Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS945/1/326131323a646434373a643530303a3a2f34302d3438203d3e20313938373334.roa
File:                     326131323a646434373a643530303a3a2f34302d3438203d3e20313938373334.roa (raw, json)
Hash identifier:          zzgPfqtFEJlcTPSD3GTP5FLfDIr6SgWSkLFb3A9Xtlw=
Subject key identifier:   10:36:0A:79:BA:8E:00:40:B5:E4:C4:84:F6:54:4B:DE:D4:27:28:53
Certificate issuer:       /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial:       369179C9F3AB909932E01E68C518337856E08884
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access:    rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access:      rsync://rpki.co/repo/AS945/1/326131323a646434373a643530303a3a2f34302d3438203d3e20313938373334.roa
Signing time:             Tue 17 Oct 2023 16:13:37 +0000
ROA not before:           Tue 17 Oct 2023 16:08:37 +0000
ROA not after:            Tue 15 Oct 2024 16:13:37 +0000
asID:                     198734
IP address blocks:        2a12:dd47:d500::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 14:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            36:91:79:c9:f3:ab:90:99:32:e0:1e:68:c5:18:33:78:56:e0:88:84
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
        Validity
            Not Before: Oct 17 16:08:37 2023 GMT
            Not After : Oct 15 16:13:37 2024 GMT
        Subject: CN=10360A79BA8E0040B5E4C484F6544BDED4272853
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:53:ef:58:c4:ad:27:70:5e:e9:35:dd:2b:be:
                    35:f0:bb:8b:f6:56:1d:31:7a:cc:1a:1c:2a:9a:9d:
                    75:66:7f:de:d6:26:17:1d:91:c2:30:a1:d0:d4:41:
                    6c:29:4c:92:00:14:38:46:e6:f6:4d:58:0c:1f:f9:
                    ac:3c:4e:61:35:db:a4:ad:e2:a9:c7:c4:49:f4:af:
                    c1:4e:a3:d6:77:69:84:78:d5:2d:9f:ce:3d:33:64:
                    59:27:fb:c6:81:78:2e:e0:76:2f:5b:a0:69:78:ce:
                    79:08:b1:ba:69:4e:08:61:f0:e1:bf:31:42:4f:37:
                    75:9e:65:4e:ed:6b:a5:6b:0f:2e:3b:26:b4:12:6a:
                    7f:d8:11:e8:3c:2a:d1:b0:32:73:8c:c8:95:6d:bb:
                    86:0c:8b:ea:62:c4:55:07:a0:99:a3:ef:e0:70:c2:
                    bf:64:0b:94:b9:23:cf:71:5b:32:ba:77:e2:2c:0d:
                    bd:e4:ef:f6:b9:6b:40:14:4e:89:aa:2c:e7:87:2c:
                    5d:7b:97:49:26:01:36:52:76:24:a4:12:1d:e0:63:
                    e9:d0:44:93:55:b7:62:6e:fc:58:84:db:f5:2d:5b:
                    f3:77:f2:c2:cb:24:5d:19:c9:a8:4f:a6:b8:ca:ae:
                    96:5d:a9:af:11:0c:bd:2f:ab:36:10:d4:55:ea:f8:
                    6f:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                10:36:0A:79:BA:8E:00:40:B5:E4:C4:84:F6:54:4B:DE:D4:27:28:53
