Route Origin Authorization

$ rpki-client -vvf r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/37372e37352e3139372e302f32342d3234203d3e20323130353432.roa
File:                     37372e37352e3139372e302f32342d3234203d3e20323130353432.roa (raw, json)
Hash identifier:          nSDQhHOTiDrffNncdkfCSr5eaObQhuwC1EW/nLU1dJk=
Subject key identifier:   E2:CB:23:D4:0C:41:C5:EE:7B:5B:44:8D:1A:A2:17:86:FD:65:74:00
Certificate issuer:       /CN=2A2FB4DB0AA4D006958316872E467B554E0FD0BE
Certificate serial:       60D7F1413B3B5059EE8BA4E6C22CB6A5FECD2457
Authority key identifier: 2A:2F:B4:DB:0A:A4:D0:06:95:83:16:87:2E:46:7B:55:4E:0F:D0:BE
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.cer
Subject info access:      rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/37372e37352e3139372e302f32342d3234203d3e20323130353432.roa
Signing time:             Mon 15 Apr 2024 06:54:25 +0000
ROA not before:           Mon 15 Apr 2024 06:49:25 +0000
ROA not after:            Mon 14 Apr 2025 06:54:25 +0000
asID:                     210542
IP address blocks:        77.75.197.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.crl
                          rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/4502E63CE01CAD239AC397BC2BB5E6C347DCEEEA.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RQLmPOAcrSOaw5e8K7Xmw0fc7uo.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 19:11:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:d7:f1:41:3b:3b:50:59:ee:8b:a4:e6:c2:2c:b6:a5:fe:cd:24:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A2FB4DB0AA4D006958316872E467B554E0FD0BE
        Validity
            Not Before: Apr 15 06:49:25 2024 GMT
            Not After : Apr 14 06:54:25 2025 GMT
        Subject: CN=E2CB23D40C41C5EE7B5B448D1AA21786FD657400
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:84:9c:a4:85:c0:c0:b1:14:00:bb:6a:47:f6:
                    61:29:ed:12:64:cb:31:97:3d:25:fc:83:47:8e:28:
                    48:df:1f:6b:54:5a:bd:af:ad:fb:44:ee:01:bf:8c:
                    9c:a7:c6:8a:30:89:a1:fa:ad:db:03:31:4c:73:6a:
                    14:bb:bf:db:9a:d1:f8:6b:25:dc:5a:77:ea:56:3e:
                    a1:d0:73:2c:0d:ad:6d:78:63:e4:4c:77:c3:97:0e:
                    e4:b5:97:91:8f:c7:03:ae:70:2e:80:df:c4:06:dd:
                    7d:47:a2:90:60:bb:bb:59:78:5d:09:31:8b:d9:1d:
                    db:24:0a:64:d8:e7:29:82:85:21:0d:61:c5:61:30:
                    0c:a7:d1:1b:7e:c2:ef:a2:50:9f:47:b8:5c:a6:be:
                    7f:9d:48:d2:98:29:05:d6:45:22:5b:bb:ff:9a:b3:
                    de:0e:c0:cc:e6:d3:0c:2a:04:65:b2:55:28:1a:71:
                    1c:a8:0a:14:f5:78:91:b1:57:4b:8c:66:79:f7:91:
                    6e:37:8b:82:5b:54:0e:e9:c0:d0:44:bb:48:55:e3:
                    f5:f7:29:0b:be:dc:c4:db:bc:8b:7c:db:47:f7:5b:
                    0e:ad:65:a5:43:36:b4:e3:31:b9:97:dc:d3:87:83:
                    04:12:06:eb:f1:53:5e:a8:05:3a:c1:f2:1b:77:b0:
                    4f:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:CB:23:D4:0C:41:C5:EE:7B:5B:44:8D:1A:A2:17:86:FD:65:74:00
            X509v3 Authority Key Identifier:
                keyid:2A:2F:B4:DB:0A:A4:D0:06:95:83:16:87:2E:46:7B:55:4E:0F:D0:BE

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/9df33a57-7e4f-4844-84e2-b7153b5511b4/0/2A2FB4DB0AA4D006958316872E467B554E0FD0BE.cer

            Subject Information Access:
                Signed Object - URI:rsync://r.magellan.ipxo.com/repo/a6f2147a-de8a-4440-bca2-6d8b7c876fda-0/0/37372e37352e3139372e302f32342d3234203d3e20323130353432.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  77.75.197.0/24

