Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS945/1/326131323a646434373a386630303a3a2f34302d3438203d3e20323132343833.roa
File:                     326131323a646434373a386630303a3a2f34302d3438203d3e20323132343833.roa (raw, json)
Hash identifier:          VuQ1SAvI4qdHdXQZs0swYzJLSnwI4E1tuTDlzWMosjM=
Subject key identifier:   33:9A:57:58:BE:5D:FF:8B:EE:A8:4D:30:21:2F:CF:06:92:27:8B:9A
Certificate issuer:       /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial:       5D8DF728759B5EB2A43689EB3A324C6AC6F1890F
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access:    rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access:      rsync://rpki.co/repo/AS945/1/326131323a646434373a386630303a3a2f34302d3438203d3e20323132343833.roa
Signing time:             Tue 17 Oct 2023 16:13:26 +0000
ROA not before:           Tue 17 Oct 2023 16:08:26 +0000
ROA not after:            Tue 15 Oct 2024 16:13:26 +0000
asID:                     212483
IP address blocks:        2a12:dd47:8f00::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 14:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5d:8d:f7:28:75:9b:5e:b2:a4:36:89:eb:3a:32:4c:6a:c6:f1:89:0f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
        Validity
            Not Before: Oct 17 16:08:26 2023 GMT
            Not After : Oct 15 16:13:26 2024 GMT
        Subject: CN=339A5758BE5DFF8BEEA84D30212FCF0692278B9A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:8f:b8:8b:8e:ed:e2:8c:18:c3:ca:50:06:c9:
                    33:2d:c6:c2:f8:36:ec:ea:e7:a1:24:c0:47:28:d2:
                    96:8b:67:c8:02:ab:2c:ff:9d:c4:20:cf:39:ec:10:
                    53:56:ec:5b:b9:d2:fa:cd:32:e0:da:39:ee:c6:69:
                    c6:d5:a8:a4:a1:e2:04:a5:e5:2d:f9:4c:5d:94:75:
                    77:44:d6:db:0a:e5:1b:2a:58:d9:7c:27:2c:85:bd:
                    a2:0e:05:27:a5:94:e1:9c:ba:cf:6d:39:6e:ac:6f:
                    6f:bd:fc:00:4b:a5:9f:c4:56:6d:a7:83:cd:f2:42:
                    45:60:40:30:36:1d:7b:01:d8:21:ca:50:d7:68:8f:
                    ee:37:44:a7:c0:f9:63:6c:6b:b0:7e:e6:6c:bc:ba:
                    e4:63:21:11:3f:89:cd:e7:2b:53:3c:39:86:29:69:
                    85:76:65:85:de:4e:d9:a6:45:f6:af:f2:55:d2:cb:
                    ca:27:48:6e:59:d3:15:c6:53:77:57:63:59:14:96:
                    e7:bd:62:2c:ea:1e:d8:88:6a:cf:43:dc:f4:52:73:
                    f7:e0:69:45:af:29:0b:99:bd:f8:6b:4d:03:1a:a6:
                    2c:74:b2:87:f8:4e:3a:26:37:7d:4b:c4:53:9f:5d:
                    9b:e9:38:7d:e3:48:c0:90:83:ba:81:2d:be:ad:df:
                    41:d9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:9A:57:58:BE:5D:FF:8B:EE:A8:4D:30:21:2F:CF:06:92:27:8B:9A
