Route Origin Authorization

$ rpki-client -vvf r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/352e38332e3231392e302f32342d3234203d3e20313939363134.roa
File:                     352e38332e3231392e302f32342d3234203d3e20313939363134.roa (raw, json)
Hash identifier:          gazQjYPY5YtWwgSTeUD1mYCKbU7sumH0wxYtviQfwIY=
Subject key identifier:   A4:36:D8:E0:18:CD:6F:A9:17:5F:33:A9:F5:33:9F:77:BB:45:EB:66
Certificate issuer:       /CN=2A2FB4DB0AA4D006958316872E467B554E0FD0BE
Certificate serial:       2E48F29EE1D6528D8AF8536CDA77F2897C4C8E04
Authority key identifier: 2A:2F:B4:DB:0A:A4:D0:06:95:83:16:87:2E:46:7B:55:4E:0F:D0:BE
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.cer
Subject info access:      rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/352e38332e3231392e302f32342d3234203d3e20313939363134.roa
Signing time:             Sat 09 Mar 2024 20:05:59 +0000
ROA not before:           Sat 09 Mar 2024 20:00:59 +0000
ROA not after:            Sat 08 Mar 2025 20:05:59 +0000
asID:                     199614
IP address blocks:        5.83.219.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.crl
                          rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 13 Dec 2024 04:55:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:48:f2:9e:e1:d6:52:8d:8a:f8:53:6c:da:77:f2:89:7c:4c:8e:04
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A2FB4DB0AA4D006958316872E467B554E0FD0BE
        Validity
            Not Before: Mar  9 20:00:59 2024 GMT
            Not After : Mar  8 20:05:59 2025 GMT
        Subject: CN=A436D8E018CD6FA9175F33A9F5339F77BB45EB66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:83:ea:fd:ed:29:9f:e9:84:c1:8b:11:20:1f:82:
                    8c:30:10:7e:21:1d:3c:1c:33:8f:1e:9a:43:fb:79:
                    94:c3:90:25:bf:cc:20:f0:56:54:c6:d9:18:ba:c0:
                    0c:4b:83:c3:e2:78:86:e7:66:d0:65:bb:89:6d:2f:
                    7f:af:39:17:35:31:49:e6:c6:93:d4:04:77:69:46:
                    f8:1c:ad:e8:f0:55:a9:f4:12:17:10:26:ce:3f:27:
                    a3:05:d4:63:62:17:a0:2a:12:f8:42:72:ce:7a:ea:
                    b5:06:04:33:55:c2:e2:03:e2:fb:52:fc:50:14:1b:
                    08:21:da:69:5f:52:66:6e:bc:b0:3a:8a:4f:fb:ff:
                    aa:c4:7f:da:16:4b:ec:dc:76:15:23:ca:87:7a:d2:
                    84:c0:f6:51:de:ad:c3:4d:cd:ad:32:80:65:11:0b:
                    77:6a:62:5d:cc:34:99:40:3f:4f:5a:e3:2a:a1:1f:
                    7b:7a:60:3c:eb:6f:fd:c5:7e:5c:6a:a4:5a:79:cf:
                    1a:83:c0:cf:88:c0:60:fd:8b:f2:ee:40:2d:d8:5c:
                    65:bf:ea:15:43:83:a5:54:e3:ad:71:df:5a:9f:0e:
                    92:f5:e1:d9:87:0b:65:65:3e:25:9c:7d:f6:f9:f4:
                    14:05:c6:0e:e5:83:e2:28:92:fb:4b:71:fd:e0:3e:
                    7c:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A4:36:D8:E0:18:CD:6F:A9:17:5F:33:A9:F5:33:9F:77:BB:45:EB:66
            X509v3 Authority Key Identifier:
                keyid:2A:2F:B4:DB:0A:A4:D0:06:95:83:16:87:2E:46:7B:55:4E:0F:D0:BE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.cer

            Subject Information Access:
                Signed Object - URI:rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/352e38332e3231392e302f32342d3234203d3e20313939363134.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.83.219.0/24

