Route Origin Authorization

$ rpki-client -vvf r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/0/AS9009.roa
File:                     AS9009.roa (raw, json)
Hash identifier:          kElNB9QxPBQNu1PAzoh1qCTTbcnopQU62jzo6Q6tnDs=
Subject key identifier:   BF:2E:F0:70:27:B3:D4:9C:9F:86:65:0B:BA:12:2D:44:D1:4A:DF:84
Certificate issuer:       /CN=79cc621cd2109938184a2a64ad1f65896e488b7c
Certificate serial:       59620A366B0B9A1828DAF3D9F2F5D9EDCEC63EAB
Authority key identifier: 79:CC:62:1C:D2:10:99:38:18:4A:2A:64:AD:1F:65:89:6E:48:8B:7C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/ecxiHNIQmTgYSipkrR9liW5Ii3w.cer
Subject info access:      rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/0/AS9009.roa
Signing time:             Thu 03 Nov 2022 18:40:53 +0000
ROA not before:           Thu 03 Nov 2022 18:35:53 +0000
ROA not after:            Thu 02 Nov 2023 18:40:53 +0000
asID:                     9009
IP address blocks:        2.57.20.0/23 maxlen: 23
                          2.58.172.0/24 maxlen: 24
                          5.45.38.0/24 maxlen: 24
                          45.95.14.0/24 maxlen: 24
                          179.61.131.0/24 maxlen: 24
                          179.61.201.0/24 maxlen: 24
                          181.214.3.0/24 maxlen: 24
                          181.214.15.0/24 maxlen: 24
                          181.214.19.0/24 maxlen: 24
                          181.214.27.0/24 maxlen: 24
                          181.214.28.0/24 maxlen: 24
                          181.214.32.0/24 maxlen: 24
                          181.214.55.0/24 maxlen: 24
                          181.214.92.0/24 maxlen: 24
                          181.215.209.0/24 maxlen: 24
                          185.34.42.0/24 maxlen: 24
                          185.135.10.0/24 maxlen: 24
                          185.139.236.0/24 maxlen: 24
                          185.145.38.0/24 maxlen: 24
                          185.172.66.0/24 maxlen: 24
                          185.174.63.0/24 maxlen: 24
                          191.96.65.0/24 maxlen: 24
                          191.96.69.0/24 maxlen: 24
                          191.96.171.0/24 maxlen: 24
                          191.96.173.0/24 maxlen: 24
                          191.101.23.0/24 maxlen: 24
                          213.109.169.0/24 maxlen: 24
                          2a0a:ce04::/48 maxlen: 48
                          2a0a:ce04:1::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:62:0a:36:6b:0b:9a:18:28:da:f3:d9:f2:f5:d9:ed:ce:c6:3e:ab
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=79cc621cd2109938184a2a64ad1f65896e488b7c
        Validity
            Not Before: Nov  3 18:35:53 2022 GMT
            Not After : Nov  2 18:40:53 2023 GMT
        Subject: CN=BF2EF07027B3D49C9F86650BBA122D44D14ADF84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:f3:dc:74:d0:bd:84:2e:4b:98:0e:eb:f3:a8:
