Route Origin Authorization

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630323a3a2f34382d3438203d3e203530353535.roa
File:                     326131323a646434373a383630323a3a2f34382d3438203d3e203530353535.roa (raw, json)
Hash identifier:          HoZAYr0ETH2ygTyVLT/TWLTc95YKlgYR4RlonB/RlJc=
Subject key identifier:   4A:F1:72:26:2B:B3:2D:E2:7C:BD:91:63:BF:0D:F4:6E:70:43:B9:9D
Certificate issuer:       /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Certificate serial:       26B10C49CB15E6FB9881712086BF3605E4B558E6
Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
Authority info access:    rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630323a3a2f34382d3438203d3e203530353535.roa
Signing time:             Mon 11 Mar 2024 07:12:24 +0000
ROA not before:           Mon 11 Mar 2024 07:07:24 +0000
ROA not after:            Mon 10 Mar 2025 07:12:24 +0000
asID:                     50555
IP address blocks:        2a12:dd47:8602::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl
                          rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.mft
                          rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 28 Mar 2024 16:50:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:b1:0c:49:cb:15:e6:fb:98:81:71:20:86:bf:36:05:e4:b5:58:e6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
        Validity
            Not Before: Mar 11 07:07:24 2024 GMT
            Not After : Mar 10 07:12:24 2025 GMT
        Subject: CN=4AF172262BB32DE27CBD9163BF0DF46E7043B99D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d5:9e:60:bc:64:02:b8:3b:80:6e:2c:b4:79:09:
                    ab:de:b5:1e:b9:df:a3:7b:95:e3:7a:fe:89:ee:34:
                    81:51:e5:15:1f:6d:bd:a9:15:d5:21:67:b8:21:30:
                    22:46:bf:05:4a:af:aa:a1:e0:bc:eb:b3:27:9b:7f:
                    db:8a:88:08:28:9a:1f:b9:cd:6b:9e:3b:31:14:1b:
                    35:8e:92:5d:d7:40:06:47:b1:df:82:31:fb:6c:63:
                    68:e8:e3:df:1e:26:f9:60:73:a6:0a:72:6e:9f:d6:
                    62:d2:c7:9f:e1:27:fc:de:3e:12:0d:86:01:32:d4:
                    ac:92:06:f5:08:46:bf:47:bf:18:4a:05:ac:f9:20:
                    96:d7:7b:8f:78:6d:ff:44:cc:15:a9:8a:2f:43:76:
                    d2:a3:a1:cd:5f:bb:b6:64:df:ad:12:f6:04:72:c2:
                    1f:b9:5a:47:aa:e2:09:22:c2:f6:92:9a:3b:2d:f5:
                    95:68:46:ac:ea:73:f8:70:89:6f:f0:13:28:ea:f5:
                    9d:d5:19:c1:97:31:4b:46:db:47:b1:2c:b6:40:11:
                    7f:bb:71:85:f3:bc:5b:3e:16:b9:c9:b7:6d:7c:a2:
                    09:cb:78:1c:a1:88:13:40:2d:af:27:a2:d7:d9:d8:
                    41:09:b0:da:71:23:bc:9d:e2:79:a3:56:52:82:b2:
                    71:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:F1:72:26:2B:B3:2D:E2:7C:BD:91:63:BF:0D:F4:6E:70:43:B9:9D
