Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS945/1/326131323a646434363a323030303a3a2f33362d3438203d3e20323032343030.roa
File:                     326131323a646434363a323030303a3a2f33362d3438203d3e20323032343030.roa (raw, json)
Hash identifier:          lx84iiijq6aU5bcvfYUE+7SYDuI10nGZf8ZD71XRFL8=
Subject key identifier:   92:8D:BE:8E:ED:77:A7:35:14:93:FD:F2:41:BD:98:39:01:71:F5:14
Certificate issuer:       /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial:       594B413EAC4F04DC2082E9F3994FFF44DF40171D
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access:    rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access:      rsync://rpki.co/repo/AS945/1/326131323a646434363a323030303a3a2f33362d3438203d3e20323032343030.roa
Signing time:             Tue 17 Oct 2023 16:13:34 +0000
ROA not before:           Tue 17 Oct 2023 16:08:34 +0000
ROA not after:            Tue 15 Oct 2024 16:13:34 +0000
asID:                     202400
IP address blocks:        2a12:dd46:2000::/36 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 13:33:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            59:4b:41:3e:ac:4f:04:dc:20:82:e9:f3:99:4f:ff:44:df:40:17:1d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
        Validity
            Not Before: Oct 17 16:08:34 2023 GMT
            Not After : Oct 15 16:13:34 2024 GMT
        Subject: CN=928DBE8EED77A7351493FDF241BD98390171F514
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9a:97:5d:e4:40:c3:4b:58:4d:ab:73:a0:87:83:
                    7d:a2:07:ae:ee:42:a0:21:a9:0d:f5:36:08:47:e0:
                    fb:b2:e2:5f:52:ce:69:06:59:27:69:7e:08:f4:7c:
                    32:1c:3e:28:89:81:28:76:4e:68:b1:7a:8c:76:1e:
                    80:66:7a:3c:62:c6:eb:f2:13:49:fc:e0:e4:40:d1:
                    85:92:6c:ff:0c:89:b8:95:8e:64:26:97:ac:75:6c:
                    cc:3e:31:2d:62:b3:31:90:50:9c:88:f0:27:9c:0b:
                    db:a7:a6:aa:b2:81:db:57:64:33:fd:52:33:5e:02:
                    41:32:a8:67:72:3c:61:c2:4a:b4:e8:5f:de:72:de:
                    ec:f6:7f:0b:80:cb:b3:ba:cd:c5:6a:83:41:09:a4:
                    22:fd:52:98:3a:8d:14:18:1e:b9:f0:0d:17:39:00:
                    20:0d:ba:46:8d:4b:55:67:87:cd:7a:f6:9c:00:75:
                    93:e3:ab:b1:67:b0:87:ba:1f:8f:6b:59:00:80:1c:
                    70:33:65:c2:b0:6d:ef:e8:da:d9:4e:1b:de:01:c3:
                    45:da:14:3a:ee:12:1a:1c:5c:62:f3:6c:15:cc:c8:
                    16:b0:e0:29:13:7d:7e:4d:b3:8d:5e:60:4c:ec:d0:
                    d6:2d:6e:e9:82:b9:59:25:f3:52:e4:aa:c7:da:2e:
                    e4:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:8D:BE:8E:ED:77:A7:35:14:93:FD:F2:41:BD:98:39:01:71:F5:14
