Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/Bee/1/326131323a646434373a646138303a3a2f34322d3432203d3e20313939363933.roa
File:                     326131323a646434373a646138303a3a2f34322d3432203d3e20313939363933.roa (raw, json)
Hash identifier:          OK42SN3nkze99BrFXyCMw0kepIXHToXbeRZUfF2DdnQ=
Subject key identifier:   79:0C:43:DD:32:4F:BA:BC:B8:B1:2C:5F:BF:71:42:45:02:90:3E:36
Certificate issuer:       /CN=7E33A908D6350A322FA03630A59582A284A95C5D
Certificate serial:       0503BD62DDAA809E653B9FA7375EACB832777EF6
Authority key identifier: 7E:33:A9:08:D6:35:0A:32:2F:A0:36:30:A5:95:82:A2:84:A9:5C:5D
Authority info access:    rsync://rpki.co/repo/AS945/1/7E33A908D6350A322FA03630A59582A284A95C5D.cer
Subject info access:      rsync://rpki.co/repo/Bee/1/326131323a646434373a646138303a3a2f34322d3432203d3e20313939363933.roa
Signing time:             Mon 19 Feb 2024 05:34:30 +0000
ROA not before:           Mon 19 Feb 2024 05:29:30 +0000
ROA not after:            Mon 17 Feb 2025 05:34:30 +0000
asID:                     199693
IP address blocks:        2a12:dd47:da80::/42 maxlen: 42

Validation:               OK
Signature path:           rsync://rpki.co/repo/Bee/1/7E33A908D6350A322FA03630A59582A284A95C5D.crl
                          rsync://rpki.co/repo/Bee/1/7E33A908D6350A322FA03630A59582A284A95C5D.mft
                          rsync://rpki.co/repo/AS945/1/7E33A908D6350A322FA03630A59582A284A95C5D.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 11:02:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:03:bd:62:dd:aa:80:9e:65:3b:9f:a7:37:5e:ac:b8:32:77:7e:f6
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7E33A908D6350A322FA03630A59582A284A95C5D
        Validity
            Not Before: Feb 19 05:29:30 2024 GMT
            Not After : Feb 17 05:34:30 2025 GMT
        Subject: CN=790C43DD324FBABCB8B12C5FBF71424502903E36
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:bc:83:3c:8f:a3:0b:b0:fe:34:5c:55:41:10:
                    71:97:24:39:46:bb:3c:86:75:81:ac:8e:ab:ba:e9:
                    c2:93:da:ba:eb:f8:0e:06:07:1a:f7:2c:eb:71:b9:
                    be:ad:84:e2:29:b8:fb:8d:54:f2:6e:4b:8f:ea:5a:
                    18:60:93:aa:1e:f8:e7:13:2f:d9:fe:da:74:74:14:
                    9c:ad:3e:4a:23:d8:f2:3a:62:76:3d:c5:9c:8a:94:
                    f7:cd:84:51:23:18:c6:3b:97:02:df:b6:ce:82:59:
                    10:a9:8b:47:00:51:d0:35:7b:cd:7b:9a:24:72:24:
                    92:93:91:47:e5:3c:20:18:e5:83:f9:b6:b6:c1:5f:
                    62:e0:4b:b8:d4:e3:f4:f7:db:66:65:08:8a:5f:28:
                    1e:d0:22:0a:16:66:29:9b:72:46:32:28:aa:88:a6:
                    be:7d:53:fd:3b:35:1d:a3:20:d6:7e:b4:d7:b5:9e:
                    26:8e:9a:d7:55:ff:fe:56:ba:b1:a4:73:45:aa:81:
                    a6:0a:1b:7d:d1:82:d6:25:ce:7f:1c:f2:ce:f7:e3:
                    5a:c3:81:e5:11:8a:54:ef:a4:52:7f:02:71:c1:5a:
                    b7:27:e0:31:75:56:85:6b:a7:17:0a:f7:4f:53:95:
                    5d:33:5f:d8:88:1a:cf:79:2f:fb:58:5d:30:32:bb:
                    d8:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                79:0C:43:DD:32:4F:BA:BC:B8:B1:2C:5F:BF:71:42:45:02:90:3E:36
            X509v3 Authority Key Identifier:
