Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS945/1/326131323a646434373a383366303a3a2f34342d3438203d3e20323034363131.roa
File:                     326131323a646434373a383366303a3a2f34342d3438203d3e20323034363131.roa (raw, json)
Hash identifier:          Comy5UbHlSuKXmZ4tZrYPAGde3VjHr5r4TrEndxdbI4=
Subject key identifier:   A5:E1:C4:93:9F:D5:00:57:B4:13:25:5F:77:48:C8:E7:0A:31:D0:01
Certificate issuer:       /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial:       5F72F71C02DF044504ACB745AB7DE8CA3F841292
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access:    rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access:      rsync://rpki.co/repo/AS945/1/326131323a646434373a383366303a3a2f34342d3438203d3e20323034363131.roa
Signing time:             Tue 17 Oct 2023 16:13:31 +0000
ROA not before:           Tue 17 Oct 2023 16:08:31 +0000
ROA not after:            Tue 15 Oct 2024 16:13:31 +0000
asID:                     204611
IP address blocks:        2a12:dd47:83f0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 14:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5f:72:f7:1c:02:df:04:45:04:ac:b7:45:ab:7d:e8:ca:3f:84:12:92
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
        Validity
            Not Before: Oct 17 16:08:31 2023 GMT
            Not After : Oct 15 16:13:31 2024 GMT
        Subject: CN=A5E1C4939FD50057B413255F7748C8E70A31D001
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:86:85:f3:fb:d8:c8:3e:59:7c:b0:c3:48:a7:
                    1f:b3:76:c8:22:12:1d:b6:a2:7d:20:db:67:4f:31:
                    1c:f2:8b:6f:71:3b:55:99:f6:ca:e1:df:d2:fd:83:
                    2a:ef:b9:2b:41:d5:80:63:50:00:5f:2c:87:91:02:
                    af:ac:1d:96:de:76:d3:f1:85:0f:de:af:47:53:db:
                    12:17:77:69:db:4b:8f:39:31:4b:97:56:09:e8:aa:
                    2c:11:de:af:50:6e:59:f5:fa:b4:2b:e6:e4:80:41:
                    ad:e3:d7:22:28:7b:5d:96:ea:fd:9e:84:2e:89:53:
                    51:ad:64:c2:ba:43:aa:37:3c:33:3f:0b:ca:fa:c5:
                    7f:e5:e6:ab:73:99:97:60:11:28:df:73:02:44:85:
                    4b:2d:2f:a8:82:3d:78:eb:bf:17:91:46:61:ff:7f:
                    a4:97:60:2a:66:5f:f0:5d:2e:bd:36:80:ea:0a:2b:
                    2a:5b:5d:4e:13:d7:7c:81:47:43:97:18:95:20:1f:
                    70:6d:c9:4c:57:a5:25:71:82:ab:54:c3:3d:9f:12:
                    ac:b4:51:ed:34:62:1a:dc:ee:ba:ae:9b:4d:dc:56:
                    65:a6:44:87:c6:b7:d9:a4:e2:15:27:0b:af:10:23:
                    a3:c8:2a:a9:27:72:cb:ce:09:82:33:08:bb:71:f5:
                    cb:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:E1:C4:93:9F:D5:00:57:B4:13:25:5F:77:48:C8:E7:0A:31:D0:01
