Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/Bee/1/326131323a646434373a646163303a3a2f34322d3432203d3e20313939363933.roa
File:                     326131323a646434373a646163303a3a2f34322d3432203d3e20313939363933.roa (raw, json)
Hash identifier:          8FZZly5bE8oQ0uVNmnk2x1xnqIIONj6TEAmwEOjGN/E=
Subject key identifier:   85:53:9C:0C:CD:25:75:E3:31:98:1E:A8:D3:6D:1A:90:5C:B5:FA:E8
Certificate issuer:       /CN=7E33A908D6350A322FA03630A59582A284A95C5D
Certificate serial:       22A02BE4B0D371F6A0E771EC6084CCDC54ED84BA
Authority key identifier: 7E:33:A9:08:D6:35:0A:32:2F:A0:36:30:A5:95:82:A2:84:A9:5C:5D
Authority info access:    rsync://rpki.co/repo/AS945/1/7E33A908D6350A322FA03630A59582A284A95C5D.cer
Subject info access:      rsync://rpki.co/repo/Bee/1/326131323a646434373a646163303a3a2f34322d3432203d3e20313939363933.roa
Signing time:             Mon 19 Feb 2024 05:34:45 +0000
ROA not before:           Mon 19 Feb 2024 05:29:45 +0000
ROA not after:            Mon 17 Feb 2025 05:34:45 +0000
asID:                     199693
IP address blocks:        2a12:dd47:dac0::/42 maxlen: 42

Validation:               OK
Signature path:           rsync://rpki.co/repo/Bee/1/7E33A908D6350A322FA03630A59582A284A95C5D.crl
                          rsync://rpki.co/repo/Bee/1/7E33A908D6350A322FA03630A59582A284A95C5D.mft
                          rsync://rpki.co/repo/AS945/1/7E33A908D6350A322FA03630A59582A284A95C5D.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 18 May 2024 11:02:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            22:a0:2b:e4:b0:d3:71:f6:a0:e7:71:ec:60:84:cc:dc:54:ed:84:ba
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=7E33A908D6350A322FA03630A59582A284A95C5D
        Validity
            Not Before: Feb 19 05:29:45 2024 GMT
            Not After : Feb 17 05:34:45 2025 GMT
        Subject: CN=85539C0CCD2575E331981EA8D36D1A905CB5FAE8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:93:68:40:54:e8:80:02:f5:bf:a0:be:27:97:67:
                    52:4c:c7:c8:ab:ef:f7:ef:c6:86:84:e9:60:73:f4:
                    e5:da:80:35:07:fc:0e:02:77:92:c0:b1:6e:f6:9c:
                    19:cf:39:00:e5:be:1c:2b:c0:36:a6:3a:56:f4:36:
                    88:9a:38:e4:a7:57:48:d8:74:65:fe:c4:73:41:9d:
                    85:46:32:30:cb:06:66:2f:64:83:45:dd:38:60:5f:
                    a6:af:69:ae:bf:eb:bc:3a:f3:4b:32:c1:21:5b:a5:
                    83:07:0f:56:34:07:91:90:fe:1d:b9:3e:0e:bf:59:
                    a1:aa:00:b2:65:ab:c0:ff:eb:65:df:57:4a:73:e5:
                    81:ca:97:ef:55:a3:7c:02:ec:e7:6f:ed:97:45:7d:
                    e4:9d:00:35:f9:61:b6:74:c6:d5:d5:3c:01:d1:fe:
                    b6:9f:a9:fb:25:40:a1:e6:09:2b:93:85:4b:fa:9a:
                    41:2a:72:83:d9:9f:f7:3a:7d:42:c5:a0:0b:2c:34:
                    b5:c9:b1:cf:95:07:8d:0e:09:1d:e9:6c:7b:dc:b1:
                    d9:40:6c:50:ba:21:a6:ab:f6:1e:07:d8:8d:29:60:
                    00:f5:83:0d:9c:0a:36:f1:48:84:b1:c6:00:bb:fc:
                    77:7b:ef:2c:4d:98:e8:5a:22:0f:00:64:fd:c2:b8:
                    f4:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:53:9C:0C:CD:25:75:E3:31:98:1E:A8:D3:6D:1A:90:5C:B5:FA:E8
            X509v3 Authority Key Identifier:
                keyid:7E:33:A9:08:D6:35:0A:32:2F:A0:36:30:A5:95:82:A2:84:A9:5C:5D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/Bee/1/7E33A908D6350A322FA03630A59582A284A95C5D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/7E33A908D6350A322FA03630A59582A284A95C5D.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/Bee/1/326131323a646434373a646163303a3a2f34322d3432203d3e20313939363933.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:dac0::/42

    Signature Algorithm: sha256WithRSAEncryption
         37:3c:75:4e:af:bc:8f:de:79:86:c2:bf:79:4e:dd:f8:e5:52:
         30:a0:d0:99:85:0e:6e:42:41:56:8a:94:80:53:4e:9e:65:35:
         c3:63:9d:c3:29:25:37:96:cc:70:f7:c6:f8:25:ad:32:fc:2f:
         75:05:91:82:df:84:bc:a9:15:39:5a:0a:a7:00:b0:df:be:05:
         24:9a:9a:45:ab:97:8c:ab:94:a2:79:4b:a2:f5:4f:0d:81:c7:
         3b:2b:d4:93:7e:46:ab:2a:23:87:fc:9d:17:d7:da:21:f8:cf:
         2c:12:69:d4:9d:8b:9e:8a:0a:85:fb:c9:b7:58:76:46:00:1c:
         9d:6a:d5:8d:30:81:19:e3:91:ce:05:24:ba:58:f7:c4:1a:db:
         26:6b:da:83:f5:e4:19:5a:0f:05:24:e8:14:8e:da:78:ed:83:
         15:05:b6:05:7c:1a:2c:da:a2:75:be:9a:a1:0c:a2:da:a6:e9:
         af:9d:ed:49:18:a8:ce:7d:6b:6b:7e:f4:aa:6e:d5:a5:61:ab:
         32:df:96:46:ef:16:4e:57:91:6c:b2:96:aa:49:1f:6e:38:45:
         08:3d:af:a4:e3:db:df:3b:92:26:f0:53:41:03:f2:71:98:be:
         aa:74:8c:47:e7:38:9d:71:01:0b:75:fc:57:45:f2:da:0a:ec:
         a2:09:32:74
-----BEGIN CERTIFICATE-----
MIIExjCCA66gAwIBAgIUIqAr5LDTcfag53HsYITM3FTthLowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoN0UzM0E5MDhENjM1MEEzMjJGQTAzNjMwQTU5NTgyQTI4
NEE5NUM1RDAeFw0yNDAyMTkwNTI5NDVaFw0yNTAyMTcwNTM0NDVaMDMxMTAvBgNV
BAMTKDg1NTM5QzBDQ0QyNTc1RTMzMTk4MUVBOEQzNkQxQTkwNUNCNUZBRTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTaEBU6IAC9b+gvieXZ1JMx8ir
7/fvxoaE6WBz9OXagDUH/A4Cd5LAsW72nBnPOQDlvhwrwDamOlb0NoiaOOSnV0jY
dGX+xHNBnYVGMjDLBmYvZINF3ThgX6avaa6/67w680sywSFbpYMHD1Y0B5GQ/h25
Pg6/WaGqALJlq8D/62XfV0pz5YHKl+9Vo3wC7Odv7ZdFfeSdADX5YbZ0xtXVPAHR
/rafqfslQKHmCSuThUv6mkEqcoPZn/c6fULFoAssNLXJsc+VB40OCR3pbHvcsdlA
bFC6Iaar9h4H2I0pYAD1gw2cCjbxSISxxgC7/Hd77yxNmOhaIg8AZP3CuPRXAgMB
AAGjggHQMIIBzDAdBgNVHQ4EFgQUhVOcDM0ldeMxmB6o020akFy1+ugwHwYDVR0j
BBgwFoAUfjOpCNY1CjIvoDYwpZWCooSpXF0wDgYDVR0PAQH/BAQDAgeAMFgGA1Ud
HwRRME8wTaBLoEmGR3JzeW5jOi8vcnBraS5jby9yZXBvL0JlZS8xLzdFMzNBOTA4
RDYzNTBBMzIyRkEwMzYzMEE1OTU4MkEyODRBOTVDNUQuY3JsMGUGCCsGAQUFBwEB
BFkwVzBVBggrBgEFBQcwAoZJcnN5bmM6Ly9ycGtpLmNvL3JlcG8vQVM5NDUvMS83
RTMzQTkwOEQ2MzUwQTMyMkZBMDM2MzBBNTk1ODJBMjg0QTk1QzVELmNlcjB7Bggr
BgEFBQcBCwRvMG0wawYIKwYBBQUHMAuGX3JzeW5jOi8vcnBraS5jby9yZXBvL0Jl
ZS8xLzMyNjEzMTMyM2E2NDY0MzQzNzNhNjQ2MTYzMzAzYTNhMmYzNDMyMmQzNDMy
MjAzZDNlMjAzMTM5MzkzNjM5MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwYqEt1H2sAwDQYJKoZIhvcN
AQELBQADggEBADc8dU6vvI/eeYbCv3lO3fjlUjCg0JmFDm5CQVaKlIBTTp5lNcNj
ncMpJTeWzHD3xvglrTL8L3UFkYLfhLypFTlaCqcAsN++BSSamkWrl4yrlKJ5S6L1
Tw2Bxzsr1JN+RqsqI4f8nRfX2iH4zywSadSdi56KCoX7ybdYdkYAHJ1q1Y0wgRnj
kc4FJLpY98Qa2yZr2oP15BlaDwUk6BSO2njtgxUFtgV8GizaonW+mqEMotqm6a+d
7UkYqM59a2t+9Kpu1aVhqzLflkbvFk5XkWyylqpJH244RQg9r6Tj2987kibwU0ED
8nGYvqp0jEfnOJ1xAQt1/FdF8toK7KIJMnQ=
-----END CERTIFICATE-----
Generated at Fri May 17 21:11:04 2024 by rpki-client on console-ams.rpki-client.org