Route Origin Authorization

$ rpki-client -vvf repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630663a3a2f34382d3438203d3e203530353535.roa
File:                     326131323a646434373a383630663a3a2f34382d3438203d3e203530353535.roa (raw, json)
Hash identifier:          KdHvWmuZQHcbpceQ+U8MEcEFLjMenHgqGnoMsp2lirk=
Subject key identifier:   C7:C0:CD:56:48:1C:87:EE:40:A8:9F:6E:94:31:1B:A1:C4:E0:7C:24
Certificate issuer:       /CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
Certificate serial:       053E77E3C76F3270F08CCB8170A0279D43842D79
Authority key identifier: 02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3
Authority info access:    rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
Subject info access:      rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630663a3a2f34382d3438203d3e203530353535.roa
Signing time:             Mon 11 Mar 2024 07:12:20 +0000
ROA not before:           Mon 11 Mar 2024 07:07:20 +0000
ROA not after:            Mon 10 Mar 2025 07:12:20 +0000
asID:                     50555
IP address blocks:        2a12:dd47:860f::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl
                          rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.mft
                          rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 27 May 2024 08:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:3e:77:e3:c7:6f:32:70:f0:8c:cb:81:70:a0:27:9d:43:84:2d:79
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=02876C11924CBDA01BE1AD39A3206CFACDCC58A3
        Validity
            Not Before: Mar 11 07:07:20 2024 GMT
            Not After : Mar 10 07:12:20 2025 GMT
        Subject: CN=C7C0CD56481C87EE40A89F6E94311BA1C4E07C24
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:98:0e:8b:d4:f3:3f:54:11:79:29:2a:61:b1:cb:
                    7f:40:c9:2e:37:33:ec:92:22:7e:59:58:e8:03:6c:
                    1f:1e:0f:48:12:1d:c2:45:c3:25:73:ed:91:60:77:
                    ac:03:66:95:ab:ab:ea:31:a3:54:b0:c9:a2:75:09:
                    b9:83:49:a3:ae:b5:b9:8f:f0:7a:5c:e1:2d:a6:4e:
                    da:b9:b8:dc:45:8a:7f:2d:27:0f:4a:51:05:e4:66:
                    96:d8:2a:5b:50:69:5b:1c:d3:19:cb:10:ae:43:e1:
                    0a:93:30:ee:c7:c2:94:56:5a:df:b7:53:8a:a2:61:
                    69:f8:4e:2d:e5:a8:19:36:81:69:6f:6f:ee:68:b3:
                    d5:49:a0:69:73:e3:54:4b:3c:03:c2:d6:0e:71:6c:
                    6c:10:f0:72:cd:69:6c:8b:4b:ba:7c:91:64:d9:38:
                    35:96:31:cd:96:77:4d:35:3f:d8:93:e4:b2:03:2d:
                    c5:14:9a:fd:c2:79:ef:42:90:aa:ee:de:20:53:b6:
                    b2:fe:fc:3a:1c:23:e3:32:e8:f0:7f:cf:6d:67:39:
                    e3:65:c2:f2:d3:f5:28:65:af:e1:bf:ad:33:40:ae:
                    3e:bf:8d:26:7c:08:28:e3:0d:aa:dd:bb:dc:ab:5b:
                    66:a2:70:f9:9b:f3:3d:35:8e:c2:b0:d9:6f:65:06:
                    7a:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:C0:CD:56:48:1C:87:EE:40:A8:9F:6E:94:31:1B:A1:C4:E0:7C:24
            X509v3 Authority Key Identifier:
                keyid:02:87:6C:11:92:4C:BD:A0:1B:E1:AD:39:A3:20:6C:FA:CD:CC:58:A3

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/02876C11924CBDA01BE1AD39A3206CFACDCC58A3.cer

            Subject Information Access:
                Signed Object - URI:rsync://repo.kagl.me/rpki/KeatonAGLair-TEST/1/326131323a646434373a383630663a3a2f34382d3438203d3e203530353535.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:860f::/48

