Route Origin Authorization

$ rpki-client -vvf dev.tw/rpki/AS945/1/3139342e3131362e3232372e302f32342d3234203d3e20313937353337.roa
File:                     3139342e3131362e3232372e302f32342d3234203d3e20313937353337.roa (raw, json)
Hash identifier:          5b50MGRO9Ig/XFcBgAyLoSL2HdcwjkP/xOAMztaWMzc=
Subject key identifier:   01:52:73:CE:48:85:5A:2E:F1:81:BD:BF:60:5E:AB:98:73:E6:89:D4
Certificate issuer:       /CN=12962028A181E758B8990A6CA4F04A998A69311E
Certificate serial:       5A310B23A0799F0E9FF6E7FC89240698A73AEF92
Authority key identifier: 12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E
Authority info access:    rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
Subject info access:      rsync://dev.tw/rpki/AS945/1/3139342e3131362e3232372e302f32342d3234203d3e20313937353337.roa
Signing time:             Fri 11 Oct 2024 10:04:27 +0000
ROA not before:           Fri 11 Oct 2024 09:59:27 +0000
ROA not after:            Fri 10 Oct 2025 10:04:27 +0000
asID:                     197537
IP address blocks:        194.116.227.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl
                          rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.mft
                          rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 22 Nov 2024 03:48:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:31:0b:23:a0:79:9f:0e:9f:f6:e7:fc:89:24:06:98:a7:3a:ef:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=12962028A181E758B8990A6CA4F04A998A69311E
        Validity
            Not Before: Oct 11 09:59:27 2024 GMT
            Not After : Oct 10 10:04:27 2025 GMT
        Subject: CN=015273CE48855A2EF181BDBF605EAB9873E689D4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:8e:0f:b3:99:90:a1:34:61:62:04:be:de:19:
                    38:1e:58:c2:31:5a:d2:1b:22:a9:c7:0f:fb:88:d5:
                    3b:6f:20:83:d5:37:f1:e4:e5:84:78:7b:a7:c2:2b:
                    4d:7a:97:af:a2:8b:6d:13:82:0b:8d:ea:11:56:b5:
                    49:a6:e9:cb:11:e3:55:f5:55:62:21:61:b8:e4:5b:
                    40:94:ee:43:8f:2a:c1:1f:d9:1b:82:90:bf:69:51:
                    8d:cd:41:80:0f:ed:b7:f3:1d:8f:83:40:22:de:47:
                    f8:21:f3:c9:fd:af:4e:65:98:5a:07:95:52:6d:b9:
                    d3:b2:50:8d:1e:5f:09:24:57:39:e5:98:d6:17:7b:
                    b7:10:da:15:24:97:f2:33:41:66:cd:f0:26:5e:52:
                    ab:dc:6e:73:fe:a7:ae:cd:49:ed:a8:bc:35:16:47:
                    1c:52:b0:47:05:b3:9f:b1:97:2b:6f:dd:fb:67:2e:
                    5a:5b:cb:ac:05:af:d0:fb:f3:ce:41:b9:1b:bf:6a:
                    26:9b:0d:6c:8f:fa:cc:b0:af:20:03:7f:91:7c:a4:
                    eb:69:99:f1:16:f4:0e:bb:31:5f:0f:72:44:54:de:
                    3f:44:6f:0b:26:3c:df:fc:53:34:48:13:ca:f9:ac:
                    fa:41:56:6f:5f:08:22:00:1c:7e:29:67:ec:e3:92:
                    1b:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:52:73:CE:48:85:5A:2E:F1:81:BD:BF:60:5E:AB:98:73:E6:89:D4
            X509v3 Authority Key Identifier:
                keyid:12:96:20:28:A1:81:E7:58:B8:99:0A:6C:A4:F0:4A:99:8A:69:31:1E

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://dev.tw/rpki/AS945/1/12962028A181E758B8990A6CA4F04A998A69311E.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/12962028A181E758B8990A6CA4F04A998A69311E.cer

            Subject Information Access:
                Signed Object - URI:rsync://dev.tw/rpki/AS945/1/3139342e3131362e3232372e302f32342d3234203d3e20313937353337.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  194.116.227.0/24

