Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS945/1/326131323a646434373a666330303a3a2f33382d3338203d3e20323030383237.roa
File:                     326131323a646434373a666330303a3a2f33382d3338203d3e20323030383237.roa (raw, json)
Hash identifier:          rp4TjyaRQG1N0kHKb6ntgomZmiQaJtv5fWLdJyV9idA=
Subject key identifier:   A5:8D:9A:1D:3C:25:DD:DB:F9:28:5B:76:1D:04:34:D0:4F:54:1F:7E
Certificate issuer:       /CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
Certificate serial:       581466B6247EE9093E4BCE87D8FB9815FC37AC34
Authority key identifier: 66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6
Authority info access:    rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
Subject info access:      rsync://rpki.co/repo/AS945/1/326131323a646434373a666330303a3a2f33382d3338203d3e20323030383237.roa
Signing time:             Tue 17 Oct 2023 16:13:30 +0000
ROA not before:           Tue 17 Oct 2023 16:08:30 +0000
ROA not after:            Tue 15 Oct 2024 16:13:30 +0000
asID:                     200827
IP address blocks:        2a12:dd47:fc00::/38 maxlen: 38

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 05 May 2024 14:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:14:66:b6:24:7e:e9:09:3e:4b:ce:87:d8:fb:98:15:fc:37:ac:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6604289C7E39E08E1AE1255CEE73C05BFD99F3E6
        Validity
            Not Before: Oct 17 16:08:30 2023 GMT
            Not After : Oct 15 16:13:30 2024 GMT
        Subject: CN=A58D9A1D3C25DDDBF9285B761D0434D04F541F7E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:00:95:73:d4:b7:c4:ca:69:a9:cd:aa:01:40:
                    3f:cb:92:71:1f:22:25:4a:c6:38:cf:d2:c4:dd:36:
                    28:b9:28:a5:af:69:15:9a:63:ec:65:16:cc:a5:83:
                    be:6c:dc:89:69:49:3d:ff:98:d2:88:56:85:bc:64:
                    93:7d:bc:e9:94:20:b9:9f:bc:7a:fd:58:14:c0:18:
                    42:5e:43:44:f2:c5:de:9b:68:07:5d:c9:fc:0b:5f:
                    02:ab:c4:ba:ef:61:b0:cf:85:40:da:9e:a4:15:3c:
                    49:b0:e5:51:f1:2b:3b:11:a2:1c:1d:5b:47:f9:3f:
                    b0:4d:2d:3a:04:00:c7:2d:9d:73:5c:a5:7a:e2:9f:
                    ea:1e:b1:6a:34:95:42:82:df:07:8b:b7:ae:7b:26:
                    6e:dd:62:40:f3:70:4f:f3:60:1a:06:52:62:e0:b4:
                    50:64:b1:4c:06:cb:72:c6:2c:d2:0a:a2:a2:0b:23:
                    e3:bd:6f:f2:38:71:79:83:23:64:4e:54:0b:d1:bc:
                    da:18:70:0b:77:57:51:9c:26:b3:1b:4a:7b:a7:37:
                    1d:26:c1:6b:02:49:75:c2:6d:99:42:d8:dd:24:82:
                    42:0f:e9:87:4a:a8:ea:30:6a:d4:1f:b1:32:41:51:
                    40:43:ec:fe:c2:76:53:68:6b:9a:8d:c8:64:b6:70:
                    a7:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A5:8D:9A:1D:3C:25:DD:DB:F9:28:5B:76:1D:04:34:D0:4F:54:1F:7E
            X509v3 Authority Key Identifier:
                keyid:66:04:28:9C:7E:39:E0:8E:1A:E1:25:5C:EE:73:C0:5B:FD:99:F3:E6

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS945/1/326131323a646434373a666330303a3a2f33382d3338203d3e20323030383237.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:fc00::/38

