Route Origin Authorization

$ rpki-client -vvf r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/1/AS9009.roa
File:                     AS9009.roa (raw, json)
Hash identifier:          4CAVDBUeVRI+wgZtZlQWcE2Nc61oBQ0h8D+s/X0lOQ8=
Subject key identifier:   64:2E:4A:D2:4C:23:C4:B3:55:E5:BA:3C:86:77:E6:90:CC:9A:40:E5
Certificate issuer:       /CN=790bd238df7d45b7861545f2d03caf64232d3ff2
Certificate serial:       3AEC683148DF97276769D0A206A01324650EB3D3
Authority key identifier: 79:0B:D2:38:DF:7D:45:B7:86:15:45:F2:D0:3C:AF:64:23:2D:3F:F2
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/eQvSON99RbeGFUXy0DyvZCMtP_I.cer
Subject info access:      rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/1/AS9009.roa
Signing time:             Wed 04 Jan 2023 15:30:05 +0000
ROA not before:           Wed 04 Jan 2023 15:25:05 +0000
ROA not after:            Wed 03 Jan 2024 15:30:05 +0000
asID:                     9009
IP address blocks:        2.57.20.0/23 maxlen: 23
                          2.58.172.0/24 maxlen: 24
                          5.45.38.0/24 maxlen: 24
                          45.95.14.0/24 maxlen: 24
                          179.61.131.0/24 maxlen: 24
                          179.61.201.0/24 maxlen: 24
                          181.214.3.0/24 maxlen: 24
                          181.214.15.0/24 maxlen: 24
                          181.214.19.0/24 maxlen: 24
                          181.214.27.0/24 maxlen: 24
                          181.214.28.0/24 maxlen: 24
                          181.214.32.0/24 maxlen: 24
                          181.214.55.0/24 maxlen: 24
                          181.214.92.0/24 maxlen: 24
                          181.215.209.0/24 maxlen: 24
                          185.34.42.0/24 maxlen: 24
                          185.135.10.0/24 maxlen: 24
                          185.145.38.0/24 maxlen: 24
                          185.172.66.0/24 maxlen: 24
                          185.174.63.0/24 maxlen: 24
                          191.96.65.0/24 maxlen: 24
                          191.96.69.0/24 maxlen: 24
                          191.96.171.0/24 maxlen: 24
                          191.96.173.0/24 maxlen: 24
                          191.101.23.0/24 maxlen: 24
                          213.109.169.0/24 maxlen: 24
                          2a0a:ce04::/48 maxlen: 48
                          2a0a:ce04:1::/48 maxlen: 48

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3a:ec:68:31:48:df:97:27:67:69:d0:a2:06:a0:13:24:65:0e:b3:d3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=790bd238df7d45b7861545f2d03caf64232d3ff2
        Validity
            Not Before: Jan  4 15:25:05 2023 GMT
            Not After : Jan  3 15:30:05 2024 GMT
        Subject: CN=642E4AD24C23C4B355E5BA3C8677E690CC9A40E5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:bc:22:c0:30:ae:e2:64:d3:d6:28:07:98:4a:
