Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS199762/2/326131323a646434373a333930303a3a2f34302d3438203d3e20313939373632.roa
File:                     326131323a646434373a333930303a3a2f34302d3438203d3e20313939373632.roa (raw, json)
Hash identifier:          273sVNqKnEAm0igpvB9O4NaMB4LiEhBU5Dk1KgHSG0k=
Subject key identifier:   4F:7B:A7:F3:1E:EB:02:A1:F7:DD:CA:63:54:F3:F2:AB:D2:15:58:8E
Certificate issuer:       /CN=332D0DDB8BDEF4CC798474C95979FDCCE3EBB0C2
Certificate serial:       51504F8384FDD845EEEB2F55499042B4702309
Authority key identifier: 33:2D:0D:DB:8B:DE:F4:CC:79:84:74:C9:59:79:FD:CC:E3:EB:B0:C2
Authority info access:    rsync://rpki.co/repo/AS945/1/332D0DDB8BDEF4CC798474C95979FDCCE3EBB0C2.cer
Subject info access:      rsync://rpki.co/repo/AS199762/2/326131323a646434373a333930303a3a2f34302d3438203d3e20313939373632.roa
Signing time:             Fri 15 Mar 2024 15:14:24 +0000
ROA not before:           Fri 15 Mar 2024 15:09:24 +0000
ROA not after:            Fri 14 Mar 2025 15:14:24 +0000
asID:                     199762
IP address blocks:        2a12:dd47:3900::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS199762/2/332D0DDB8BDEF4CC798474C95979FDCCE3EBB0C2.crl
                          rsync://rpki.co/repo/AS199762/2/332D0DDB8BDEF4CC798474C95979FDCCE3EBB0C2.mft
                          rsync://rpki.co/repo/AS945/1/332D0DDB8BDEF4CC798474C95979FDCCE3EBB0C2.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 19 May 2024 04:40:11 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            51:50:4f:83:84:fd:d8:45:ee:eb:2f:55:49:90:42:b4:70:23:09
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=332D0DDB8BDEF4CC798474C95979FDCCE3EBB0C2
        Validity
            Not Before: Mar 15 15:09:24 2024 GMT
            Not After : Mar 14 15:14:24 2025 GMT
        Subject: CN=4F7BA7F31EEB02A1F7DDCA6354F3F2ABD215588E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:de:b8:74:b3:3c:ec:10:6a:8a:9c:e5:3a:71:
                    19:86:47:03:cc:21:34:22:0d:81:9b:45:7f:49:ea:
                    07:9d:18:c7:85:ab:a8:3b:70:69:c6:d3:ca:34:07:
                    7c:69:ec:d9:92:ad:e7:7f:b5:9a:b6:8d:3b:ed:5b:
                    ee:12:b0:a6:bf:60:14:44:a4:93:52:80:62:41:9a:
                    42:09:f7:e6:99:49:70:c6:ef:73:92:ef:88:7a:03:
                    e5:05:58:be:19:8d:11:b3:08:2c:ec:80:e7:3a:75:
                    17:b2:68:dc:83:64:da:31:72:e5:64:54:06:f5:eb:
                    dd:49:a8:b9:f7:0d:b8:fd:90:20:a4:51:70:21:e8:
                    dc:42:2d:e7:f9:c6:29:fd:b7:14:58:d2:60:85:e5:
                    30:59:6b:0c:2f:5f:f4:86:bd:3f:e7:28:f4:b5:c9:
                    f6:3e:91:df:f0:63:42:3b:68:98:de:8c:04:41:6d:
                    7d:b7:8d:64:dc:b6:5c:29:1f:16:23:8f:e0:6e:d7:
                    b4:1b:fc:1a:fa:9f:71:84:d9:e8:f1:f4:d4:07:e4:
                    12:55:28:85:f9:07:49:26:1e:80:b6:34:1b:c2:9a:
                    2c:bf:b0:12:c0:ed:9a:24:9e:c5:2c:44:7b:36:dc:
                    a8:2e:9c:c0:e1:53:76:ee:cd:f0:5e:75:0f:a3:b7:
                    11:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4F:7B:A7:F3:1E:EB:02:A1:F7:DD:CA:63:54:F3:F2:AB:D2:15:58:8E
            X509v3 Authority Key Identifier:
