Route Origin Authorization

$ rpki-client -vvf dev.tw/rpki/August/5/326131323a646434363a313030303a3a2f33362d3438203d3e20313531313838.roa
File:                     326131323a646434363a313030303a3a2f33362d3438203d3e20313531313838.roa (raw, json)
Hash identifier:          g/dY4aO3OBlAenhmFGDJaf5GHpGCpph+2qZAfkLioT4=
Subject key identifier:   47:0B:4A:C7:C5:37:5F:CD:6C:73:AD:B1:02:78:D7:22:65:F1:9A:FA
Certificate issuer:       /CN=9d620b45c9098506ac4bf1184bee6cdbe9d71c4c
Certificate serial:       272ADDBDFA394C91BEB22B18077F51623842C9E6
Authority key identifier: 9D:62:0B:45:C9:09:85:06:AC:4B:F1:18:4B:EE:6C:DB:E9:D7:1C:4C
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
Subject info access:      rsync://dev.tw/rpki/August/5/326131323a646434363a313030303a3a2f33362d3438203d3e20313531313838.roa
Signing time:             Sun 15 Oct 2023 04:15:24 +0000
ROA not before:           Sun 15 Oct 2023 04:10:24 +0000
ROA not after:            Sun 13 Oct 2024 04:15:24 +0000
asID:                     151188
IP address blocks:        2a12:dd46:1000::/36 maxlen: 48

Validation:               OK
Signature path:           rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 10 May 2024 20:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            27:2a:dd:bd:fa:39:4c:91:be:b2:2b:18:07:7f:51:62:38:42:c9:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9d620b45c9098506ac4bf1184bee6cdbe9d71c4c
        Validity
            Not Before: Oct 15 04:10:24 2023 GMT
            Not After : Oct 13 04:15:24 2024 GMT
        Subject: CN=470B4AC7C5375FCD6C73ADB10278D72265F19AFA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:34:8c:41:2f:ee:b0:b1:14:ad:5d:fd:64:4d:
                    30:79:61:cc:be:c5:b7:2b:47:29:e2:6c:90:db:a4:
                    8a:e0:11:af:d9:d2:7d:ea:a7:9d:71:b6:1d:ab:bb:
                    b9:c3:2d:0d:fc:48:b9:4e:2d:8e:e8:97:f0:7d:6a:
                    66:d3:b5:56:41:b9:40:6b:ba:72:65:d8:c0:c0:41:
                    75:27:60:9e:42:69:65:cf:52:61:f9:fd:31:e3:d4:
                    42:f1:b8:c3:24:f7:f4:58:a2:2b:74:be:19:39:23:
                    55:76:aa:88:6e:9f:e9:14:49:a0:94:37:ce:3d:1f:
                    b2:36:a6:bf:fc:d3:fe:a9:9c:03:39:36:1d:c8:ed:
                    75:4d:d3:ef:a4:1b:48:45:c8:70:ac:dd:2e:3f:c5:
                    58:6e:07:81:a1:67:30:45:1d:a7:02:34:c9:55:ad:
                    3e:34:c4:94:6d:8a:58:36:ff:56:b9:ba:06:e6:bc:
                    cd:ec:00:96:ca:a8:6b:3f:b1:03:a0:f1:d4:fd:0c:
                    73:ae:22:f7:5e:c1:d2:be:5f:80:37:80:1c:8c:7b:
                    fb:1b:ab:f0:1e:16:9a:ef:5d:94:69:78:77:10:ad:
                    ac:c8:20:eb:c5:1e:bd:a5:1a:3e:41:21:9d:00:3a:
                    0e:2a:9a:57:e6:98:43:f7:c3:46:c6:d6:d9:e7:34:
                    a8:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                47:0B:4A:C7:C5:37:5F:CD:6C:73:AD:B1:02:78:D7:22:65:F1:9A:FA
            X509v3 Authority Key Identifier:
                keyid:9D:62:0B:45:C9:09:85:06:AC:4B:F1:18:4B:EE:6C:DB:E9:D7:1C:4C

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer

            Subject Information Access:
                Signed Object - URI:rsync://dev.tw/rpki/August/5/326131323a646434363a313030303a3a2f33362d3438203d3e20313531313838.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd46:1000::/36

