Route Origin Authorization

$ rpki-client -vvf r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/352e38332e3231362e302f32342d3234203d3e20313939363134.roa
File:                     352e38332e3231362e302f32342d3234203d3e20313939363134.roa (raw, json)
Hash identifier:          D7bDV4G3fsHqTuqrlxJPeL0+CGPrhLKQBn1OWHcFVOE=
Subject key identifier:   3E:66:30:AB:F6:FA:D4:4E:0F:64:DC:86:E9:62:8D:8B:5A:3D:D2:38
Certificate issuer:       /CN=2A2FB4DB0AA4D006958316872E467B554E0FD0BE
Certificate serial:       5AAD692E11C54389CFE835D460E950759448798E
Authority key identifier: 2A:2F:B4:DB:0A:A4:D0:06:95:83:16:87:2E:46:7B:55:4E:0F:D0:BE
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.cer
Subject info access:      rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/352e38332e3231362e302f32342d3234203d3e20313939363134.roa
Signing time:             Sat 09 Mar 2024 20:03:56 +0000
ROA not before:           Sat 09 Mar 2024 19:58:56 +0000
ROA not after:            Sat 08 Mar 2025 20:03:56 +0000
asID:                     199614
IP address blocks:        5.83.216.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.crl
                          rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Dec 2024 04:55:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:ad:69:2e:11:c5:43:89:cf:e8:35:d4:60:e9:50:75:94:48:79:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A2FB4DB0AA4D006958316872E467B554E0FD0BE
        Validity
            Not Before: Mar  9 19:58:56 2024 GMT
            Not After : Mar  8 20:03:56 2025 GMT
        Subject: CN=3E6630ABF6FAD44E0F64DC86E9628D8B5A3DD238
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:ad:81:05:65:79:87:17:2b:c9:2a:96:72:c8:
                    0d:fe:9f:52:33:b6:cc:34:54:b3:90:55:08:41:c3:
                    af:e5:f5:5c:67:22:a8:f6:d1:f7:db:2f:29:15:f5:
                    58:f7:ea:b5:82:5a:7f:95:ce:a7:06:36:f7:5c:b1:
                    84:dd:6e:fc:b2:e5:ae:94:f8:ae:c4:33:49:3d:44:
                    0f:2d:3b:9d:5f:8c:27:b1:76:52:cf:03:1f:62:9f:
                    db:11:36:cc:10:8d:13:0e:2d:29:c5:71:8c:6b:ee:
                    dc:35:8d:f8:3c:01:b4:f8:74:95:df:aa:c8:45:4d:
                    15:91:84:4d:9d:3c:64:90:c5:23:4d:19:de:59:b8:
                    d8:c2:75:83:9d:f4:17:8f:8d:af:bc:f5:75:61:79:
                    e6:bd:9f:80:40:ee:fe:af:ff:ac:96:72:24:3c:4e:
                    cb:7d:55:88:46:ae:3c:63:c3:4d:47:79:9d:10:ef:
                    b4:07:4c:ec:2b:13:62:09:63:b2:8b:c6:b2:0f:2f:
                    29:d5:8a:86:41:cf:6d:47:dd:8f:a8:00:1c:f4:2c:
                    b4:ee:89:93:5f:90:4c:f3:5e:24:c7:32:50:53:9f:
                    1e:d1:4c:0a:13:d5:ba:a6:35:81:0e:b4:88:a1:62:
                    c2:6d:9c:69:fb:9b:4a:9e:ef:47:f5:b4:0e:c9:35:
                    95:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3E:66:30:AB:F6:FA:D4:4E:0F:64:DC:86:E9:62:8D:8B:5A:3D:D2:38
            X509v3 Authority Key Identifier:
                keyid:2A:2F:B4:DB:0A:A4:D0:06:95:83:16:87:2E:46:7B:55:4E:0F:D0:BE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.cer

            Subject Information Access:
