Route Origin Authorization

$ rpki-client -vvf r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/1/AS40676.roa
File:                     AS40676.roa (raw, json)
Hash identifier:          AHr/hyhBl28BcwyOwrtINLu4g/CPh6srbdvS3rFGnGQ=
Subject key identifier:   67:F2:85:D2:F4:2C:F8:99:8C:CF:14:8E:18:1C:F1:80:D3:5B:FC:69
Certificate issuer:       /CN=790bd238df7d45b7861545f2d03caf64232d3ff2
Certificate serial:       6ECA7F2B4E6511721F4495FE7F973DCFEE94553C
Authority key identifier: 79:0B:D2:38:DF:7D:45:B7:86:15:45:F2:D0:3C:AF:64:23:2D:3F:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eQvSON99RbeGFUXy0DyvZCMtP_I.cer
Subject info access:      rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/1/AS40676.roa
Signing time:             Tue 28 Feb 2023 12:35:02 +0000
ROA not before:           Tue 28 Feb 2023 12:30:02 +0000
ROA not after:            Tue 27 Feb 2024 12:35:02 +0000
asID:                     40676
IP address blocks:        179.61.139.0/24 maxlen: 24
                          179.61.217.0/24 maxlen: 24
                          179.61.238.0/24 maxlen: 24
                          179.61.246.0/24 maxlen: 24
                          181.41.215.0/24 maxlen: 24
                          181.214.49.0/24 maxlen: 24
                          181.214.57.0/24 maxlen: 24
                          181.214.80.0/24 maxlen: 24
                          181.214.183.0/24 maxlen: 24
                          181.215.17.0/24 maxlen: 24
                          181.215.66.0/24 maxlen: 24
                          181.215.74.0/24 maxlen: 24
                          181.215.75.0/24 maxlen: 24
                          181.215.76.0/24 maxlen: 24
                          181.215.77.0/24 maxlen: 24
                          181.215.121.0/24 maxlen: 24
                          181.215.122.0/24 maxlen: 24
                          181.215.123.0/24 maxlen: 24
                          181.215.127.0/24 maxlen: 24
                          181.215.144.0/24 maxlen: 24
                          181.215.145.0/24 maxlen: 24
                          181.215.148.0/24 maxlen: 24
                          181.215.149.0/24 maxlen: 24
                          181.215.154.0/24 maxlen: 24
                          181.215.159.0/24 maxlen: 24
                          181.215.200.0/24 maxlen: 24
                          181.215.201.0/24 maxlen: 24
                          181.215.202.0/24 maxlen: 24
                          181.215.232.0/24 maxlen: 24
                          191.96.9.0/24 maxlen: 24
                          191.96.15.0/24 maxlen: 24
                          191.96.135.0/24 maxlen: 24
                          191.101.7.0/24 maxlen: 24
                          191.101.44.0/22 maxlen: 24
                          191.101.44.0/24 maxlen: 24
                          191.101.45.0/24 maxlen: 24
                          191.101.46.0/24 maxlen: 24
                          191.101.47.0/24 maxlen: 24
                          191.101.64.0/24 maxlen: 24
                          191.101.68.0/24 maxlen: 24
                          191.101.82.0/24 maxlen: 24
