Route Origin Authorization

$ rpki-client -vvf dev.tw/rpki/August/5/326131323a646434303a3a2f32392d3438203d3e20393435.roa
File:                     326131323a646434303a3a2f32392d3438203d3e20393435.roa (raw, json)
Hash identifier:          9nCmzIPrc5eg9srqb6+v/A6MguU+yUqUMBj/yxbVHvg=
Subject key identifier:   F5:56:98:01:77:B2:A5:48:AC:A8:4C:F3:A4:33:2B:08:8F:09:51:6A
Certificate issuer:       /CN=9d620b45c9098506ac4bf1184bee6cdbe9d71c4c
Certificate serial:       1D58B177184B5867932F10B8E5ECE3A201313634
Authority key identifier: 9D:62:0B:45:C9:09:85:06:AC:4B:F1:18:4B:EE:6C:DB:E9:D7:1C:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
Subject info access:      rsync://dev.tw/rpki/August/5/326131323a646434303a3a2f32392d3438203d3e20393435.roa
Signing time:             Tue 17 Oct 2023 16:20:58 +0000
ROA not before:           Tue 17 Oct 2023 16:15:58 +0000
ROA not after:            Tue 15 Oct 2024 16:20:58 +0000
asID:                     945
IP address blocks:        2a12:dd40::/29 maxlen: 48

Validation:               OK
Signature path:           rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 06 May 2024 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:58:b1:77:18:4b:58:67:93:2f:10:b8:e5:ec:e3:a2:01:31:36:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d620b45c9098506ac4bf1184bee6cdbe9d71c4c
        Validity
            Not Before: Oct 17 16:15:58 2023 GMT
            Not After : Oct 15 16:20:58 2024 GMT
        Subject: CN=F556980177B2A548ACA84CF3A4332B088F09516A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:67:b3:a7:1b:bb:6f:49:90:d7:76:e2:13:c9:
                    9c:75:50:11:10:69:73:87:0b:ed:34:f3:2a:9f:24:
                    55:16:63:27:61:b2:af:62:23:25:41:71:40:fb:8e:
                    85:ed:94:e4:5a:bb:e6:fe:eb:fc:fe:f8:e8:24:28:
                    f9:95:44:1c:32:6c:7e:30:79:f4:04:b9:a2:d4:f6:
                    ad:d8:25:4a:9f:b2:1f:24:30:40:04:46:52:f4:d0:
                    2e:5c:b3:9a:0d:ef:3c:f0:d5:7f:b2:1c:9e:0d:92:
                    fb:6d:6c:a0:80:f5:78:cf:d4:6c:c3:01:3d:57:8f:
                    5d:ec:d6:a5:3c:72:4d:e3:6f:2f:57:32:17:44:0b:
                    f4:c4:de:1a:93:77:f4:f2:c8:88:c0:bb:63:34:95:
                    52:27:3f:ce:2c:2a:42:c0:a2:88:08:9c:9c:9f:d2:
                    ad:f3:42:77:01:a0:98:ac:cd:44:32:1f:8d:a2:69:
                    54:2b:bf:eb:14:48:3a:c8:04:3d:2c:15:5d:6a:26:
                    55:6f:eb:53:c6:38:92:cf:5c:60:ce:5b:ab:9c:84:
                    ff:a7:11:f5:9f:f9:05:b2:9c:1e:26:db:87:7d:19:
                    b2:74:7d:d0:a0:53:81:ba:f9:4e:e6:2c:6a:73:4e:
                    dd:42:45:35:3c:8d:cd:32:34:2f:87:ee:a9:10:82:
                    3e:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F5:56:98:01:77:B2:A5:48:AC:A8:4C:F3:A4:33:2B:08:8F:09:51:6A
            X509v3 Authority Key Identifier:
                keyid:9D:62:0B:45:C9:09:85:06:AC:4B:F1:18:4B:EE:6C:DB:E9:D7:1C:4C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://dev.tw/rpki/August/5/326131323a646434303a3a2f32392d3438203d3e20393435.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd40::/29