    Signature Algorithm: sha256WithRSAEncryption
         18:71:05:0e:09:e3:cf:6d:11:10:6d:d7:1c:48:da:bf:3d:8c:
         50:3e:63:6d:77:15:fa:ea:9f:d6:24:36:91:86:66:22:5f:7b:
         18:8e:58:7d:f3:10:6e:92:7c:c7:47:2c:ee:99:d0:ca:45:c4:
         d5:13:3e:9e:d9:9b:4b:bc:b3:92:ae:aa:d4:d8:d1:5c:29:8a:
         b2:48:9c:9f:ed:9c:e1:25:4a:a2:ee:2b:75:77:b5:7d:be:bc:
         0e:97:d8:b0:73:2f:1a:76:ba:9a:1d:32:32:bc:1b:72:d4:bf:
         a9:bc:12:94:20:da:ef:db:d4:b2:26:4b:40:37:ee:a6:72:1a:
         cd:66:0b:a5:f8:d8:7c:8a:96:bd:84:be:3a:01:19:57:46:84:
         f1:da:48:ee:b5:a1:8e:13:42:47:f7:bd:09:fe:9e:37:a4:64:
         de:3a:e8:31:9e:9c:e3:60:04:24:31:2e:79:94:de:7e:11:9c:
         e4:30:a9:14:44:ae:63:7f:15:38:ea:be:53:e3:48:56:bb:ae:
         35:39:20:09:91:25:e7:f2:dd:be:56:4f:37:1e:a7:9f:d4:91:
         66:10:85:00:0e:a2:b1:20:c2:0b:eb:9b:d6:68:87:0b:4b:ee:
         52:02:55:0e:b3:c8:b6:b4:ca:e0:ae:bb:ef:63:23:7f:ec:e5:
         1a:67:6e:fe
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgIULkjynuHWUo2K+FNs2nfyiXxMjgQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkEyRkI0REIwQUE0RDAwNjk1ODMxNjg3MkU0NjdCNTU0
RTBGRDBCRTAeFw0yNDAzMDkyMDAwNTlaFw0yNTAzMDgyMDA1NTlaMDMxMTAvBgNV
BAMTKEE0MzZEOEUwMThDRDZGQTkxNzVGMzNBOUY1MzM5Rjc3QkI0NUVCNjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCD6v3tKZ/phMGLESAfgowwEH4h
HTwcM48emkP7eZTDkCW/zCDwVlTG2Ri6wAxLg8PieIbnZtBlu4ltL3+vORc1MUnm
xpPUBHdpRvgcrejwVan0EhcQJs4/J6MF1GNiF6AqEvhCcs566rUGBDNVwuID4vtS
/FAUGwgh2mlfUmZuvLA6ik/7/6rEf9oWS+zcdhUjyod60oTA9lHercNNza0ygGUR
C3dqYl3MNJlAP09a4yqhH3t6YDzrb/3FflxqpFp5zxqDwM+IwGD9i/LuQC3YXGW/
6hVDg6VU461x31qfDpL14dmHC2VlPiWcffb59BQFxg7lg+IokvtLcf3gPnyhAgMB
AAGjggJgMIICXDAdBgNVHQ4EFgQUpDbY4BjNb6kXXzOp9TOfd7tF62YwHwYDVR0j
BBgwFoAUKi+02wqk0AaVgxaHLkZ7VU4P0L4wDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
YTZmMjE0N2EtZGU4YS00NDQwLWJjYTItNmQ4YjdjODc2ZmRhLTAvMC8yQTJGQjRE
QjBBQTREMDA2OTU4MzE2ODcyRTQ2N0I1NTRFMEZEMEJFLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzlkZjMzYTU3LTdlNGYtNDg0NC04NGUyLWI3MTUz
YjU1MTFiNC8wLzJBMkZCNERCMEFBNEQwMDY5NTgzMTY4NzJFNDY3QjU1NEUwRkQw
QkUuY2VyMIGiBggrBgEFBQcBCwSBlTCBkjCBjwYIKwYBBQUHMAuGgYJyc3luYzov
L3IubWFnZWxsYW4uaXB4by5jb20vcmVwby9hNmYyMTQ3YS1kZThhLTQ0NDAtYmNh
Mi02ZDhiN2M4NzZmZGEtMC8wLzM1MmUzODMzMmUzMjMxMzkyZTMwMmYzMjM0MmQz
MjM0MjAzZDNlMjAzMTM5MzkzNjMxMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAFU9swDQYJKoZIhvcN
AQELBQADggEBABhxBQ4J489tERBt1xxI2r89jFA+Y213Ffrqn9YkNpGGZiJfexiO
WH3zEG6SfMdHLO6Z0MpFxNUTPp7Zm0u8s5KuqtTY0VwpirJInJ/tnOElSqLuK3V3
tX2+vA6X2LBzLxp2upodMjK8G3LUv6m8EpQg2u/b1LImS0A37qZyGs1mC6X42HyK
lr2EvjoBGVdGhPHaSO61oY4TQkf3vQn+njekZN466DGenONgBCQxLnmU3n4RnOQw
qRRErmN/FTjqvlPjSFa7rjU5IAmRJefy3b5WTzcep5/UkWYQhQAOorEgwgvrm9Zo
hwtL7lICVQ6zyLa0yuCuu+9jI3/s5Rpnbv4=
-----END CERTIFICATE-----
Generated at Thu Dec 12 11:54:15 2024 by rpki-client on console-fra.rpki-client.org