Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/AS945/5/326131333a633030373a383031363a3a2f34382d3438203d3e20323039363538.roa
File:                     326131333a633030373a383031363a3a2f34382d3438203d3e20323039363538.roa (raw, json)
Hash identifier:          K6YuOaJOJV88mh6PpGWst8TLus+pbLLL5FnZ4MDL7+4=
Subject key identifier:   62:3F:0C:24:C4:80:86:C8:4C:FC:45:52:E5:7F:C1:15:9D:42:6A:5B
Certificate issuer:       /CN=AD4A224A9565F67E4914E6F8C2B3C34303C9C875
Certificate serial:       22DB083541780708E2E21286D5FB02018D8D46A7
Authority key identifier: AD:4A:22:4A:95:65:F6:7E:49:14:E6:F8:C2:B3:C3:43:03:C9:C8:75
Authority info access:    rsync://dev.tw/rpki/August/1/AD4A224A9565F67E4914E6F8C2B3C34303C9C875.cer
Subject info access:      rsync://rpki.co/repo/AS945/5/326131333a633030373a383031363a3a2f34382d3438203d3e20323039363538.roa
Signing time:             Mon 11 Mar 2024 04:13:52 +0000
ROA not before:           Mon 11 Mar 2024 04:08:52 +0000
ROA not after:            Mon 10 Mar 2025 04:13:52 +0000
asID:                     209658
IP address blocks:        2a13:c007:8016::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/AS945/5/AD4A224A9565F67E4914E6F8C2B3C34303C9C875.crl
                          rsync://rpki.co/repo/AS945/5/AD4A224A9565F67E4914E6F8C2B3C34303C9C875.mft
                          rsync://dev.tw/rpki/August/1/AD4A224A9565F67E4914E6F8C2B3C34303C9C875.cer
                          rsync://dev.tw/rpki/August/1/442C354A483A8B70D839D3F798CD870684F02186.crl
                          rsync://dev.tw/rpki/August/1/442C354A483A8B70D839D3F798CD870684F02186.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/RCw1Skg6i3DYOdP3mM2HBoTwIYY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 09 May 2024 15:36:36 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:db:08:35:41:78:07:08:e2:e2:12:86:d5:fb:02:01:8d:8d:46:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AD4A224A9565F67E4914E6F8C2B3C34303C9C875
        Validity
            Not Before: Mar 11 04:08:52 2024 GMT
            Not After : Mar 10 04:13:52 2025 GMT
        Subject: CN=623F0C24C48086C84CFC4552E57FC1159D426A5B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:f1:e4:61:81:01:79:42:c2:68:b2:46:16:26:
                    9e:b9:6c:39:71:e6:e6:1b:96:16:d4:d1:60:ec:7f:
                    32:2c:af:f1:3c:02:8a:2b:2d:72:d1:67:e6:97:65:
                    0a:42:2e:db:e0:a3:e1:3a:4c:d4:a7:04:79:7a:0e:
                    f2:dc:39:9c:53:2f:e8:00:6c:7b:88:2f:17:27:bd:
                    24:58:7e:e9:da:ff:19:bd:a3:03:e4:1d:eb:28:3f:
                    cb:5f:b5:a1:e1:cd:84:25:07:a3:d1:4e:c3:f2:5f:
                    f6:46:a0:fb:df:38:f9:54:fc:85:a5:50:09:fd:ba:
                    7a:38:5f:a8:5a:5b:10:7b:b8:35:cd:76:0e:c0:27:
                    17:97:8e:42:57:a9:cc:48:ee:ba:be:44:65:4b:af:
                    92:17:c5:c1:5d:3f:70:b9:99:cb:9f:03:43:32:51:
                    2c:23:f2:f8:a9:21:8f:c3:f2:f3:f8:9a:8d:06:ae:
                    79:b2:e7:85:92:94:39:46:13:8c:94:ea:6a:87:00:
                    5e:49:1c:b6:a0:b3:6d:5c:66:c7:62:b9:02:f6:3a:
                    c8:97:ad:c6:c0:ac:0d:31:de:78:1d:0b:65:43:5e:
                    b4:8b:82:12:d3:d3:5d:37:9c:43:0d:84:65:7e:e0:
                    e7:04:d0:31:78:25:10:7c:27:c6:7d:61:39:0c:5b:
                    48:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:3F:0C:24:C4:80:86:C8:4C:FC:45:52:E5:7F:C1:15:9D:42:6A:5B
            X509v3 Authority Key Identifier:
                keyid:AD:4A:22:4A:95:65:F6:7E:49:14:E6:F8:C2:B3:C3:43:03:C9:C8:75

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/AS945/5/AD4A224A9565F67E4914E6F8C2B3C34303C9C875.crl

            Authority Information Access:
                CA Issuers - URI:rsync://dev.tw/rpki/August/1/AD4A224A9565F67E4914E6F8C2B3C34303C9C875.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/AS945/5/326131333a633030373a383031363a3a2f34382d3438203d3e20323039363538.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a13:c007:8016::/48