                    29:12:42:98:bf:96:07:28:17:f5:fe:ad:05:e1:7b:
                    70:2a:d3:09:42:74:cd:c3:d9:00:57:ab:6a:63:86:
                    9d:5a:98:bb:fb:98:92:40:51:89:b2:90:c1:d9:c5:
                    4d:b6:5d:ec:25:4f:12:74:8b:0e:55:2f:f5:6f:75:
                    2d:ff:f1:b1:99:1d:a9:de:57:c2:ec:53:e7:1e:5c:
                    34:51:1d:a9:21:b6:9c:08:30:22:a9:eb:24:a6:a2:
                    16:fa:36:23:5c:36:be:cc:43:18:51:26:cc:ac:77:
                    c0:86:ff:b1:8a:6b:7d:84:14:e0:a6:6d:5e:48:8e:
                    28:71:d9:6e:96:89:47:8b:2d:b5:75:39:cd:55:dd:
                    d0:a3:ca:dc:f1:d3:f5:8a:81:5f:1a:7e:c6:2c:e8:
                    ab:97:e4:92:b6:e5:e2:84:2a:1f:54:c1:be:cd:10:
                    f8:1e:d3:55:b0:64:72:28:05:6c:69:19:cc:08:34:
                    3f:c8:34:f5:16:47:da:fd:e2:6e:92:d0:ec:74:8f:
                    fe:79:54:7c:28:c3:19:f1:f7:55:0f:2f:bd:91:02:
                    94:e8:85:7c:29:de:74:28:fd:92:e4:b4:eb:14:1b:
                    fe:da:de:59:7d:45:d5:1d:bb:a8:bd:5f:54:5d:2b:
                    b0:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BF:2E:F0:70:27:B3:D4:9C:9F:86:65:0B:BA:12:2D:44:D1:4A:DF:84
            X509v3 Authority Key Identifier:
                keyid:79:CC:62:1C:D2:10:99:38:18:4A:2A:64:AD:1F:65:89:6E:48:8B:7C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/0/79CC621CD2109938184A2A64AD1F65896E488B7C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ecxiHNIQmTgYSipkrR9liW5Ii3w.cer

            Subject Information Access:
                Signed Object - URI:rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/0/AS9009.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.57.20.0/23
                  2.58.172.0/24
                  5.45.38.0/24
                  45.95.14.0/24
                  179.61.131.0/24
                  179.61.201.0/24
                  181.214.3.0/24
                  181.214.15.0/24
                  181.214.19.0/24
                  181.214.27.0-181.214.28.255
                  181.214.32.0/24
                  181.214.55.0/24
                  181.214.92.0/24
                  181.215.209.0/24
                  185.34.42.0/24
                  185.135.10.0/24
                  185.139.236.0/24
                  185.145.38.0/24
                  185.172.66.0/24
                  185.174.63.0/24
                  191.96.65.0/24
                  191.96.69.0/24
                  191.96.171.0/24
                  191.96.173.0/24
                  191.101.23.0/24
                  213.109.169.0/24
                IPv6:
                  2a0a:ce04::/47

    Signature Algorithm: sha256WithRSAEncryption
         9a:72:5e:0d:d2:13:7c:77:aa:36:16:d0:80:70:f6:2c:0f:65:
         46:98:3f:fa:bc:24:42:3b:b7:8c:88:e5:24:b6:75:f8:6f:98:
         0e:f3:9c:dd:a6:08:1f:13:06:84:6b:9d:6c:e3:f7:91:df:02:
         68:c1:b2:65:40:fe:85:e4:6e:db:9c:f8:15:e5:d8:64:32:24:
         45:92:02:8a:45:9b:48:77:36:88:56:7f:36:b1:18:22:7a:26:
         c9:be:e3:ed:25:4c:c9:3d:f2:d6:13:c6:7f:74:1b:54:e5:80:
         07:c9:a9:29:2c:db:9d:3b:26:46:fb:13:48:93:9c:84:a6:95:
         e0:ed:92:47:1f:27:e8:ee:d3:39:c9:d3:2b:2b:43:9a:eb:b7:
         89:c8:79:85:92:5b:8d:b4:8d:c5:0b:dd:57:eb:61:d0:c2:3a:
         1a:7f:e4:bc:04:e9:36:d9:ca:fd:e9:bd:45:7b:4b:fd:f5:e9:
         f5:f3:40:ad:ce:76:d1:16:08:ed:13:f8:a1:cd:37:35:72:7c:
         66:70:ca:ee:5e:05:0e:bb:2a:dd:82:f4:68:dc:ff:8e:c4:cd:
         3c:f1:7a:a6:a8:84:ee:ed:1d:95:16:cb:b0:e0:3f:a0:c2:a0:
         04:66:64:af:aa:d0:88:42:c4:d5:c8:f1:23:08:15:eb:6e:37:
         99:f3:c3:25
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUWWIKNmsLmhgo2vPZ8vXZ7c7GPqswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzljYzYyMWNkMjEwOTkzODE4NGEyYTY0YWQxZjY1ODk2
ZTQ4OGI3YzAeFw0yMjExMDMxODM1NTNaFw0yMzExMDIxODQwNTNaMDMxMTAvBgNV
BAMTKEJGMkVGMDcwMjdCM0Q0OUM5Rjg2NjUwQkJBMTIyRDQ0RDE0QURGODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCh89x00L2ELkuYDuvzqCkSQpi/
lgcoF/X+rQXhe3Aq0wlCdM3D2QBXq2pjhp1amLv7mJJAUYmykMHZxU22XewlTxJ0
iw5VL/VvdS3/8bGZHaneV8LsU+ceXDRRHakhtpwIMCKp6ySmohb6NiNcNr7MQxhR
Jsysd8CG/7GKa32EFOCmbV5Ijihx2W6WiUeLLbV1Oc1V3dCjytzx0/WKgV8afsYs
6KuX5JK25eKEKh9Uwb7NEPge01WwZHIoBWxpGcwIND/INPUWR9r94m6S0Ox0j/55
VHwowxnx91UPL72RApTohXwp3nQo/ZLktOsUG/7a3ll9RdUdu6i9X1RdK7BLAgMB
AAGjggKmMIICojAdBgNVHQ4EFgQUvy7wcCez1JyfhmULuhItRNFK34QwHwYDVR0j
BBgwFoAUecxiHNIQmTgYSipkrR9liW5Ii3wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
ZGI0MzM2NTYtNmIxMy00OGUxLTljYTUtNjQ4OTQ2ODEwZjNlLTAvMC83OUNDNjIx
Q0QyMTA5OTM4MTg0QTJBNjRBRDFGNjU4OTZFNDg4QjdDLmNybDBkBggrBgEFBQcB
AQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWN4aUhOSVFtVGdZU2lwa3JSOWxpVzVJaTN3LmNlcjBwBggr
BgEFBQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vci5tYWdlbGxhbi5pcHhv
LmNvbS9yZXBvL2RiNDMzNjU2LTZiMTMtNDhlMS05Y2E1LTY0ODk0NjgxMGYzZS0w
LzAvQVM5MDA5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHSBggrBgEF
BQcBBwEB/wSBwjCBvzCBqwQCAAEwgaQDBAECORQDBAACOqwDBAAFLSYDBAAtXw4D
BACzPYMDBACzPckDBAC11gMDBAC11g8DBAC11hMwDAMEALXWGwMEALXWHAMEALXW
IAMEALXWNwMEALXWXAMEALXX0QMEALkiKgMEALmHCgMEALmL7AMEALmRJgMEALms
QgMEALmuPwMEAL9gQQMEAL9gRQMEAL9gqwMEAL9grQMEAL9lFwMEANVtqTAPBAIA
AjAJAwcBKgrOBAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCacl4N0hN8d6o2FtCAcPYs
D2VGmD/6vCRCO7eMiOUktnX4b5gO85zdpggfEwaEa51s4/eR3wJowbJlQP6F5G7b
nPgV5dhkMiRFkgKKRZtIdzaIVn82sRgieibJvuPtJUzJPfLWE8Z/dBtU5YAHyakp
LNudOyZG+xNIk5yEppXg7ZJHHyfo7tM5ydMrK0Oa67eJyHmFkluNtI3FC91X62HQ
wjoaf+S8BOk22cr96b1Fe0v99en180CtznbRFgjtE/ihzTc1cnxmcMruXgUOuyrd
gvRo3P+OxM088XqmqITu7R2VFsuw4D+gwqAEZmSvqtCIQsTVyPEjCBXrbjeZ88Ml
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:56 2023 by rpki-client on console-ams.rpki-client.org