Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS945/1/326131323a646434373a646530303a3a2f34302d3430203d3e20323133323637.roa
File:                     326131323a646434373a646530303a3a2f34302d3430203d3e20323133323637.roa (raw, json)
Hash identifier:          QbpGhd3+ZWtUoiWXOFWOHFjNvhwzR937jKyJZ8Fb9vE=
Subject key identifier:   0F:CB:0A:A9:46:F7:E3:E3:50:4B:C0:83:3F:29:F8:1B:29:65:DD:F2
Certificate issuer:       /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial:       75F35B4A7C2DBAF87452B1475C49929D625E01AC
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access:    rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access:      rsync://rpki.co/repo/AS945/1/326131323a646434373a646530303a3a2f34302d3430203d3e20323133323637.roa
Signing time:             Tue 17 Oct 2023 16:13:37 +0000
ROA not before:           Tue 17 Oct 2023 16:08:37 +0000
ROA not after:            Tue 15 Oct 2024 16:13:37 +0000
asID:                     213267
IP address blocks:        2a12:dd47:de00::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 13:33:18 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:f3:5b:4a:7c:2d:ba:f8:74:52:b1:47:5c:49:92:9d:62:5e:01:ac
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
        Validity
            Not Before: Oct 17 16:08:37 2023 GMT
            Not After : Oct 15 16:13:37 2024 GMT
        Subject: CN=0FCB0AA946F7E3E3504BC0833F29F81B2965DDF2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:70:92:ab:67:59:4e:43:b5:9b:51:d5:45:1c:
                    92:69:38:a5:da:43:c0:18:6f:b4:78:7e:bf:f3:e3:
                    73:ad:c0:a4:68:28:40:01:9d:f5:2e:58:9c:b9:1a:
                    61:d5:3c:f1:60:d8:c0:50:9d:e4:a9:91:2c:f0:76:
                    70:9e:da:60:7e:ae:56:30:4d:c0:fd:f6:42:b5:b2:
                    93:2c:06:1d:5b:79:f2:16:79:2f:16:90:18:ef:5d:
                    d2:38:f8:35:83:b2:42:8c:c1:6d:52:12:a9:e3:96:
                    c6:3c:24:35:89:d8:71:9a:ff:46:fb:1f:4b:ca:44:
                    3d:c0:1a:d6:1f:33:dd:8f:52:02:30:9a:7a:c6:6e:
                    84:98:6f:a2:16:f0:0b:e4:a3:48:db:54:f1:92:a2:
                    a4:6d:54:db:ba:c7:3b:53:f4:e2:23:55:3b:a9:97:
                    2f:9e:22:3b:2b:d0:5d:07:8e:c9:59:db:6d:20:f2:
                    e5:6e:b9:74:1d:ed:05:36:8e:d7:d5:6a:63:0a:df:
                    01:bb:f4:55:fe:e4:7b:44:29:c5:3b:23:77:d0:53:
                    70:01:19:c0:72:ed:18:90:de:ff:04:be:46:bc:74:
                    35:5b:8d:a7:e3:b7:6f:3e:ab:27:4f:1d:06:02:36:
                    85:0b:5a:8b:8c:38:d4:31:e8:23:0a:2e:18:5c:10:
                    ac:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:CB:0A:A9:46:F7:E3:E3:50:4B:C0:83:3F:29:F8:1B:29:65:DD:F2
