Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS945/1/326131323a646434373a643830303a3a2f34302d3438203d3e20323133303836.roa
File:                     326131323a646434373a643830303a3a2f34302d3438203d3e20323133303836.roa (raw, json)
Hash identifier:          x3MKVwLW6n15IUsbeGi5rMK88NIhtEv3miUcJWFlhp8=
Subject key identifier:   19:8E:94:3F:99:16:B3:EE:6B:ED:D9:97:5F:32:56:E4:C7:AB:F6:09
Certificate issuer:       /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial:       1573AFF1508AE0721EEEA0FFA25D078CEB0590CA
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access:    rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access:      rsync://rpki.co/repo/AS945/1/326131323a646434373a643830303a3a2f34302d3438203d3e20323133303836.roa
Signing time:             Tue 17 Oct 2023 16:13:31 +0000
ROA not before:           Tue 17 Oct 2023 16:08:31 +0000
ROA not after:            Tue 15 Oct 2024 16:13:31 +0000
asID:                     213086
IP address blocks:        2a12:dd47:d800::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 13:33:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            15:73:af:f1:50:8a:e0:72:1e:ee:a0:ff:a2:5d:07:8c:eb:05:90:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
        Validity
            Not Before: Oct 17 16:08:31 2023 GMT
            Not After : Oct 15 16:13:31 2024 GMT
        Subject: CN=198E943F9916B3EE6BEDD9975F3256E4C7ABF609
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:54:24:27:dd:f7:47:73:5d:c4:6e:b8:09:29:
                    61:ec:15:09:f5:7a:bc:1f:66:b7:5b:06:27:d2:ae:
                    53:02:df:b2:57:7f:83:0d:ea:22:71:88:6f:4d:89:
                    7e:2d:1a:3f:e9:4a:53:78:a3:ab:50:5e:db:2e:fe:
                    dc:c3:f3:e8:c1:af:e5:64:e4:0b:70:ce:0e:ef:d1:
                    64:79:28:76:8e:bf:95:09:09:85:12:1d:78:7f:1c:
                    94:98:15:61:ad:a7:32:3a:d3:2f:58:68:7d:ac:1a:
                    e4:26:9d:99:69:bc:22:e4:10:21:95:45:97:af:cb:
                    43:20:f4:fb:4a:6f:5b:49:ab:ce:e1:91:da:ed:53:
                    36:b6:32:7d:da:9c:5b:18:7c:ba:aa:43:d3:3d:e0:
                    21:fa:b6:30:d2:85:a9:9a:f0:cc:3a:83:17:aa:37:
                    3c:be:c6:e7:49:bf:55:d7:58:4c:ac:db:c3:e6:ee:
                    99:99:1f:df:5a:ac:f9:61:09:d3:68:b4:c4:fe:67:
                    6e:ed:20:39:f3:56:5e:92:a8:b0:2c:e2:17:16:88:
                    bb:f1:56:44:fc:24:5a:34:f8:45:67:55:1e:7c:90:
                    af:05:20:a5:bd:de:92:63:6e:df:c2:85:b8:e3:b5:
                    8c:47:86:f2:17:06:72:d3:be:01:00:cb:29:36:ee:
                    10:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                19:8E:94:3F:99:16:B3:EE:6B:ED:D9:97:5F:32:56:E4:C7:AB:F6:09