    Signature Algorithm: sha256WithRSAEncryption
         3c:ce:65:8f:81:00:8d:17:11:ba:68:fe:bb:ef:2b:52:cd:b5:
         c5:f7:2e:68:8b:90:46:9a:01:df:a5:05:55:00:2e:3c:74:d3:
         b7:2e:3d:b8:01:10:7a:47:89:c1:c5:77:5f:6e:54:b3:2f:7e:
         ed:2f:c0:d5:eb:d6:c9:26:c6:92:9c:bb:dd:97:b0:74:6d:8d:
         ba:24:1d:ae:36:d6:1b:97:ff:34:c5:eb:12:6f:c5:23:43:fd:
         78:20:74:9c:6b:0e:db:c9:49:22:59:6a:85:f2:29:5c:4a:11:
         e2:3d:3b:92:6c:5a:66:bc:aa:d8:3e:6d:45:3f:d8:f1:26:97:
         0c:a8:4f:d1:22:99:ed:12:29:59:70:8a:3c:63:a4:67:6a:33:
         07:3a:69:09:78:6f:4d:b6:27:cd:d7:90:21:d2:95:f1:4a:0e:
         d8:af:a9:bf:33:60:12:b5:96:12:c5:dc:81:06:62:93:24:89:
         6e:33:d1:bf:52:40:29:20:be:00:b6:50:02:2c:db:81:d5:68:
         70:90:61:e9:36:ef:03:30:09:53:39:f2:59:6c:d0:de:f1:e1:
         3c:7f:b2:5e:1d:8a:0e:b5:f6:7f:23:a8:b1:20:14:2d:88:3b:
         d2:e0:c3:9e:a8:44:76:f4:4e:f0:4f:f7:c0:4f:eb:e4:d6:b4:
         c8:0d:eb:75
-----BEGIN CERTIFICATE-----
MIIEtzCCA5+gAwIBAgIUHVixdxhLWGeTLxC45ezjogExNjQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWQ2MjBiNDVjOTA5ODUwNmFjNGJmMTE4NGJlZTZjZGJl
OWQ3MWM0YzAeFw0yMzEwMTcxNjE1NThaFw0yNDEwMTUxNjIwNThaMDMxMTAvBgNV
BAMTKEY1NTY5ODAxNzdCMkE1NDhBQ0E4NENGM0E0MzMyQjA4OEYwOTUxNkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDYZ7OnG7tvSZDXduITyZx1UBEQ
aXOHC+008yqfJFUWYydhsq9iIyVBcUD7joXtlORau+b+6/z++OgkKPmVRBwybH4w
efQEuaLU9q3YJUqfsh8kMEAERlL00C5cs5oN7zzw1X+yHJ4NkvttbKCA9XjP1GzD
AT1Xj13s1qU8ck3jby9XMhdEC/TE3hqTd/TyyIjAu2M0lVInP84sKkLAoogInJyf
0q3zQncBoJiszUQyH42iaVQrv+sUSDrIBD0sFV1qJlVv61PGOJLPXGDOW6uchP+n
EfWf+QWynB4m24d9GbJ0fdCgU4G6+U7mLGpzTt1CRTU8jc0yNC+H7qkQgj6FAgMB
AAGjggHBMIIBvTAdBgNVHQ4EFgQU9VaYAXeypUisqEzzpDMrCI8JUWowHwYDVR0j
BBgwFoAUnWILRckJhQasS/EYS+5s2+nXHEwwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzUvOUQ2MjBC
NDVDOTA5ODUwNkFDNEJGMTE4NEJFRTZDREJFOUQ3MUM0Qy5jcmwwZAYIKwYBBQUH
AQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL25XSUxSY2tKaFFhc1NfRVlTLTVzMi1uWEhFdy5jZXIwbQYI
KwYBBQUHAQsEYTBfMF0GCCsGAQUFBzALhlFyc3luYzovL2Rldi50dy9ycGtpL0F1
Z3VzdC81LzMyNjEzMTMyM2E2NDY0MzQzMDNhM2EyZjMyMzkyZDM0MzgyMDNkM2Uy
MDM5MzQzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAgBggrBgEFBQcB
BwEB/wQRMA8wDQQCAAIwBwMFAyoS3UAwDQYJKoZIhvcNAQELBQADggEBADzOZY+B
AI0XEbpo/rvvK1LNtcX3LmiLkEaaAd+lBVUALjx007cuPbgBEHpHicHFd19uVLMv
fu0vwNXr1skmxpKcu92XsHRtjbokHa421huX/zTF6xJvxSND/XggdJxrDtvJSSJZ
aoXyKVxKEeI9O5JsWma8qtg+bUU/2PEmlwyoT9Eime0SKVlwijxjpGdqMwc6aQl4
b022J83XkCHSlfFKDtivqb8zYBK1lhLF3IEGYpMkiW4z0b9SQCkgvgC2UAIs24HV
aHCQYek27wMwCVM58lls0N7x4Tx/sl4dig619n8jqLEgFC2IO9Lgw56oRHb0TvBP
98BP6+TWtMgN63U=
-----END CERTIFICATE-----