Route Origin Authorization

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630343a3a2f34382d3438203d3e203530353535.roa
File:                     326131323a646434373a383630343a3a2f34382d3438203d3e203530353535.roa (raw, json)
Hash identifier:          q33k4Pm8Tc9+J+nVAuAOoyc9sZ/RYxCpNBmpPMyinh4=
Subject key identifier:   70:D6:AC:9D:9A:24:1B:8D:4B:B8:1F:9C:86:98:2B:8F:76:59:18:67
Certificate issuer:       /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Certificate serial:       70A8CFE270AA8380512C3A2EE090B8B49BAFD997
Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
Authority info access:    rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630343a3a2f34382d3438203d3e203530353535.roa
Signing time:             Mon 11 Mar 2024 07:12:21 +0000
ROA not before:           Mon 11 Mar 2024 07:07:21 +0000
ROA not after:            Mon 10 Mar 2025 07:12:21 +0000
asID:                     50555
IP address blocks:        2a12:dd47:8604::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl
                          rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.mft
                          rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 29 Mar 2024 13:55:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            70:a8:cf:e2:70:aa:83:80:51:2c:3a:2e:e0:90:b8:b4:9b:af:d9:97
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
        Validity
            Not Before: Mar 11 07:07:21 2024 GMT
            Not After : Mar 10 07:12:21 2025 GMT
        Subject: CN=70D6AC9D9A241B8D4BB81F9C86982B8F76591867
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:c1:09:df:f3:65:ad:58:44:93:df:80:4f:f0:
                    88:c7:aa:0c:3a:e1:00:d7:c2:a8:6c:6d:a2:05:01:
                    d7:64:18:4d:a6:14:54:7a:f0:b0:4c:44:f1:cc:62:
                    b3:00:50:f0:b1:92:0e:f1:5b:a8:08:a8:e2:ae:93:
                    6a:29:c7:b4:9b:67:37:ce:20:14:b5:a2:e7:00:31:
                    d3:03:e3:ea:1e:15:71:f9:aa:15:90:88:07:95:ea:
                    3b:29:9d:84:e6:55:f2:8c:c2:6d:bb:1c:48:74:fd:
                    85:01:e4:11:20:f2:19:de:fe:b8:fe:d6:11:7d:a0:
                    8e:35:39:b4:08:5c:4f:58:a9:7c:7d:ca:91:e8:f9:
                    ca:7b:96:46:42:64:f0:3d:09:ea:34:34:49:22:a9:
                    15:71:a3:66:6b:14:e9:56:18:2e:ff:0c:e2:5b:3d:
                    90:5a:da:76:de:12:cc:30:13:87:4e:60:e4:f9:af:
                    8e:bd:cd:27:67:5e:8b:70:27:9e:19:f0:91:77:db:
                    25:0e:14:dd:13:41:e9:17:12:32:ad:1b:ed:6b:ab:
                    87:ea:5e:14:1d:e6:e2:5b:15:ff:86:a0:3a:48:65:
                    fd:d6:1f:ca:13:c0:14:06:29:41:41:39:ad:da:84:
                    22:ad:97:b8:e1:2b:65:c4:7b:df:f7:2c:68:0c:40:
                    14:a7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                70:D6:AC:9D:9A:24:1B:8D:4B:B8:1F:9C:86:98:2B:8F:76:59:18:67
