Route Origin Authorization

$ rpki-client -vvf r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/1/AS397373.roa
File:                     AS397373.roa (raw, json)
Hash identifier:          iuRHZmAKa+zYuuhTdh0I0kPjNtKZbnhHlZPT1aMenZQ=
Subject key identifier:   D5:61:A8:CF:E5:CB:EA:48:55:94:1D:87:0D:18:99:16:FB:D8:2B:EA
Certificate issuer:       /CN=790bd238df7d45b7861545f2d03caf64232d3ff2
Certificate serial:       1F4BB335115C7A5404B0F7DCA609EEE394896D21
Authority key identifier: 79:0B:D2:38:DF:7D:45:B7:86:15:45:F2:D0:3C:AF:64:23:2D:3F:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eQvSON99RbeGFUXy0DyvZCMtP_I.cer
Subject info access:      rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/1/AS397373.roa
Signing time:             Mon 02 Jan 2023 17:07:36 +0000
ROA not before:           Mon 02 Jan 2023 17:02:36 +0000
ROA not after:            Mon 01 Jan 2024 17:07:36 +0000
asID:                     397373
IP address blocks:        179.61.223.0/24 maxlen: 24
                          179.61.252.0/24 maxlen: 24
                          181.41.215.0/24 maxlen: 24
                          181.214.217.0/24 maxlen: 24
                          181.215.5.0/24 maxlen: 24
                          181.215.248.0/24 maxlen: 24
                          181.215.249.0/24 maxlen: 24
                          185.172.64.0/24 maxlen: 24
                          185.172.67.0/24 maxlen: 24
                          191.96.25.0/24 maxlen: 24
                          191.96.32.0/24 maxlen: 24
                          191.96.131.0/24 maxlen: 24
                          191.96.177.0/24 maxlen: 24
                          191.96.194.0/24 maxlen: 24
                          191.96.221.0/24 maxlen: 24
                          191.96.246.0/24 maxlen: 24
                          191.101.16.0/24 maxlen: 24
                          191.101.191.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:4b:b3:35:11:5c:7a:54:04:b0:f7:dc:a6:09:ee:e3:94:89:6d:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=790bd238df7d45b7861545f2d03caf64232d3ff2
        Validity
            Not Before: Jan  2 17:02:36 2023 GMT
            Not After : Jan  1 17:07:36 2024 GMT
        Subject: CN=D561A8CFE5CBEA4855941D870D189916FBD82BEA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:3a:42:69:20:d0:ff:d0:6c:ab:37:f1:3c:e2:
                    b1:6f:c6:0a:0e:63:0d:2c:3e:98:4f:3d:6c:35:26:
                    e2:6d:2a:50:f5:26:0b:cc:85:77:46:0d:a0:40:8c:
                    2e:73:12:34:34:25:df:db:8f:4d:c6:a9:c7:c9:33:
                    0a:f4:43:2f:2d:77:25:e5:23:c9:c5:31:ca:03:b8:
                    83:54:b1:ce:f0:49:30:48:a8:87:a7:c4:a7:9f:7b:
                    f9:0b:6f:42:75:43:ea:6d:19:54:4f:15:95:b9:11:
                    be:d4:43:16:c3:12:80:1d:3c:c3:90:4a:c5:dd:3d:
                    58:47:2c:1a:3d:0a:38:38:1c:5a:fd:82:66:d6:fe:
                    35:37:d6:2f:9c:e7:be:f6:c1:65:d9:8b:d3:5f:6f:
                    36:65:97:98:9a:43:fb:5b:ed:f7:b7:af:24:ec:51:
                    1e:a5:9d:66:3f:dc:3c:bb:86:aa:e0:f1:47:f2:51:
                    be:cc:b7:c4:f1:8a:77:28:dc:12:f4:63:4b:d4:4d:
                    3e:b0:2a:3b:0e:a5:a6:f3:34:f4:6d:cb:24:4f:3b:
                    03:d3:20:3f:fc:ab:0e:a4:d2:80:52:ed:00:cd:8f:
                    11:4e:6c:5a:8a:9c:c8:dd:b4:fc:2f:7d:d4:c2:54:
                    c3:0c:53:6b:2b:31:3d:0f:af:c1:01:5b:34:04:41:
                    ca:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:61:A8:CF:E5:CB:EA:48:55:94:1D:87:0D:18:99:16:FB:D8:2B:EA
            X509v3 Authority Key Identifier:
