Route Origin Authorization

$ rpki-client -vvf r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/352e38332e3231372e302f32342d3234203d3e20313939363134.roa
File:                     352e38332e3231372e302f32342d3234203d3e20313939363134.roa (raw, json)
Hash identifier:          L9Nsd1DDYk9tolT0UMqnwv6/N7Bkh3LIfev20wUkdYU=
Subject key identifier:   1A:03:4E:48:56:30:3F:9F:8E:82:DF:AB:BF:AB:74:2C:0A:9D:8D:19
Certificate issuer:       /CN=2A2FB4DB0AA4D006958316872E467B554E0FD0BE
Certificate serial:       57C9F6A58C55373A1BAD3B7D8A22A5DBB8F04D91
Authority key identifier: 2A:2F:B4:DB:0A:A4:D0:06:95:83:16:87:2E:46:7B:55:4E:0F:D0:BE
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.cer
Subject info access:      rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/352e38332e3231372e302f32342d3234203d3e20313939363134.roa
Signing time:             Sat 09 Mar 2024 20:05:05 +0000
ROA not before:           Sat 09 Mar 2024 20:00:05 +0000
ROA not after:            Sat 08 Mar 2025 20:05:05 +0000
asID:                     199614
IP address blocks:        5.83.217.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.crl
                          rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Dec 2024 04:55:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:c9:f6:a5:8c:55:37:3a:1b:ad:3b:7d:8a:22:a5:db:b8:f0:4d:91
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A2FB4DB0AA4D006958316872E467B554E0FD0BE
        Validity
            Not Before: Mar  9 20:00:05 2024 GMT
            Not After : Mar  8 20:05:05 2025 GMT
        Subject: CN=1A034E4856303F9F8E82DFABBFAB742C0A9D8D19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:a7:1f:d9:1b:e1:8a:4e:ab:b5:89:d4:c0:8b:
                    50:8c:76:7d:39:33:a6:c2:a7:10:43:69:c4:27:0d:
                    bf:bf:62:e2:bb:c0:20:00:6c:84:e0:c4:3e:0d:0c:
                    a1:8e:29:49:dd:55:d7:20:72:9a:c5:7c:9b:1f:4b:
                    56:0a:92:54:dd:f1:9d:5f:eb:bb:20:a4:60:28:65:
                    39:b0:fc:79:bd:95:3a:15:15:5d:5f:f4:71:f3:18:
                    96:49:cf:6b:6e:9b:83:3c:ee:6f:b5:e0:78:40:df:
                    9d:63:72:09:27:39:10:a4:eb:29:09:45:70:ac:59:
                    5c:d9:a9:ee:b6:fe:07:a6:8b:15:0b:72:ac:4c:05:
                    52:01:6e:f3:08:1e:2f:7b:0e:1f:52:f2:dc:a7:88:
                    44:47:28:de:42:4c:b9:a4:9b:78:a1:3b:76:8f:f7:
                    d9:27:47:c9:e5:b7:e3:c3:39:68:ca:ce:1b:7d:e7:
                    ee:a8:24:e0:27:9a:de:7e:75:7a:8e:fe:0b:aa:a5:
                    3a:3c:82:47:56:bb:a5:97:75:6c:7f:d9:56:2a:d7:
                    0c:80:15:60:c7:0a:b1:92:77:f7:b7:be:89:5f:b6:
                    7c:7d:f4:5b:05:d9:26:f4:68:09:f9:44:16:f2:9e:
                    fa:62:80:2d:fd:5e:dc:81:31:35:49:b8:d4:a5:09:
                    3f:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:03:4E:48:56:30:3F:9F:8E:82:DF:AB:BF:AB:74:2C:0A:9D:8D:19
            X509v3 Authority Key Identifier:
                keyid:2A:2F:B4:DB:0A:A4:D0:06:95:83:16:87:2E:46:7B:55:4E:0F:D0:BE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.cer

            Subject Information Access:
                Signed Object - URI:rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/352e38332e3231372e302f32342d3234203d3e20313939363134.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.83.217.0/24

