Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS945/1/326131323a646434373a383136363a3a2f34382d3438203d3e20323032323232.roa
File:                     326131323a646434373a383136363a3a2f34382d3438203d3e20323032323232.roa (raw, json)
Hash identifier:          9QiFJvr701yaQgjZuS+3Hfq56pkK74W4uF7UW1PmJrw=
Subject key identifier:   5D:CC:08:4E:B9:27:88:D4:48:00:16:2D:9D:64:24:F4:AB:92:66:0F
Certificate issuer:       /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial:       4B011E560B2E2880285042051458BF30C2F5A8BD
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access:    rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access:      rsync://rpki.co/repo/AS945/1/326131323a646434373a383136363a3a2f34382d3438203d3e20323032323232.roa
Signing time:             Tue 17 Oct 2023 16:13:26 +0000
ROA not before:           Tue 17 Oct 2023 16:08:26 +0000
ROA not after:            Tue 15 Oct 2024 16:13:26 +0000
asID:                     202222
IP address blocks:        2a12:dd47:8166::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 14:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:01:1e:56:0b:2e:28:80:28:50:42:05:14:58:bf:30:c2:f5:a8:bd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
        Validity
            Not Before: Oct 17 16:08:26 2023 GMT
            Not After : Oct 15 16:13:26 2024 GMT
        Subject: CN=5DCC084EB92788D44800162D9D6424F4AB92660F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:51:7b:1d:25:10:f5:13:a2:93:9f:90:d5:d7:
                    e9:4a:fa:c3:ec:96:2d:44:7a:5d:35:55:87:ef:85:
                    36:b9:d1:5c:c6:9d:79:4f:c9:87:e8:52:e4:43:18:
                    bc:a8:7f:a8:15:a2:1d:ae:5d:28:f8:b1:82:00:84:
                    9a:db:60:4c:2e:79:02:82:62:0f:f7:d4:db:66:d6:
                    b3:b5:23:da:42:a4:e0:4e:a0:6c:df:8a:60:ff:8a:
                    56:1f:e2:dd:8d:79:35:eb:87:18:e6:b2:55:0f:75:
                    63:a7:60:04:5f:cb:e7:4e:ad:61:48:9f:f8:8c:77:
                    bf:ad:5e:56:c9:27:64:ea:01:ab:db:bc:58:fb:b5:
                    34:23:54:1a:4c:0b:d4:42:7d:c9:ae:3f:f5:30:ac:
                    a2:e9:a0:1f:5d:18:83:8d:72:0a:03:84:ed:a5:37:
                    74:b9:ea:1d:53:3b:31:5a:34:64:4a:1e:7f:4b:5d:
                    fc:2c:87:7a:6d:aa:3b:09:21:68:90:3f:98:f6:d3:
                    87:c5:63:4e:74:ce:f4:07:fa:ff:fe:be:99:b9:8c:
                    d0:f1:f8:72:77:dd:7f:d3:2f:ad:e7:7e:b7:c9:f3:
                    78:44:94:12:97:db:af:58:26:9c:21:c5:f3:73:0a:
                    6a:44:38:ca:0f:65:fe:a4:01:7d:c0:b5:9e:0b:e1:
                    71:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:CC:08:4E:B9:27:88:D4:48:00:16:2D:9D:64:24:F4:AB:92:66:0F
