Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS945/1/326131323a646434373a663830303a3a2f34302d3438203d3e20323032353733.roa
File:                     326131323a646434373a663830303a3a2f34302d3438203d3e20323032353733.roa (raw, json)
Hash identifier:          dQs5wXehnBbBInrBzHRo6vUWSvL7XwKQiyb1EK4VPeU=
Subject key identifier:   05:4F:F4:69:20:6D:BF:08:93:A6:6B:F7:F1:3A:40:00:99:78:D8:97
Certificate issuer:       /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial:       582B23E820D258CF28EF0B5B2B61F248D1EABE9E
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access:    rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access:      rsync://rpki.co/repo/AS945/1/326131323a646434373a663830303a3a2f34302d3438203d3e20323032353733.roa
Signing time:             Tue 17 Oct 2023 16:13:30 +0000
ROA not before:           Tue 17 Oct 2023 16:08:30 +0000
ROA not after:            Tue 15 Oct 2024 16:13:30 +0000
asID:                     202573
IP address blocks:        2a12:dd47:f800::/40 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 14:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:2b:23:e8:20:d2:58:cf:28:ef:0b:5b:2b:61:f2:48:d1:ea:be:9e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
        Validity
            Not Before: Oct 17 16:08:30 2023 GMT
            Not After : Oct 15 16:13:30 2024 GMT
        Subject: CN=054FF469206DBF0893A66BF7F13A40009978D897
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:01:0c:1f:b3:d9:c4:b9:0c:20:19:18:92:5d:
                    a5:23:50:71:a4:f3:f8:8f:17:eb:ba:c9:e6:48:df:
                    9b:bd:ab:0e:6d:ad:39:e8:7d:31:f1:b8:12:d4:9a:
                    aa:7e:66:8d:e1:e7:51:52:2b:ba:d1:0d:7a:b6:90:
                    51:a7:37:c2:03:82:9a:e1:ad:67:97:7b:bb:56:3f:
                    81:af:e7:04:f1:05:f7:88:02:4e:3a:cf:21:6d:2f:
                    14:95:e9:ca:a1:cd:76:1f:43:6c:8d:d6:48:05:9e:
                    00:49:b0:ec:38:0c:df:1e:ac:b4:d4:dd:ba:7a:85:
                    ef:a6:42:73:26:93:b2:c7:d3:a4:39:ca:8a:35:95:
                    49:de:14:bf:92:3d:bb:2a:2f:8a:45:52:f2:92:4b:
                    3c:25:bb:4e:89:3b:08:30:98:14:ed:ee:2f:db:81:
                    d4:c3:60:f9:e8:fe:d5:84:14:83:81:88:9e:68:2b:
                    86:1a:1f:0b:08:4b:02:d2:5b:a7:80:b9:ed:68:3d:
                    b5:14:c8:71:ed:51:ab:63:ee:8c:40:59:31:75:f7:
                    8b:b9:a1:3f:30:59:e0:e1:83:4e:2e:b0:a0:3e:8e:
                    10:77:c5:c0:57:2c:0a:36:ff:47:46:3e:b4:f8:6b:
                    4e:69:0a:fb:1f:c0:47:46:5e:99:d6:cb:4e:7e:04:
                    c4:27
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                05:4F:F4:69:20:6D:BF:08:93:A6:6B:F7:F1:3A:40:00:99:78:D8:97
