Route Origin Authorization

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630383a3a2f34382d3438203d3e203530353535.roa
File:                     326131323a646434373a383630383a3a2f34382d3438203d3e203530353535.roa (raw, json)
Hash identifier:          yvJARCYuZKCcQdrZehBg3pmqGSxsDFgahe/Ya4VuMCA=
Subject key identifier:   28:5A:D8:DC:FC:69:81:85:AF:87:94:04:48:35:7E:13:3E:D6:43:5A
Certificate issuer:       /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Certificate serial:       481FCE5BBFC2C132AF832CBA695C6A155FD87CB8
Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
Authority info access:    rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630383a3a2f34382d3438203d3e203530353535.roa
Signing time:             Mon 11 Mar 2024 07:12:18 +0000
ROA not before:           Mon 11 Mar 2024 07:07:18 +0000
ROA not after:            Mon 10 Mar 2025 07:12:18 +0000
asID:                     50555
IP address blocks:        2a12:dd47:8608::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl
                          rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.mft
                          rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 27 May 2024 12:15:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:1f:ce:5b:bf:c2:c1:32:af:83:2c:ba:69:5c:6a:15:5f:d8:7c:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
        Validity
            Not Before: Mar 11 07:07:18 2024 GMT
            Not After : Mar 10 07:12:18 2025 GMT
        Subject: CN=285AD8DCFC698185AF87940448357E133ED6435A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:33:23:d4:a2:68:b2:d3:37:bb:67:79:ce:ac:
                    4e:01:d1:d0:83:05:ed:cb:f4:b3:99:43:76:a9:72:
                    8c:9b:3d:73:7c:4e:be:58:12:d9:1e:13:e8:a3:14:
                    1b:12:59:dd:59:f4:fc:1e:4f:d2:a3:2a:35:2a:3c:
                    54:a4:19:79:49:d1:ac:ba:4c:5c:e6:4c:cb:1f:73:
                    89:ea:e3:49:2a:b2:73:8f:a2:51:82:54:47:71:11:
                    f1:c0:6d:2a:98:4c:cf:fd:b3:f2:82:bb:13:a4:64:
                    16:7d:c3:ee:ba:91:de:ef:b3:e8:29:70:59:d1:01:
                    81:d5:b0:16:3e:78:7e:a0:aa:38:b5:5e:c7:43:5b:
                    ff:82:44:fb:45:f4:65:12:c8:e4:00:66:82:62:a7:
                    0d:63:c1:ba:2b:62:59:e3:40:86:d2:3a:5b:c9:d4:
                    dc:1a:f7:19:ba:57:86:31:7a:94:6b:27:76:7c:9b:
                    72:2c:d4:03:d7:7a:18:29:a4:1f:bb:8e:7f:0c:96:
                    c4:83:0b:e0:db:e5:35:db:65:78:9e:3f:51:ca:14:
                    65:0c:4f:1f:c9:65:13:4b:0d:0e:fa:5c:27:4b:d8:
                    64:c3:39:7e:f3:63:86:8b:e1:ab:20:18:1f:cf:78:
                    31:3c:51:a5:38:2d:9e:11:3c:88:56:6e:41:be:44:
                    8d:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                28:5A:D8:DC:FC:69:81:85:AF:87:94:04:48:35:7E:13:3E:D6:43:5A
