Route Origin Authorization

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630623a3a2f34382d3438203d3e203530353535.roa
File:                     326131323a646434373a383630623a3a2f34382d3438203d3e203530353535.roa (raw, json)
Hash identifier:          P8JskXQq8rhMqJmwd4lSnoyKOklqs5FaDVyanSYeqcg=
Subject key identifier:   66:F0:12:80:65:E5:BC:11:8B:70:57:EC:16:DE:94:BE:40:74:89:05
Certificate issuer:       /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Certificate serial:       730B3E2DEACA4FC50AAA35FBD9A87D7C138582D4
Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
Authority info access:    rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630623a3a2f34382d3438203d3e203530353535.roa
Signing time:             Mon 11 Mar 2024 07:12:22 +0000
ROA not before:           Mon 11 Mar 2024 07:07:22 +0000
ROA not after:            Mon 10 Mar 2025 07:12:22 +0000
asID:                     50555
IP address blocks:        2a12:dd47:860b::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl
                          rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.mft
                          rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 27 May 2024 12:15:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:0b:3e:2d:ea:ca:4f:c5:0a:aa:35:fb:d9:a8:7d:7c:13:85:82:d4
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
        Validity
            Not Before: Mar 11 07:07:22 2024 GMT
            Not After : Mar 10 07:12:22 2025 GMT
        Subject: CN=66F0128065E5BC118B7057EC16DE94BE40748905
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:01:5a:60:c3:89:04:d9:d8:01:2d:73:7f:50:
                    09:11:ff:64:49:f6:12:62:de:fc:86:99:15:46:36:
                    4e:56:f8:ad:6c:b0:6e:43:72:0f:56:d3:fa:e7:11:
                    09:ba:7b:3e:d4:b8:62:eb:44:50:e6:c2:02:0a:cb:
                    95:6c:54:35:5e:de:a4:5e:ab:90:86:75:1a:96:4a:
                    d7:b2:b2:13:b2:5d:4e:4c:4b:23:41:68:ba:07:4c:
                    16:93:aa:59:9c:40:36:7f:83:68:de:de:7c:f6:bb:
                    3e:38:79:ad:38:2b:b7:27:c2:71:cc:4f:e8:f3:a6:
                    c8:ca:de:d0:e9:be:2b:4a:cf:9f:7f:cf:3a:7d:52:
                    62:fa:d2:61:94:3a:08:2b:2f:96:b6:13:17:5a:bb:
                    8c:46:28:39:66:5a:a0:68:41:16:31:7c:63:22:6d:
                    15:52:ec:2b:d4:54:73:8f:b7:0f:fa:a2:ba:03:5d:
                    78:47:b6:fd:16:8c:13:73:ff:cc:21:14:76:5a:95:
                    99:30:6a:3f:d7:a0:eb:4e:36:2c:87:22:5f:6c:85:
                    a7:cb:56:af:f3:d8:e7:5f:ea:a2:90:34:a1:33:70:
                    3a:07:1d:ff:af:fe:68:33:9b:13:df:66:7c:d4:8c:
                    99:93:18:f4:35:47:ce:1c:10:14:ce:c9:34:b6:12:
                    28:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                66:F0:12:80:65:E5:BC:11:8B:70:57:EC:16:DE:94:BE:40:74:89:05