            X509v3 Authority Key Identifier:
                keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS945/1/326131323a646434373a663830303a3a2f34302d3438203d3e20323032353733.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:f800::/40

    Signature Algorithm: sha256WithRSAEncryption
         bf:e0:ff:51:08:b9:cf:d2:2a:37:94:82:3b:2d:3d:9a:61:5b:
         3a:5f:d2:9e:0c:69:05:5b:a0:fd:75:e6:95:00:62:d0:fa:b0:
         5b:89:45:f7:81:d4:c8:32:26:64:70:8d:5f:07:f5:d8:5b:85:
         b1:cd:92:62:49:9e:a7:28:c7:dd:1d:d7:19:b5:2c:6c:ea:c4:
         af:56:37:d5:91:2f:aa:e2:d7:e8:ec:b4:77:0b:25:e3:55:8f:
         b5:bc:20:a3:eb:1f:00:8c:ce:57:17:f3:bc:b7:d4:3b:b4:76:
         bd:ad:8b:92:2f:f1:b6:e4:11:81:e1:62:bc:37:49:04:45:b9:
         4e:0c:63:c4:62:22:03:41:94:9e:4d:f3:93:7d:56:70:4e:04:
         b5:66:4b:69:bb:19:6c:55:8a:09:fe:bb:3f:ea:46:ea:64:eb:
         62:bd:18:5b:be:11:3a:18:55:45:f7:c3:ab:b1:05:aa:d3:4f:
         06:c2:26:9c:bc:ed:86:01:da:c0:48:c5:6e:ae:b3:83:a1:bc:
         b2:db:5f:61:e7:c0:ba:18:1e:62:12:90:f6:55:74:7e:9b:ab:
         d7:78:9a:40:27:9c:8a:9b:a7:d1:31:14:48:f8:69:d0:93:2a:
         63:82:40:a8:cb:67:59:92:20:1a:45:5a:45:6c:ac:32:1f:ae:
         67:b3:3a:1e
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIUWCsj6CDSWM8o7wtbK2HySNHqvp4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMTcxNjA4MzBaFw0yNDEwMTUxNjEzMzBaMDMxMTAvBgNV
BAMTKDA1NEZGNDY5MjA2REJGMDg5M0E2NkJGN0YxM0E0MDAwOTk3OEQ4OTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9AQwfs9nEuQwgGRiSXaUjUHGk
8/iPF+u6yeZI35u9qw5trTnofTHxuBLUmqp+Zo3h51FSK7rRDXq2kFGnN8IDgprh
rWeXe7tWP4Gv5wTxBfeIAk46zyFtLxSV6cqhzXYfQ2yN1kgFngBJsOw4DN8erLTU
3bp6he+mQnMmk7LH06Q5yoo1lUneFL+SPbsqL4pFUvKSSzwlu06JOwgwmBTt7i/b
gdTDYPno/tWEFIOBiJ5oK4YaHwsISwLSW6eAue1oPbUUyHHtUatj7oxAWTF194u5
oT8wWeDhg04usKA+jhB3xcBXLAo2/0dGPrT4a05pCvsfwEdGXpnWy05+BMQnAgMB
AAGjggHTMIIBzzAdBgNVHQ4EFgQUBU/0aSBtvwiTpmv38TpAAJl42JcwHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC81
LzY2MDQyODlDN0UzOUUwOEUxQUUxMjU1Q0VFNzNDMDVCRkQ5OUYzRTYuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTY2MzgzMDMwM2EzYTJmMzQzMDJk
MzQzODIwM2QzZTIwMzIzMDMyMzUzNzMzLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKhLdR/gwDQYJKoZI
hvcNAQELBQADggEBAL/g/1EIuc/SKjeUgjstPZphWzpf0p4MaQVboP115pUAYtD6
sFuJRfeB1MgyJmRwjV8H9dhbhbHNkmJJnqcox90d1xm1LGzqxK9WN9WRL6ri1+js
tHcLJeNVj7W8IKPrHwCMzlcX87y31Du0dr2ti5Iv8bbkEYHhYrw3SQRFuU4MY8Ri
IgNBlJ5N85N9VnBOBLVmS2m7GWxVign+uz/qRupk62K9GFu+EToYVUX3w6uxBarT
TwbCJpy87YYB2sBIxW6us4OhvLLbX2HnwLoYHmISkPZVdH6bq9d4mkAnnIqbp9Ex
FEj4adCTKmOCQKjLZ1mSIBpFWkVsrDIfrmezOh4=
-----END CERTIFICATE-----