            X509v3 Authority Key Identifier:
                keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS945/1/326131323a646434373a386630303a3a2f34302d3438203d3e20323132343833.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:8f00::/40

    Signature Algorithm: sha256WithRSAEncryption
         0a:3b:e9:57:ae:cf:45:c0:45:76:aa:9d:ef:ba:cb:99:37:91:
         33:b4:82:9e:15:7f:9a:c3:bc:98:86:e8:85:c7:44:53:ec:f4:
         de:36:5c:49:fd:b6:f4:fd:fd:3e:aa:3b:30:9c:ae:41:3a:fa:
         34:25:02:c9:ba:db:65:4a:c9:9d:0f:5c:28:a7:d5:b3:16:e9:
         c6:99:46:6c:0c:df:fd:74:0b:d5:9b:4f:28:6e:c4:8c:77:43:
         80:ce:d2:a1:8e:ee:16:9f:cc:25:5f:26:2b:86:bc:dd:45:ab:
         f4:b9:48:0e:b1:02:ae:f5:76:02:7c:a3:98:ea:99:44:56:f8:
         67:29:b5:90:41:4a:d0:9a:be:4f:43:9e:f7:cf:99:51:2b:ba:
         52:20:bb:2a:e8:be:1d:37:a8:01:dd:ef:54:6c:90:05:95:53:
         74:39:26:d6:d5:85:b6:c9:1d:5c:34:63:47:4e:d6:cd:f6:f0:
         58:60:2a:ce:fb:92:62:19:ce:25:49:83:78:8a:47:ff:1b:20:
         61:da:26:4c:85:6b:dd:78:72:52:ad:e7:f3:6e:fa:f7:1d:dd:
         8b:f1:cc:9f:05:26:3e:a8:1e:0d:10:7e:ce:33:5c:a3:81:1b:
         2b:bc:94:3a:11:31:fb:7f:74:8d:a0:41:d2:fd:55:f8:c1:db:
         4d:07:ce:b9
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIUXY33KHWbXrKkNonrOjJMasbxiQ8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMTcxNjA4MjZaFw0yNDEwMTUxNjEzMjZaMDMxMTAvBgNV
BAMTKDMzOUE1NzU4QkU1REZGOEJFRUE4NEQzMDIxMkZDRjA2OTIyNzhCOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9j7iLju3ijBjDylAGyTMtxsL4
Nuzq56EkwEco0paLZ8gCqyz/ncQgzznsEFNW7Fu50vrNMuDaOe7GacbVqKSh4gSl
5S35TF2UdXdE1tsK5RsqWNl8JyyFvaIOBSellOGcus9tOW6sb2+9/ABLpZ/EVm2n
g83yQkVgQDA2HXsB2CHKUNdoj+43RKfA+WNsa7B+5my8uuRjIRE/ic3nK1M8OYYp
aYV2ZYXeTtmmRfav8lXSy8onSG5Z0xXGU3dXY1kUlue9YizqHtiIas9D3PRSc/fg
aUWvKQuZvfhrTQMapix0sof4TjomN31LxFOfXZvpOH3jSMCQg7qBLb6t30HZAgMB
AAGjggHTMIIBzzAdBgNVHQ4EFgQUM5pXWL5d/4vuqE0wIS/PBpIni5owHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC81
LzY2MDQyODlDN0UzOUUwOEUxQUUxMjU1Q0VFNzNDMDVCRkQ5OUYzRTYuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTM4NjYzMDMwM2EzYTJmMzQzMDJk
MzQzODIwM2QzZTIwMzIzMTMyMzQzODMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhLdR48wDQYJKoZI
hvcNAQELBQADggEBAAo76Veuz0XARXaqne+6y5k3kTO0gp4Vf5rDvJiG6IXHRFPs
9N42XEn9tvT9/T6qOzCcrkE6+jQlAsm622VKyZ0PXCin1bMW6caZRmwM3/10C9Wb
TyhuxIx3Q4DO0qGO7hafzCVfJiuGvN1Fq/S5SA6xAq71dgJ8o5jqmURW+GcptZBB
StCavk9DnvfPmVErulIguyrovh03qAHd71RskAWVU3Q5JtbVhbbJHVw0Y0dO1s32
8FhgKs77kmIZziVJg3iKR/8bIGHaJkyFa914clKt5/Nu+vcd3YvxzJ8FJj6oHg0Q
fs4zXKOBGyu8lDoRMft/dI2gQdL9VfjB200Hzrk=
-----END CERTIFICATE-----