            X509v3 Authority Key Identifier:
                keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630383a3a2f34382d3438203d3e203530353535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:8608::/48

    Signature Algorithm: sha256WithRSAEncryption
         0f:3c:bb:22:2e:c7:af:61:99:f8:a5:22:ba:23:20:54:2d:fc:
         5e:9c:32:ae:9d:14:ef:e9:55:c0:42:bc:a4:ec:98:10:3d:37:
         5e:0b:8d:18:1c:00:e2:1e:ac:64:4b:6f:a1:04:8c:e0:6f:5b:
         fd:f5:45:9d:96:20:71:69:1e:99:23:a9:23:eb:c4:b8:f2:9f:
         1a:b9:64:e3:e1:01:14:79:55:d4:12:dc:81:de:b4:e1:00:b3:
         4c:de:37:01:79:1b:d9:4a:ff:eb:4d:5b:8d:f4:5a:93:57:2d:
         63:5c:41:fb:21:52:1c:4f:0f:4a:93:e7:82:9f:d7:01:2e:da:
         f1:ba:66:3b:f8:78:47:85:77:cc:b4:5f:8a:0b:dd:cd:d1:c8:
         eb:e5:c3:10:49:54:fc:15:f7:5b:32:3c:6c:0f:cd:9d:0c:eb:
         70:6f:e8:9f:3d:7c:bf:3a:b2:04:de:0d:4a:80:d5:69:a7:f2:
         f1:0e:b4:78:0d:73:f7:85:81:77:f9:d7:ba:f0:99:01:8f:4a:
         11:e2:b7:c6:28:4d:8f:78:1c:88:da:e0:88:fe:7b:08:09:e1:
         44:87:b4:f8:2b:04:2b:49:9e:70:89:7e:e0:07:dc:fc:f2:f5:
         f2:79:dc:3e:7b:89:26:ec:5d:57:8a:59:6f:98:56:6a:5c:3c:
         fc:58:ae:e4
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIUSB/OW7/CwTKvgyy6aVxqFV/YfLgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD
RENDNThBMzAeFw0yNDAzMTEwNzA3MThaFw0yNTAzMTAwNzEyMThaMDMxMTAvBgNV
BAMTKDI4NUFEOERDRkM2OTgxODVBRjg3OTQwNDQ4MzU3RTEzM0VENjQzNUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPMyPUomiy0ze7Z3nOrE4B0dCD
Be3L9LOZQ3apcoybPXN8Tr5YEtkeE+ijFBsSWd1Z9PweT9KjKjUqPFSkGXlJ0ay6
TFzmTMsfc4nq40kqsnOPolGCVEdxEfHAbSqYTM/9s/KCuxOkZBZ9w+66kd7vs+gp
cFnRAYHVsBY+eH6gqji1XsdDW/+CRPtF9GUSyOQAZoJipw1jwborYlnjQIbSOlvJ
1Nwa9xm6V4YxepRrJ3Z8m3Is1APXehgppB+7jn8MlsSDC+Db5TXbZXieP1HKFGUM
Tx/JZRNLDQ76XCdL2GTDOX7zY4aL4asgGB/PeDE8UaU4LZ4RPIhWbkG+RI3xAgMB
AAGjggH2MIIB8jAdBgNVHQ4EFgQUKFrY3PxpgYWvh5QESDV+Ez7WQ1owHwYDVR0j
BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1
OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr
aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD
RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz
eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx
MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDM4M2EzYTJmMzQzODJkMzQzODIwM2QzZTIw
MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGCDANBgkqhkiG9w0BAQsFAAOCAQEA
Dzy7Ii7Hr2GZ+KUiuiMgVC38Xpwyrp0U7+lVwEK8pOyYED03XguNGBwA4h6sZEtv
oQSM4G9b/fVFnZYgcWkemSOpI+vEuPKfGrlk4+EBFHlV1BLcgd604QCzTN43AXkb
2Ur/601bjfRak1ctY1xB+yFSHE8PSpPngp/XAS7a8bpmO/h4R4V3zLRfigvdzdHI
6+XDEElU/BX3WzI8bA/NnQzrcG/onz18vzqyBN4NSoDVaafy8Q60eA1z94WBd/nX
uvCZAY9KEeK3xihNj3gciNrgiP57CAnhRIe0+CsEK0mecIl+4Afc/PL18nncPnuJ
JuxdV4pZb5hWalw8/Fiu5A==
-----END CERTIFICATE-----
Generated at Sun May 26 19:08:42 2024 by rpki-client on console-ams.rpki-client.org