Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS945/1/326131323a646434373a333430303a3a2f33382d3338203d3e20323030383237.roa
File:                     326131323a646434373a333430303a3a2f33382d3338203d3e20323030383237.roa (raw, json)
Hash identifier:          cETeJOrdxVORxpc5LZUKodLEPF4yISBHkXqxT3iF5xs=
Subject key identifier:   EF:67:9E:B1:6A:E1:9F:B2:8D:84:87:65:AD:82:C2:0A:F0:F2:61:21
Certificate issuer:       /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial:       3435100EA91A89BAEBD1BF9A95A057AA200D9612
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access:    rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access:      rsync://rpki.co/repo/AS945/1/326131323a646434373a333430303a3a2f33382d3338203d3e20323030383237.roa
Signing time:             Tue 17 Oct 2023 16:13:35 +0000
ROA not before:           Tue 17 Oct 2023 16:08:35 +0000
ROA not after:            Tue 15 Oct 2024 16:13:35 +0000
asID:                     200827
IP address blocks:        2a12:dd47:3400::/38 maxlen: 38

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 13:33:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:35:10:0e:a9:1a:89:ba:eb:d1:bf:9a:95:a0:57:aa:20:0d:96:12
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
        Validity
            Not Before: Oct 17 16:08:35 2023 GMT
            Not After : Oct 15 16:13:35 2024 GMT
        Subject: CN=EF679EB16AE19FB28D848765AD82C20AF0F26121
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:ef:3d:c4:f8:a7:b1:21:12:b8:b6:66:b6:3b:
                    93:0c:16:ad:d2:75:4b:4f:5d:fa:e7:2d:07:46:59:
                    4d:bb:69:59:62:ec:10:f7:b3:68:c6:9e:b1:6d:1e:
                    0c:27:fd:72:ff:43:ce:b9:8e:1f:0a:7b:a3:eb:e0:
                    ba:9d:93:5b:db:8e:12:b5:f8:4f:08:5b:e4:1f:e5:
                    95:42:f4:ac:87:a6:c0:4f:f4:a5:64:f0:25:33:aa:
                    14:65:a9:37:2d:3e:8f:af:25:c3:b8:13:9d:78:96:
                    76:1d:6f:c1:00:74:60:0c:2a:35:6e:84:e2:f0:8e:
                    c6:0c:30:ed:6f:56:ff:ff:0e:60:ee:36:8f:a0:8d:
                    d9:3c:36:59:1b:9a:4f:9f:84:7c:5a:0b:26:6a:8c:
                    83:b9:f9:94:c0:03:89:38:2b:1d:6c:c4:5a:7b:16:
                    14:7e:8e:c4:8f:94:de:21:55:3e:5e:3e:0b:e1:3f:
                    39:d4:3c:d6:fc:ab:d1:83:e9:53:21:dc:f5:93:3a:
                    ab:1c:0f:c9:c6:60:dc:ea:71:7c:f4:44:c0:6d:f4:
                    f1:8e:2c:ef:62:88:76:4b:6b:a1:be:e2:60:b1:44:
                    5b:2f:69:2c:7d:27:dd:f4:63:4d:92:e7:7a:0d:77:
                    c6:ed:f5:5d:82:ce:78:cd:65:65:db:54:87:94:c8:
                    97:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:67:9E:B1:6A:E1:9F:B2:8D:84:87:65:AD:82:C2:0A:F0:F2:61:21