            X509v3 Authority Key Identifier:
                keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630623a3a2f34382d3438203d3e203530353535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:860b::/48

    Signature Algorithm: sha256WithRSAEncryption
         4f:ac:0f:79:78:72:55:11:a7:93:50:3e:ce:ca:b1:e7:a1:99:
         35:ba:35:df:f6:3e:03:54:b7:f9:ef:6b:d6:e1:10:f6:9e:84:
         ca:1c:d3:81:d2:2b:86:a7:a2:0b:94:d2:fd:12:a7:06:f3:fd:
         05:1c:76:66:fd:ba:f9:7b:52:d9:c5:ea:35:76:97:1f:f9:2e:
         56:14:d8:2c:90:91:14:37:b7:ab:a0:66:b5:04:80:8d:b2:89:
         e1:6f:87:4d:a3:97:be:04:fb:64:01:d5:95:1a:31:60:b7:15:
         ba:23:99:1f:98:88:78:b8:11:da:f5:6c:12:14:5b:b6:50:7f:
         24:d7:78:ea:d7:a3:d2:ba:e2:21:da:dc:26:cc:29:c9:6a:6f:
         ee:c7:53:eb:b6:f2:10:bf:f6:f0:59:54:7d:e2:ff:26:30:6f:
         87:0e:7d:c4:2a:46:76:87:1c:d3:ae:84:00:58:96:5a:de:05:
         fa:c7:59:00:4b:53:c7:e7:14:9c:50:cb:5f:4f:18:22:14:78:
         80:f4:e1:80:c2:b6:73:b7:31:cd:07:26:a8:a3:da:77:da:de:
         73:7d:1d:9c:08:62:19:11:1f:77:0b:10:cc:0c:68:a8:c7:01:
         6c:8f:78:b1:0d:1f:bc:77:50:ba:05:3f:89:bc:fa:55:ce:ff:
         51:83:f5:f0
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIUcws+LerKT8UKqjX72ah9fBOFgtQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD
RENDNThBMzAeFw0yNDAzMTEwNzA3MjJaFw0yNTAzMTAwNzEyMjJaMDMxMTAvBgNV
BAMTKDY2RjAxMjgwNjVFNUJDMTE4QjcwNTdFQzE2REU5NEJFNDA3NDg5MDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOAVpgw4kE2dgBLXN/UAkR/2RJ
9hJi3vyGmRVGNk5W+K1ssG5Dcg9W0/rnEQm6ez7UuGLrRFDmwgIKy5VsVDVe3qRe
q5CGdRqWSteyshOyXU5MSyNBaLoHTBaTqlmcQDZ/g2je3nz2uz44ea04K7cnwnHM
T+jzpsjK3tDpvitKz59/zzp9UmL60mGUOggrL5a2Exdau4xGKDlmWqBoQRYxfGMi
bRVS7CvUVHOPtw/6oroDXXhHtv0WjBNz/8whFHZalZkwaj/XoOtONiyHIl9shafL
Vq/z2Odf6qKQNKEzcDoHHf+v/mgzmxPfZnzUjJmTGPQ1R84cEBTOyTS2EihvAgMB
AAGjggH2MIIB8jAdBgNVHQ4EFgQUZvASgGXlvBGLcFfsFt6UvkB0iQUwHwYDVR0j
BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1
OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr
aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD
RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz
eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx
MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDYyM2EzYTJmMzQzODJkMzQzODIwM2QzZTIw
MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGCzANBgkqhkiG9w0BAQsFAAOCAQEA
T6wPeXhyVRGnk1A+zsqx56GZNbo13/Y+A1S3+e9r1uEQ9p6EyhzTgdIrhqeiC5TS
/RKnBvP9BRx2Zv26+XtS2cXqNXaXH/kuVhTYLJCRFDe3q6BmtQSAjbKJ4W+HTaOX
vgT7ZAHVlRoxYLcVuiOZH5iIeLgR2vVsEhRbtlB/JNd46tej0rriIdrcJswpyWpv
7sdT67byEL/28FlUfeL/JjBvhw59xCpGdocc066EAFiWWt4F+sdZAEtTx+cUnFDL
X08YIhR4gPThgMK2c7cxzQcmqKPad9rec30dnAhiGREfdwsQzAxoqMcBbI94sQ0f
vHdQugU/ibz6Vc7/UYP18A==
-----END CERTIFICATE-----
Generated at Sun May 26 19:08:42 2024 by rpki-client on console-ams.rpki-client.org