Route Origin Authorization

$ rpki-client -vvf dev.tw/rpki/August/1/323030313a3766383a323a3a2f34382d3438203d3e203531383138.roa
File:                     323030313a3766383a323a3a2f34382d3438203d3e203531383138.roa (raw, json)
Hash identifier:          fITyfQsZj4r5sm+8IcytjyXcoltwvkyKhL5hx98AI14=
Subject key identifier:   67:6E:C0:9B:D3:43:00:83:13:07:EE:46:FB:7D:4C:10:80:98:53:9E
Certificate issuer:       /CN=442c354a483a8b70d839d3f798cd870684f02186
Certificate serial:       78E1CEE77C4E3326BD21EC249B8370294E430248
Authority key identifier: 44:2C:35:4A:48:3A:8B:70:D8:39:D3:F7:98:CD:87:06:84:F0:21:86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RCw1Skg6i3DYOdP3mM2HBoTwIYY.cer
Subject info access:      rsync://dev.tw/rpki/August/1/323030313a3766383a323a3a2f34382d3438203d3e203531383138.roa
Signing time:             Sun 15 Oct 2023 03:58:38 +0000
ROA not before:           Sun 15 Oct 2023 03:53:38 +0000
ROA not after:            Sun 13 Oct 2024 03:58:38 +0000
asID:                     51818
IP address blocks:        2001:7f8:2::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://dev.tw/rpki/August/1/442C354A483A8B70D839D3F798CD870684F02186.crl
                          rsync://dev.tw/rpki/August/1/442C354A483A8B70D839D3F798CD870684F02186.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RCw1Skg6i3DYOdP3mM2HBoTwIYY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 26 Apr 2024 14:10:13 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:e1:ce:e7:7c:4e:33:26:bd:21:ec:24:9b:83:70:29:4e:43:02:48
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=442c354a483a8b70d839d3f798cd870684f02186
        Validity
            Not Before: Oct 15 03:53:38 2023 GMT
            Not After : Oct 13 03:58:38 2024 GMT
        Subject: CN=676EC09BD34300831307EE46FB7D4C108098539E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:4f:5c:ed:cf:2f:f2:a6:c0:b0:cf:90:94:1b:
                    f9:12:4c:62:16:ab:43:6a:47:c3:07:9a:ce:dc:3b:
                    1b:3c:e7:36:a2:45:60:91:81:97:4d:b3:6d:14:59:
                    b3:0b:03:14:c0:e8:a4:ce:09:e0:1c:ac:7f:af:ad:
                    1c:4a:6f:b3:20:34:20:d8:65:37:8f:97:4f:f6:41:
                    f5:90:80:9f:bb:e1:ac:1a:0b:b5:f1:b9:db:4e:6d:
                    34:aa:60:f9:1d:a0:c3:a0:f0:83:b6:d4:23:18:06:
                    95:6e:68:17:52:5f:bb:e7:f1:e0:00:07:ea:af:58:
                    70:f7:1a:23:65:9f:9c:15:41:0a:aa:60:4b:ac:25:
                    22:56:f5:cf:4b:e4:b6:72:98:3a:da:ef:9a:10:36:
                    b9:51:59:e3:13:de:48:7b:03:55:6b:0b:0b:c3:83:
                    10:1c:99:f7:e4:fb:10:7c:12:4e:02:37:31:b3:ea:
                    46:8b:a0:47:5e:2d:c4:e1:eb:cc:fe:be:03:57:31:
                    98:4a:79:5c:fe:51:72:d6:d8:bf:bf:16:46:32:ff:
                    d1:50:2e:07:c1:37:ed:00:1c:4d:29:90:a4:61:f8:
                    c1:bc:92:8b:bd:1a:0b:a7:3c:96:45:f9:aa:42:35:
                    20:8a:27:f0:1c:9e:b8:90:1d:05:fe:2e:1f:97:ad:
                    26:1d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                67:6E:C0:9B:D3:43:00:83:13:07:EE:46:FB:7D:4C:10:80:98:53:9E
            X509v3 Authority Key Identifier:
                keyid:44:2C:35:4A:48:3A:8B:70:D8:39:D3:F7:98:CD:87:06:84:F0:21:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://dev.tw/rpki/August/1/442C354A483A8B70D839D3F798CD870684F02186.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RCw1Skg6i3DYOdP3mM2HBoTwIYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://dev.tw/rpki/August/1/323030313a3766383a323a3a2f34382d3438203d3e203531383138.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:7f8:2::/48

    Signature Algorithm: sha256WithRSAEncryption
         aa:6a:9d:6b:ae:03:60:25:0b:26:9c:1f:59:24:ad:a4:b9:da:
         bf:2f:ef:b1:c2:27:5c:9e:43:82:18:db:ac:d3:8c:a0:5f:dc:
         8a:85:d8:67:2f:0a:c2:18:c6:23:e9:c8:ac:0d:49:9d:74:00:
         30:2b:24:ee:27:db:15:3b:c6:9d:fb:70:37:18:12:24:db:0d:
         d8:73:62:47:4e:44:3d:d8:00:06:e5:7e:97:45:87:3b:d0:16:
         1c:40:b1:cb:3b:cd:a1:d7:28:5a:a9:c0:ea:3a:e7:1e:80:7c:
         9e:3c:e1:60:d7:58:52:01:ae:4b:12:1d:72:22:48:39:c9:7c:
         4e:3b:29:e2:73:be:0f:4b:28:bb:da:04:38:6f:13:8b:ad:41:
         63:a3:66:58:78:59:d3:f0:bb:8b:18:ec:af:db:12:f9:7a:f4:
         75:c3:be:14:92:90:f9:af:f0:89:a4:cb:00:4f:61:a6:08:ff:
         6e:39:12:82:80:4c:a7:f9:e0:bd:79:5d:50:47:31:75:3c:d9:
         44:6a:8c:87:43:a0:ca:18:02:fc:68:d3:74:24:ba:75:89:41:
         d5:f3:8e:bf:d0:b7:33:eb:0f:44:09:4e:bd:eb:39:d6:e7:49:
         77:35:b2:de:ef:49:b8:5e:80:6d:df:33:92:c0:6c:34:d7:2a:
         10:10:a2:24
-----BEGIN CERTIFICATE-----
MIIEvzCCA6egAwIBAgIUeOHO53xOMya9Iewkm4NwKU5DAkgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDQyYzM1NGE0ODNhOGI3MGQ4MzlkM2Y3OThjZDg3MDY4
NGYwMjE4NjAeFw0yMzEwMTUwMzUzMzhaFw0yNDEwMTMwMzU4MzhaMDMxMTAvBgNV
BAMTKDY3NkVDMDlCRDM0MzAwODMxMzA3RUU0NkZCN0Q0QzEwODA5ODUzOUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwT1ztzy/ypsCwz5CUG/kSTGIW
q0NqR8MHms7cOxs85zaiRWCRgZdNs20UWbMLAxTA6KTOCeAcrH+vrRxKb7MgNCDY
ZTePl0/2QfWQgJ+74awaC7XxudtObTSqYPkdoMOg8IO21CMYBpVuaBdSX7vn8eAA
B+qvWHD3GiNln5wVQQqqYEusJSJW9c9L5LZymDra75oQNrlRWeMT3kh7A1VrCwvD
gxAcmffk+xB8Ek4CNzGz6kaLoEdeLcTh68z+vgNXMZhKeVz+UXLW2L+/FkYy/9FQ
LgfBN+0AHE0pkKRh+MG8kou9GgunPJZF+apCNSCKJ/AcnriQHQX+Lh+XrSYdAgMB
AAGjggHJMIIBxTAdBgNVHQ4EFgQUZ27Am9NDAIMTB+5G+31MEICYU54wHwYDVR0j
BBgwFoAURCw1Skg6i3DYOdP3mM2HBoTwIYYwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzEvNDQyQzM1
NEE0ODNBOEI3MEQ4MzlEM0Y3OThDRDg3MDY4NEYwMjE4Ni5jcmwwZAYIKwYBBQUH
AQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL1JDdzFTa2c2aTNEWU9kUDNtTTJIQm9Ud0lZWS5jZXIwcwYI
KwYBBQUHAQsEZzBlMGMGCCsGAQUFBzALhldyc3luYzovL2Rldi50dy9ycGtpL0F1
Z3VzdC8xLzMyMzAzMDMxM2EzNzY2MzgzYTMyM2EzYTJmMzQzODJkMzQzODIwM2Qz
ZTIwMzUzMTM4MzEzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggr
BgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABB/gAAjANBgkqhkiG9w0BAQsFAAOC
AQEAqmqda64DYCULJpwfWSStpLnavy/vscInXJ5DghjbrNOMoF/cioXYZy8KwhjG
I+nIrA1JnXQAMCsk7ifbFTvGnftwNxgSJNsN2HNiR05EPdgABuV+l0WHO9AWHECx
yzvNodcoWqnA6jrnHoB8njzhYNdYUgGuSxIdciJIOcl8Tjsp4nO+D0sou9oEOG8T
i61BY6NmWHhZ0/C7ixjsr9sS+Xr0dcO+FJKQ+a/wiaTLAE9hpgj/bjkSgoBMp/ng
vXldUEcxdTzZRGqMh0OgyhgC/GjTdCS6dYlB1fOOv9C3M+sPRAlOves51udJdzWy
3u9JuF6Abd8zksBsNNcqEBCiJA==
-----END CERTIFICATE-----