                keyid:79:0B:D2:38:DF:7D:45:B7:86:15:45:F2:D0:3C:AF:64:23:2D:3F:F2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/1/790BD238DF7D45B7861545F2D03CAF64232D3FF2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eQvSON99RbeGFUXy0DyvZCMtP_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/1/AS397373.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.61.223.0/24
                  179.61.252.0/24
                  181.41.215.0/24
                  181.214.217.0/24
                  181.215.5.0/24
                  181.215.248.0/23
                  185.172.64.0/24
                  185.172.67.0/24
                  191.96.25.0/24
                  191.96.32.0/24
                  191.96.131.0/24
                  191.96.177.0/24
                  191.96.194.0/24
                  191.96.221.0/24
                  191.96.246.0/24
                  191.101.16.0/24
                  191.101.191.0/24

    Signature Algorithm: sha256WithRSAEncryption
         90:b6:36:36:d9:a1:e8:7f:16:3c:20:04:4a:bc:41:d2:e2:5e:
         4a:da:eb:a8:5f:e4:85:ec:45:3b:2c:2a:6a:ca:b9:a4:16:f4:
         c8:ac:46:35:42:36:1c:18:f4:b1:43:af:1d:63:12:18:0f:7f:
         89:e9:55:31:ce:1d:88:58:b5:e6:a2:6d:7a:97:07:13:91:0f:
         f6:e7:ab:ad:e7:65:86:51:aa:24:8c:5a:1e:f9:54:50:3f:21:
         98:2e:0e:0a:11:13:d0:3f:7d:e4:d9:db:78:41:da:fc:95:32:
         de:35:d1:d7:1c:68:67:40:91:52:74:34:59:46:f2:18:b2:37:
         0e:15:7d:6b:3b:73:e7:b0:22:69:b2:2a:75:f3:57:15:d8:55:
         ca:e2:f9:88:07:fd:f3:35:72:71:5a:13:7b:70:70:e0:a6:b8:
         f9:c2:9b:12:57:c3:04:0f:92:ed:e2:8f:2f:a2:19:3a:86:79:
         eb:7c:d5:5b:2f:b5:c2:fa:49:19:58:de:2a:4a:fd:dc:72:93:
         ca:04:94:45:ce:6c:1f:39:5e:03:4c:6e:a4:59:50:18:8e:bb:
         13:ce:69:96:1a:dd:45:92:be:0b:21:53:8f:6f:62:c0:86:2b:
         74:c4:5b:70:bd:5e:3f:c5:06:12:81:a6:7a:d7:d1:0b:e3:ba:
         26:04:45:d5
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgIUH0uzNRFcelQEsPfcpgnu45SJbSEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzkwYmQyMzhkZjdkNDViNzg2MTU0NWYyZDAzY2FmNjQy
MzJkM2ZmMjAeFw0yMzAxMDIxNzAyMzZaFw0yNDAxMDExNzA3MzZaMDMxMTAvBgNV
BAMTKEQ1NjFBOENGRTVDQkVBNDg1NTk0MUQ4NzBEMTg5OTE2RkJEODJCRUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCnOkJpIND/0GyrN/E84rFvxgoO
Yw0sPphPPWw1JuJtKlD1JgvMhXdGDaBAjC5zEjQ0Jd/bj03GqcfJMwr0Qy8tdyXl
I8nFMcoDuINUsc7wSTBIqIenxKefe/kLb0J1Q+ptGVRPFZW5Eb7UQxbDEoAdPMOQ
SsXdPVhHLBo9Cjg4HFr9gmbW/jU31i+c5772wWXZi9NfbzZll5iaQ/tb7fe3ryTs
UR6lnWY/3Dy7hqrg8UfyUb7Mt8Txinco3BL0Y0vUTT6wKjsOpabzNPRtyyRPOwPT
ID/8qw6k0oBS7QDNjxFObFqKnMjdtPwvfdTCVMMMU2srMT0Pr8EBWzQEQcqJAgMB
AAGjggJUMIICUDAdBgNVHQ4EFgQU1WGoz+XL6khVlB2HDRiZFvvYK+owHwYDVR0j
BBgwFoAUeQvSON99RbeGFUXy0DyvZCMtP/IwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
ZGI0MzM2NTYtNmIxMy00OGUxLTljYTUtNjQ4OTQ2ODEwZjNlLTAvMS83OTBCRDIz
OERGN0Q0NUI3ODYxNTQ1RjJEMDNDQUY2NDIzMkQzRkYyLmNybDBkBggrBgEFBQcB
AQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZVF2U09OOTlSYmVHRlVYeTBEeXZaQ010UF9JLmNlcjByBggr
BgEFBQcBCwRmMGQwYgYIKwYBBQUHMAuGVnJzeW5jOi8vci5tYWdlbGxhbi5pcHhv
LmNvbS9yZXBvL2RiNDMzNjU2LTZiMTMtNDhlMS05Y2E1LTY0ODk0NjgxMGYzZS0w
LzEvQVMzOTczNzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwfwYIKwYB
BQUHAQcBAf8EcDBuMGwEAgABMGYDBACzPd8DBACzPfwDBAC1KdcDBAC11tkDBAC1
1wUDBAG11/gDBAC5rEADBAC5rEMDBAC/YBkDBAC/YCADBAC/YIMDBAC/YLEDBAC/
YMIDBAC/YN0DBAC/YPYDBAC/ZRADBAC/Zb8wDQYJKoZIhvcNAQELBQADggEBAJC2
NjbZoeh/FjwgBEq8QdLiXkra66hf5IXsRTssKmrKuaQW9MisRjVCNhwY9LFDrx1j
EhgPf4npVTHOHYhYteaibXqXBxORD/bnq63nZYZRqiSMWh75VFA/IZguDgoRE9A/
feTZ23hB2vyVMt410dccaGdAkVJ0NFlG8hiyNw4VfWs7c+ewImmyKnXzVxXYVcri
+YgH/fM1cnFaE3twcOCmuPnCmxJXwwQPku3ijy+iGTqGeet81VsvtcL6SRlY3ipK
/dxyk8oElEXObB85XgNMbqRZUBiOuxPOaZYa3UWSvgshU49vYsCGK3TEW3C9Xj/F
BhKBpnrX0QvjuiYERdU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:42 2023 by rpki-client on console-fra.rpki-client.org