            X509v3 Authority Key Identifier:
                keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS945/1/326131323a646434363a323030303a3a2f33362d3438203d3e20323032343030.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd46:2000::/36

    Signature Algorithm: sha256WithRSAEncryption
         26:6d:ee:d1:1c:04:73:dc:54:47:95:22:1e:e1:b3:81:fe:d7:
         2e:40:97:8c:a8:da:24:11:54:6b:06:ba:d6:23:13:8e:c4:27:
         cb:41:e8:9e:87:67:f6:13:02:d6:18:6a:9e:23:1d:03:96:7e:
         8c:7d:ab:66:b1:eb:09:03:56:09:58:7a:e6:ec:ae:7b:0b:d4:
         0e:e2:9f:37:a4:63:6e:2c:79:66:5b:ba:6a:30:44:81:b9:46:
         db:87:0c:c0:7c:f3:ab:70:7a:05:99:98:2d:7b:ab:d7:99:58:
         f6:a6:58:04:61:16:e1:6c:6c:55:84:86:37:0b:03:cf:44:98:
         c8:fb:5e:14:32:16:94:c6:6d:d9:64:68:20:af:68:bc:e1:f2:
         8a:0e:05:3c:f3:3c:b9:58:ee:0b:ed:c1:cd:ed:25:aa:34:cb:
         40:9d:47:c8:25:a5:47:60:de:85:77:ce:cc:32:c1:8a:b1:93:
         4a:2e:05:d8:fb:72:4e:a1:7e:51:18:9a:ef:a3:7a:3b:5a:ff:
         ab:b2:8d:e9:c4:6a:aa:23:25:38:ee:2b:b1:46:54:7b:55:6d:
         f7:33:dd:94:05:cb:0f:7b:30:30:1e:99:bf:98:e7:01:9c:e7:
         0f:de:24:9b:b4:fb:36:95:af:c5:d9:dd:ee:bd:9c:70:a6:09:
         9c:9e:36:a8
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIUWUtBPqxPBNwggunzmU//RN9AFx0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMTcxNjA4MzRaFw0yNDEwMTUxNjEzMzRaMDMxMTAvBgNV
BAMTKDkyOERCRThFRUQ3N0E3MzUxNDkzRkRGMjQxQkQ5ODM5MDE3MUY1MTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCal13kQMNLWE2rc6CHg32iB67u
QqAhqQ31NghH4Puy4l9SzmkGWSdpfgj0fDIcPiiJgSh2Tmixeox2HoBmejxixuvy
E0n84ORA0YWSbP8MibiVjmQml6x1bMw+MS1iszGQUJyI8CecC9unpqqygdtXZDP9
UjNeAkEyqGdyPGHCSrToX95y3uz2fwuAy7O6zcVqg0EJpCL9Upg6jRQYHrnwDRc5
ACANukaNS1Vnh8169pwAdZPjq7FnsIe6H49rWQCAHHAzZcKwbe/o2tlOG94Bw0Xa
FDruEhocXGLzbBXMyBaw4CkTfX5Ns41eYEzs0NYtbumCuVkl81LkqsfaLuRFAgMB
AAGjggHTMIIBzzAdBgNVHQ4EFgQUko2+ju13pzUUk/3yQb2YOQFx9RQwHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC81
LzY2MDQyODlDN0UzOUUwOEUxQUUxMjU1Q0VFNzNDMDVCRkQ5OUYzRTYuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzYzYTMyMzAzMDMwM2EzYTJmMzMzNjJk
MzQzODIwM2QzZTIwMzIzMDMyMzQzMDMwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKhLdRiAwDQYJKoZI
hvcNAQELBQADggEBACZt7tEcBHPcVEeVIh7hs4H+1y5Al4yo2iQRVGsGutYjE47E
J8tB6J6HZ/YTAtYYap4jHQOWfox9q2ax6wkDVglYeubsrnsL1A7inzekY24seWZb
umowRIG5RtuHDMB886twegWZmC17q9eZWPamWARhFuFsbFWEhjcLA89EmMj7XhQy
FpTGbdlkaCCvaLzh8ooOBTzzPLlY7gvtwc3tJao0y0CdR8glpUdg3oV3zswywYqx
k0ouBdj7ck6hflEYmu+jejta/6uyjenEaqojJTjuK7FGVHtVbfcz3ZQFyw97MDAe
mb+Y5wGc5w/eJJu0+zaVr8XZ3e69nHCmCZyeNqg=
-----END CERTIFICATE-----