    Signature Algorithm: sha256WithRSAEncryption
         11:f5:da:90:d6:3a:52:0c:2e:f9:6f:35:b7:04:d6:14:b0:b4:
         08:31:eb:f8:27:fa:cc:d9:c7:62:79:eb:c6:5a:56:c7:61:9e:
         b2:6b:86:41:ad:13:99:40:6c:cd:68:09:a6:51:41:46:59:3d:
         46:f8:9c:51:63:20:bb:b1:e8:14:df:ff:2e:4c:52:a0:b6:67:
         18:77:05:5e:03:40:ef:bf:53:1d:aa:03:63:71:3c:ec:9b:5d:
         f5:ed:6e:8a:9d:71:a3:ca:79:33:ef:28:48:21:53:26:50:8b:
         b4:45:37:55:5c:47:84:57:c1:fc:75:de:9a:85:72:38:f1:f3:
         16:32:0f:18:94:92:07:3e:ab:96:c9:3e:09:63:77:4a:56:8c:
         59:33:c7:7c:de:bb:bb:1a:0f:a4:8e:27:19:cb:05:3c:15:cd:
         a5:c4:a4:52:33:4a:9a:af:e2:1c:68:a0:40:50:33:4e:0f:1c:
         94:08:b1:af:4b:68:80:54:7e:16:96:a0:38:53:ab:d8:e0:1b:
         03:b5:ec:05:f9:48:94:39:4b:01:fb:22:78:26:65:d4:cf:e9:
         87:6f:0b:34:d1:79:87:57:f8:b9:08:e6:7f:6e:78:fa:49:b7:
         af:f0:22:9f:04:2b:aa:90:13:11:1e:ed:2d:ef:9e:dd:20:a0:
         34:88:88:c2
-----BEGIN CERTIFICATE-----
MIIEyTCCA7GgAwIBAgIUWBRmtiR+6Qk+S86H2PuYFfw3rDQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjYwNDI4OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJG
RDk5RjNFNjAeFw0yMzEwMTcxNjA4MzBaFw0yNDEwMTUxNjEzMzBaMDMxMTAvBgNV
BAMTKEE1OEQ5QTFEM0MyNUREREJGOTI4NUI3NjFEMDQzNEQwNEY1NDFGN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2AJVz1LfEymmpzaoBQD/LknEf
IiVKxjjP0sTdNii5KKWvaRWaY+xlFsylg75s3IlpST3/mNKIVoW8ZJN9vOmUILmf
vHr9WBTAGEJeQ0Tyxd6baAddyfwLXwKrxLrvYbDPhUDanqQVPEmw5VHxKzsRohwd
W0f5P7BNLToEAMctnXNcpXrin+oesWo0lUKC3weLt657Jm7dYkDzcE/zYBoGUmLg
tFBksUwGy3LGLNIKoqILI+O9b/I4cXmDI2ROVAvRvNoYcAt3V1GcJrMbSnunNx0m
wWsCSXXCbZlC2N0kgkIP6YdKqOowatQfsTJBUUBD7P7CdlNoa5qNyGS2cKdJAgMB
AAGjggHTMIIBzzAdBgNVHQ4EFgQUpY2aHTwl3dv5KFt2HQQ00E9UH34wHwYDVR0j
BBgwFoAUZgQonH454I4a4SVc7nPAW/2Z8+YwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEvNjYwNDI4
OUM3RTM5RTA4RTFBRTEyNTVDRUU3M0MwNUJGRDk5RjNFNi5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC81
LzY2MDQyODlDN0UzOUUwOEUxQUUxMjU1Q0VFNzNDMDVCRkQ5OUYzRTYuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvMS8zMjYxMzEzMjNhNjQ2NDM0MzczYTY2NjMzMDMwM2EzYTJmMzMzODJk
MzMzODIwM2QzZTIwMzIzMDMwMzgzMjM3LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYCKhLdR/wwDQYJKoZI
hvcNAQELBQADggEBABH12pDWOlIMLvlvNbcE1hSwtAgx6/gn+szZx2J568ZaVsdh
nrJrhkGtE5lAbM1oCaZRQUZZPUb4nFFjILux6BTf/y5MUqC2Zxh3BV4DQO+/Ux2q
A2NxPOybXfXtboqdcaPKeTPvKEghUyZQi7RFN1VcR4RXwfx13pqFcjjx8xYyDxiU
kgc+q5bJPgljd0pWjFkzx3zeu7saD6SOJxnLBTwVzaXEpFIzSpqv4hxooEBQM04P
HJQIsa9LaIBUfhaWoDhTq9jgGwO17AX5SJQ5SwH7IngmZdTP6YdvCzTReYdX+LkI
5n9uePpJt6/wIp8EK6qQExEe7S3vnt0goDSIiMI=
-----END CERTIFICATE-----