Route Origin Authorization

$ rpki-client -vvf r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/1/AS397423.roa
File:                     AS397423.roa (raw, json)
Hash identifier:          dPJRr5GbrwDtfUwkBPXE9fkWUs62unHklYPvC/kuHRY=
Subject key identifier:   7D:4C:A2:ED:0D:5B:B1:8D:54:9A:02:09:17:F5:72:3B:2B:BA:48:FD
Certificate issuer:       /CN=790bd238df7d45b7861545f2d03caf64232d3ff2
Certificate serial:       45412C9854D2CF0FFB390B5B4E7536B2D7F1A977
Authority key identifier: 79:0B:D2:38:DF:7D:45:B7:86:15:45:F2:D0:3C:AF:64:23:2D:3F:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eQvSON99RbeGFUXy0DyvZCMtP_I.cer
Subject info access:      rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/1/AS397423.roa
Signing time:             Mon 28 Nov 2022 12:18:16 +0000
ROA not before:           Mon 28 Nov 2022 12:13:16 +0000
ROA not after:            Mon 27 Nov 2023 12:18:16 +0000
asID:                     397423
IP address blocks:        179.61.194.0/24 maxlen: 24
                          181.214.133.0/24 maxlen: 24
                          181.214.152.0/24 maxlen: 24
                          181.215.47.0/24 maxlen: 24
                          181.215.49.0/24 maxlen: 24
                          181.215.242.0/24 maxlen: 24
                          181.215.243.0/24 maxlen: 24
                          181.215.244.0/24 maxlen: 24
                          185.170.57.0/24 maxlen: 24
                          191.96.101.0/24 maxlen: 24
                          191.96.155.0/24 maxlen: 24
                          191.96.166.0/24 maxlen: 24
                          191.96.186.0/24 maxlen: 24
                          191.101.30.0/24 maxlen: 24
                          191.101.166.0/24 maxlen: 24
                          191.101.172.0/24 maxlen: 24
                          193.227.129.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            45:41:2c:98:54:d2:cf:0f:fb:39:0b:5b:4e:75:36:b2:d7:f1:a9:77
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=790bd238df7d45b7861545f2d03caf64232d3ff2
        Validity
            Not Before: Nov 28 12:13:16 2022 GMT
            Not After : Nov 27 12:18:16 2023 GMT
        Subject: CN=7D4CA2ED0D5BB18D549A020917F5723B2BBA48FD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:c4:da:2c:77:f9:2e:34:38:66:45:7d:38:96:
                    6f:a4:ee:e8:9a:e3:e8:b4:e9:5a:e6:6c:bd:fc:1e:
                    37:55:e5:14:fa:4c:bf:0e:5e:02:e2:c1:ab:05:eb:
                    83:6a:8e:fe:e4:c2:ec:01:e5:58:2f:0b:64:63:e9:
                    63:78:ef:98:9d:b4:ad:46:46:bc:65:66:3d:b6:a8:
                    ce:65:0a:c7:8f:67:b3:6b:02:93:5c:8e:1e:db:8e:
                    6a:d9:a8:e7:bf:5a:1f:34:e4:a8:ec:f5:ec:87:f9:
                    20:a1:3f:f7:56:8b:dd:e5:6a:4c:44:9f:64:d2:bc:
                    93:97:db:9c:a9:a1:16:ba:7b:71:81:2d:14:fc:34:
                    ae:2e:c0:22:2f:45:f3:be:ab:e8:15:06:ee:5c:94:
                    d5:4c:7a:0f:d2:10:38:6c:ec:3f:92:e6:68:6f:0d:
                    e2:eb:4d:40:48:b4:18:96:a2:37:b3:92:8a:f0:4b:
                    00:5b:e2:9b:e5:c7:80:0a:85:3b:4c:8c:39:2f:c3:
                    15:9a:7b:e4:42:e9:1b:e5:e4:5a:79:29:91:ba:41:
                    7a:87:22:ce:94:c0:f9:2f:3f:a0:de:c6:35:0a:95:
                    f1:81:87:00:92:1c:a6:4b:4c:e7:4e:b8:1c:27:12:
                    63:82:31:ac:0e:1e:22:7f:5b:2a:0b:56:ef:33:ae:
                    bd:19
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:4C:A2:ED:0D:5B:B1:8D:54:9A:02:09:17:F5:72:3B:2B:BA:48:FD
            X509v3 Authority Key Identifier:
                keyid:79:0B:D2:38:DF:7D:45:B7:86:15:45:F2:D0:3C:AF:64:23:2D:3F:F2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/1/790BD238DF7D45B7861545F2D03CAF64232D3FF2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eQvSON99RbeGFUXy0DyvZCMtP_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/1/AS397423.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.61.194.0/24
                  181.214.133.0/24
                  181.214.152.0/24
                  181.215.47.0/24
                  181.215.49.0/24
                  181.215.242.0-181.215.244.255
                  185.170.57.0/24
                  191.96.101.0/24
                  191.96.155.0/24
                  191.96.166.0/24
                  191.96.186.0/24
                  191.101.30.0/24
                  191.101.166.0/24
                  191.101.172.0/24
                  193.227.129.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b0:5c:71:44:28:04:50:26:a5:43:e1:f9:e5:97:e9:da:60:7a:
         78:e0:87:0f:20:1c:60:37:bc:48:da:c2:76:95:36:79:c1:ce:
         93:66:40:80:66:b8:c6:76:7d:0a:6c:9b:c2:92:23:c6:6e:7f:
         e2:dc:5b:d2:9f:14:cb:a6:66:08:25:d8:ed:89:7f:10:62:61:
         eb:5a:68:c2:91:f7:7f:08:bc:ae:ab:7a:56:ba:0a:29:8d:f9:
         03:c1:f5:08:7c:55:f2:e6:f4:87:f4:61:b6:0f:e8:1a:75:3d:
         e6:5d:99:92:2d:6a:f4:45:a6:5b:70:7e:c0:bf:91:8e:49:37:
         30:42:5c:e4:2c:65:b1:98:be:40:9c:8a:a3:a3:43:c0:28:3b:
         74:23:32:47:39:8b:87:1d:96:4e:5b:43:84:7b:ed:03:e7:f6:
         db:a6:89:99:9d:70:e3:90:0a:bd:5f:1b:37:32:5f:3a:ab:cf:
         4e:99:e5:b0:fe:52:ab:c3:d5:4e:75:e2:e2:19:b4:7b:3e:43:
         7a:5f:8a:6e:2e:1c:cc:97:5d:81:df:b6:2f:8a:68:ff:9c:bd:
         39:cd:95:8a:3b:bd:c0:e9:f7:77:c0:44:95:fb:cc:e4:e8:06:
         1f:dc:04:95:c1:22:4c:7a:5a:67:f6:63:dc:3c:4c:b2:3e:97:
         91:bb:be:26
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIURUEsmFTSzw/7OQtbTnU2stfxqXcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzkwYmQyMzhkZjdkNDViNzg2MTU0NWYyZDAzY2FmNjQy
MzJkM2ZmMjAeFw0yMjExMjgxMjEzMTZaFw0yMzExMjcxMjE4MTZaMDMxMTAvBgNV
BAMTKDdENENBMkVEMEQ1QkIxOEQ1NDlBMDIwOTE3RjU3MjNCMkJCQTQ4RkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOxNosd/kuNDhmRX04lm+k7uia
4+i06VrmbL38HjdV5RT6TL8OXgLiwasF64Nqjv7kwuwB5VgvC2Rj6WN475idtK1G
RrxlZj22qM5lCsePZ7NrApNcjh7bjmrZqOe/Wh805Kjs9eyH+SChP/dWi93lakxE
n2TSvJOX25ypoRa6e3GBLRT8NK4uwCIvRfO+q+gVBu5clNVMeg/SEDhs7D+S5mhv
DeLrTUBItBiWojezkorwSwBb4pvlx4AKhTtMjDkvwxWae+RC6Rvl5Fp5KZG6QXqH
Is6UwPkvP6DexjUKlfGBhwCSHKZLTOdOuBwnEmOCMawOHiJ/WyoLVu8zrr0ZAgMB
AAGjggJQMIICTDAdBgNVHQ4EFgQUfUyi7Q1bsY1UmgIJF/VyOyu6SP0wHwYDVR0j
BBgwFoAUeQvSON99RbeGFUXy0DyvZCMtP/IwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
ZGI0MzM2NTYtNmIxMy00OGUxLTljYTUtNjQ4OTQ2ODEwZjNlLTAvMS83OTBCRDIz
OERGN0Q0NUI3ODYxNTQ1RjJEMDNDQUY2NDIzMkQzRkYyLmNybDBkBggrBgEFBQcB
AQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZVF2U09OOTlSYmVHRlVYeTBEeXZaQ010UF9JLmNlcjByBggr
BgEFBQcBCwRmMGQwYgYIKwYBBQUHMAuGVnJzeW5jOi8vci5tYWdlbGxhbi5pcHhv
LmNvbS9yZXBvL2RiNDMzNjU2LTZiMTMtNDhlMS05Y2E1LTY0ODk0NjgxMGYzZS0w
LzEvQVMzOTc0MjMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwewYIKwYB
BQUHAQcBAf8EbDBqMGgEAgABMGIDBACzPcIDBAC11oUDBAC11pgDBAC11y8DBAC1
1zEwDAMEAbXX8gMEALXX9AMEALmqOQMEAL9gZQMEAL9gmwMEAL9gpgMEAL9gugME
AL9lHgMEAL9lpgMEAL9lrAMEAMHjgTANBgkqhkiG9w0BAQsFAAOCAQEAsFxxRCgE
UCalQ+H55Zfp2mB6eOCHDyAcYDe8SNrCdpU2ecHOk2ZAgGa4xnZ9CmybwpIjxm5/
4txb0p8Uy6ZmCCXY7Yl/EGJh61powpH3fwi8rqt6VroKKY35A8H1CHxV8ub0h/Rh
tg/oGnU95l2Zki1q9EWmW3B+wL+Rjkk3MEJc5CxlsZi+QJyKo6NDwCg7dCMyRzmL
hx2WTltDhHvtA+f226aJmZ1w45AKvV8bNzJfOqvPTpnlsP5Sq8PVTnXi4hm0ez5D
el+Kbi4czJddgd+2L4po/5y9Oc2Viju9wOn3d8BElfvM5OgGH9wElcEiTHpaZ/Zj
3DxMsj6Xkbu+Jg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:00 2024 by rpki-client on console-fra.rpki-client.org