            X509v3 Authority Key Identifier:
                keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS945/1/326131323a646434373a383136363a3a2f34382d3438203d3e20323032323232.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:8166::/48

    Signature Algorithm: sha256WithRSAEncryption
         40:a3:ae:54:29:bb:0f:5e:17:b8:8f:0f:a4:d7:a0:f1:72:20:
         a0:ba:a6:e6:71:c6:37:c0:f5:b1:0d:86:14:d4:40:72:61:11:
         80:43:2e:cc:d1:49:8e:5e:f6:e6:60:09:a1:1a:51:db:44:2e:
         94:42:13:b4:67:33:62:43:77:1c:ae:e6:ff:7b:19:c4:4e:41:
         c7:6a:e2:24:f5:89:42:c3:16:52:76:d3:0f:d4:80:b9:94:36:
         26:eb:7e:16:9f:17:1e:9b:59:a4:d9:43:4d:cf:db:62:6a:5c:
         43:4b:24:2b:ad:51:74:4c:9e:e9:90:4a:bd:50:34:1a:fc:11:
         19:2f:95:ef:d1:b0:7b:c7:c3:7d:c7:13:f1:cb:4f:2b:9b:e9:
         fe:8e:da:4c:e2:5c:22:f6:12:2c:1e:23:a5:c9:d1:14:ae:83:
         b3:87:3d:7f:fc:16:8d:f8:e0:6e:63:00:49:8f:f5:76:23:bf:
         ec:dc:af:a6:ad:e8:14:bd:50:5c:0a:ad:91:b6:74:c8:06:03:
         99:e5:c1:5f:4d:76:08:73:e2:d9:aa:ef:8f:5e:9b:dc:c5:da:
         f9:4e:1f:71:b5:d7:ef:94:09:65:24:9c:03:2e:01:ed:02:92:
         83:a0:bc:d0:5a:74:b5:38:95:2f:8b:03:2c:4f:c9:bd:59:60:
         d1:e2:81:15
-----BEGIN CERTIFICATE-----
MIIEyjCCA7KgAwIBAgIUSwEeVgsuKIAoUEIFFFi/MML1qL0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMTcxNjA4MjZaFw0yNDEwMTUxNjEzMjZaMDMxMTAvBgNV
BAMTKDVEQ0MwODRFQjkyNzg4RDQ0ODAwMTYyRDlENjQyNEY0QUI5MjY2MEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDEUXsdJRD1E6KTn5DV1+lK+sPs
li1Eel01VYfvhTa50VzGnXlPyYfoUuRDGLyof6gVoh2uXSj4sYIAhJrbYEwueQKC
Yg/31Ntm1rO1I9pCpOBOoGzfimD/ilYf4t2NeTXrhxjmslUPdWOnYARfy+dOrWFI
n/iMd7+tXlbJJ2TqAavbvFj7tTQjVBpMC9RCfcmuP/UwrKLpoB9dGIONcgoDhO2l
N3S56h1TOzFaNGRKHn9LXfwsh3ptqjsJIWiQP5j204fFY050zvQH+v/+vpm5jNDx
+HJ33X/TL63nfrfJ83hElBKX269YJpwhxfNzCmpEOMoPZf6kAX3AtZ4L4XF9AgMB
AAGjggHUMIIB0DAdBgNVHQ4EFgQUXcwITrkniNRIABYtnWQk9KuSZg8wHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC81
LzY2MDQyODlDN0UzOUUwOEUxQUUxMjU1Q0VFNzNDMDVCRkQ5OUYzRTYuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTM4MzEzNjM2M2EzYTJmMzQzODJk
MzQzODIwM2QzZTIwMzIzMDMyMzIzMjMyLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhLdR4FmMA0GCSqG
SIb3DQEBCwUAA4IBAQBAo65UKbsPXhe4jw+k16DxciCguqbmccY3wPWxDYYU1EBy
YRGAQy7M0UmOXvbmYAmhGlHbRC6UQhO0ZzNiQ3ccrub/exnETkHHauIk9YlCwxZS
dtMP1IC5lDYm634Wnxcem1mk2UNNz9tialxDSyQrrVF0TJ7pkEq9UDQa/BEZL5Xv
0bB7x8N9xxPxy08rm+n+jtpM4lwi9hIsHiOlydEUroOzhz1//BaN+OBuYwBJj/V2
I7/s3K+mregUvVBcCq2RtnTIBgOZ5cFfTXYIc+LZqu+PXpvcxdr5Th9xtdfvlAll
JJwDLgHtApKDoLzQWnS1OJUviwMsT8m9WWDR4oEV
-----END CERTIFICATE-----