                          191.101.140.0/24 maxlen: 24
                          191.101.195.0/24 maxlen: 24

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6e:ca:7f:2b:4e:65:11:72:1f:44:95:fe:7f:97:3d:cf:ee:94:55:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=790bd238df7d45b7861545f2d03caf64232d3ff2
        Validity
            Not Before: Feb 28 12:30:02 2023 GMT
            Not After : Feb 27 12:35:02 2024 GMT
        Subject: CN=67F285D2F42CF8998CCF148E181CF180D35BFC69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:03:82:aa:78:0b:6a:e4:1b:aa:cb:cf:94:18:
                    a0:72:8a:9c:69:21:88:23:8d:1e:2f:32:62:16:8b:
                    24:1a:89:c9:19:3d:1f:33:34:30:c5:56:0c:31:7b:
                    70:d8:94:05:95:3b:d5:a4:44:f3:3a:fe:fc:ff:5b:
                    30:47:92:60:b5:f9:65:f9:1f:41:1c:5a:4b:75:aa:
                    d3:ce:93:b5:d9:2c:72:9f:f7:b3:59:e5:85:cb:d3:
                    5b:53:4d:27:88:a0:67:73:c7:33:04:a5:b9:23:0a:
                    25:35:66:97:c3:2b:8c:39:49:c0:d0:4e:d1:c0:4b:
                    38:20:cb:61:b7:d8:af:28:7c:58:f5:72:dc:04:54:
                    39:0b:89:d2:4b:2e:43:5b:d8:11:6d:ea:f5:e6:a7:
                    8e:9d:ce:51:57:fc:2d:38:4c:9f:01:f8:77:f9:67:
                    08:74:a7:1d:33:00:86:14:28:9c:64:fb:37:3d:3c:
                    4f:ff:64:61:cc:e4:4c:96:12:0e:5b:fc:44:d1:4e:
                    ca:a6:ef:a7:86:72:d1:52:43:4d:bd:a2:f6:7d:92:
                    e0:fb:dd:d8:47:e4:ed:79:9e:2e:b2:dc:44:7e:32:
                    a3:d7:72:9e:45:d6:47:16:81:fe:ff:b9:93:3b:ac:
                    41:1c:e2:3a:a8:24:3b:50:b1:df:27:01:0c:2b:ed:
                    58:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:F2:85:D2:F4:2C:F8:99:8C:CF:14:8E:18:1C:F1:80:D3:5B:FC:69
            X509v3 Authority Key Identifier:
                keyid:79:0B:D2:38:DF:7D:45:B7:86:15:45:F2:D0:3C:AF:64:23:2D:3F:F2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/1/790BD238DF7D45B7861545F2D03CAF64232D3FF2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eQvSON99RbeGFUXy0DyvZCMtP_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/1/AS40676.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  179.61.139.0/24
                  179.61.217.0/24
                  179.61.238.0/24
                  179.61.246.0/24
                  181.41.215.0/24
                  181.214.49.0/24
                  181.214.57.0/24
                  181.214.80.0/24
                  181.214.183.0/24
                  181.215.17.0/24
                  181.215.66.0/24
                  181.215.74.0-181.215.77.255
                  181.215.121.0-181.215.123.255
                  181.215.127.0/24
                  181.215.144.0/23
                  181.215.148.0/23
                  181.215.154.0/24
                  181.215.159.0/24
                  181.215.200.0-181.215.202.255
                  181.215.232.0/24
                  191.96.9.0/24
                  191.96.15.0/24
                  191.96.135.0/24
                  191.101.7.0/24
                  191.101.44.0/22
                  191.101.64.0/24
                  191.101.68.0/24
                  191.101.82.0/24