                    aa:84:dd:f5:d6:d9:10:aa:b5:70:3b:f5:69:f6:8b:
                    38:56:fc:18:b5:72:69:93:e5:7b:7c:91:8e:8c:f5:
                    c4:0c:59:03:b0:19:1d:af:ef:94:66:b3:c9:ab:d1:
                    ed:96:d5:0f:d9:a9:f8:5d:bc:74:a3:ec:52:9d:99:
                    05:30:3a:0a:25:ec:49:33:85:d8:c0:e5:a7:a8:ad:
                    ed:32:3d:a3:ed:2b:ad:8a:13:ab:5b:1d:4c:6f:44:
                    19:12:a4:c7:45:43:23:bd:78:7e:c8:0f:8f:af:e9:
                    d4:2e:22:a2:75:30:ba:25:2c:d9:b7:69:2a:70:bd:
                    33:2f:0f:11:07:d6:be:16:98:9b:09:04:d7:2d:8f:
                    10:5f:76:18:13:a9:56:13:42:d2:d8:91:d2:f1:cc:
                    91:68:2a:68:91:c7:f7:24:86:14:cb:ed:3b:6b:04:
                    3f:ae:2c:02:07:ec:0b:ec:ca:6c:c3:3a:9a:72:55:
                    1e:e3:52:28:e9:46:d6:b9:75:3e:f7:27:1b:0b:4a:
                    b1:1a:f6:f1:74:b6:79:db:03:f0:c8:64:dc:17:ab:
                    d4:81:49:ed:30:d0:1d:03:6a:1a:0c:c8:4f:63:3b:
                    12:fb:ee:96:75:37:c0:3f:94:ea:aa:ee:6a:c1:63:
                    64:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                64:2E:4A:D2:4C:23:C4:B3:55:E5:BA:3C:86:77:E6:90:CC:9A:40:E5
            X509v3 Authority Key Identifier:
                keyid:79:0B:D2:38:DF:7D:45:B7:86:15:45:F2:D0:3C:AF:64:23:2D:3F:F2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/1/790BD238DF7D45B7861545F2D03CAF64232D3FF2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eQvSON99RbeGFUXy0DyvZCMtP_I.cer

            Subject Information Access:
                Signed Object - URI:rsync://r.magellan.ipxo.com/repo/db433656-6b13-48e1-9ca5-648946810f3e-0/1/AS9009.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  2.57.20.0/23
                  2.58.172.0/24
                  5.45.38.0/24
                  45.95.14.0/24
                  179.61.131.0/24
                  179.61.201.0/24
                  181.214.3.0/24
                  181.214.15.0/24
                  181.214.19.0/24
                  181.214.27.0-181.214.28.255
                  181.214.32.0/24
                  181.214.55.0/24
                  181.214.92.0/24
                  181.215.209.0/24
                  185.34.42.0/24
                  185.135.10.0/24
                  185.145.38.0/24
                  185.172.66.0/24
                  185.174.63.0/24
                  191.96.65.0/24
                  191.96.69.0/24
                  191.96.171.0/24
                  191.96.173.0/24
                  191.101.23.0/24
                  213.109.169.0/24
                IPv6:
                  2a0a:ce04::/47

    Signature Algorithm: sha256WithRSAEncryption
         b6:a9:ef:f0:c6:2a:3f:c8:69:bc:44:9c:7c:b5:f8:8f:92:1d:
         04:c4:b8:64:91:85:d2:60:37:9a:b1:ff:92:39:03:e8:2b:ae:
         96:dc:f8:69:35:d3:dc:7f:20:8e:73:56:75:cd:a9:ed:64:32:
         6e:57:0a:09:ad:ad:ce:01:80:e3:78:70:47:6b:c2:dc:67:c2:
         cd:9e:e3:e4:dc:85:ff:47:b1:f9:ff:02:97:c8:d7:1a:7b:1d:
         ea:ed:97:42:df:72:2a:a9:96:82:6a:af:ca:71:76:df:d9:4f:
         45:e2:d4:8b:99:a6:ba:03:47:9a:5c:c9:78:d0:64:90:c8:88:
         9d:99:2e:50:da:7e:bf:9d:97:1b:64:5d:1d:14:10:63:b5:29:
         85:36:11:d2:c9:4a:33:88:26:52:3c:c2:b6:58:32:c4:9d:ff:
         fd:18:a3:fb:b0:14:bc:00:f7:6c:63:e0:82:88:fc:9d:14:2a:
         1e:18:e8:c7:17:3a:80:fc:8a:8f:74:34:ea:64:a6:df:07:44:
         44:d0:4b:fd:9e:03:af:4d:b2:01:40:7a:d4:d3:34:f6:0d:46:
         29:2f:61:9e:8a:88:19:eb:76:81:a0:95:f3:ee:f3:12:30:60:
         a1:3e:70:22:7f:6e:68:dc:c9:a3:37:c1:07:6f:96:89:70:93:
         6c:d3:2f:c5
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIUOuxoMUjflydnadCiBqATJGUOs9MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNzkwYmQyMzhkZjdkNDViNzg2MTU0NWYyZDAzY2FmNjQy
MzJkM2ZmMjAeFw0yMzAxMDQxNTI1MDVaFw0yNDAxMDMxNTMwMDVaMDMxMTAvBgNV
BAMTKDY0MkU0QUQyNEMyM0M0QjM1NUU1QkEzQzg2NzdFNjkwQ0M5QTQwRTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUvCLAMK7iZNPWKAeYSqqE3fXW
2RCqtXA79Wn2izhW/Bi1cmmT5Xt8kY6M9cQMWQOwGR2v75Rms8mr0e2W1Q/Zqfhd
vHSj7FKdmQUwOgol7EkzhdjA5aeore0yPaPtK62KE6tbHUxvRBkSpMdFQyO9eH7I
D4+v6dQuIqJ1MLolLNm3aSpwvTMvDxEH1r4WmJsJBNctjxBfdhgTqVYTQtLYkdLx
zJFoKmiRx/ckhhTL7TtrBD+uLAIH7AvsymzDOppyVR7jUijpRta5dT73JxsLSrEa
9vF0tnnbA/DIZNwXq9SBSe0w0B0DahoMyE9jOxL77pZ1N8A/lOqq7mrBY2SrAgMB
AAGjggKgMIICnDAdBgNVHQ4EFgQUZC5K0kwjxLNV5bo8hnfmkMyaQOUwHwYDVR0j
BBgwFoAUeQvSON99RbeGFUXy0DyvZCMtP/IwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
ZGI0MzM2NTYtNmIxMy00OGUxLTljYTUtNjQ4OTQ2ODEwZjNlLTAvMS83OTBCRDIz
OERGN0Q0NUI3ODYxNTQ1RjJEMDNDQUY2NDIzMkQzRkYyLmNybDBkBggrBgEFBQcB
AQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZVF2U09OOTlSYmVHRlVYeTBEeXZaQ010UF9JLmNlcjBwBggr
BgEFBQcBCwRkMGIwYAYIKwYBBQUHMAuGVHJzeW5jOi8vci5tYWdlbGxhbi5pcHhv
LmNvbS9yZXBvL2RiNDMzNjU2LTZiMTMtNDhlMS05Y2E1LTY0ODk0NjgxMGYzZS0w
LzEvQVM5MDA5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMIHMBggrBgEF
BQcBBwEB/wSBvDCBuTCBpQQCAAEwgZ4DBAECORQDBAACOqwDBAAFLSYDBAAtXw4D
BACzPYMDBACzPckDBAC11gMDBAC11g8DBAC11hMwDAMEALXWGwMEALXWHAMEALXW
IAMEALXWNwMEALXWXAMEALXX0QMEALkiKgMEALmHCgMEALmRJgMEALmsQgMEALmu
PwMEAL9gQQMEAL9gRQMEAL9gqwMEAL9grQMEAL9lFwMEANVtqTAPBAIAAjAJAwcB
KgrOBAAAMA0GCSqGSIb3DQEBCwUAA4IBAQC2qe/wxio/yGm8RJx8tfiPkh0ExLhk
kYXSYDeasf+SOQPoK66W3PhpNdPcfyCOc1Z1zantZDJuVwoJra3OAYDjeHBHa8Lc
Z8LNnuPk3IX/R7H5/wKXyNcaex3q7ZdC33IqqZaCaq/KcXbf2U9F4tSLmaa6A0ea
XMl40GSQyIidmS5Q2n6/nZcbZF0dFBBjtSmFNhHSyUoziCZSPMK2WDLEnf/9GKP7
sBS8APdsY+CCiPydFCoeGOjHFzqA/IqPdDTqZKbfB0RE0Ev9ngOvTbIBQHrU0zT2
DUYpL2GeiogZ63aBoJXz7vMSMGChPnAif25o3MmjN8EHb5aJcJNs0y/F
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:13:57 2023 by rpki-client on console-ams.rpki-client.org