    Signature Algorithm: sha256WithRSAEncryption
         97:72:f9:4c:be:20:2b:25:35:30:8a:f1:46:9d:fc:94:8f:03:
         6a:fb:62:ca:90:8b:7f:af:26:a9:1c:78:ef:64:21:74:23:02:
         5b:2c:c8:ef:e8:77:92:b3:16:30:f7:77:85:cb:9f:5a:1c:1c:
         0c:e7:1e:c3:11:57:af:da:9b:1f:9c:08:8e:44:8b:9e:ae:87:
         39:44:22:34:4d:52:11:e0:e7:c9:26:33:45:23:2e:bd:91:0a:
         d0:86:08:27:b0:28:79:67:bc:25:c6:0d:43:cf:cc:d2:1d:58:
         45:a3:50:34:14:18:24:b5:8d:8e:71:a1:d1:d6:b0:15:b0:57:
         72:7e:80:1f:13:ea:d7:0c:cb:50:65:f4:76:25:66:e3:e6:70:
         b7:b6:37:bf:49:5d:12:cb:5b:aa:a1:a9:df:fb:45:9f:82:9c:
         31:1a:07:4f:8f:61:d8:4e:4e:2c:68:0f:13:3b:3a:7f:98:d9:
         a6:3c:c7:a9:b9:3d:2b:39:5d:c1:af:84:ac:68:fb:12:f2:66:
         cb:00:6f:7f:c8:e9:ed:11:99:42:6f:6c:01:5c:c7:47:d8:6a:
         ab:af:1f:49:dc:ee:e4:0f:2a:00:81:24:7a:b5:41:63:88:1b:
         53:cb:d0:be:2f:2e:5a:d9:9d:45:eb:48:45:e6:1c:86:bb:ca:
         dd:c9:b7:ff
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIUV8n2pYxVNzobrTt9iiKl27jwTZEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkEyRkI0REIwQUE0RDAwNjk1ODMxNjg3MkU0NjdCNTU0
RTBGRDBCRTAeFw0yNDAzMDkyMDAwMDVaFw0yNTAzMDgyMDA1MDVaMDMxMTAvBgNV
BAMTKDFBMDM0RTQ4NTYzMDNGOUY4RTgyREZBQkJGQUI3NDJDMEE5RDhEMTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQpx/ZG+GKTqu1idTAi1CMdn05
M6bCpxBDacQnDb+/YuK7wCAAbITgxD4NDKGOKUndVdcgcprFfJsfS1YKklTd8Z1f
67sgpGAoZTmw/Hm9lToVFV1f9HHzGJZJz2tum4M87m+14HhA351jcgknORCk6ykJ
RXCsWVzZqe62/gemixULcqxMBVIBbvMIHi97Dh9S8tyniERHKN5CTLmkm3ihO3aP
99knR8nlt+PDOWjKzht95+6oJOAnmt5+dXqO/guqpTo8gkdWu6WXdWx/2VYq1wyA
FWDHCrGSd/e3volftnx99FsF2Sb0aAn5RBbynvpigC39XtyBMTVJuNSlCT/tAgMB
AAGjggJgMIICXDAdBgNVHQ4EFgQUGgNOSFYwP5+Ogt+rv6t0LAqdjRkwHwYDVR0j
BBgwFoAUKi+02wqk0AaVgxaHLkZ7VU4P0L4wDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
YTZmMjE0N2EtZGU4YS00NDQwLWJjYTItNmQ4YjdjODc2ZmRhLTAvMC8yQTJGQjRE
QjBBQTREMDA2OTU4MzE2ODcyRTQ2N0I1NTRFMEZEMEJFLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzlkZjMzYTU3LTdlNGYtNDg0NC04NGUyLWI3MTUz
YjU1MTFiNC8wLzJBMkZCNERCMEFBNEQwMDY5NTgzMTY4NzJFNDY3QjU1NEUwRkQw
QkUuY2VyMIGiBggrBgEFBQcBCwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzov
L3IubWFnZWxsYW4uaXB4by5jb20vcmVwby9hNmYyMTQ3YS1kZThhLTQ0NDAtYmNh
Mi02ZDhiN2M4NzZmZGEtMC8wLzM1MmUzODMzMmUzMjMxMzcyZTMwMmYzMjM0MmQz
MjM0MjAzZDNlMjAzMTM5MzkzNjMxMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAFU9kwDQYJKoZIhvcN
AQELBQADggEBAJdy+Uy+ICslNTCK8Uad/JSPA2r7YsqQi3+vJqkceO9kIXQjAlss
yO/od5KzFjD3d4XLn1ocHAznHsMRV6/amx+cCI5Ei56uhzlEIjRNUhHg58kmM0Uj
Lr2RCtCGCCewKHlnvCXGDUPPzNIdWEWjUDQUGCS1jY5xodHWsBWwV3J+gB8T6tcM
y1Bl9HYlZuPmcLe2N79JXRLLW6qhqd/7RZ+CnDEaB0+PYdhOTixoDxM7On+Y2aY8
x6m5PSs5XcGvhKxo+xLyZssAb3/I6e0RmUJvbAFcx0fYaquvH0nc7uQPKgCBJHq1
QWOIG1PL0L4vLlrZnUXrSEXmHIa7yt3Jt/8=
-----END CERTIFICATE-----
Generated at Thu Dec 12 11:04:56 2024 by rpki-client on console-ams.rpki-client.org