Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS945/1/326131323a646434373a383162303a3a2f34342d3438203d3e20323033373337.roa
File:                     326131323a646434373a383162303a3a2f34342d3438203d3e20323033373337.roa (raw, json)
Hash identifier:          Vquy5GSuKEw4hL31pFjyt0DTy5lP5H94sjpm5AqZ1xU=
Subject key identifier:   D4:C2:D2:91:6E:D6:45:AE:3F:03:B3:86:6E:2D:DA:1C:8A:AC:62:0C
Certificate issuer:       /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial:       494834E4F41AF669FD98A810DF66F2F396CF2EB8
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access:    rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access:      rsync://rpki.co/repo/AS945/1/326131323a646434373a383162303a3a2f34342d3438203d3e20323033373337.roa
Signing time:             Tue 17 Oct 2023 16:13:27 +0000
ROA not before:           Tue 17 Oct 2023 16:08:27 +0000
ROA not after:            Tue 15 Oct 2024 16:13:27 +0000
asID:                     203737
IP address blocks:        2a12:dd47:81b0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 13:33:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            49:48:34:e4:f4:1a:f6:69:fd:98:a8:10:df:66:f2:f3:96:cf:2e:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
        Validity
            Not Before: Oct 17 16:08:27 2023 GMT
            Not After : Oct 15 16:13:27 2024 GMT
        Subject: CN=D4C2D2916ED645AE3F03B3866E2DDA1C8AAC620C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f2:46:f5:76:47:23:a3:bb:0a:80:cc:e8:d3:70:
                    4c:c6:e2:5a:63:80:1b:33:dd:14:31:96:25:eb:c1:
                    86:71:5b:6c:56:65:b4:07:e3:71:9f:ac:dc:de:7c:
                    8b:64:8c:87:5a:3b:bd:d0:88:ce:ac:58:67:67:6a:
                    91:13:a9:60:87:30:fc:59:5f:98:8c:60:d4:22:e1:
                    77:1b:9d:bd:2d:3c:7c:c4:ec:99:c1:93:98:fe:13:
                    06:b8:71:72:a7:3e:18:e6:d0:97:a3:a6:f7:62:3e:
                    83:a9:cd:26:a8:7b:fc:6b:b7:0d:0c:a8:da:a3:95:
                    36:d6:16:80:02:a3:ab:93:ca:b7:7b:9d:38:11:78:
                    ab:be:e0:fa:9e:04:1c:fa:7d:fb:df:b9:0c:4c:69:
                    54:e6:f1:99:b4:4b:4b:a8:d2:c9:d2:64:8e:33:04:
                    93:56:87:03:07:11:fe:a8:0e:c4:49:da:01:0a:da:
                    7b:cf:ed:1e:81:08:ad:e5:7c:6f:00:3b:ba:33:cc:
                    f2:e7:94:32:be:9f:3f:4f:ea:d8:2e:86:c5:64:cd:
                    5c:db:cf:33:e4:6e:29:8f:c7:72:fc:89:40:e1:5e:
                    09:21:e8:4b:e2:ab:0b:9a:2c:9b:a6:39:02:c9:5e:
                    38:0e:29:ea:27:bb:4f:35:8b:0d:69:ba:d1:d2:6c:
                    c7:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D4:C2:D2:91:6E:D6:45:AE:3F:03:B3:86:6E:2D:DA:1C:8A:AC:62:0C