            X509v3 Authority Key Identifier:
                keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS945/1/326131323a646434373a643530303a3a2f34302d3438203d3e20313938373334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:d500::/40

    Signature Algorithm: sha256WithRSAEncryption
         11:c2:4f:46:f0:5e:28:5a:69:e6:05:6b:2e:3d:7e:6e:e8:1d:
         b8:c6:30:0f:14:8d:90:3a:8a:36:a0:39:9c:d9:8f:5d:7c:e3:
         fa:77:d4:f3:49:e0:50:66:93:e5:41:50:d1:66:ab:84:55:b9:
         da:76:de:83:2e:61:d2:39:f7:45:99:b2:94:0a:03:d4:90:5c:
         af:bf:bf:76:6b:9a:0e:e2:0d:0f:52:89:a5:50:b8:7d:d3:cc:
         30:c7:64:22:e6:e8:f5:f3:1a:ad:ca:1f:59:a1:da:88:59:37:
         6f:f8:0e:bf:c1:6f:2c:e6:68:a6:01:a9:1a:7f:39:1e:e8:88:
         59:9a:24:25:5e:ce:48:4d:86:97:0b:52:bf:85:f7:93:fc:ca:
         17:1e:a6:a6:21:7c:ad:70:62:d4:df:99:33:64:3e:bc:c9:b8:
         0c:b0:ef:f8:6d:93:ed:c9:75:d1:46:31:54:53:8d:ea:07:51:
         47:ec:0f:47:62:cc:36:4b:81:65:c8:46:21:f3:c6:17:5c:75:
         d9:1c:b9:97:18:55:d5:d9:97:95:2a:bd:a8:b7:43:1a:99:59:
         2a:de:72:b5:d6:f1:8f:ea:69:d4:ca:3e:0d:95:44:e8:f7:9f:
         70:81:f9:cb:b7:45:7b:40:9c:de:37:72:4c:76:f3:2f:7e:53:
         4f:6e:28:40
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIUNpF5yfOrkJky4B5oxRgzeFbgiIQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMTcxNjA4MzdaFw0yNDEwMTUxNjEzMzdaMDMxMTAvBgNV
BAMTKDEwMzYwQTc5QkE4RTAwNDBCNUU0QzQ4NEY2NTQ0QkRFRDQyNzI4NTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8U+9YxK0ncF7pNd0rvjXwu4v2
Vh0xeswaHCqanXVmf97WJhcdkcIwodDUQWwpTJIAFDhG5vZNWAwf+aw8TmE126St
4qnHxEn0r8FOo9Z3aYR41S2fzj0zZFkn+8aBeC7gdi9boGl4znkIsbppTghh8OG/
MUJPN3WeZU7ta6VrDy47JrQSan/YEeg8KtGwMnOMyJVtu4YMi+pixFUHoJmj7+Bw
wr9kC5S5I89xWzK6d+IsDb3k7/a5a0AUTomqLOeHLF17l0kmATZSdiSkEh3gY+nQ
RJNVt2Ju/FiE2/UtW/N38sLLJF0ZyahPprjKrpZdqa8RDL0vqzYQ1FXq+G+rAgMB
AAGjggHTMIIBzzAdBgNVHQ4EFgQUEDYKebqOAEC15MSE9lRL3tQnKFMwHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC81
LzY2MDQyODlDN0UzOUUwOEUxQUUxMjU1Q0VFNzNDMDVCRkQ5OUYzRTYuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTY0MzUzMDMwM2EzYTJmMzQzMDJk
MzQzODIwM2QzZTIwMzEzOTM4MzczMzM0LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhLdR9UwDQYJKoZI
hvcNAQELBQADggEBABHCT0bwXihaaeYFay49fm7oHbjGMA8UjZA6ijagOZzZj118
4/p31PNJ4FBmk+VBUNFmq4RVudp23oMuYdI590WZspQKA9SQXK+/v3Zrmg7iDQ9S
iaVQuH3TzDDHZCLm6PXzGq3KH1mh2ohZN2/4Dr/BbyzmaKYBqRp/OR7oiFmaJCVe
zkhNhpcLUr+F95P8yhcepqYhfK1wYtTfmTNkPrzJuAyw7/htk+3JddFGMVRTjeoH
UUfsD0dizDZLgWXIRiHzxhdcddkcuZcYVdXZl5Uqvai3QxqZWSrecrXW8Y/qadTK
Pg2VROj3n3CB+cu3RXtAnN43ckx28y9+U09uKEA=
-----END CERTIFICATE-----