                keyid:7E:33:A9:08:D6:35:0A:32:2F:A0:36:30:A5:95:82:A2:84:A9:5C:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/Bee/1/7E33A908D6350A322FA03630A59582A284A95C5D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/7E33A908D6350A322FA03630A59582A284A95C5D.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/Bee/1/326131323a646434373a646138303a3a2f34322d3432203d3e20313939363933.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:da80::/42

    Signature Algorithm: sha256WithRSAEncryption
         01:d8:b3:b8:78:d5:8f:20:69:3a:11:e2:b5:1d:aa:1f:15:65:
         14:51:42:dd:c2:da:e8:5b:1b:bc:40:2f:cd:de:37:77:ca:6a:
         ac:6b:e0:aa:20:ba:c7:fe:80:7c:0a:2e:bb:9a:56:09:52:1e:
         cf:41:c2:70:2a:04:dc:86:4a:fb:56:38:22:52:36:6b:d1:50:
         d3:3e:b1:8a:fa:fa:0e:2e:8b:6f:0a:07:6a:d0:ea:bc:4e:55:
         c3:45:78:39:81:70:72:bc:28:d9:69:62:d2:cd:c7:fc:4c:f0:
         83:bd:06:07:b1:78:f1:4a:90:12:4d:d8:44:ca:37:ca:50:a0:
         ad:77:d2:33:9a:23:24:d1:80:fa:bd:4b:1d:b9:f6:65:b2:e8:
         40:5f:4c:d8:42:93:20:3a:c5:e4:19:b5:13:90:5d:86:36:bc:
         a7:8f:46:5e:35:72:45:95:64:5f:34:86:df:4e:70:96:78:c3:
         bd:f2:12:40:5e:db:04:88:b5:ed:de:ea:78:bc:a4:94:3d:a6:
         a8:67:af:ee:21:fa:7b:b8:11:c0:6b:56:94:ca:6b:39:8b:db:
         dc:e5:5e:35:a1:1c:2b:d6:fe:e0:7d:69:c6:07:e1:a4:93:aa:
         18:85:ac:f8:29:02:f6:36:1c:88:b7:58:63:c4:45:25:e9:55:
         2f:cc:1c:a2
-----BEGIN CERTIFICATE-----
MIIExjCCA66gAwIBAgIUBQO9Yt2qgJ5lO5+nN16suDJ3fvYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0UzM0E5MDhENjM1MEEzMjJGQTAzNjMwQTU5NTgyQTI4
NEE5NUM1RDAeFw0yNDAyMTkwNTI5MzBaFw0yNTAyMTcwNTM0MzBaMDMxMTAvBgNV
BAMTKDc5MEM0M0REMzI0RkJBQkNCOEIxMkM1RkJGNzE0MjQ1MDI5MDNFMzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwvIM8j6MLsP40XFVBEHGXJDlG
uzyGdYGsjqu66cKT2rrr+A4GBxr3LOtxub6thOIpuPuNVPJuS4/qWhhgk6oe+OcT
L9n+2nR0FJytPkoj2PI6YnY9xZyKlPfNhFEjGMY7lwLfts6CWRCpi0cAUdA1e817
miRyJJKTkUflPCAY5YP5trbBX2LgS7jU4/T322ZlCIpfKB7QIgoWZimbckYyKKqI
pr59U/07NR2jINZ+tNe1niaOmtdV//5WurGkc0WqgaYKG33RgtYlzn8c8s7341rD
geURilTvpFJ/AnHBWrcn4DF1VoVrpxcK909TlV0zX9iIGs95L/tYXTAyu9jHAgMB
AAGjggHQMIIBzDAdBgNVHQ4EFgQUeQxD3TJPury4sSxfv3FCRQKQPjYwHwYDVR0j
BBgwFoAUfjOpCNY1CjIvoDYwpZWCooSpXF0wDgYDVR0PAQH/BAQDAgeAMFgGA1Ud
HwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jby9yZXBvL0JlZS8xLzdFMzNBOTA4
RDYzNTBBMzIyRkEwMzYzMEE1OTU4MkEyODRBOTVDNUQuY3JsMGUGCCsGAQUFBwEB
BFkwVzBVBggrBgEFBQcwAoZJcnN5bmM6Ly9ycGtpLmNvL3JlcG8vQVM5NDUvMS83
RTMzQTkwOEQ2MzUwQTMyMkZBMDM2MzBBNTk1ODJBMjg0QTk1QzVELmNlcjB7Bggr
BgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnBraS5jby9yZXBvL0Jl
ZS8xLzMyNjEzMTMyM2E2NDY0MzQzNzNhNjQ2MTM4MzAzYTNhMmYzNDMyMmQzNDMy
MjAzZDNlMjAzMTM5MzkzNjM5MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwYqEt1H2oAwDQYJKoZIhvcN
AQELBQADggEBAAHYs7h41Y8gaToR4rUdqh8VZRRRQt3C2uhbG7xAL83eN3fKaqxr
4Kogusf+gHwKLruaVglSHs9BwnAqBNyGSvtWOCJSNmvRUNM+sYr6+g4ui28KB2rQ
6rxOVcNFeDmBcHK8KNlpYtLNx/xM8IO9BgexePFKkBJN2ETKN8pQoK130jOaIyTR
gPq9Sx259mWy6EBfTNhCkyA6xeQZtROQXYY2vKePRl41ckWVZF80ht9OcJZ4w73y
EkBe2wSIte3e6ni8pJQ9pqhnr+4h+nu4EcBrVpTKazmL29zlXjWhHCvW/uB9acYH
4aSTqhiFrPgpAvY2HIi3WGPERSXpVS/MHKI=
-----END CERTIFICATE-----
Generated at Fri May 17 20:59:17 2024 by rpki-client on console-fra.rpki-client.org