Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/Bee/1/326131323a646434373a646130303a3a2f34302d3430203d3e20313939363933.roa
File:                     326131323a646434373a646130303a3a2f34302d3430203d3e20313939363933.roa (raw, json)
Hash identifier:          /1rIH72vvMelQlG5h9LTWxkEDFZJonSNdm0JhYjoJQM=
Subject key identifier:   9D:44:A5:A7:EB:78:6D:F9:14:C6:96:4B:35:87:19:5A:D6:9E:8B:8D
Certificate issuer:       /CN=7E33A908D6350A322FA03630A59582A284A95C5D
Certificate serial:       6062C6BF315FB9A6E64BF940543704B79E6732E2
Authority key identifier: 7E:33:A9:08:D6:35:0A:32:2F:A0:36:30:A5:95:82:A2:84:A9:5C:5D
Authority info access:    rsync://rpki.co/repo/AS945/1/7E33A908D6350A322FA03630A59582A284A95C5D.cer
Subject info access:      rsync://rpki.co/repo/Bee/1/326131323a646434373a646130303a3a2f34302d3430203d3e20313939363933.roa
Signing time:             Sun 11 Feb 2024 10:15:56 +0000
ROA not before:           Sun 11 Feb 2024 10:10:56 +0000
ROA not after:            Sun 09 Feb 2025 10:15:56 +0000
asID:                     199693
IP address blocks:        2a12:dd47:da00::/40 maxlen: 40

Validation:               OK
Signature path:           rsync://rpki.co/repo/Bee/1/7E33A908D6350A322FA03630A59582A284A95C5D.crl
                          rsync://rpki.co/repo/Bee/1/7E33A908D6350A322FA03630A59582A284A95C5D.mft
                          rsync://rpki.co/repo/AS945/1/7E33A908D6350A322FA03630A59582A284A95C5D.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 11:02:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            60:62:c6:bf:31:5f:b9:a6:e6:4b:f9:40:54:37:04:b7:9e:67:32:e2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7E33A908D6350A322FA03630A59582A284A95C5D
        Validity
            Not Before: Feb 11 10:10:56 2024 GMT
            Not After : Feb  9 10:15:56 2025 GMT
        Subject: CN=9D44A5A7EB786DF914C6964B3587195AD69E8B8D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fc:51:da:94:df:3e:7e:25:05:14:ee:d3:4f:06:
                    dd:d7:00:79:66:af:57:3e:0d:d8:5e:e0:9c:07:61:
                    93:0f:44:a4:ca:9b:1b:f9:68:08:d7:df:b7:a5:7e:
                    39:26:72:8c:c4:3d:46:7c:11:ae:ac:1c:11:20:47:
                    14:e5:39:1a:c6:68:2b:0a:3c:d3:ce:b3:f2:a8:3f:
                    e6:c4:3f:a0:61:8b:1c:6e:4c:06:1b:e8:35:84:77:
                    af:8a:df:ec:c1:e4:9b:68:71:74:29:e4:65:d6:a4:
                    58:6d:a1:00:5c:14:cd:78:1d:13:b7:de:cc:59:91:
                    af:1d:93:2e:9e:b0:3a:2f:ca:39:fa:a2:1a:93:e8:
                    d9:d2:c3:d5:bb:35:4d:5b:f4:f2:cd:00:b8:b7:d5:
                    ee:46:9d:e2:37:81:e9:76:28:90:34:b5:57:ee:7f:
                    fc:83:27:1f:e1:6e:a8:8e:ae:b6:4d:7a:86:46:d4:
                    9f:ba:95:ee:c5:96:85:a2:75:01:2e:f0:0a:bb:33:
                    71:f9:82:ac:22:e1:81:ec:4f:3d:fa:85:a1:c1:59:
                    cb:53:aa:29:8f:92:2a:a1:c3:5f:45:14:6a:28:fb:
                    77:b3:2c:c7:e5:7e:54:98:f2:23:aa:fe:73:56:5c:
                    d5:3c:35:f4:f7:05:44:f0:24:b5:51:09:fe:21:69:
                    02:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:44:A5:A7:EB:78:6D:F9:14:C6:96:4B:35:87:19:5A:D6:9E:8B:8D
            X509v3 Authority Key Identifier:
                keyid:7E:33:A9:08:D6:35:0A:32:2F:A0:36:30:A5:95:82:A2:84:A9:5C:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/Bee/1/7E33A908D6350A322FA03630A59582A284A95C5D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/7E33A908D6350A322FA03630A59582A284A95C5D.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/Bee/1/326131323a646434373a646130303a3a2f34302d3430203d3e20313939363933.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:da00::/40

    Signature Algorithm: sha256WithRSAEncryption
         a8:60:83:9e:c8:4f:2b:f5:c4:e0:11:a7:4b:b9:92:c2:fb:a2:
         16:ba:66:3c:1f:12:68:2f:10:55:ff:0a:21:d0:c0:9f:b0:88:
         db:1a:3c:30:b6:f0:f5:e5:38:14:06:e3:ad:32:b2:b1:fa:2c:
         2b:d8:02:b0:80:c7:9e:0d:6f:56:48:c1:c0:d2:fc:62:ad:76:
         2b:4a:c5:2d:1a:0e:dc:2c:45:fa:f4:41:4c:8c:7d:c8:e8:74:
         b3:5d:ef:19:4e:f6:4a:b0:4e:42:f2:89:80:26:62:04:a6:22:
         a5:95:ba:8c:59:45:57:03:96:6d:bf:83:74:a6:87:e8:5c:83:
         a8:d6:98:22:9f:68:81:f0:54:c9:13:61:01:5b:54:58:6a:0a:
         53:81:74:8b:00:08:e5:b5:11:ee:a4:72:9c:ab:ee:9d:57:c2:
         88:9b:6e:9e:ca:04:f2:22:47:1e:b3:eb:5d:34:08:af:3a:fd:
         db:61:7d:cb:4d:f2:e3:89:5e:81:f2:8c:12:c0:2c:3e:8d:82:
         99:38:ba:a7:a2:f6:d6:47:59:c2:d5:1d:5c:96:d9:44:7f:54:
         03:51:16:bd:61:85:19:e0:ec:b6:0f:9d:e7:d6:f2:8a:93:87:
         6b:30:11:f2:97:2b:b1:71:fc:2c:70:a4:51:27:97:5f:2e:d4:
         e9:df:ad:1c
-----BEGIN CERTIFICATE-----
MIIExTCCA62gAwIBAgIUYGLGvzFfuabmS/lAVDcEt55nMuIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0UzM0E5MDhENjM1MEEzMjJGQTAzNjMwQTU5NTgyQTI4
NEE5NUM1RDAeFw0yNDAyMTExMDEwNTZaFw0yNTAyMDkxMDE1NTZaMDMxMTAvBgNV
BAMTKDlENDRBNUE3RUI3ODZERjkxNEM2OTY0QjM1ODcxOTVBRDY5RThCOEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD8UdqU3z5+JQUU7tNPBt3XAHlm
r1c+Ddhe4JwHYZMPRKTKmxv5aAjX37elfjkmcozEPUZ8Ea6sHBEgRxTlORrGaCsK
PNPOs/KoP+bEP6BhixxuTAYb6DWEd6+K3+zB5JtocXQp5GXWpFhtoQBcFM14HRO3
3sxZka8dky6esDovyjn6ohqT6NnSw9W7NU1b9PLNALi31e5GneI3gel2KJA0tVfu
f/yDJx/hbqiOrrZNeoZG1J+6le7FloWidQEu8Aq7M3H5gqwi4YHsTz36haHBWctT
qimPkiqhw19FFGoo+3ezLMflflSY8iOq/nNWXNU8NfT3BUTwJLVRCf4haQKTAgMB
AAGjggHPMIIByzAdBgNVHQ4EFgQUnUSlp+t4bfkUxpZLNYcZWtaei40wHwYDVR0j
BBgwFoAUfjOpCNY1CjIvoDYwpZWCooSpXF0wDgYDVR0PAQH/BAQDAgeAMFgGA1Ud
HwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jby9yZXBvL0JlZS8xLzdFMzNBOTA4
RDYzNTBBMzIyRkEwMzYzMEE1OTU4MkEyODRBOTVDNUQuY3JsMGUGCCsGAQUFBwEB
BFkwVzBVBggrBgEFBQcwAoZJcnN5bmM6Ly9ycGtpLmNvL3JlcG8vQVM5NDUvMS83
RTMzQTkwOEQ2MzUwQTMyMkZBMDM2MzBBNTk1ODJBMjg0QTk1QzVELmNlcjB7Bggr
BgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnBraS5jby9yZXBvL0Jl
ZS8xLzMyNjEzMTMyM2E2NDY0MzQzNzNhNjQ2MTMwMzAzYTNhMmYzNDMwMmQzNDMw
MjAzZDNlMjAzMTM5MzkzNjM5MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqEt1H2jANBgkqhkiG9w0B
AQsFAAOCAQEAqGCDnshPK/XE4BGnS7mSwvuiFrpmPB8SaC8QVf8KIdDAn7CI2xo8
MLbw9eU4FAbjrTKysfosK9gCsIDHng1vVkjBwNL8Yq12K0rFLRoO3CxF+vRBTIx9
yOh0s13vGU72SrBOQvKJgCZiBKYipZW6jFlFVwOWbb+DdKaH6FyDqNaYIp9ogfBU
yRNhAVtUWGoKU4F0iwAI5bUR7qRynKvunVfCiJtunsoE8iJHHrPrXTQIrzr922F9
y03y44legfKMEsAsPo2CmTi6p6L21kdZwtUdXJbZRH9UA1EWvWGFGeDstg+d59by
ipOHazAR8pcrsXH8LHCkUSeXXy7U6d+tHA==
-----END CERTIFICATE-----
Generated at Fri May 17 20:59:17 2024 by rpki-client on console-fra.rpki-client.org