            X509v3 Authority Key Identifier:
                keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630343a3a2f34382d3438203d3e203530353535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:8604::/48

    Signature Algorithm: sha256WithRSAEncryption
         07:69:27:d3:c8:25:36:d1:31:69:de:2c:2c:46:a9:21:69:74:
         fd:a1:2f:17:7b:84:49:94:af:7e:8e:b5:e8:b2:33:07:e0:5b:
         4f:a1:74:78:f4:b5:a4:c2:7f:af:a6:be:35:4c:93:d0:19:51:
         ad:55:06:67:f8:19:6d:84:04:a0:70:22:d6:35:f5:2c:4e:3e:
         ea:09:77:a1:ab:c9:58:57:c6:83:9b:6a:7d:3f:74:d4:fe:bd:
         27:80:ef:47:a4:0a:8e:62:5d:1e:c4:20:c1:c1:0f:a3:a1:37:
         5b:0a:24:0d:99:28:a9:ae:e5:f2:82:f6:44:96:b3:4e:e9:e8:
         b1:7e:ff:47:62:b5:08:fc:1b:dc:85:1f:13:47:85:5e:6d:8f:
         1a:c2:cd:31:1a:a9:55:96:3e:55:9f:a8:21:6a:41:82:16:f9:
         f2:93:97:93:87:8e:b4:e5:98:46:33:dc:96:43:b6:da:10:fb:
         fa:62:9a:e5:9e:0c:b7:1e:7e:cd:79:48:1e:e8:e3:fc:32:1d:
         5f:7d:43:4f:c0:92:d2:4d:75:7d:94:33:a4:b2:bb:9d:85:b4:
         e8:02:a2:7c:94:03:c3:be:e9:4d:b8:5a:1c:16:b9:fc:87:c1:
         b3:db:0e:f8:34:f5:b6:16:3d:69:c3:cb:45:46:20:7a:03:16:
         a8:17:39:bc
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIUcKjP4nCqg4BRLDou4JC4tJuv2ZcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD
RENDNThBMzAeFw0yNDAzMTEwNzA3MjFaFw0yNTAzMTAwNzEyMjFaMDMxMTAvBgNV
BAMTKDcwRDZBQzlEOUEyNDFCOEQ0QkI4MUY5Qzg2OTgyQjhGNzY1OTE4NjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6wQnf82WtWEST34BP8IjHqgw6
4QDXwqhsbaIFAddkGE2mFFR68LBMRPHMYrMAUPCxkg7xW6gIqOKuk2opx7SbZzfO
IBS1oucAMdMD4+oeFXH5qhWQiAeV6jspnYTmVfKMwm27HEh0/YUB5BEg8hne/rj+
1hF9oI41ObQIXE9YqXx9ypHo+cp7lkZCZPA9Ceo0NEkiqRVxo2ZrFOlWGC7/DOJb
PZBa2nbeEswwE4dOYOT5r469zSdnXotwJ54Z8JF32yUOFN0TQekXEjKtG+1rq4fq
XhQd5uJbFf+GoDpIZf3WH8oTwBQGKUFBOa3ahCKtl7jhK2XEe9/3LGgMQBSnAgMB
AAGjggH2MIIB8jAdBgNVHQ4EFgQUcNasnZokG41LuB+chpgrj3ZZGGcwHwYDVR0j
BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1
OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr
aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD
RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz
eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx
MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDM0M2EzYTJmMzQzODJkMzQzODIwM2QzZTIw
MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGBDANBgkqhkiG9w0BAQsFAAOCAQEA
B2kn08glNtExad4sLEapIWl0/aEvF3uESZSvfo616LIzB+BbT6F0ePS1pMJ/r6a+
NUyT0BlRrVUGZ/gZbYQEoHAi1jX1LE4+6gl3oavJWFfGg5tqfT901P69J4DvR6QK
jmJdHsQgwcEPo6E3WwokDZkoqa7l8oL2RJazTunosX7/R2K1CPwb3IUfE0eFXm2P
GsLNMRqpVZY+VZ+oIWpBghb58pOXk4eOtOWYRjPclkO22hD7+mKa5Z4Mtx5+zXlI
Hujj/DIdX31DT8CS0k11fZQzpLK7nYW06AKifJQDw77pTbhaHBa5/IfBs9sO+DT1
thY9acPLRUYgegMWqBc5vA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 23:47:48 2024 by rpki-client on console-ams.rpki-client.org