    Signature Algorithm: sha256WithRSAEncryption
         6d:f0:7b:a3:95:51:25:63:0e:3d:dc:81:b6:d7:5b:0a:6e:47:
         3a:74:1f:33:f8:31:fa:5d:7e:59:1a:69:cf:b6:2c:9f:4c:3a:
         35:82:eb:88:f0:00:b1:d5:81:7d:38:80:00:f8:01:a6:e8:13:
         6f:74:8f:0e:a7:3f:75:15:fc:04:fb:f1:dd:8f:39:27:65:b7:
         56:ae:8a:f2:40:7f:74:34:7a:1c:42:da:57:fb:2d:29:e7:81:
         58:57:93:0e:99:f4:4f:ab:fc:2d:1c:64:17:03:9b:4f:a5:ce:
         2e:62:cb:dc:cf:98:57:c1:09:6c:6e:e4:84:25:9c:03:5e:e3:
         58:f4:bf:9f:e6:8f:e6:94:d3:cc:42:90:28:25:c3:7d:bb:06:
         72:99:cd:ba:37:f9:1f:2d:ed:43:6a:8b:71:26:0a:f4:5c:b9:
         52:86:90:fb:8e:df:f6:c2:f2:b4:07:85:98:d1:6b:1f:df:b2:
         41:97:9d:d1:1b:ca:31:8b:eb:aa:2e:f6:d2:e4:7c:76:67:b6:
         41:e1:ff:47:dc:a5:61:8a:ea:b6:9c:4c:09:3f:cf:f9:91:c8:
         78:df:50:ff:37:3e:3f:2e:bb:8c:c5:3c:4a:2e:81:c5:50:cb:
         bc:c2:88:4c:da:07:93:b0:4d:1f:a1:85:20:55:06:2e:1c:22:
         41:b5:80:d0
-----BEGIN CERTIFICATE-----
MIIEyjCCA7KgAwIBAgIUItsINUF4Bwji4hKG1fsCAY2NRqcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQUQ0QTIyNEE5NTY1RjY3RTQ5MTRFNkY4QzJCM0MzNDMw
M0M5Qzg3NTAeFw0yNDAzMTEwNDA4NTJaFw0yNTAzMTAwNDEzNTJaMDMxMTAvBgNV
BAMTKDYyM0YwQzI0QzQ4MDg2Qzg0Q0ZDNDU1MkU1N0ZDMTE1OUQ0MjZBNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDg8eRhgQF5QsJoskYWJp65bDlx
5uYblhbU0WDsfzIsr/E8AoorLXLRZ+aXZQpCLtvgo+E6TNSnBHl6DvLcOZxTL+gA
bHuILxcnvSRYfuna/xm9owPkHesoP8tftaHhzYQlB6PRTsPyX/ZGoPvfOPlU/IWl
UAn9uno4X6haWxB7uDXNdg7AJxeXjkJXqcxI7rq+RGVLr5IXxcFdP3C5mcufA0My
USwj8vipIY/D8vP4mo0Grnmy54WSlDlGE4yU6mqHAF5JHLags21cZsdiuQL2OsiX
rcbArA0x3ngdC2VDXrSLghLT0103nEMNhGV+4OcE0DF4JRB8J8Z9YTkMW0j7AgMB
AAGjggHUMIIB0DAdBgNVHQ4EFgQUYj8MJMSAhshM/EVS5X/BFZ1CalswHwYDVR0j
BBgwFoAUrUoiSpVl9n5JFOb4wrPDQwPJyHUwDgYDVR0PAQH/BAQDAgeAMFoGA1Ud
HwRTMFEwT6BNoEuGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzUvQUQ0QTIy
NEE5NTY1RjY3RTQ5MTRFNkY4QzJCM0MzNDMwM0M5Qzg3NS5jcmwwZQYIKwYBBQUH
AQEEWTBXMFUGCCsGAQUFBzAChklyc3luYzovL2Rldi50dy9ycGtpL0F1Z3VzdC8x
L0FENEEyMjRBOTU2NUY2N0U0OTE0RTZGOEMyQjNDMzQzMDNDOUM4NzUuY2VyMH0G
CCsGAQUFBwELBHEwbzBtBggrBgEFBQcwC4ZhcnN5bmM6Ly9ycGtpLmNvL3JlcG8v
QVM5NDUvNS8zMjYxMzEzMzNhNjMzMDMwMzczYTM4MzAzMTM2M2EzYTJmMzQzODJk
MzQzODIwM2QzZTIwMzIzMDM5MzYzNTM4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsG
AQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhPAB4AWMA0GCSqG
SIb3DQEBCwUAA4IBAQBt8HujlVElYw493IG211sKbkc6dB8z+DH6XX5ZGmnPtiyf
TDo1guuI8ACx1YF9OIAA+AGm6BNvdI8Opz91FfwE+/HdjzknZbdWroryQH90NHoc
QtpX+y0p54FYV5MOmfRPq/wtHGQXA5tPpc4uYsvcz5hXwQlsbuSEJZwDXuNY9L+f
5o/mlNPMQpAoJcN9uwZymc26N/kfLe1DaotxJgr0XLlShpD7jt/2wvK0B4WY0Wsf
37JBl53RG8oxi+uqLvbS5Hx2Z7ZB4f9H3KVhiuq2nEwJP8/5kch431D/Nz4/LruM
xTxKLoHFUMu8wohM2geTsE0foYUgVQYuHCJBtYDQ
-----END CERTIFICATE-----