Route Origin Authorization

$ rpki-client -vvf dev.tw/rpki/August/1/326131333a633030303a3a2f32392d3438203d3e20393435.roa
File:                     326131333a633030303a3a2f32392d3438203d3e20393435.roa (raw, json)
Hash identifier:          bpLVvpSDyxJC3yf0Akm6nlzlWeUR/9XHf/OCM+kRbs8=
Subject key identifier:   18:B4:0E:94:81:30:2D:0F:5C:EB:40:97:40:46:11:66:82:01:D9:B6
Certificate issuer:       /CN=442c354a483a8b70d839d3f798cd870684f02186
Certificate serial:       53854BA4EA9BEA49D5153BA9C216FCD1D1500B46
Authority key identifier: 44:2C:35:4A:48:3A:8B:70:D8:39:D3:F7:98:CD:87:06:84:F0:21:86
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/RCw1Skg6i3DYOdP3mM2HBoTwIYY.cer
Subject info access:      rsync://dev.tw/rpki/August/1/326131333a633030303a3a2f32392d3438203d3e20393435.roa
Signing time:             Tue 17 Oct 2023 16:18:49 +0000
ROA not before:           Tue 17 Oct 2023 16:13:49 +0000
ROA not after:            Tue 15 Oct 2024 16:18:49 +0000
asID:                     945
IP address blocks:        2a13:c000::/29 maxlen: 48

Validation:               OK
Signature path:           rsync://dev.tw/rpki/August/1/442C354A483A8B70D839D3F798CD870684F02186.crl
                          rsync://dev.tw/rpki/August/1/442C354A483A8B70D839D3F798CD870684F02186.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RCw1Skg6i3DYOdP3mM2HBoTwIYY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 May 2024 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            53:85:4b:a4:ea:9b:ea:49:d5:15:3b:a9:c2:16:fc:d1:d1:50:0b:46
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=442c354a483a8b70d839d3f798cd870684f02186
        Validity
            Not Before: Oct 17 16:13:49 2023 GMT
            Not After : Oct 15 16:18:49 2024 GMT
        Subject: CN=18B40E9481302D0F5CEB4097404611668201D9B6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:12:d8:e5:91:b0:49:fa:b8:87:f4:ce:60:35:
                    4e:70:26:35:df:23:9d:b4:da:df:26:45:c2:f0:c1:
                    0e:1c:fd:81:d8:23:ea:c2:25:9b:33:91:df:58:3f:
                    7c:80:d4:71:3f:b9:5f:cf:e7:07:79:f7:38:81:88:
                    94:66:10:26:14:d6:8e:a5:d8:ad:5c:4a:b1:06:88:
                    42:be:3c:3a:38:98:95:57:cf:b8:68:7a:ab:21:f4:
                    cf:75:08:c0:86:99:0e:47:a2:f5:6d:b8:38:9d:ae:
                    dc:17:7d:54:76:00:fa:d1:40:1e:a2:b0:1a:05:23:
                    59:c9:d2:aa:c2:d0:ce:47:ff:c1:6d:cb:c1:23:53:
                    35:9d:45:28:ae:41:db:bb:d9:23:b6:0c:88:6c:1b:
                    6d:6a:dc:b6:fa:73:9a:3b:46:d6:40:04:98:6e:12:
                    0f:90:97:cf:36:21:33:95:05:fd:4e:fa:71:01:2e:
                    a1:b7:07:ec:db:9d:6f:a3:80:a5:3c:90:5f:1d:81:
                    94:8d:07:54:5e:e1:66:08:55:fb:bd:7b:64:19:c4:
                    88:06:09:f0:91:32:c9:fc:52:3e:6b:78:56:7b:f5:
                    e6:7c:d4:34:36:b3:58:79:6d:b5:ee:37:74:0e:29:
                    59:04:8d:cc:59:a5:01:e5:15:8e:04:ac:dc:45:04:
                    b3:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:B4:0E:94:81:30:2D:0F:5C:EB:40:97:40:46:11:66:82:01:D9:B6
            X509v3 Authority Key Identifier:
                keyid:44:2C:35:4A:48:3A:8B:70:D8:39:D3:F7:98:CD:87:06:84:F0:21:86

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://dev.tw/rpki/August/1/442C354A483A8B70D839D3F798CD870684F02186.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RCw1Skg6i3DYOdP3mM2HBoTwIYY.cer

            Subject Information Access:
                Signed Object - URI:rsync://dev.tw/rpki/August/1/326131333a633030303a3a2f32392d3438203d3e20393435.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:c000::/29