                  191.101.140.0/24
                  191.101.195.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3a:e8:04:e7:36:c6:79:cb:52:a1:76:0f:d6:23:0a:36:96:91:
         76:43:de:c8:8e:e1:ed:00:c3:5a:1a:2d:9a:0c:42:43:b5:af:
         d8:d7:95:13:5a:15:05:87:7b:97:38:d6:0c:7b:5c:bb:43:5c:
         c7:28:6a:3f:d0:9e:3a:fd:38:d7:5c:b6:7c:80:01:44:a2:27:
         9f:d9:2f:42:45:22:d3:eb:38:ed:eb:b6:f3:14:5a:fd:52:2d:
         1c:0b:48:e1:9f:b9:9e:1e:f1:2d:af:a5:17:fd:23:56:bb:64:
         ca:0a:56:dc:7d:91:a8:61:18:6d:68:4e:20:16:1d:42:58:9a:
         c4:5c:04:48:53:10:d9:19:3c:82:f6:ed:8d:ba:e9:80:a4:68:
         c9:9b:ac:52:0c:63:4f:34:34:7d:8a:9a:ab:ab:73:83:58:1b:
         d0:92:51:22:90:e7:64:a7:0b:f1:66:5b:1b:c7:4a:e8:e3:62:
         c7:cb:4c:19:8d:0a:9b:a1:b1:d7:7d:17:85:a6:a3:09:d4:7e:
         1d:97:f0:86:c5:4f:68:ae:68:79:77:fc:e4:3a:94:42:01:3c:
         f5:c6:81:f5:ee:5c:0e:e7:36:64:1b:af:0b:e6:d6:8c:1b:91:
         dd:90:2c:10:35:36:d4:47:56:3d:9b:0f:b9:18:8a:44:1c:74:
         c4:4f:0a:4c
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgIUbsp/K05lEXIfRJX+f5c9z+6UVTwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzkwYmQyMzhkZjdkNDViNzg2MTU0NWYyZDAzY2FmNjQy
MzJkM2ZmMjAeFw0yMzAyMjgxMjMwMDJaFw0yNDAyMjcxMjM1MDJaMDMxMTAvBgNV
BAMTKDY3RjI4NUQyRjQyQ0Y4OTk4Q0NGMTQ4RTE4MUNGMTgwRDM1QkZDNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLA4KqeAtq5Buqy8+UGKByipxp
IYgjjR4vMmIWiyQaickZPR8zNDDFVgwxe3DYlAWVO9WkRPM6/vz/WzBHkmC1+WX5
H0EcWkt1qtPOk7XZLHKf97NZ5YXL01tTTSeIoGdzxzMEpbkjCiU1ZpfDK4w5ScDQ
TtHASzggy2G32K8ofFj1ctwEVDkLidJLLkNb2BFt6vXmp46dzlFX/C04TJ8B+Hf5
Zwh0px0zAIYUKJxk+zc9PE//ZGHM5EyWEg5b/ETRTsqm76eGctFSQ029ovZ9kuD7
3dhH5O15ni6y3ER+MqPXcp5F1kcWgf7/uZM7rEEc4jqoJDtQsd8nAQwr7VjpAgMB
AAGjggK+MIICujAdBgNVHQ4EFgQUZ/KF0vQs+JmMzxSOGBzxgNNb/GkwHwYDVR0j
BBgwFoAUeQvSON99RbeGFUXy0DyvZCMtP/IwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
ZGI0MzM2NTYtNmIxMy00OGUxLTljYTUtNjQ4OTQ2ODEwZjNlLTAvMS83OTBCRDIz
OERGN0Q0NUI3ODYxNTQ1RjJEMDNDQUY2NDIzMkQzRkYyLmNybDBkBggrBgEFBQcB
AQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZVF2U09OOTlSYmVHRlVYeTBEeXZaQ010UF9JLmNlcjBxBggr
BgEFBQcBCwRlMGMwYQYIKwYBBQUHMAuGVXJzeW5jOi8vci5tYWdlbGxhbi5pcHhv
LmNvbS9yZXBvL2RiNDMzNjU2LTZiMTMtNDhlMS05Y2E1LTY0ODk0NjgxMGYzZS0w
LzEvQVM0MDY3Ni5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB6QYIKwYB
BQUHAQcBAf8EgdkwgdYwgdMEAgABMIHMAwQAsz2LAwQAsz3ZAwQAsz3uAwQAsz32
AwQAtSnXAwQAtdYxAwQAtdY5AwQAtdZQAwQAtda3AwQAtdcRAwQAtddCMAwDBAG1
10oDBAG110wwDAMEALXXeQMEArXXeAMEALXXfwMEAbXXkAMEAbXXlAMEALXXmgME
ALXXnzAMAwQDtdfIAwQAtdfKAwQAtdfoAwQAv2AJAwQAv2APAwQAv2CHAwQAv2UH
AwQCv2UsAwQAv2VAAwQAv2VEAwQAv2VSAwQAv2WMAwQAv2XDMA0GCSqGSIb3DQEB
CwUAA4IBAQA66ATnNsZ5y1Khdg/WIwo2lpF2Q97IjuHtAMNaGi2aDEJDta/Y15UT
WhUFh3uXONYMe1y7Q1zHKGo/0J46/TjXXLZ8gAFEoief2S9CRSLT6zjt67bzFFr9
Ui0cC0jhn7meHvEtr6UX/SNWu2TKClbcfZGoYRhtaE4gFh1CWJrEXARIUxDZGTyC
9u2NuumApGjJm6xSDGNPNDR9ipqrq3ODWBvQklEikOdkpwvxZlsbx0ro42LHy0wZ
jQqbobHXfReFpqMJ1H4dl/CGxU9ormh5d/zkOpRCATz1xoH17lwO5zZkG68L5taM
G5HdkCwQNTbUR1Y9mw+5GIpEHHTETwpM
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:37:00 2024 by rpki-client on console-fra.rpki-client.org