            X509v3 Authority Key Identifier:
                keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS945/1/326131323a646434373a383366303a3a2f34342d3438203d3e20323034363131.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:83f0::/44

    Signature Algorithm: sha256WithRSAEncryption
         31:23:44:79:b6:2a:e9:ec:e2:e6:af:f0:3c:38:04:db:d0:34:
         02:db:fc:b3:18:03:fe:14:cd:a1:8f:c3:22:44:2c:ad:78:47:
         af:6f:83:cf:49:79:de:89:94:60:d6:71:98:88:5e:d1:b0:c1:
         cc:dd:30:da:d3:bf:bf:56:b0:ed:19:bb:ad:ce:84:04:d0:bc:
         ef:d3:f9:04:7d:a9:00:b8:6f:51:25:8b:2f:f0:b7:12:e1:7f:
         23:2c:78:91:e1:12:81:68:0e:a8:58:4d:b7:99:b8:de:11:83:
         27:82:95:23:72:85:3e:60:36:2f:aa:8e:d5:a0:06:2d:f9:ee:
         39:b9:25:e5:66:7e:86:66:e5:fe:6a:f3:35:71:73:e3:39:31:
         1a:84:b4:61:a4:e2:f4:c5:13:65:b0:9d:f7:41:ba:8e:c7:8c:
         f4:76:29:d3:cc:ac:4e:58:9e:26:4f:a0:00:65:24:de:b1:aa:
         4a:33:da:99:05:32:e7:21:ef:6f:35:74:e1:4f:e7:13:af:7e:
         04:c0:e4:9a:5b:02:c8:c5:02:32:6c:ef:a7:0a:e8:c6:0d:8b:
         02:89:c0:7b:46:4d:e5:c4:9b:e5:ad:b6:5a:89:ba:23:3c:81:
         75:d5:0d:bb:59:b4:a7:ce:71:86:23:a3:5a:28:73:38:f5:c0:
         e0:c6:60:de
-----BEGIN CERTIFICATE-----
MIIEyjCCA7KgAwIBAgIUX3L3HALfBEUErLdFq33oyj+EEpIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMTcxNjA4MzFaFw0yNDEwMTUxNjEzMzFaMDMxMTAvBgNV
BAMTKEE1RTFDNDkzOUZENTAwNTdCNDEzMjU1Rjc3NDhDOEU3MEEzMUQwMDEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4hoXz+9jIPll8sMNIpx+zdsgi
Eh22on0g22dPMRzyi29xO1WZ9srh39L9gyrvuStB1YBjUABfLIeRAq+sHZbedtPx
hQ/er0dT2xIXd2nbS485MUuXVgnoqiwR3q9Qbln1+rQr5uSAQa3j1yIoe12W6v2e
hC6JU1GtZMK6Q6o3PDM/C8r6xX/l5qtzmZdgESjfcwJEhUstL6iCPXjrvxeRRmH/
f6SXYCpmX/BdLr02gOoKKypbXU4T13yBR0OXGJUgH3BtyUxXpSVxgqtUwz2fEqy0
Ue00Yhrc7rqum03cVmWmRIfGt9mk4hUnC68QI6PIKqkncsvOCYIzCLtx9ctNAgMB
AAGjggHUMIIB0DAdBgNVHQ4EFgQUpeHEk5/VAFe0EyVfd0jI5wox0AEwHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC81
LzY2MDQyODlDN0UzOUUwOEUxQUUxMjU1Q0VFNzNDMDVCRkQ5OUYzRTYuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTM4MzM2NjMwM2EzYTJmMzQzNDJk
MzQzODIwM2QzZTIwMzIzMDM0MzYzMTMxLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKhLdR4PwMA0GCSqG
SIb3DQEBCwUAA4IBAQAxI0R5tirp7OLmr/A8OATb0DQC2/yzGAP+FM2hj8MiRCyt
eEevb4PPSXneiZRg1nGYiF7RsMHM3TDa07+/VrDtGbutzoQE0Lzv0/kEfakAuG9R
JYsv8LcS4X8jLHiR4RKBaA6oWE23mbjeEYMngpUjcoU+YDYvqo7VoAYt+e45uSXl
Zn6GZuX+avM1cXPjOTEahLRhpOL0xRNlsJ33QbqOx4z0dinTzKxOWJ4mT6AAZSTe
sapKM9qZBTLnIe9vNXThT+cTr34EwOSaWwLIxQIybO+nCujGDYsCicB7Rk3lxJvl
rbZaibojPIF11Q27WbSnznGGI6NaKHM49cDgxmDe
-----END CERTIFICATE-----