05:92:18:ca:37:8b:29:bb:78:11
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A2FB4DB0AA4D006958316872E467B554E0FD0BE
        Validity
            Not Before: Jan 28 00:48:52 2025 GMT
            Not After : Jan 27 00:53:52 2026 GMT
        Subject: CN=B65A1EBCDB0265EEBDD1193E9E84521F5DE51725
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e8:76:3c:0b:cd:9c:5d:be:63:ce:e9:d9:11:49:
                    7c:0b:94:10:81:32:de:22:9a:e7:d2:47:fe:aa:48:
                    ae:17:97:d1:c5:e3:6d:d2:89:7a:f1:47:2f:27:47:
                    a1:a5:9a:64:8c:b4:8b:98:01:0d:31:6a:87:fc:2d:
                    44:68:b7:a2:20:4c:5a:d2:21:c7:8c:85:74:7f:0f:
                    4b:ff:7f:ae:5b:d8:60:f8:7e:c8:7a:d3:1f:4f:df:
                    05:c7:35:63:d8:0d:59:ae:fc:c3:a7:d7:01:74:8a:
                    bc:83:cc:97:33:da:59:ad:43:28:89:f6:91:e5:ef:
                    2c:df:43:8f:a6:ae:24:f7:72:a8:2d:77:45:43:9e:
                    0e:b1:db:93:da:16:85:da:ec:b0:88:26:42:b1:53:
                    78:fc:23:82:67:d7:8a:0c:bc:7c:7e:c2:12:b9:dc:
                    8d:41:97:65:b0:10:33:36:f0:23:18:8d:96:f3:a6:
                    67:88:4e:cf:d7:09:4b:73:ff:ee:14:8e:e5:b6:c8:
                    4e:7c:8e:46:70:e3:4c:a1:69:0b:34:bd:2d:c1:43:
                    55:43:00:ab:b7:69:03:51:04:62:b9:84:6a:3a:e4:
                    27:54:91:09:fa:8e:8d:3c:ad:ef:5e:0b:6b:f6:67:
                    30:c8:b3:79:92:bf:5a:69:a8:06:af:25:e0:c3:18:
                    a7:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B6:5A:1E:BC:DB:02:65:EE:BD:D1:19:3E:9E:84:52:1F:5D:E5:17:25
            X509v3 Authority Key Identifier:
                keyid:2A:2F:B4:DB:0A:A4:D0:06:95:83:16:87:2E:46:7B:55:4E:0F:D0:BE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.cer

            Subject Information Access:
                Signed Object - URI:rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/352e38332e3231312e302f32342d3234203d3e203538303631.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.83.211.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:2f:8c:38:f9:af:f6:89:ae:5e:48:85:7a:f4:57:85:e4:18:
         91:66:2f:49:c3:80:9e:71:84:23:b6:91:3a:44:0c:3c:ff:a1:
         92:8c:4c:46:4c:33:d6:c6:f7:ac:f0:eb:19:c1:5e:e0:89:95:
         02:91:67:e1:f9:54:ae:b6:1b:a6:a4:5c:8a:4b:88:f7:ab:4e:
         1a:11:f3:70:71:3e:d1:36:28:65:29:bd:40:31:c6:61:83:f5:
         66:aa:19:01:78:87:6c:c1:67:f3:1c:02:c0:1d:ed:30:db:bc:
         66:25:97:01:8c:71:cf:30:a1:91:9a:49:a7:29:95:c9:33:f1:
         4e:8a:2f:3b:aa:24:4b:c8:37:59:f0:d0:b2:8b:87:9d:1f:df:
         aa:08:67:e0:f1:6e:a6:4f:8e:2f:6d:d3:0e:60:02:f5:c9:4e:
         d4:f8:04:76:75:5e:29:84:c3:31:b6:09:b6:bf:e8:5f:cc:a7:
         7b:50:be:3a:e9:20:cb:04:f1:39:3b:82:38:5a:35:1e:32:9e:
         b3:6c:78:44:73:d1:63:0c:8e:6e:e8:6d:79:b8:35:77:8e:50:
         fb:5c:c2:d9:10:da:71:95:c9:3c:88:b7:4d:19:c0:ee:55:86:
         1f:21:66:40:e2:95:ee:5e:38:f6:a3:66:09:80:52:b2:48:6a:
         ac:cc:93:9b
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgIUZNnRC92NW5d7oAWSGMo3iym7eBEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkEyRkI0REIwQUE0RDAwNjk1ODMxNjg3MkU0NjdCNTU0
RTBGRDBCRTAeFw0yNTAxMjgwMDQ4NTJaFw0yNjAxMjcwMDUzNTJaMDMxMTAvBgNV
BAMTKEI2NUExRUJDREIwMjY1RUVCREQxMTkzRTlFODQ1MjFGNURFNTE3MjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDodjwLzZxdvmPO6dkRSXwLlBCB
Mt4imufSR/6qSK4Xl9HF423SiXrxRy8nR6GlmmSMtIuYAQ0xaof8LURot6IgTFrS
IceMhXR/D0v/f65b2GD4fsh60x9P3wXHNWPYDVmu/MOn1wF0iryDzJcz2lmtQyiJ
9pHl7yzfQ4+mriT3cqgtd0VDng6x25PaFoXa7LCIJkKxU3j8I4Jn14oMvHx+whK5
3I1Bl2WwEDM28CMYjZbzpmeITs/XCUtz/+4UjuW2yE58jkZw40yhaQs0vS3BQ1VD
AKu3aQNRBGK5hGo65CdUkQn6jo08re9eC2v2ZzDIs3mSv1ppqAavJeDDGKf1AgMB
AAGjggJeMIICWjAdBgNVHQ4EFgQUtloevNsCZe690Rk+noRSH13lFyUwHwYDVR0j
BBgwFoAUKi+02wqk0AaVgxaHLkZ7VU4P0L4wDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
YTZmMjE0N2EtZGU4YS00NDQwLWJjYTItNmQ4YjdjODc2ZmRhLTAvMC8yQTJGQjRE
QjBBQTREMDA2OTU4MzE2ODcyRTQ2N0I1NTRFMEZEMEJFLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzlkZjMzYTU3LTdlNGYtNDg0NC04NGUyLWI3MTUz
YjU1MTFiNC8wLzJBMkZCNERCMEFBNEQwMDY5NTgzMTY4NzJFNDY3QjU1NEUwRkQw
QkUuY2VyMIGgBggrBgEFBQcBCwSBkzCBkDCBjQYIKwYBBQUHMAuGgYByc3luYzov
L3IubWFnZWxsYW4uaXB4by5jb20vcmVwby9hNmYyMTQ3YS1kZThhLTQ0NDAtYmNh
Mi02ZDhiN2M4NzZmZGEtMC8wLzM1MmUzODMzMmUzMjMxMzEyZTMwMmYzMjM0MmQz
MjM0MjAzZDNlMjAzNTM4MzAzNjMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUF
Bw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABVPTMA0GCSqGSIb3DQEB
CwUAA4IBAQCLL4w4+a/2ia5eSIV69FeF5BiRZi9Jw4CecYQjtpE6RAw8/6GSjExG
TDPWxves8OsZwV7giZUCkWfh+VSuthumpFyKS4j3q04aEfNwcT7RNihlKb1AMcZh
g/VmqhkBeIdswWfzHALAHe0w27xmJZcBjHHPMKGRmkmnKZXJM/FOii87qiRLyDdZ
8NCyi4edH9+qCGfg8W6mT44vbdMOYAL1yU7U+AR2dV4phMMxtgm2v+hfzKd7UL46
6SDLBPE5O4I4WjUeMp6zbHhEc9FjDI5u6G15uDV3jlD7XMLZENpxlck8iLdNGcDu
VYYfIWZA4pXuXjj2o2YJgFKySGqszJOb
-----END CERTIFICATE-----
Generated at Fri Feb 14 15:13:44 2025 by rpki-client