Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS945/1/326131323a646434373a336230303a3a2f34302d3438203d3e20313939313737.roa
File:                     326131323a646434373a336230303a3a2f34302d3438203d3e20313939313737.roa (raw, json)
Hash identifier:          X93PtFiNEM05tBFHTqSUr43vUrF4npXF1D2ZSSd2hCw=
Subject key identifier:   CC:F3:45:9E:60:C0:98:89:20:A7:72:97:EC:CE:D4:63:AA:01:E7:75
Certificate issuer:       /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial:       071A06599C4462E19D8A99F5F76C9470E59AFD51
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access:    rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access:      rsync://rpki.co/repo/AS945/1/326131323a646434373a336230303a3a2f34302d3438203d3e20313939313737.roa
Signing time:             Tue 17 Oct 2023 16:13:35 +0000
ROA not before:           Tue 17 Oct 2023 16:08:35 +0000
ROA not after:            Tue 15 Oct 2024 16:13:35 +0000
asID:                     199177
IP address blocks:        2a12:dd47:3b00::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 08:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            07:1a:06:59:9c:44:62:e1:9d:8a:99:f5:f7:6c:94:70:e5:9a:fd:51
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
        Validity
            Not Before: Oct 17 16:08:35 2023 GMT
            Not After : Oct 15 16:13:35 2024 GMT
        Subject: CN=CCF3459E60C0988920A77297ECCED463AA01E775
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:4e:b5:5e:a9:31:f7:ff:73:da:fc:3b:25:4a:
                    6c:71:34:3a:e6:0e:3d:35:e8:ba:13:86:04:16:76:
                    c9:b4:8d:ea:37:e9:72:50:38:ce:89:a7:51:89:41:
                    e5:1a:90:64:78:60:e3:5c:01:75:cf:44:d5:3b:d2:
                    87:4a:2b:bd:8f:dc:ed:bb:5c:21:63:9a:27:df:81:
                    5f:b3:05:a6:c0:38:d5:cb:15:f6:8e:d9:4e:8e:d7:
                    53:b8:79:74:3c:1d:7d:4c:49:5b:35:ee:64:de:52:
                    78:1e:df:65:6b:e5:59:32:95:69:d5:82:36:2b:4f:
                    d7:c2:fc:5b:b6:9b:56:aa:29:31:77:0d:31:10:91:
                    0a:94:68:e4:ea:57:a3:ae:d9:5a:a5:49:23:04:e1:
                    07:3d:27:2a:47:3b:a5:80:c3:e0:fa:cb:58:41:24:
                    f6:70:e2:75:47:ca:25:0c:4f:1c:33:ff:0e:d4:78:
                    0c:94:5d:c5:5f:09:e1:77:8c:01:32:54:ae:9d:26:
                    33:79:3c:3e:0e:86:5d:d4:32:cb:e1:6f:9f:8e:2c:
                    ed:72:6f:34:21:52:5d:15:94:a0:a9:41:06:1f:44:
                    5d:ec:a3:d8:84:96:a8:42:52:5c:b1:36:70:ef:1f:
                    05:3a:83:d4:00:f2:be:56:a5:ea:da:c7:c7:cd:e0:
                    f5:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CC:F3:45:9E:60:C0:98:89:20:A7:72:97:EC:CE:D4:63:AA:01:E7:75