    Signature Algorithm: sha256WithRSAEncryption
         39:51:4a:9a:ef:21:8d:42:1b:db:73:04:9c:f5:b6:d3:13:0b:
         a9:8b:12:94:f7:8f:ff:0d:88:e5:65:44:30:70:09:03:67:d9:
         94:90:37:26:0c:6f:a6:84:36:34:6f:ec:f5:6f:b2:57:ae:ac:
         a8:8d:db:82:10:c5:8b:28:21:be:c8:3b:4f:bf:47:ed:ad:8a:
         c0:e1:b8:62:d9:87:cf:91:59:c7:7b:a1:b4:a9:12:6c:f1:50:
         39:f0:7b:bb:1c:3c:e9:66:64:ba:d9:89:20:fd:e0:07:ab:e9:
         47:f6:58:8f:33:9c:04:4f:b4:c8:f5:2f:8d:07:6d:47:13:4b:
         c4:81:7f:c3:1d:74:a8:03:3f:ca:bf:39:ea:84:73:56:b7:65:
         6a:b2:af:8e:bf:af:9d:17:14:d2:75:11:ba:ed:05:51:51:ee:
         05:00:76:e4:4d:27:4b:f0:73:6e:0c:48:bb:cd:61:df:28:f7:
         6a:51:e2:b0:59:58:cf:35:d3:af:75:6a:af:e5:86:98:ff:e6:
         b1:41:f2:25:c2:ba:10:cd:7b:46:c4:bb:d8:88:3d:3d:80:a4:
         80:c2:33:fb:24:62:52:65:37:20:0d:13:0d:f3:45:7e:82:20:
         e1:9a:0d:cc:ec:aa:6c:49:6d:f9:86:48:5c:18:4d:41:01:a0:
         00:6a:28:45
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUWjELI6B5nw6f9uf8iSQGmKc675IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4
QTY5MzExRTAeFw0yNDEwMTEwOTU5MjdaFw0yNTEwMTAxMDA0MjdaMDMxMTAvBgNV
BAMTKDAxNTI3M0NFNDg4NTVBMkVGMTgxQkRCRjYwNUVBQjk4NzNFNjg5RDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgjg+zmZChNGFiBL7eGTgeWMIx
WtIbIqnHD/uI1TtvIIPVN/Hk5YR4e6fCK016l6+ii20TgguN6hFWtUmm6csR41X1
VWIhYbjkW0CU7kOPKsEf2RuCkL9pUY3NQYAP7bfzHY+DQCLeR/gh88n9r05lmFoH
lVJtudOyUI0eXwkkVznlmNYXe7cQ2hUkl/IzQWbN8CZeUqvcbnP+p67NSe2ovDUW
RxxSsEcFs5+xlytv3ftnLlpby6wFr9D7885BuRu/aiabDWyP+sywryADf5F8pOtp
mfEW9A67MV8PckRU3j9EbwsmPN/8UzRIE8r5rPpBVm9fCCIAHH4pZ+zjkhu5AgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQUAVJzzkiFWi7xgb2/YF6rmHPmidQwHwYDVR0j
BBgwFoAUEpYgKKGB51i4mQpspPBKmYppMR4wDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vZGV2LnR3L3Jwa2kvQVM5NDUvMS8xMjk2MjAy
OEExODFFNzU4Qjg5OTBBNkNBNEYwNEE5OThBNjkzMTFFLmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzUv
MTI5NjIwMjhBMTgxRTc1OEI4OTkwQTZDQTRGMDRBOTk4QTY5MzExRS5jZXIwdgYI
KwYBBQUHAQsEajBoMGYGCCsGAQUFBzALhlpyc3luYzovL2Rldi50dy9ycGtpL0FT
OTQ1LzEvMzEzOTM0MmUzMTMxMzYyZTMyMzIzNzJlMzAyZjMyMzQyZDMyMzQyMDNk
M2UyMDMxMzkzNzM1MzMzNy5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJ04zANBgkqhkiG9w0BAQsFAAOC
AQEAOVFKmu8hjUIb23MEnPW20xMLqYsSlPeP/w2I5WVEMHAJA2fZlJA3JgxvpoQ2
NG/s9W+yV66sqI3bghDFiyghvsg7T79H7a2KwOG4YtmHz5FZx3uhtKkSbPFQOfB7
uxw86WZkutmJIP3gB6vpR/ZYjzOcBE+0yPUvjQdtRxNLxIF/wx10qAM/yr856oRz
VrdlarKvjr+vnRcU0nURuu0FUVHuBQB25E0nS/BzbgxIu81h3yj3alHisFlYzzXT
r3Vqr+WGmP/msUHyJcK6EM17RsS72Ig9PYCkgMIz+yRiUmU3IA0TDfNFfoIg4ZoN
zOyqbElt+YZIXBhNQQGgAGooRQ==
-----END CERTIFICATE-----
Generated at Thu Nov 21 15:01:34 2024 by rpki-client on console-fra.rpki-client.org