            X509v3 Authority Key Identifier:
                keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS945/1/326131323a646434373a646530303a3a2f34302d3430203d3e20323133323637.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:de00::/40

    Signature Algorithm: sha256WithRSAEncryption
         5e:2d:69:2b:e8:bf:18:31:9a:ee:e6:7f:6a:87:49:fc:5c:85:
         65:8d:13:65:cc:1c:c7:57:d8:2f:1e:ac:72:d0:62:1a:b8:65:
         7a:5e:45:7f:94:3b:de:c2:9e:e3:9d:f1:27:1e:c4:12:23:ba:
         8c:07:09:36:a9:96:4b:80:51:d8:94:fb:75:a8:c8:d5:ce:1a:
         1a:8b:3c:8a:34:5b:59:bb:51:53:c5:c4:7b:f7:17:93:f1:90:
         8d:59:19:50:79:f4:33:9a:ce:38:bf:44:22:70:5c:65:34:53:
         a0:fe:d3:ee:a5:78:15:2c:73:c2:c8:78:f3:4e:ff:75:92:8e:
         b0:41:26:91:1c:6e:67:ed:a3:4a:7a:55:8e:fb:30:5a:92:1c:
         1f:f4:fa:96:f3:8b:64:1b:d5:d0:5a:63:9f:ab:aa:05:7a:e9:
         7e:41:96:67:dd:44:9b:7f:b4:ed:0a:1c:99:0d:bc:a1:e0:74:
         05:1c:0a:77:aa:09:d2:53:cc:20:b9:d0:60:20:35:d5:23:00:
         74:22:1c:98:7e:2c:0c:44:2a:6b:ed:39:e1:aa:e0:93:6b:90:
         bd:b5:9f:2a:13:5f:28:01:91:26:35:b4:56:c0:c7:8e:92:76:
         08:ca:fe:32:b1:a6:2f:03:d5:c3:bb:6b:17:92:40:3c:e2:d0:
         35:cf:13:9a
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIUdfNbSnwtuvh0UrFHXEmSnWJeAawwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMTcxNjA4MzdaFw0yNDEwMTUxNjEzMzdaMDMxMTAvBgNV
BAMTKDBGQ0IwQUE5NDZGN0UzRTM1MDRCQzA4MzNGMjlGODFCMjk2NURERjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGcJKrZ1lOQ7WbUdVFHJJpOKXa
Q8AYb7R4fr/z43OtwKRoKEABnfUuWJy5GmHVPPFg2MBQneSpkSzwdnCe2mB+rlYw
TcD99kK1spMsBh1befIWeS8WkBjvXdI4+DWDskKMwW1SEqnjlsY8JDWJ2HGa/0b7
H0vKRD3AGtYfM92PUgIwmnrGboSYb6IW8Avko0jbVPGSoqRtVNu6xztT9OIjVTup
ly+eIjsr0F0HjslZ220g8uVuuXQd7QU2jtfVamMK3wG79FX+5HtEKcU7I3fQU3AB
GcBy7RiQ3v8Evka8dDVbjafjt28+qydPHQYCNoULWouMONQx6CMKLhhcEKwpAgMB
AAGjggHTMIIBzzAdBgNVHQ4EFgQUD8sKqUb34+NQS8CDPyn4Gyll3fIwHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC81
LzY2MDQyODlDN0UzOUUwOEUxQUUxMjU1Q0VFNzNDMDVCRkQ5OUYzRTYuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTY0NjUzMDMwM2EzYTJmMzQzMDJk
MzQzMDIwM2QzZTIwMzIzMTMzMzIzNjM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhLdR94wDQYJKoZI
hvcNAQELBQADggEBAF4taSvovxgxmu7mf2qHSfxchWWNE2XMHMdX2C8erHLQYhq4
ZXpeRX+UO97CnuOd8ScexBIjuowHCTaplkuAUdiU+3WoyNXOGhqLPIo0W1m7UVPF
xHv3F5PxkI1ZGVB59DOazji/RCJwXGU0U6D+0+6leBUsc8LIePNO/3WSjrBBJpEc
bmfto0p6VY77MFqSHB/0+pbzi2Qb1dBaY5+rqgV66X5BlmfdRJt/tO0KHJkNvKHg
dAUcCneqCdJTzCC50GAgNdUjAHQiHJh+LAxEKmvtOeGq4JNrkL21nyoTXygBkSY1
tFbAx46SdgjK/jKxpi8D1cO7axeSQDzi0DXPE5o=
-----END CERTIFICATE-----