    Signature Algorithm: sha256WithRSAEncryption
         25:c5:00:ad:71:b2:8c:f0:e3:b9:87:22:bc:9d:48:56:c3:cc:
         30:96:56:e8:42:be:50:d6:8f:e0:4b:c9:23:c4:c8:0a:69:cc:
         6c:b5:22:b5:e2:1a:d7:11:9c:d6:c7:7f:07:6f:1d:b0:82:8c:
         11:9b:2d:7d:61:46:69:d1:bb:9a:a8:fe:ee:31:1d:ac:02:7d:
         47:6c:6d:97:33:2d:16:b8:f5:b0:98:3e:12:2c:10:40:ac:9b:
         f7:d2:f2:cf:8c:a0:8e:27:8e:20:bc:e6:ca:d4:64:3a:8f:45:
         d4:54:f3:5d:a1:06:94:c8:b0:74:4c:5d:fb:cc:ed:e8:0e:69:
         f2:f2:e1:bd:80:09:a8:2b:12:ff:c4:3e:26:1d:2b:bc:51:ae:
         6b:79:08:ff:42:df:75:be:f9:d3:94:b7:29:df:06:17:93:c7:
         59:a2:c5:ed:80:7a:f2:51:fb:8d:af:81:bc:8f:00:a5:f7:d6:
         8e:62:12:0d:a8:cd:eb:8a:85:a1:ac:01:c4:f8:6c:48:d1:ed:
         e5:dd:af:16:78:e7:6b:46:58:6c:bd:43:b3:ca:67:23:b3:ec:
         f9:83:55:01:6d:1c:a5:9d:18:5e:4e:c8:96:a6:ff:3d:a5:a4:
         05:e0:7d:8d:d0:23:2a:fd:1b:de:cd:f8:5d:c9:a6:8b:bf:5e:
         be:e7:2b:79
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIUJyrdvfo5TJG+sisYB39RYjhCyeYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOWQ2MjBiNDVjOTA5ODUwNmFjNGJmMTE4NGJlZTZjZGJl
OWQ3MWM0YzAeFw0yMzEwMTUwNDEwMjRaFw0yNDEwMTMwNDE1MjRaMDMxMTAvBgNV
BAMTKDQ3MEI0QUM3QzUzNzVGQ0Q2QzczQURCMTAyNzhENzIyNjVGMTlBRkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNNIxBL+6wsRStXf1kTTB5Ycy+
xbcrRynibJDbpIrgEa/Z0n3qp51xth2ru7nDLQ38SLlOLY7ol/B9ambTtVZBuUBr
unJl2MDAQXUnYJ5CaWXPUmH5/THj1ELxuMMk9/RYoit0vhk5I1V2qohun+kUSaCU
N849H7I2pr/80/6pnAM5Nh3I7XVN0++kG0hFyHCs3S4/xVhuB4GhZzBFHacCNMlV
rT40xJRtilg2/1a5ugbmvM3sAJbKqGs/sQOg8dT9DHOuIvdewdK+X4A3gByMe/sb
q/AeFprvXZRpeHcQrazIIOvFHr2lGj5BIZ0AOg4qmlfmmEP3w0bG1tnnNKiZAgMB
AAGjggHSMIIBzjAdBgNVHQ4EFgQURwtKx8U3X81sc62xAnjXImXxmvowHwYDVR0j
BBgwFoAUnWILRckJhQasS/EYS+5s2+nXHEwwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vZGV2LnR3L3Jwa2kvQXVndXN0LzUvOUQ2MjBC
NDVDOTA5ODUwNkFDNEJGMTE4NEJFRTZDREJFOUQ3MUM0Qy5jcmwwZAYIKwYBBQUH
AQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxUL25XSUxSY2tKaFFhc1NfRVlTLTVzMi1uWEhFdy5jZXIwfQYI
KwYBBQUHAQsEcTBvMG0GCCsGAQUFBzALhmFyc3luYzovL2Rldi50dy9ycGtpL0F1
Z3VzdC81LzMyNjEzMTMyM2E2NDY0MzQzNjNhMzEzMDMwMzAzYTNhMmYzMzM2MmQz
NDM4MjAzZDNlMjAzMTM1MzEzMTM4Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYB
BQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQqEt1GEDANBgkqhkiG
9w0BAQsFAAOCAQEAJcUArXGyjPDjuYcivJ1IVsPMMJZW6EK+UNaP4EvJI8TICmnM
bLUiteIa1xGc1sd/B28dsIKMEZstfWFGadG7mqj+7jEdrAJ9R2xtlzMtFrj1sJg+
EiwQQKyb99Lyz4ygjieOILzmytRkOo9F1FTzXaEGlMiwdExd+8zt6A5p8vLhvYAJ
qCsS/8Q+Jh0rvFGua3kI/0Lfdb7505S3Kd8GF5PHWaLF7YB68lH7ja+BvI8ApffW
jmISDajN64qFoawBxPhsSNHt5d2vFnjna0ZYbL1Ds8pnI7Ps+YNVAW0cpZ0YXk7I
lqb/PaWkBeB9jdAjKv0b3s34Xcmmi79evucreQ==
-----END CERTIFICATE-----