            X509v3 Authority Key Identifier:
                keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630323a3a2f34382d3438203d3e203530353535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:8602::/48

    Signature Algorithm: sha256WithRSAEncryption
         39:7e:5f:08:d4:90:21:ba:01:9a:d1:94:de:74:7d:8b:f5:d2:
         18:06:e1:9c:4b:64:9a:bb:9f:f2:22:73:c7:3e:3d:8d:49:31:
         ad:f6:4a:84:d4:d9:07:de:4d:ee:dd:b0:dd:f1:5b:a9:25:9d:
         ba:f3:be:fb:0b:4c:e6:8a:5d:be:7e:2d:87:d1:49:fb:24:a1:
         89:f6:0a:e7:59:bc:25:73:7f:e0:f7:ac:92:73:df:72:60:78:
         49:c5:70:cf:19:9d:e5:84:d9:82:c3:bb:21:ba:b7:56:1d:c7:
         3a:70:39:f7:e8:63:be:77:3d:f4:10:c1:3f:8d:ff:8b:00:a3:
         72:35:d8:d9:0e:9a:2b:85:65:b2:88:3d:5d:44:5f:9d:83:3a:
         f7:9e:88:1e:a7:3d:cc:77:06:0e:46:ea:f2:c0:18:71:cf:bb:
         de:af:14:25:1e:17:79:ad:5d:44:24:b1:b1:51:c2:cf:2b:46:
         92:76:ec:b9:fe:f2:80:e7:a6:9b:1f:ef:13:9d:a0:2f:50:01:
         1a:89:0d:ca:19:8b:a7:f3:be:84:fb:ff:cc:ed:86:e4:dd:89:
         82:31:76:d3:27:23:0d:9a:39:2e:f2:88:cc:c3:d1:a2:d4:5e:
         13:20:3c:7b:ae:bb:63:bd:6a:54:b0:86:da:a0:be:79:a1:9a:
         38:5f:a0:37
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIUJrEMScsV5vuYgXEghr82BeS1WOYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD
RENDNThBMzAeFw0yNDAzMTEwNzA3MjRaFw0yNTAzMTAwNzEyMjRaMDMxMTAvBgNV
BAMTKDRBRjE3MjI2MkJCMzJERTI3Q0JEOTE2M0JGMERGNDZFNzA0M0I5OUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVnmC8ZAK4O4BuLLR5CavetR65
36N7leN6/onuNIFR5RUfbb2pFdUhZ7ghMCJGvwVKr6qh4Lzrsyebf9uKiAgomh+5
zWueOzEUGzWOkl3XQAZHsd+CMftsY2jo498eJvlgc6YKcm6f1mLSx5/hJ/zePhIN
hgEy1KySBvUIRr9HvxhKBaz5IJbXe494bf9EzBWpii9DdtKjoc1fu7Zk360S9gRy
wh+5Wkeq4gkiwvaSmjst9ZVoRqzqc/hwiW/wEyjq9Z3VGcGXMUtG20exLLZAEX+7
cYXzvFs+FrnJt218ognLeByhiBNALa8notfZ2EEJsNpxI7yd4nmjVlKCsnEzAgMB
AAGjggH2MIIB8jAdBgNVHQ4EFgQUSvFyJiuzLeJ8vZFjvw30bnBDuZ0wHwYDVR0j
BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1
OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr
aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD
RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz
eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx
MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDMyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIw
MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGAjANBgkqhkiG9w0BAQsFAAOCAQEA
OX5fCNSQIboBmtGU3nR9i/XSGAbhnEtkmruf8iJzxz49jUkxrfZKhNTZB95N7t2w
3fFbqSWduvO++wtM5opdvn4th9FJ+yShifYK51m8JXN/4PesknPfcmB4ScVwzxmd
5YTZgsO7Ibq3Vh3HOnA59+hjvnc99BDBP43/iwCjcjXY2Q6aK4Vlsog9XURfnYM6
956IHqc9zHcGDkbq8sAYcc+73q8UJR4Xea1dRCSxsVHCzytGknbsuf7ygOemmx/v
E52gL1ABGokNyhmLp/O+hPv/zO2G5N2JgjF20ycjDZo5LvKIzMPRotReEyA8e667
Y71qVLCG2qC+eaGaOF+gNw==
-----END CERTIFICATE-----
Generated at Thu Mar 28 03:53:04 2024 by rpki-client on console-fra.rpki-client.org