                Signed Object - URI:rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/352e38332e3231362e302f32342d3234203d3e20313939363134.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.83.216.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:8f:e3:d8:a2:5c:c7:71:6b:c2:b6:66:0e:bd:ad:d6:95:6d:
         ed:bc:79:4f:40:61:94:60:3e:a2:10:64:1a:89:ac:a3:2c:cc:
         c8:63:c3:13:44:80:75:7a:b4:0c:5d:46:b5:3a:70:c6:7f:b5:
         dd:2e:42:92:54:d5:31:92:9a:94:fb:22:5f:69:9e:ec:01:84:
         c4:d3:6e:15:38:36:98:02:3f:6f:cc:42:f9:5b:df:01:e3:c1:
         c9:19:db:8d:e9:69:16:c4:56:fd:3d:b6:6f:d6:ed:d8:2f:00:
         2b:e4:fe:ef:a6:9a:cb:b7:15:24:6a:47:6f:1d:07:09:de:fb:
         2d:51:f9:e3:bc:d6:e5:10:05:1a:92:2e:75:b2:41:8a:38:c8:
         81:40:68:c2:89:45:31:a6:97:36:bc:89:75:67:70:54:9b:55:
         66:1c:5b:c9:2e:0d:60:8b:75:b4:7b:e2:c8:a3:0f:91:ef:96:
         13:18:be:af:58:0d:e9:7c:3a:1b:61:df:22:e8:be:13:3a:e6:
         5b:d6:96:99:44:1f:19:ae:41:f1:93:6f:4d:16:eb:14:00:28:
         6d:91:c2:5f:16:89:49:70:06:f9:bd:87:c9:6f:e9:de:0a:43:
         85:37:70:9a:2d:82:3e:f3:50:b3:33:18:f4:30:0e:cc:23:f2:
         a1:34:5e:cd
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIUWq1pLhHFQ4nP6DXUYOlQdZRIeY4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkEyRkI0REIwQUE0RDAwNjk1ODMxNjg3MkU0NjdCNTU0
RTBGRDBCRTAeFw0yNDAzMDkxOTU4NTZaFw0yNTAzMDgyMDAzNTZaMDMxMTAvBgNV
BAMTKDNFNjYzMEFCRjZGQUQ0NEUwRjY0REM4NkU5NjI4RDhCNUEzREQyMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwrYEFZXmHFyvJKpZyyA3+n1Iz
tsw0VLOQVQhBw6/l9VxnIqj20ffbLykV9Vj36rWCWn+VzqcGNvdcsYTdbvyy5a6U
+K7EM0k9RA8tO51fjCexdlLPAx9in9sRNswQjRMOLSnFcYxr7tw1jfg8AbT4dJXf
qshFTRWRhE2dPGSQxSNNGd5ZuNjCdYOd9BePja+89XVheea9n4BA7v6v/6yWciQ8
Tst9VYhGrjxjw01HeZ0Q77QHTOwrE2IJY7KLxrIPLynVioZBz21H3Y+oABz0LLTu
iZNfkEzzXiTHMlBTnx7RTAoT1bqmNYEOtIihYsJtnGn7m0qe70f1tA7JNZXBAgMB
AAGjggJgMIICXDAdBgNVHQ4EFgQUPmYwq/b61E4PZNyG6WKNi1o90jgwHwYDVR0j
BBgwFoAUKi+02wqk0AaVgxaHLkZ7VU4P0L4wDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
YTZmMjE0N2EtZGU4YS00NDQwLWJjYTItNmQ4YjdjODc2ZmRhLTAvMC8yQTJGQjRE
QjBBQTREMDA2OTU4MzE2ODcyRTQ2N0I1NTRFMEZEMEJFLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzlkZjMzYTU3LTdlNGYtNDg0NC04NGUyLWI3MTUz
YjU1MTFiNC8wLzJBMkZCNERCMEFBNEQwMDY5NTgzMTY4NzJFNDY3QjU1NEUwRkQw
QkUuY2VyMIGiBggrBgEFBQcBCwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzov
L3IubWFnZWxsYW4uaXB4by5jb20vcmVwby9hNmYyMTQ3YS1kZThhLTQ0NDAtYmNh
Mi02ZDhiN2M4NzZmZGEtMC8wLzM1MmUzODMzMmUzMjMxMzYyZTMwMmYzMjM0MmQz
MjM0MjAzZDNlMjAzMTM5MzkzNjMxMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAFU9gwDQYJKoZIhvcN
AQELBQADggEBABKP49iiXMdxa8K2Zg69rdaVbe28eU9AYZRgPqIQZBqJrKMszMhj
wxNEgHV6tAxdRrU6cMZ/td0uQpJU1TGSmpT7Il9pnuwBhMTTbhU4NpgCP2/MQvlb
3wHjwckZ243paRbEVv09tm/W7dgvACvk/u+mmsu3FSRqR28dBwne+y1R+eO81uUQ
BRqSLnWyQYo4yIFAaMKJRTGmlza8iXVncFSbVWYcW8kuDWCLdbR74sijD5HvlhMY
vq9YDel8Ohth3yLovhM65lvWlplEHxmuQfGTb00W6xQAKG2Rwl8WiUlwBvm9h8lv
6d4KQ4U3cJotgj7zULMzGPQwDswj8qE0Xs0=
-----END CERTIFICATE-----
Generated at Thu Dec 12 11:04:56 2024 by rpki-client on console-ams.rpki-client.org