Route Origin Authorization

$ rpki-client -vvf r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
File:                     AS834.roa (raw, json)
Hash identifier:          36lJbKvrGX6P6X48qUJxgCFIJO87m3ygsEYPwMUcRN8=
Subject key identifier:   BC:27:3B:49:B1:56:33:78:6F:E4:A9:E5:36:BD:41:37:1A:8E:87:01
Certificate issuer:       /CN=D34606949D385DB42714FE71274FAC9948EF279C
Certificate serial:       2385E3E2D5434A05977271D369E66447B9DBB20E
Authority key identifier: D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C
Authority info access:    rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
Subject info access:      rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa
Signing time:             Fri 18 Jul 2025 16:27:26 +0000
ROA not before:           Fri 18 Jul 2025 16:22:26 +0000
ROA not after:            Fri 17 Jul 2026 16:27:26 +0000
asID:                     834
IP address blocks:        84.46.236.0/22 maxlen: 24
                          86.38.180.0/23 maxlen: 24
                          86.38.182.0/23 maxlen: 24
                          89.116.64.0/22 maxlen: 24
                          89.116.72.0/23 maxlen: 24
                          89.116.148.0/23 maxlen: 23
                          89.116.210.0/23 maxlen: 23
                          89.117.0.0/22 maxlen: 24
                          89.117.12.0/23 maxlen: 24
                          89.117.94.0/23 maxlen: 24
                          89.117.96.0/22 maxlen: 24
                          89.117.112.0/22 maxlen: 22
                          89.117.120.0/22 maxlen: 24
                          89.117.132.0/22 maxlen: 22
                          89.117.142.0/23 maxlen: 24
                          89.117.158.0/23 maxlen: 24
                          89.117.172.0/22 maxlen: 24
                          89.117.216.0/23 maxlen: 23
Validation:               OK
Signature path:           rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl
                          rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.mft
                          rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer
                          rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.crl
                          rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/9DF85997B1B9B358E1C43F36765AA0A4A02144AE.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nfhZl7G5s1jhxD82dlqgpKAhRK4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 05 Aug 2025 00:47:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:85:e3:e2:d5:43:4a:05:97:72:71:d3:69:e6:64:47:b9:db:b2:0e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D34606949D385DB42714FE71274FAC9948EF279C
        Validity
            Not Before: Jul 18 16:22:26 2025 GMT
            Not After : Jul 17 16:27:26 2026 GMT
