Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/Bee/1/326131323a646434373a646130303a3a2f34312d3431203d3e20313939363933.roa
File:                     326131323a646434373a646130303a3a2f34312d3431203d3e20313939363933.roa (raw, json)
Hash identifier:          YdvjkKhLq9N0q6KWQJK3Wy/FRkgv4vBb/QK8jWR5nnE=
Subject key identifier:   18:91:9A:64:7A:73:C4:5A:10:76:39:AF:10:2A:28:6A:1A:A5:85:EB
Certificate issuer:       /CN=7E33A908D6350A322FA03630A59582A284A95C5D
Certificate serial:       33FCEAFC61C87BC74CDB75DF1E1DA438254FD5A7
Authority key identifier: 7E:33:A9:08:D6:35:0A:32:2F:A0:36:30:A5:95:82:A2:84:A9:5C:5D
Authority info access:    rsync://rpki.co/repo/AS945/1/7E33A908D6350A322FA03630A59582A284A95C5D.cer
Subject info access:      rsync://rpki.co/repo/Bee/1/326131323a646434373a646130303a3a2f34312d3431203d3e20313939363933.roa
Signing time:             Sun 11 Feb 2024 10:02:04 +0000
ROA not before:           Sun 11 Feb 2024 09:57:04 +0000
ROA not after:            Sun 09 Feb 2025 10:02:04 +0000
asID:                     199693
IP address blocks:        2a12:dd47:da00::/41 maxlen: 41

Validation:               OK
Signature path:           rsync://rpki.co/repo/Bee/1/7E33A908D6350A322FA03630A59582A284A95C5D.crl
                          rsync://rpki.co/repo/Bee/1/7E33A908D6350A322FA03630A59582A284A95C5D.mft
                          rsync://rpki.co/repo/AS945/1/7E33A908D6350A322FA03630A59582A284A95C5D.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 11:02:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:fc:ea:fc:61:c8:7b:c7:4c:db:75:df:1e:1d:a4:38:25:4f:d5:a7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7E33A908D6350A322FA03630A59582A284A95C5D
        Validity
            Not Before: Feb 11 09:57:04 2024 GMT
            Not After : Feb  9 10:02:04 2025 GMT
        Subject: CN=18919A647A73C45A107639AF102A286A1AA585EB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:f6:26:a9:c5:f3:e0:30:7f:2e:e2:c0:5c:1e:
                    78:5f:7d:37:6c:5e:de:77:91:f8:6d:f6:c4:97:50:
                    3a:65:c2:59:c8:1d:f4:d4:70:60:ed:58:6d:2b:cd:
                    c1:29:67:71:24:79:2d:50:c3:72:00:87:11:31:5d:
                    47:ba:dc:98:f9:be:0d:42:92:04:55:79:19:b5:e4:
                    90:3e:61:a7:55:7f:90:15:f2:05:b3:09:b5:15:66:
                    7b:0d:97:4b:69:fe:63:3d:33:4b:e3:50:05:3a:af:
                    fc:9a:9f:a3:e1:ae:ea:54:b6:91:85:d1:56:24:51:
                    90:84:1d:5a:6d:d2:6b:e0:ea:72:80:eb:30:25:89:
                    a7:6f:14:17:eb:7b:ea:25:7a:91:7d:fa:49:5b:a3:
                    9b:1f:a1:ab:db:12:8d:1b:67:66:97:a1:35:b7:43:
                    23:3c:51:4d:37:6c:f8:00:39:c1:6d:d0:1a:58:c5:
                    40:17:6f:36:13:17:2e:1a:ac:a3:32:09:11:06:da:
                    7a:6e:5b:29:3e:55:75:23:77:02:c4:b2:2b:4a:e1:
                    18:65:8b:6c:51:97:0a:96:7b:9c:51:95:57:1a:33:
                    26:bf:40:d5:e1:5f:00:ba:5c:45:d1:ab:db:55:8a:
                    98:9e:2a:58:f4:91:38:27:da:87:99:75:bf:a5:65:
                    f7:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:91:9A:64:7A:73:C4:5A:10:76:39:AF:10:2A:28:6A:1A:A5:85:EB
            X509v3 Authority Key Identifier:
                keyid:7E:33:A9:08:D6:35:0A:32:2F:A0:36:30:A5:95:82:A2:84:A9:5C:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/Bee/1/7E33A908D6350A322FA03630A59582A284A95C5D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/7E33A908D6350A322FA03630A59582A284A95C5D.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/Bee/1/326131323a646434373a646130303a3a2f34312d3431203d3e20313939363933.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:da00::/41

    Signature Algorithm: sha256WithRSAEncryption
         35:c5:0b:1b:57:c0:80:61:48:de:d6:2f:d8:63:5e:6a:db:43:
         11:bc:1d:95:cd:d6:76:d8:9b:5c:cf:2f:50:1c:95:e7:bc:32:
         a5:7e:a2:4e:df:90:b1:e1:2a:5e:3f:16:f0:58:97:d4:af:32:
         62:a4:e4:39:ef:4a:cb:e4:de:c5:8b:50:57:47:3e:1f:fb:c6:
         8b:ff:db:f8:01:84:8d:f4:2e:60:3d:02:39:cd:bb:5c:d5:99:
         94:74:45:44:0f:c1:57:f6:70:40:e4:3e:48:4b:0d:9d:c5:e0:
         a1:49:05:02:bd:d2:35:90:a0:79:cf:1d:90:6e:cd:54:77:81:
         90:dc:a0:50:45:b3:bd:fe:cc:82:33:e5:fc:94:7e:87:8d:7c:
         a3:46:e4:8e:5e:73:ba:70:3a:c8:3e:06:83:5e:79:99:b0:6e:
         04:23:79:fd:41:89:93:87:dc:05:a5:ac:58:4b:0c:15:8e:7d:
         fc:e1:09:62:2f:79:37:29:80:c8:32:64:77:b0:bf:a0:70:c0:
         ff:10:ee:6b:9e:19:40:d7:6a:92:c9:05:50:33:04:c6:23:4c:
         fd:8c:89:fa:aa:88:19:d7:43:48:8c:99:23:36:7a:08:d7:c0:
         0f:18:6c:c9:f0:89:37:e9:6c:48:b2:e7:d0:70:93:21:a0:69:
         0c:30:6c:12
-----BEGIN CERTIFICATE-----
MIIExjCCA66gAwIBAgIUM/zq/GHIe8dM23XfHh2kOCVP1acwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0UzM0E5MDhENjM1MEEzMjJGQTAzNjMwQTU5NTgyQTI4
NEE5NUM1RDAeFw0yNDAyMTEwOTU3MDRaFw0yNTAyMDkxMDAyMDRaMDMxMTAvBgNV
BAMTKDE4OTE5QTY0N0E3M0M0NUExMDc2MzlBRjEwMkEyODZBMUFBNTg1RUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC49iapxfPgMH8u4sBcHnhffTds
Xt53kfht9sSXUDplwlnIHfTUcGDtWG0rzcEpZ3EkeS1Qw3IAhxExXUe63Jj5vg1C
kgRVeRm15JA+YadVf5AV8gWzCbUVZnsNl0tp/mM9M0vjUAU6r/yan6PhrupUtpGF
0VYkUZCEHVpt0mvg6nKA6zAliadvFBfre+olepF9+klbo5sfoavbEo0bZ2aXoTW3
QyM8UU03bPgAOcFt0BpYxUAXbzYTFy4arKMyCREG2npuWyk+VXUjdwLEsitK4Rhl
i2xRlwqWe5xRlVcaMya/QNXhXwC6XEXRq9tVipieKlj0kTgn2oeZdb+lZfeXAgMB
AAGjggHQMIIBzDAdBgNVHQ4EFgQUGJGaZHpzxFoQdjmvECooahqlheswHwYDVR0j
BBgwFoAUfjOpCNY1CjIvoDYwpZWCooSpXF0wDgYDVR0PAQH/BAQDAgeAMFgGA1Ud
HwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jby9yZXBvL0JlZS8xLzdFMzNBOTA4
RDYzNTBBMzIyRkEwMzYzMEE1OTU4MkEyODRBOTVDNUQuY3JsMGUGCCsGAQUFBwEB
BFkwVzBVBggrBgEFBQcwAoZJcnN5bmM6Ly9ycGtpLmNvL3JlcG8vQVM5NDUvMS83
RTMzQTkwOEQ2MzUwQTMyMkZBMDM2MzBBNTk1ODJBMjg0QTk1QzVELmNlcjB7Bggr
BgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnBraS5jby9yZXBvL0Jl
ZS8xLzMyNjEzMTMyM2E2NDY0MzQzNzNhNjQ2MTMwMzAzYTNhMmYzNDMxMmQzNDMx
MjAzZDNlMjAzMTM5MzkzNjM5MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwcqEt1H2gAwDQYJKoZIhvcN
AQELBQADggEBADXFCxtXwIBhSN7WL9hjXmrbQxG8HZXN1nbYm1zPL1Aclee8MqV+
ok7fkLHhKl4/FvBYl9SvMmKk5DnvSsvk3sWLUFdHPh/7xov/2/gBhI30LmA9AjnN
u1zVmZR0RUQPwVf2cEDkPkhLDZ3F4KFJBQK90jWQoHnPHZBuzVR3gZDcoFBFs73+
zIIz5fyUfoeNfKNG5I5ec7pwOsg+BoNeeZmwbgQjef1BiZOH3AWlrFhLDBWOffzh
CWIveTcpgMgyZHewv6BwwP8Q7mueGUDXapLJBVAzBMYjTP2MifqqiBnXQ0iMmSM2
egjXwA8YbMnwiTfpbEiy59BwkyGgaQwwbBI=
-----END CERTIFICATE-----
Generated at Fri May 17 21:11:04 2024 by rpki-client on console-ams.rpki-client.org