    Signature Algorithm: sha256WithRSAEncryption
         48:3a:f7:e9:4a:17:6d:13:ec:c5:92:eb:d0:e2:73:81:6d:09:
         cf:7a:e6:9b:57:fd:d4:80:d7:82:8b:77:ba:ef:ff:e5:19:41:
         d9:ba:f3:39:26:78:9f:93:e2:d4:4b:01:cb:d1:84:a1:3a:f7:
         a1:64:d4:0b:02:47:ef:1e:ca:66:27:17:fb:6c:06:e5:18:c0:
         b1:67:b2:3e:c0:fa:6b:00:79:ef:64:1c:0b:3c:95:52:e9:24:
         ce:eb:a4:6c:49:ea:d8:62:dc:92:f7:3b:b4:3f:5f:74:f3:28:
         d7:c5:12:35:34:0c:94:6d:12:fe:9d:e1:bb:f9:39:eb:e3:64:
         1a:28:a4:11:17:8c:28:e3:1b:48:73:48:5e:c8:65:66:fb:56:
         1e:58:7c:24:a8:22:b8:e9:f6:2d:19:30:47:ee:a1:d5:20:44:
         67:bd:8b:19:7a:50:a5:00:d0:52:f9:1f:3e:26:f2:fd:21:d3:
         25:0f:3c:19:c3:13:a3:a3:59:ce:0d:10:47:c2:30:36:5b:9a:
         2b:20:b0:bf:2f:72:3d:96:0d:50:ba:01:b1:53:d6:ee:e6:47:
         2b:8a:e5:ea:04:3c:1a:89:1e:88:86:17:ee:a0:74:11:19:4f:
         00:eb:f4:70:b1:c2:46:4a:74:71:71:56:3e:fd:70:0c:38:f9:
         6b:7f:65:f5
-----BEGIN CERTIFICATE-----
MIIE7DCCA9SgAwIBAgIUBT5348dvMnDwjMuBcKAnnUOELXkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZDRkFD
RENDNThBMzAeFw0yNDAzMTEwNzA3MjBaFw0yNTAzMTAwNzEyMjBaMDMxMTAvBgNV
BAMTKEM3QzBDRDU2NDgxQzg3RUU0MEE4OUY2RTk0MzExQkExQzRFMDdDMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYDovU8z9UEXkpKmGxy39AyS43
M+ySIn5ZWOgDbB8eD0gSHcJFwyVz7ZFgd6wDZpWrq+oxo1SwyaJ1CbmDSaOutbmP
8Hpc4S2mTtq5uNxFin8tJw9KUQXkZpbYKltQaVsc0xnLEK5D4QqTMO7HwpRWWt+3
U4qiYWn4Ti3lqBk2gWlvb+5os9VJoGlz41RLPAPC1g5xbGwQ8HLNaWyLS7p8kWTZ
ODWWMc2Wd001P9iT5LIDLcUUmv3Cee9CkKru3iBTtrL+/DocI+My6PB/z21nOeNl
wvLT9Shlr+G/rTNArj6/jSZ8CCjjDardu9yrW2aicPmb8z01jsKw2W9lBnqPAgMB
AAGjggH2MIIB8jAdBgNVHQ4EFgQUx8DNVkgch+5AqJ9ulDEbocTgfCQwHwYDVR0j
BBgwFoAUAodsEZJMvaAb4a05oyBs+s3MWKMwDgYDVR0PAQH/BAQDAgeAMGsGA1Ud
HwRkMGIwYKBeoFyGWnJzeW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdM
YWlyLVRFU1QvMS8wMjg3NkMxMTkyNENCREEwMUJFMUFEMzlBMzIwNkNGQUNEQ0M1
OEEzLmNybDBlBggrBgEFBQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBr
aS5jby9yZXBvL0FTOTQ1LzEvMDI4NzZDMTE5MjRDQkRBMDFCRTFBRDM5QTMyMDZD
RkFDRENDNThBMy5jZXIwgY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJz
eW5jOi8vcmVwby5rYWdsLm1lL3Jwa2kvS2VhdG9uQUdMYWlyLVRFU1QvMS8zMjYx
MzEzMjNhNjQ2NDM0MzczYTM4MzYzMDY2M2EzYTJmMzQzODJkMzQzODIwM2QzZTIw
MzUzMDM1MzUzNS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAiBggrBgEF
BQcBBwEB/wQTMBEwDwQCAAIwCQMHACoS3UeGDzANBgkqhkiG9w0BAQsFAAOCAQEA
SDr36UoXbRPsxZLr0OJzgW0Jz3rmm1f91IDXgot3uu//5RlB2brzOSZ4n5Pi1EsB
y9GEoTr3oWTUCwJH7x7KZicX+2wG5RjAsWeyPsD6awB572QcCzyVUukkzuukbEnq
2GLckvc7tD9fdPMo18USNTQMlG0S/p3hu/k56+NkGiikEReMKOMbSHNIXshlZvtW
Hlh8JKgiuOn2LRkwR+6h1SBEZ72LGXpQpQDQUvkfPiby/SHTJQ88GcMTo6NZzg0Q
R8IwNluaKyCwvy9yPZYNULoBsVPW7uZHK4rl6gQ8GokeiIYX7qB0ERlPAOv0cLHC
Rkp0cXFWPv1wDDj5a39l9Q==
-----END CERTIFICATE-----
Generated at Sun May 26 16:39:31 2024 by rpki-client on console-fra.rpki-client.org