            X509v3 Authority Key Identifier:
                keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS945/1/326131323a646434373a336230303a3a2f34302d3438203d3e20313939313737.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:3b00::/40

    Signature Algorithm: sha256WithRSAEncryption
         38:55:89:8c:dd:27:72:f7:ec:59:b7:39:b5:d1:b1:a6:43:6b:
         8d:55:aa:ff:e6:0a:59:f6:57:49:cb:4f:09:a2:9e:da:1e:b2:
         c5:b4:a3:f6:84:7b:0d:49:4b:9a:97:12:74:09:d2:67:1d:1f:
         78:66:67:d2:72:84:56:ac:27:85:1b:58:48:e3:8a:f4:89:b8:
         fc:7a:4b:16:60:af:4d:3f:0b:dd:80:ac:14:a3:dd:1d:fd:19:
         27:85:fc:e6:15:84:0d:56:40:b7:41:0b:57:53:de:c8:83:aa:
         76:bd:71:56:f1:0e:2e:17:e5:cf:38:97:ac:ba:f5:aa:a5:bd:
         d9:e1:64:7d:ce:95:23:fe:fb:d3:7c:8b:a2:2f:24:dc:7e:7d:
         22:34:45:25:31:63:c6:be:e2:41:8a:15:50:07:46:20:8c:2c:
         b8:a7:59:14:0b:90:3e:50:64:78:86:15:1c:b9:f8:1d:ac:be:
         17:b2:61:4d:38:73:b9:e9:62:e8:a1:56:d5:4e:f6:75:94:b3:
         8a:a4:1b:4d:cb:80:1c:d5:b8:12:d4:4c:e1:64:4e:7a:71:94:
         6b:92:96:4c:66:42:b8:18:7a:50:95:27:25:8c:c0:1a:97:b6:
         6a:e7:a5:92:bd:25:df:74:74:85:c9:3c:5b:82:f5:22:15:87:
         40:14:34:95
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIUBxoGWZxEYuGdipn192yUcOWa/VEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMTcxNjA4MzVaFw0yNDEwMTUxNjEzMzVaMDMxMTAvBgNV
BAMTKENDRjM0NTlFNjBDMDk4ODkyMEE3NzI5N0VDQ0VENDYzQUEwMUU3NzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbTrVeqTH3/3Pa/DslSmxxNDrm
Dj016LoThgQWdsm0jeo36XJQOM6Jp1GJQeUakGR4YONcAXXPRNU70odKK72P3O27
XCFjmiffgV+zBabAONXLFfaO2U6O11O4eXQ8HX1MSVs17mTeUnge32Vr5VkylWnV
gjYrT9fC/Fu2m1aqKTF3DTEQkQqUaOTqV6Ou2VqlSSME4Qc9JypHO6WAw+D6y1hB
JPZw4nVHyiUMTxwz/w7UeAyUXcVfCeF3jAEyVK6dJjN5PD4Ohl3UMsvhb5+OLO1y
bzQhUl0VlKCpQQYfRF3so9iElqhCUlyxNnDvHwU6g9QA8r5Wperax8fN4PWDAgMB
AAGjggHTMIIBzzAdBgNVHQ4EFgQUzPNFnmDAmIkgp3KX7M7UY6oB53UwHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC81
LzY2MDQyODlDN0UzOUUwOEUxQUUxMjU1Q0VFNzNDMDVCRkQ5OUYzRTYuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTMzNjIzMDMwM2EzYTJmMzQzMDJk
MzQzODIwM2QzZTIwMzEzOTM5MzEzNzM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhLdRzswDQYJKoZI
hvcNAQELBQADggEBADhViYzdJ3L37Fm3ObXRsaZDa41Vqv/mCln2V0nLTwmintoe
ssW0o/aEew1JS5qXEnQJ0mcdH3hmZ9JyhFasJ4UbWEjjivSJuPx6SxZgr00/C92A
rBSj3R39GSeF/OYVhA1WQLdBC1dT3siDqna9cVbxDi4X5c84l6y69aqlvdnhZH3O
lSP++9N8i6IvJNx+fSI0RSUxY8a+4kGKFVAHRiCMLLinWRQLkD5QZHiGFRy5+B2s
vheyYU04c7npYuihVtVO9nWUs4qkG03LgBzVuBLUTOFkTnpxlGuSlkxmQrgYelCV
JyWMwBqXtmrnpZK9Jd90dIXJPFuC9SIVh0AUNJU=
-----END CERTIFICATE-----