        Subject: CN=BC273B49B15633786FE4A9E536BD41371A8E8701
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:33:46:18:80:e7:93:3d:16:9b:a6:00:88:9b:
                    ff:c4:69:1c:e1:a6:eb:a6:25:27:02:38:e6:5a:20:
                    b7:9e:cf:fd:c6:33:f7:32:fa:28:0c:5d:9b:b9:51:
                    9d:87:5f:04:de:44:42:77:af:50:98:6a:eb:2a:ab:
                    c1:c7:42:c1:5e:6c:31:ae:5f:2c:35:fc:b6:72:87:
                    02:d9:58:73:a1:05:90:3c:f2:51:c6:a3:cd:11:67:
                    cd:80:28:55:14:e5:fe:46:e1:6a:52:50:96:1a:e7:
                    6e:e1:45:df:9e:9f:b1:cb:52:04:8a:ad:66:45:5a:
                    d7:fb:58:07:fd:ec:14:49:e5:4e:2d:18:29:18:6b:
                    d5:83:79:23:94:3b:83:40:6f:4f:bd:7d:2c:15:31:
                    96:86:53:04:be:b9:31:b3:61:e4:90:f2:8c:fc:e5:
                    ba:23:f4:c1:18:f8:5f:7d:dc:a2:53:c4:40:cc:b6:
                    37:d1:64:a9:8d:1b:a8:15:f6:7c:31:b8:47:1e:96:
                    70:88:06:43:70:13:2f:47:92:30:51:b3:62:48:4a:
                    e4:41:f0:d7:d0:f2:fb:c5:f9:da:20:13:35:73:6e:
                    93:2c:8f:d7:e3:62:72:41:e2:2c:a1:12:c4:9e:20:
                    b6:1d:96:8a:3e:5a:66:aa:62:5e:ee:60:3e:07:e2:
                    6e:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:27:3B:49:B1:56:33:78:6F:E4:A9:E5:36:BD:41:37:1A:8E:87:01
            X509v3 Authority Key Identifier:
                keyid:D3:46:06:94:9D:38:5D:B4:27:14:FE:71:27:4F:AC:99:48:EF:27:9C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/D34606949D385DB42714FE71274FAC9948EF279C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rsync.paas.rpki.ripe.net/repository/002e0ba3-fe60-45b1-9160-868a2f8a43b1/3/D34606949D385DB42714FE71274FAC9948EF279C.cer

            Subject Information Access:
                Signed Object - URI:rsync://r.magellan.ipxo.com/repo/528a218f-ad28-40d2-bd7f-350eada3d705-0/0/AS834.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  84.46.236.0/22
                  86.38.180.0/22
                  89.116.64.0/22
                  89.116.72.0/23
                  89.116.148.0/23
                  89.116.210.0/23
                  89.117.0.0/22
                  89.117.12.0/23
                  89.117.94.0-89.117.99.255
                  89.117.112.0/22
                  89.117.120.0/22
                  89.117.132.0/22
                  89.117.142.0/23
                  89.117.158.0/23
                  89.117.172.0/22
                  89.117.216.0/23

    Signature Algorithm: sha256WithRSAEncryption
         28:78:d6:2d:ea:93:5c:1e:b5:73:71:a2:96:f9:d4:d0:bd:42:
         53:58:c6:08:4d:38:c8:ed:98:db:8c:b3:82:fb:2b:81:1d:ee:
         12:4f:5f:1f:95:8a:86:9b:32:8a:b6:11:8d:77:82:68:a9:08:
         61:2a:5d:b5:75:86:d9:65:b8:58:ae:fa:21:e5:b8:bb:15:c2:
         2f:81:bd:d5:1d:65:5d:6c:22:4c:fc:fc:9a:49:cb:f1:8f:e6:
         f5:8f:ec:a2:0c:64:85:cb:3c:e5:e0:33:18:89:22:ee:4f:f4:
         b0:8c:1a:5f:6b:5e:d6:c6:a7:af:18:6a:99:83:bc:47:d4:3b:
         07:87:ec:eb:be:b3:f0:71:fd:72:7a:59:2e:71:27:78:ac:37:
         04:f0:c1:9a:24:62:4f:22:f8:66:b3:1f:c5:d3:7e:42:5a:cc:
         f3:67:0d:16:92:71:2a:df:35:df:b5:aa:9d:c9:48:b6:5c:10:
         c0:b1:4d:a7:9b:a5:cd:70:88:73:43:35:8b:5d:52:5c:6e:81:
         59:f4:31:32:66:ac:ef:55:71:5c:f6:79:cf:26:65:85:15:71:
         c1:4d:bc:5d:3b:fb:7f:e0:e3:ce:a1:1f:1d:3f:5e:fd:ed:cf:
         d2:80:92:a1:47:33:c8:13:49:ea:70:25:f8:16:e3:c3:dd:ef:
         6c:a9:de:dd
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIUI4Xj4tVDSgWXcnHTaeZkR7nbsg4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRDM0NjA2OTQ5RDM4NURCNDI3MTRGRTcxMjc0RkFDOTk0
OEVGMjc5QzAeFw0yNTA3MTgxNjIyMjZaFw0yNjA3MTcxNjI3MjZaMDMxMTAvBgNV
BAMTKEJDMjczQjQ5QjE1NjMzNzg2RkU0QTlFNTM2QkQ0MTM3MUE4RTg3MDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiM0YYgOeTPRabpgCIm//EaRzh
puumJScCOOZaILeez/3GM/cy+igMXZu5UZ2HXwTeREJ3r1CYausqq8HHQsFebDGu
Xyw1/LZyhwLZWHOhBZA88lHGo80RZ82AKFUU5f5G4WpSUJYa527hRd+en7HLUgSK
rWZFWtf7WAf97BRJ5U4tGCkYa9WDeSOUO4NAb0+9fSwVMZaGUwS+uTGzYeSQ8oz8
5boj9MEY+F993KJTxEDMtjfRZKmNG6gV9nwxuEcelnCIBkNwEy9HkjBRs2JISuRB
8NfQ8vvF+dogEzVzbpMsj9fjYnJB4iyhEsSeILYdloo+WmaqYl7uYD4H4m5jAgMB
AAGjggKPMIICizAdBgNVHQ4EFgQUvCc7SbFWM3hv5KnlNr1BNxqOhwEwHwYDVR0j
BBgwFoAU00YGlJ04XbQnFP5xJ0+smUjvJ5wwDgYDVR0PAQH/BAQDAgeAMIGIBgNV
HR8EgYAwfjB8oHqgeIZ2cnN5bmM6Ly9yLm1hZ2VsbGFuLmlweG8uY29tL3JlcG8v
NTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUwZWFkYTNkNzA1LTAvMC9EMzQ2MDY5
NDlEMzg1REI0MjcxNEZFNzEyNzRGQUM5OTQ4RUYyNzlDLmNybDCBngYIKwYBBQUH
AQEEgZEwgY4wgYsGCCsGAQUFBzAChn9yc3luYzovL3JzeW5jLnBhYXMucnBraS5y
aXBlLm5ldC9yZXBvc2l0b3J5LzAwMmUwYmEzLWZlNjAtNDViMS05MTYwLTg2OGEy
ZjhhNDNiMS8zL0QzNDYwNjk0OUQzODVEQjQyNzE0RkU3MTI3NEZBQzk5NDhFRjI3
OUMuY2VyMG8GCCsGAQUFBwELBGMwYTBfBggrBgEFBQcwC4ZTcnN5bmM6Ly9yLm1h
Z2VsbGFuLmlweG8uY29tL3JlcG8vNTI4YTIxOGYtYWQyOC00MGQyLWJkN2YtMzUw
ZWFkYTNkNzA1LTAvMC9BUzgzNC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcO
AjCBgQYIKwYBBQUHAQcBAf8EcjBwMG4EAgABMGgDBAJULuwDBAJWJrQDBAJZdEAD
BAFZdEgDBAFZdJQDBAFZdNIDBAJZdQADBAFZdQwwDAMEAVl1XgMEAll1YAMEAll1
cAMEAll1eAMEAll1hAMEAVl1jgMEAVl1ngMEAll1rAMEAVl12DANBgkqhkiG9w0B
AQsFAAOCAQEAKHjWLeqTXB61c3GilvnU0L1CU1jGCE04yO2Y24yzgvsrgR3uEk9f
H5WKhpsyirYRjXeCaKkIYSpdtXWG2WW4WK76IeW4uxXCL4G91R1lXWwiTPz8mknL
8Y/m9Y/sogxkhcs85eAzGIki7k/0sIwaX2te1sanrxhqmYO8R9Q7B4fs676z8HH9
cnpZLnEneKw3BPDBmiRiTyL4ZrMfxdN+QlrM82cNFpJxKt8137WqnclItlwQwLFN
p5ulzXCIc0M1i11SXG6BWfQxMmas71VxXPZ5zyZlhRVxwU28XTv7f+DjzqEfHT9e
/e3P0oCSoUczyBNJ6nAl+Bbjw93vbKne3Q==
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:19:09 2025 by rpki-client