            X509v3 Authority Key Identifier:
                keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS945/1/326131323a646434373a643830303a3a2f34302d3438203d3e20323133303836.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:d800::/40

    Signature Algorithm: sha256WithRSAEncryption
         0e:03:db:47:d0:7b:bf:d5:d3:4b:01:09:fb:6d:f8:03:3b:e6:
         bb:62:87:4c:07:8b:e8:7b:83:ed:ec:07:00:0d:ce:3c:94:10:
         56:6e:37:91:03:9f:76:1b:4a:4e:65:1c:5e:ee:06:41:61:a5:
         f5:c8:49:66:4b:68:33:c1:81:d0:60:7b:ca:fd:6c:ed:5a:65:
         be:36:99:cb:d4:17:21:fe:95:d4:da:94:dd:34:c4:dc:06:b4:
         fa:db:0f:72:84:3b:4d:6a:fd:33:ab:01:0d:5b:33:f6:d4:fa:
         cc:c9:9e:2a:1c:4a:36:2a:99:33:00:d1:c4:4a:f4:ef:53:47:
         8a:70:a9:7e:96:cf:ef:a0:9b:4d:0c:2d:ad:04:07:bb:2c:3f:
         c6:30:e1:6a:ac:73:23:e0:1e:1d:52:9d:bb:72:01:84:ec:92:
         81:8c:75:34:c1:d8:99:8e:c7:2b:a9:b7:bb:48:e5:73:b4:a1:
         62:07:fa:a1:a1:93:c8:d5:7c:65:1a:02:a5:b1:1d:76:26:de:
         fb:1f:85:8a:af:70:63:39:0f:89:ec:db:6f:13:05:33:0e:09:
         7b:d7:c5:c0:8a:34:81:57:a7:c3:2d:ad:dd:8b:0f:00:0d:d0:
         bf:72:8b:14:b7:63:cb:39:e9:6d:8c:d0:b9:17:e6:d1:d7:bc:
         56:fe:47:7b
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIUFXOv8VCK4HIe7qD/ol0HjOsFkMowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMTcxNjA4MzFaFw0yNDEwMTUxNjEzMzFaMDMxMTAvBgNV
BAMTKDE5OEU5NDNGOTkxNkIzRUU2QkVERDk5NzVGMzI1NkU0QzdBQkY2MDkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUVCQn3fdHc13EbrgJKWHsFQn1
erwfZrdbBifSrlMC37JXf4MN6iJxiG9NiX4tGj/pSlN4o6tQXtsu/tzD8+jBr+Vk
5Atwzg7v0WR5KHaOv5UJCYUSHXh/HJSYFWGtpzI60y9YaH2sGuQmnZlpvCLkECGV
RZevy0Mg9PtKb1tJq87hkdrtUza2Mn3anFsYfLqqQ9M94CH6tjDShama8Mw6gxeq
Nzy+xudJv1XXWEys28Pm7pmZH99arPlhCdNotMT+Z27tIDnzVl6SqLAs4hcWiLvx
VkT8JFo0+EVnVR58kK8FIKW93pJjbt/ChbjjtYxHhvIXBnLTvgEAyyk27hDbAgMB
AAGjggHTMIIBzzAdBgNVHQ4EFgQUGY6UP5kWs+5r7dmXXzJW5Mer9gkwHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC81
LzY2MDQyODlDN0UzOUUwOEUxQUUxMjU1Q0VFNzNDMDVCRkQ5OUYzRTYuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTY0MzgzMDMwM2EzYTJmMzQzMDJk
MzQzODIwM2QzZTIwMzIzMTMzMzAzODM2LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhLdR9gwDQYJKoZI
hvcNAQELBQADggEBAA4D20fQe7/V00sBCftt+AM75rtih0wHi+h7g+3sBwANzjyU
EFZuN5EDn3YbSk5lHF7uBkFhpfXISWZLaDPBgdBge8r9bO1aZb42mcvUFyH+ldTa
lN00xNwGtPrbD3KEO01q/TOrAQ1bM/bU+szJniocSjYqmTMA0cRK9O9TR4pwqX6W
z++gm00MLa0EB7ssP8Yw4WqscyPgHh1SnbtyAYTskoGMdTTB2JmOxyupt7tI5XO0
oWIH+qGhk8jVfGUaAqWxHXYm3vsfhYqvcGM5D4ns228TBTMOCXvXxcCKNIFXp8Mt
rd2LDwAN0L9yixS3Y8s56W2M0LkX5tHXvFb+R3s=
-----END CERTIFICATE-----