                keyid:33:2D:0D:DB:8B:DE:F4:CC:79:84:74:C9:59:79:FD:CC:E3:EB:B0:C2

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS199762/2/332D0DDB8BDEF4CC798474C95979FDCCE3EBB0C2.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/332D0DDB8BDEF4CC798474C95979FDCCE3EBB0C2.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS199762/2/326131323a646434373a333930303a3a2f34302d3438203d3e20313939373632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:3900::/40

    Signature Algorithm: sha256WithRSAEncryption
         16:4d:cf:22:8d:4a:e4:45:e3:ac:32:ec:30:80:95:d9:03:9d:
         ea:9d:be:85:5c:5f:4b:00:66:57:8e:35:3f:10:22:7e:d5:9b:
         de:6e:ba:7d:79:96:28:9b:ee:dd:dd:86:40:66:0e:1a:54:76:
         ce:7b:ec:d5:1b:79:c2:a4:4a:1c:9a:c8:d5:85:9a:6d:23:8f:
         6e:df:2f:20:4f:48:44:51:ff:1f:83:a3:56:f3:bf:ec:0a:63:
         d5:5d:f3:24:be:07:b2:23:b4:d7:7d:9e:a2:e8:5c:77:b8:b4:
         31:45:15:e8:25:1b:9e:ed:17:f7:6d:d5:94:72:d0:d0:88:62:
         08:1b:0b:3d:09:8e:96:9d:56:2c:f7:cf:31:1f:26:4a:68:77:
         67:de:d0:99:e1:f2:e8:65:de:e6:ab:7c:71:e7:e7:20:9d:0f:
         b3:c3:04:88:81:b6:39:94:a1:79:c5:16:53:35:66:b2:16:94:
         ea:51:56:35:9f:18:cc:52:e1:83:a5:cf:ce:9f:3a:57:47:b8:
         a4:30:f3:9f:14:53:67:5f:e6:00:8e:a8:34:87:30:30:1f:19:
         b5:5c:4c:ff:b4:f5:ae:6a:0c:ee:f8:cf:f7:ac:10:ba:95:ac:
         aa:d5:c3:c2:39:16:ee:38:ed:34:96:ce:bf:4f:7e:64:df:e8:
         ae:ec:78:dc
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgITUVBPg4T92EXu6y9VSZBCtHAjCTANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEygzMzJEMEREQjhCREVGNENDNzk4NDc0Qzk1OTc5RkRDQ0Uz
RUJCMEMyMB4XDTI0MDMxNTE1MDkyNFoXDTI1MDMxNDE1MTQyNFowMzExMC8GA1UE
AxMoNEY3QkE3RjMxRUVCMDJBMUY3RERDQTYzNTRGM0YyQUJEMjE1NTg4RTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMfeuHSzPOwQaoqc5TpxGYZHA8wh
NCINgZtFf0nqB50Yx4WrqDtwacbTyjQHfGns2ZKt53+1mraNO+1b7hKwpr9gFESk
k1KAYkGaQgn35plJcMbvc5LviHoD5QVYvhmNEbMILOyA5zp1F7Jo3INk2jFy5WRU
BvXr3UmoufcNuP2QIKRRcCHo3EIt5/nGKf23FFjSYIXlMFlrDC9f9Ia9P+co9LXJ
9j6R3/BjQjtomN6MBEFtfbeNZNy2XCkfFiOP4G7XtBv8GvqfcYTZ6PH01AfkElUo
hfkHSSYegLY0G8KaLL+wEsDtmiSexSxEezbcqC6cwOFTdu7N8F51D6O3EWMCAwEA
AaOCAdowggHWMB0GA1UdDgQWBBRPe6fzHusCoffdymNU8/Kr0hVYjjAfBgNVHSME
GDAWgBQzLQ3bi970zHmEdMlZef3M4+uwwjAOBgNVHQ8BAf8EBAMCB4AwXQYDVR0f
BFYwVDBSoFCgToZMcnN5bmM6Ly9ycGtpLmNvL3JlcG8vQVMxOTk3NjIvMi8zMzJE
MEREQjhCREVGNENDNzk4NDc0Qzk1OTc5RkRDQ0UzRUJCMEMyLmNybDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1
LzEvMzMyRDBEREI4QkRFRjRDQzc5ODQ3NEM5NTk3OUZEQ0NFM0VCQjBDMi5jZXIw
gYAGCCsGAQUFBwELBHQwcjBwBggrBgEFBQcwC4ZkcnN5bmM6Ly9ycGtpLmNvL3Jl
cG8vQVMxOTk3NjIvMi8zMjYxMzEzMjNhNjQ2NDM0MzczYTMzMzkzMDMwM2EzYTJm
MzQzMDJkMzQzODIwM2QzZTIwMzEzOTM5MzczNjMyLnJvYTAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhLdRzkw
DQYJKoZIhvcNAQELBQADggEBABZNzyKNSuRF46wy7DCAldkDneqdvoVcX0sAZleO
NT8QIn7Vm95uun15liib7t3dhkBmDhpUds577NUbecKkShyayNWFmm0jj27fLyBP
SERR/x+Do1bzv+wKY9Vd8yS+B7IjtNd9nqLoXHe4tDFFFeglG57tF/dt1ZRy0NCI
YggbCz0JjpadViz3zzEfJkpod2fe0Jnh8uhl3uarfHHn5yCdD7PDBIiBtjmUoXnF
FlM1ZrIWlOpRVjWfGMxS4YOlz86fOldHuKQw858UU2df5gCOqDSHMDAfGbVcTP+0
9a5qDO74z/esELqVrKrVw8I5Fu447TSWzr9PfmTf6K7seNw=
-----END CERTIFICATE-----
Generated at Sat May 18 17:21:19 2024 by rpki-client on console-ams.rpki-client.org