    Signature Algorithm: sha256WithRSAEncryption
         69:8c:b6:03:75:bd:a3:ce:07:ba:28:96:be:ac:2f:21:75:cf:
         6e:59:3e:80:0b:05:25:33:6e:1a:a2:b6:16:8d:2a:01:86:b7:
         45:38:47:d3:88:33:86:7a:72:f4:1c:d1:1d:9f:d9:a2:5d:47:
         03:24:d7:e6:4b:00:8f:fa:9d:66:e6:97:49:7d:82:2b:a9:9f:
         f1:81:ae:d4:50:3b:7f:dc:8e:5d:e3:15:d4:27:0e:20:5a:c3:
         f0:51:ff:0e:0e:c8:4f:58:22:ad:eb:c0:af:68:85:8d:f2:1a:
         40:1f:0e:73:4a:8f:a4:a8:f1:cd:8f:b0:18:43:36:19:be:34:
         db:cc:bb:d7:7f:24:62:6e:1b:99:80:62:28:ce:35:29:20:1b:
         9f:78:b5:a9:19:e8:9f:54:4b:19:3c:bd:01:47:8a:ec:c1:eb:
         55:77:9b:88:52:e6:e3:b7:c5:7f:a7:25:99:f6:8c:a7:e9:cd:
         ce:73:77:50:4d:ed:f0:e2:0a:7e:07:63:2d:4f:27:b0:ea:1f:
         86:34:af:14:8e:17:0e:20:06:f9:c4:cf:07:19:28:9f:bd:c6:
         f2:d2:11:3b:7d:57:04:9d:55:1d:41:be:ea:e3:02:ae:51:12:
         23:98:b3:94:2c:56:39:b3:b4:aa:cb:53:11:6d:b6:db:22:71:
         0a:67:3b:43
-----BEGIN CERTIFICATE-----
MIIEtzCCA5+gAwIBAgIUU4VLpOqb6knVFTupwhb80dFQC0YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDQyYzM1NGE0ODNhOGI3MGQ4MzlkM2Y3OThjZDg3MDY4
NGYwMjE4NjAeFw0yMzEwMTcxNjEzNDlaFw0yNDEwMTUxNjE4NDlaMDMxMTAvBgNV
BAMTKDE4QjQwRTk0ODEzMDJEMEY1Q0VCNDA5NzQwNDYxMTY2ODIwMUQ5QjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzEtjlkbBJ+riH9M5gNU5wJjXf
I5202t8mRcLwwQ4c/YHYI+rCJZszkd9YP3yA1HE/uV/P5wd59ziBiJRmECYU1o6l
2K1cSrEGiEK+PDo4mJVXz7hoeqsh9M91CMCGmQ5HovVtuDidrtwXfVR2APrRQB6i
sBoFI1nJ0qrC0M5H/8Fty8EjUzWdRSiuQdu72SO2DIhsG21q3Lb6c5o7RtZABJhu
Eg+Ql882ITOVBf1O+nEBLqG3B+zbnW+jgKU8kF8dgZSNB1Re4WYIVfu9e2QZxIgG
CfCRMsn8Uj5reFZ79eZ81DQ2s1h5bbXuN3QOKVkEjcxZpQHlFY4ErNxFBLPvAgMB
AAGjggHBMIIBvTAdBgNVHQ4EFgQUGLQOlIEwLQ9c60CXQEYRZoIB2bYwHwYDVR0j
BBgwFoAURCw1Skg6i3DYOdP3mM2HBoTwIYYwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzEvNDQyQzM1
NEE0ODNBOEI3MEQ4MzlEM0Y3OThDRDg3MDY4NEYwMjE4Ni5jcmwwZAYIKwYBBQUH
AQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL1JDdzFTa2c2aTNEWU9kUDNtTTJIQm9Ud0lZWS5jZXIwbQYI
KwYBBQUHAQsEYTBfMF0GCCsGAQUFBzALhlFyc3luYzovL2Rldi50dy9ycGtpL0F1
Z3VzdC8xLzMyNjEzMTMzM2E2MzMwMzAzMDNhM2EyZjMyMzkyZDM0MzgyMDNkM2Uy
MDM5MzQzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcB
BwEB/wQRMA8wDQQCAAIwBwMFAyoTwAAwDQYJKoZIhvcNAQELBQADggEBAGmMtgN1
vaPOB7oolr6sLyF1z25ZPoALBSUzbhqithaNKgGGt0U4R9OIM4Z6cvQc0R2f2aJd
RwMk1+ZLAI/6nWbml0l9giupn/GBrtRQO3/cjl3jFdQnDiBaw/BR/w4OyE9YIq3r
wK9ohY3yGkAfDnNKj6So8c2PsBhDNhm+NNvMu9d/JGJuG5mAYijONSkgG594takZ
6J9USxk8vQFHiuzB61V3m4hS5uO3xX+nJZn2jKfpzc5zd1BN7fDiCn4HYy1PJ7Dq
H4Y0rxSOFw4gBvnEzwcZKJ+9xvLSETt9VwSdVR1BvurjAq5REiOYs5QsVjmztKrL
UxFtttsicQpnO0M=
-----END CERTIFICATE-----