    Signature Algorithm: sha256WithRSAEncryption
         12:08:2c:3b:49:57:e2:05:12:d8:bf:3d:d3:e0:0c:77:9f:3a:
         18:0f:8b:05:db:7a:10:c1:82:f6:30:b8:d6:3b:48:1e:ce:86:
         66:8a:fc:b2:c9:b6:4c:ad:af:1e:6d:00:20:97:35:ae:e5:1d:
         57:78:29:54:a0:51:06:1c:4b:b3:23:c6:66:80:98:3a:48:76:
         6a:d3:ca:dc:5e:02:25:56:bf:3d:c7:fb:c9:19:f7:b6:d1:46:
         26:e6:e5:53:a3:57:42:ca:94:b0:9f:12:90:cd:60:b4:e0:4c:
         1a:26:7e:dc:62:2a:bd:9b:0b:61:b9:c6:54:0c:d1:07:10:52:
         51:9b:83:73:ca:fd:c3:b3:75:55:29:fe:97:05:d0:13:9b:0f:
         49:2b:42:a8:64:06:13:23:9d:25:e7:b2:6e:59:c5:07:4c:4f:
         f7:20:32:e2:d1:a0:d8:14:8c:54:e4:ef:77:4b:f4:72:4f:7e:
         2e:28:2f:31:27:69:19:1c:5d:59:69:39:60:32:66:71:9f:91:
         45:40:41:ce:69:61:26:79:06:fd:85:29:3e:47:7c:bf:e7:16:
         4e:ad:3b:b2:d7:08:c8:50:a3:05:d7:02:5e:ff:af:5a:27:ad:
         41:08:32:b5:3f:14:56:11:04:1a:3e:f1:1e:79:43:49:29:3e:
         b7:97:96:95
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgIUYNfxQTs7UFnui6Tmwiy2pf7NJFcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMkEyRkI0REIwQUE0RDAwNjk1ODMxNjg3MkU0NjdCNTU0
RTBGRDBCRTAeFw0yNDA0MTUwNjQ5MjVaFw0yNTA0MTQwNjU0MjVaMDMxMTAvBgNV
BAMTKEUyQ0IyM0Q0MEM0MUM1RUU3QjVCNDQ4RDFBQTIxNzg2RkQ2NTc0MDAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjhJykhcDAsRQAu2pH9mEp7RJk
yzGXPSX8g0eOKEjfH2tUWr2vrftE7gG/jJynxoowiaH6rdsDMUxzahS7v9ua0fhr
Jdxad+pWPqHQcywNrW14Y+RMd8OXDuS1l5GPxwOucC6A38QG3X1HopBgu7tZeF0J
MYvZHdskCmTY5ymChSENYcVhMAyn0Rt+wu+iUJ9HuFymvn+dSNKYKQXWRSJbu/+a
s94OwMzm0wwqBGWyVSgacRyoChT1eJGxV0uMZnn3kW43i4JbVA7pwNBEu0hV4/X3
KQu+3MTbvIt820f3Ww6tZaVDNrTjMbmX3NOHgwQSBuvxU16oBTrB8ht3sE8fAgMB
AAGjggJiMIICXjAdBgNVHQ4EFgQU4ssj1AxBxe57W0SNGqIXhv1ldAAwHwYDVR0j
BBgwFoAUKi+02wqk0AaVgxaHLkZ7VU4P0L4wDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
YTZmMjE0N2EtZGU4YS00NDQwLWJjYTItNmQ4YjdjODc2ZmRhLTAvMC8yQTJGQjRE
QjBBQTREMDA2OTU4MzE2ODcyRTQ2N0I1NTRFMEZEMEJFLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzlkZjMzYTU3LTdlNGYtNDg0NC04NGUyLWI3MTUz
YjU1MTFiNC8wLzJBMkZCNERCMEFBNEQwMDY5NTgzMTY4NzJFNDY3QjU1NEUwRkQw
QkUuY2VyMIGkBggrBgEFBQcBCwSBlzCBlDCBkQYIKwYBBQUHMAuGgYRyc3luYzov
L3IubWFnZWxsYW4uaXB4by5jb20vcmVwby9hNmYyMTQ3YS1kZThhLTQ0NDAtYmNh
Mi02ZDhiN2M4NzZmZGEtMC8wLzM3MzcyZTM3MzUyZTMxMzkzNzJlMzAyZjMyMzQy
ZDMyMzQyMDNkM2UyMDMyMzEzMDM1MzQzMi5yb2EwGAYDVR0gAQH/BA4wDDAKBggr
BgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE1LxTANBgkqhkiG
9w0BAQsFAAOCAQEAEggsO0lX4gUS2L890+AMd586GA+LBdt6EMGC9jC41jtIHs6G
Zor8ssm2TK2vHm0AIJc1ruUdV3gpVKBRBhxLsyPGZoCYOkh2atPK3F4CJVa/Pcf7
yRn3ttFGJublU6NXQsqUsJ8SkM1gtOBMGiZ+3GIqvZsLYbnGVAzRBxBSUZuDc8r9
w7N1VSn+lwXQE5sPSStCqGQGEyOdJeeyblnFB0xP9yAy4tGg2BSMVOTvd0v0ck9+
LigvMSdpGRxdWWk5YDJmcZ+RRUBBzmlhJnkG/YUpPkd8v+cWTq07stcIyFCjBdcC
Xv+vWietQQgytT8UVhEEGj7xHnlDSSk+t5eWlQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 08:13:03 2024 by rpki-client on console-fra.rpki-client.org