Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/Bee/1/326131323a646434373a646138303a3a2f34312d3431203d3e20313939363933.roa
File:                     326131323a646434373a646138303a3a2f34312d3431203d3e20313939363933.roa (raw, json)
Hash identifier:          xUHoNBTlnz/GwPvPCa4RKbBgphixZrHFqsRk0o4iUFk=
Subject key identifier:   18:C7:84:CC:41:53:FC:74:02:D9:A3:6F:EA:9B:37:6C:87:A0:F7:1B
Certificate issuer:       /CN=7E33A908D6350A322FA03630A59582A284A95C5D
Certificate serial:       3E6492D26F814564DFD11F081FAFC351D57BE7D0
Authority key identifier: 7E:33:A9:08:D6:35:0A:32:2F:A0:36:30:A5:95:82:A2:84:A9:5C:5D
Authority info access:    rsync://rpki.co/repo/AS945/1/7E33A908D6350A322FA03630A59582A284A95C5D.cer
Subject info access:      rsync://rpki.co/repo/Bee/1/326131323a646434373a646138303a3a2f34312d3431203d3e20313939363933.roa
Signing time:             Sun 11 Feb 2024 10:02:24 +0000
ROA not before:           Sun 11 Feb 2024 09:57:24 +0000
ROA not after:            Sun 09 Feb 2025 10:02:24 +0000
asID:                     199693
IP address blocks:        2a12:dd47:da80::/41 maxlen: 41

Validation:               OK
Signature path:           rsync://rpki.co/repo/Bee/1/7E33A908D6350A322FA03630A59582A284A95C5D.crl
                          rsync://rpki.co/repo/Bee/1/7E33A908D6350A322FA03630A59582A284A95C5D.mft
                          rsync://rpki.co/repo/AS945/1/7E33A908D6350A322FA03630A59582A284A95C5D.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 11:02:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3e:64:92:d2:6f:81:45:64:df:d1:1f:08:1f:af:c3:51:d5:7b:e7:d0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7E33A908D6350A322FA03630A59582A284A95C5D
        Validity
            Not Before: Feb 11 09:57:24 2024 GMT
            Not After : Feb  9 10:02:24 2025 GMT
        Subject: CN=18C784CC4153FC7402D9A36FEA9B376C87A0F71B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bd:29:2a:5c:22:bc:d0:8b:fc:83:77:77:1c:4e:
                    e4:75:e1:33:62:86:f3:f9:17:7f:57:d5:0c:ab:08:
                    e6:4d:77:d8:4a:3e:94:f9:d5:dd:7b:f1:09:a2:96:
                    05:f7:23:89:b6:ee:2a:e0:2d:73:0b:72:e7:92:fb:
                    39:64:5b:e0:15:1e:91:07:37:81:5b:b1:71:91:aa:
                    b0:cb:57:f0:eb:9d:8a:b7:84:84:28:5d:98:d9:22:
                    7e:ba:da:9d:29:ec:4a:60:ce:e8:92:3b:64:23:72:
                    bd:2e:a4:a9:82:c3:be:40:66:e4:f8:eb:df:57:44:
                    f8:0f:32:91:34:a2:ab:39:dd:da:e7:0c:2f:dc:7e:
                    6a:47:ee:7a:a4:34:ff:25:a8:d0:b2:a0:dc:f9:37:
                    3c:32:81:af:74:e4:87:3b:d9:ee:f9:c4:07:03:2b:
                    74:51:a2:ed:a5:c5:ba:4a:1c:9a:44:06:e4:8a:be:
                    cc:62:93:e3:7f:eb:2d:d4:0e:56:c8:c9:c2:f1:b7:
                    16:2d:4f:15:69:90:3d:88:8f:7d:e6:eb:32:ba:ab:
                    c7:e0:23:1b:c3:19:15:3e:51:47:33:3a:f6:65:f7:
                    c2:49:94:99:e3:f9:18:eb:db:89:15:ef:5c:41:66:
                    e6:f7:36:ec:57:26:3c:a5:50:1e:39:5e:dd:84:7c:
                    3e:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                18:C7:84:CC:41:53:FC:74:02:D9:A3:6F:EA:9B:37:6C:87:A0:F7:1B
            X509v3 Authority Key Identifier:
                keyid:7E:33:A9:08:D6:35:0A:32:2F:A0:36:30:A5:95:82:A2:84:A9:5C:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/Bee/1/7E33A908D6350A322FA03630A59582A284A95C5D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/7E33A908D6350A322FA03630A59582A284A95C5D.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/Bee/1/326131323a646434373a646138303a3a2f34312d3431203d3e20313939363933.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:da80::/41

    Signature Algorithm: sha256WithRSAEncryption
         b0:a5:b1:1f:c1:14:a1:6b:0b:71:a1:79:77:f4:f9:c4:45:51:
         65:f4:86:7f:dd:5f:b0:15:6a:d0:cc:7b:c0:ab:84:0a:98:6f:
         f5:1b:ef:ec:c6:fb:49:52:52:d8:25:6c:a2:30:a2:fd:0c:f3:
         0b:6a:e2:e1:6c:05:e4:38:2b:e9:92:ea:6d:91:5a:d6:c9:81:
         83:c1:51:b7:74:25:71:0c:ad:05:ce:64:04:06:58:71:1f:3d:
         e1:53:61:50:b6:c0:1c:60:06:47:37:d6:ee:06:80:43:cd:83:
         b2:cd:8c:60:71:32:35:c5:66:95:53:e0:99:0d:d7:bc:d8:1e:
         74:84:3c:e1:e1:3b:0b:45:60:5c:f0:cf:09:96:23:05:7d:2f:
         a3:85:a3:87:56:ad:c2:ca:8e:0b:93:4f:84:26:8e:2a:7d:cc:
         89:71:d8:05:b7:e8:a4:ff:c9:1c:60:fb:90:79:98:7f:8f:b8:
         7f:aa:c2:78:4e:f1:fb:fa:bc:ff:88:90:da:40:04:91:a3:1c:
         0b:20:1d:98:bb:d7:4f:a8:d1:71:d1:f0:0d:cb:64:3d:1e:48:
         a3:b4:33:c9:20:5b:28:9b:20:8d:b8:76:35:f8:47:07:b8:f3:
         5b:e6:7e:0a:58:86:e1:8a:10:64:f5:12:98:53:c8:a5:17:7b:
         0c:bc:27:9e
-----BEGIN CERTIFICATE-----
MIIExjCCA66gAwIBAgIUPmSS0m+BRWTf0R8IH6/DUdV759AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0UzM0E5MDhENjM1MEEzMjJGQTAzNjMwQTU5NTgyQTI4
NEE5NUM1RDAeFw0yNDAyMTEwOTU3MjRaFw0yNTAyMDkxMDAyMjRaMDMxMTAvBgNV
BAMTKDE4Qzc4NENDNDE1M0ZDNzQwMkQ5QTM2RkVBOUIzNzZDODdBMEY3MUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9KSpcIrzQi/yDd3ccTuR14TNi
hvP5F39X1QyrCOZNd9hKPpT51d178QmilgX3I4m27irgLXMLcueS+zlkW+AVHpEH
N4FbsXGRqrDLV/DrnYq3hIQoXZjZIn662p0p7EpgzuiSO2Qjcr0upKmCw75AZuT4
699XRPgPMpE0oqs53drnDC/cfmpH7nqkNP8lqNCyoNz5Nzwyga905Ic72e75xAcD
K3RRou2lxbpKHJpEBuSKvsxik+N/6y3UDlbIycLxtxYtTxVpkD2Ij33m6zK6q8fg
IxvDGRU+UUczOvZl98JJlJnj+Rjr24kV71xBZub3NuxXJjylUB45Xt2EfD6VAgMB
AAGjggHQMIIBzDAdBgNVHQ4EFgQUGMeEzEFT/HQC2aNv6ps3bIeg9xswHwYDVR0j
BBgwFoAUfjOpCNY1CjIvoDYwpZWCooSpXF0wDgYDVR0PAQH/BAQDAgeAMFgGA1Ud
HwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jby9yZXBvL0JlZS8xLzdFMzNBOTA4
RDYzNTBBMzIyRkEwMzYzMEE1OTU4MkEyODRBOTVDNUQuY3JsMGUGCCsGAQUFBwEB
BFkwVzBVBggrBgEFBQcwAoZJcnN5bmM6Ly9ycGtpLmNvL3JlcG8vQVM5NDUvMS83
RTMzQTkwOEQ2MzUwQTMyMkZBMDM2MzBBNTk1ODJBMjg0QTk1QzVELmNlcjB7Bggr
BgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnBraS5jby9yZXBvL0Jl
ZS8xLzMyNjEzMTMyM2E2NDY0MzQzNzNhNjQ2MTM4MzAzYTNhMmYzNDMxMmQzNDMx
MjAzZDNlMjAzMTM5MzkzNjM5MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwcqEt1H2oAwDQYJKoZIhvcN
AQELBQADggEBALClsR/BFKFrC3GheXf0+cRFUWX0hn/dX7AVatDMe8CrhAqYb/Ub
7+zG+0lSUtglbKIwov0M8wtq4uFsBeQ4K+mS6m2RWtbJgYPBUbd0JXEMrQXOZAQG
WHEfPeFTYVC2wBxgBkc31u4GgEPNg7LNjGBxMjXFZpVT4JkN17zYHnSEPOHhOwtF
YFzwzwmWIwV9L6OFo4dWrcLKjguTT4Qmjip9zIlx2AW36KT/yRxg+5B5mH+PuH+q
wnhO8fv6vP+IkNpABJGjHAsgHZi710+o0XHR8A3LZD0eSKO0M8kgWyibII24djX4
Rwe481vmfgpYhuGKEGT1EphTyKUXewy8J54=
-----END CERTIFICATE-----
Generated at Fri May 17 21:11:04 2024 by rpki-client on console-ams.rpki-client.org