            X509v3 Authority Key Identifier:
                keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS945/1/326131323a646434373a383162303a3a2f34342d3438203d3e20323033373337.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:81b0::/44

    Signature Algorithm: sha256WithRSAEncryption
         62:ef:03:f3:ca:7b:fd:b9:df:80:1c:46:40:fb:aa:21:4a:62:
         85:05:cf:ae:d4:84:04:1a:9c:01:4d:d5:7f:09:e8:fd:27:87:
         d9:32:8e:54:6d:28:b9:49:33:7f:7d:cc:bb:d2:da:90:ba:ba:
         e7:80:71:1d:82:b5:ad:55:e1:9e:d1:a0:8d:ea:ce:b2:9a:f2:
         3f:57:af:03:ec:ea:75:d2:87:4a:cf:7f:b2:6c:67:0c:a1:4c:
         96:b5:99:9b:f7:5d:f5:2e:02:8c:50:a6:78:86:a5:c3:48:ba:
         1d:32:84:ba:5f:1b:fc:00:c4:24:b8:18:12:39:1f:44:8e:44:
         0f:c6:1f:f0:d2:ac:9e:1e:c6:f7:ae:4b:b7:72:d6:d5:b6:65:
         d1:70:a0:86:ff:81:58:4f:cd:d8:c1:53:66:c9:c0:58:0c:b1:
         46:a3:c2:2e:8a:a1:ba:8e:59:d5:5e:d1:e1:ed:83:de:ce:d5:
         14:33:e4:87:0e:ef:6e:6f:62:a8:20:bf:68:29:e4:37:43:e3:
         45:b0:f4:7b:b7:98:34:73:99:74:b4:9e:72:c5:bc:6f:06:76:
         e8:87:be:20:d1:eb:3d:94:4a:f2:8e:3a:a1:1e:d6:6f:d4:7a:
         2c:69:63:fa:82:57:77:82:34:c6:1a:b5:45:de:6c:ca:84:13:
         09:85:2a:93
-----BEGIN CERTIFICATE-----
MIIEyjCCA7KgAwIBAgIUSUg05PQa9mn9mKgQ32by85bPLrgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMTcxNjA4MjdaFw0yNDEwMTUxNjEzMjdaMDMxMTAvBgNV
BAMTKEQ0QzJEMjkxNkVENjQ1QUUzRjAzQjM4NjZFMkREQTFDOEFBQzYyMEMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyRvV2RyOjuwqAzOjTcEzG4lpj
gBsz3RQxliXrwYZxW2xWZbQH43GfrNzefItkjIdaO73QiM6sWGdnapETqWCHMPxZ
X5iMYNQi4Xcbnb0tPHzE7JnBk5j+Ewa4cXKnPhjm0JejpvdiPoOpzSaoe/xrtw0M
qNqjlTbWFoACo6uTyrd7nTgReKu+4PqeBBz6ffvfuQxMaVTm8Zm0S0uo0snSZI4z
BJNWhwMHEf6oDsRJ2gEK2nvP7R6BCK3lfG8AO7ozzPLnlDK+nz9P6tguhsVkzVzb
zzPkbimPx3L8iUDhXgkh6EviqwuaLJumOQLJXjgOKeonu081iw1putHSbMdrAgMB
AAGjggHUMIIB0DAdBgNVHQ4EFgQU1MLSkW7WRa4/A7OGbi3aHIqsYgwwHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC81
LzY2MDQyODlDN0UzOUUwOEUxQUUxMjU1Q0VFNzNDMDVCRkQ5OUYzRTYuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTM4MzE2MjMwM2EzYTJmMzQzNDJk
MzQzODIwM2QzZTIwMzIzMDMzMzczMzM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhLdR4GwMA0GCSqG
SIb3DQEBCwUAA4IBAQBi7wPzynv9ud+AHEZA+6ohSmKFBc+u1IQEGpwBTdV/Cej9
J4fZMo5UbSi5STN/fcy70tqQurrngHEdgrWtVeGe0aCN6s6ymvI/V68D7Op10odK
z3+ybGcMoUyWtZmb9131LgKMUKZ4hqXDSLodMoS6Xxv8AMQkuBgSOR9EjkQPxh/w
0qyeHsb3rku3ctbVtmXRcKCG/4FYT83YwVNmycBYDLFGo8IuiqG6jlnVXtHh7YPe
ztUUM+SHDu9ub2KoIL9oKeQ3Q+NFsPR7t5g0c5l0tJ5yxbxvBnboh74g0es9lEry
jjqhHtZv1HosaWP6gld3gjTGGrVF3mzKhBMJhSqT
-----END CERTIFICATE-----