            X509v3 Authority Key Identifier:
                keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS945/1/326131323a646434373a333430303a3a2f33382d3338203d3e20323030383237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:3400::/38

    Signature Algorithm: sha256WithRSAEncryption
         d5:af:bd:b2:15:61:4c:89:1c:5f:d0:d5:6f:48:96:41:b5:df:
         cc:a9:57:1b:f1:02:47:61:17:c7:59:a1:d8:8d:40:54:43:7d:
         50:1a:11:25:b7:1a:04:b1:dd:97:7c:e7:92:26:47:c0:94:b0:
         77:d6:3b:c5:2e:b4:0b:49:52:77:df:34:01:0e:1c:b2:4a:aa:
         11:70:51:38:3d:c7:0f:c8:1a:cd:84:84:35:38:73:c0:f6:50:
         f4:45:d3:51:96:ec:83:b6:c9:7e:da:a0:ce:75:be:f4:34:7c:
         f3:0e:e3:b3:ce:0e:fe:ea:84:a1:dd:5d:81:72:78:48:16:1a:
         ca:cb:4a:15:de:a2:fa:34:4c:7e:0b:eb:33:f1:d0:87:17:2f:
         07:54:3d:87:11:1b:59:c2:4b:bc:33:8c:0f:80:30:29:f4:a1:
         4c:aa:14:b7:5f:8c:b9:17:b4:8c:fd:51:a2:27:7c:9f:5a:d4:
         a3:de:e0:da:58:29:ba:22:e5:e8:f8:16:ed:a3:44:3f:8f:f5:
         42:9c:47:cd:ff:34:94:f1:37:bb:cd:ff:b6:33:a0:29:4f:19:
         d9:2e:9a:48:5e:df:bf:f2:88:58:5a:17:d4:4d:7c:d9:2a:bb:
         34:fe:5e:a2:1c:75:77:9e:c6:60:29:84:19:65:84:d3:3d:cc:
         6d:a3:66:2d
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIUNDUQDqkaibrr0b+alaBXqiANlhIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMTcxNjA4MzVaFw0yNDEwMTUxNjEzMzVaMDMxMTAvBgNV
BAMTKEVGNjc5RUIxNkFFMTlGQjI4RDg0ODc2NUFEODJDMjBBRjBGMjYxMjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF7z3E+KexIRK4tma2O5MMFq3S
dUtPXfrnLQdGWU27aVli7BD3s2jGnrFtHgwn/XL/Q865jh8Ke6Pr4Lqdk1vbjhK1
+E8IW+Qf5ZVC9KyHpsBP9KVk8CUzqhRlqTctPo+vJcO4E514lnYdb8EAdGAMKjVu
hOLwjsYMMO1vVv//DmDuNo+gjdk8Nlkbmk+fhHxaCyZqjIO5+ZTAA4k4Kx1sxFp7
FhR+jsSPlN4hVT5ePgvhPznUPNb8q9GD6VMh3PWTOqscD8nGYNzqcXz0RMBt9PGO
LO9iiHZLa6G+4mCxRFsvaSx9J930Y02S53oNd8bt9V2CznjNZWXbVIeUyJcvAgMB
AAGjggHTMIIBzzAdBgNVHQ4EFgQU72eesWrhn7KNhIdlrYLCCvDyYSEwHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC81
LzY2MDQyODlDN0UzOUUwOEUxQUUxMjU1Q0VFNzNDMDVCRkQ5OUYzRTYuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTMzMzQzMDMwM2EzYTJmMzMzODJk
MzMzODIwM2QzZTIwMzIzMDMwMzgzMjM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKhLdRzQwDQYJKoZI
hvcNAQELBQADggEBANWvvbIVYUyJHF/Q1W9IlkG138ypVxvxAkdhF8dZodiNQFRD
fVAaESW3GgSx3Zd855ImR8CUsHfWO8UutAtJUnffNAEOHLJKqhFwUTg9xw/IGs2E
hDU4c8D2UPRF01GW7IO2yX7aoM51vvQ0fPMO47PODv7qhKHdXYFyeEgWGsrLShXe
ovo0TH4L6zPx0IcXLwdUPYcRG1nCS7wzjA+AMCn0oUyqFLdfjLkXtIz9UaInfJ9a
1KPe4NpYKboi5ej4Fu2jRD+P9UKcR83/NJTxN7vN/7YzoClPGdkumkhe37/yiFha
F9RNfNkquzT+XqIcdXeexmAphBllhNM9zG2jZi0=
-----END CERTIFICATE-----