Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/Cube/2/323630323a666332333a3136303a3a2f34342d3434203d3e20313531303632.roa
File:                     323630323a666332333a3136303a3a2f34342d3434203d3e20313531303632.roa (raw, json)
Hash identifier:          nX/DJGm6WxChCsagTYhzmvJ1ifIKkqdKhGcRDfsKD7I=
Subject key identifier:   97:FD:FA:CF:D8:26:CB:E0:19:1A:DD:12:3D:71:B1:48:A2:C9:04:84
Certificate issuer:       /CN=6DD138EBB7A6BAB2C1F4E3D7167011D86AC1FCF0
Certificate serial:       1DDC4D4940FF2E74207EED19F3CEBFF0D710D11F
Authority key identifier: 6D:D1:38:EB:B7:A6:BA:B2:C1:F4:E3:D7:16:70:11:D8:6A:C1:FC:F0
Authority info access:    rsync://rpki.co/repo/AS945/2/6DD138EBB7A6BAB2C1F4E3D7167011D86AC1FCF0.cer
Subject info access:      rsync://rpki.co/repo/Cube/2/323630323a666332333a3136303a3a2f34342d3434203d3e20313531303632.roa
Signing time:             Mon 13 May 2024 01:15:31 +0000
ROA not before:           Mon 13 May 2024 01:10:31 +0000
ROA not after:            Mon 12 May 2025 01:15:31 +0000
asID:                     151062
IP address blocks:        2602:fc23:160::/44 maxlen: 44

Validation:               OK
Signature path:           rsync://rpki.co/repo/Cube/2/6DD138EBB7A6BAB2C1F4E3D7167011D86AC1FCF0.crl
                          rsync://rpki.co/repo/Cube/2/6DD138EBB7A6BAB2C1F4E3D7167011D86AC1FCF0.mft
                          rsync://rpki.co/repo/AS945/2/6DD138EBB7A6BAB2C1F4E3D7167011D86AC1FCF0.cer
                          rsync://rpki.co/repo/AS945/2/E06465DE1AB39B909A36BC5B67FA379790286C91.crl
                          rsync://rpki.co/repo/AS945/2/E06465DE1AB39B909A36BC5B67FA379790286C91.mft
                          rsync://dev.tw/rpki/August/7/E06465DE1AB39B909A36BC5B67FA379790286C91.cer
                          rsync://dev.tw/rpki/August/7/2B21F7C76C5921761FA8EF5B12172C8E4B45B6DA.crl
                          rsync://dev.tw/rpki/August/7/2B21F7C76C5921761FA8EF5B12172C8E4B45B6DA.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f1ab8d45-a1ae-408a-9e45-b04fdd663f37/6506a66ed0f86ec1505c5066b525e09105c59426d17ad5bd54.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f1ab8d45-a1ae-408a-9e45-b04fdd663f37/f1ab8d45-a1ae-408a-9e45-b04fdd663f37.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f1ab8d45-a1ae-408a-9e45-b04fdd663f37/f1ab8d45-a1ae-408a-9e45-b04fdd663f37.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/f1ab8d45-a1ae-408a-9e45-b04fdd663f37.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/521eb33f-9672-4cd9-acce-137227e971ac.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Sat 18 May 2024 21:53:14 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:dc:4d:49:40:ff:2e:74:20:7e:ed:19:f3:ce:bf:f0:d7:10:d1:1f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6DD138EBB7A6BAB2C1F4E3D7167011D86AC1FCF0
        Validity
            Not Before: May 13 01:10:31 2024 GMT
            Not After : May 12 01:15:31 2025 GMT
        Subject: CN=97FDFACFD826CBE0191ADD123D71B148A2C90484
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:9c:a4:75:e1:49:c6:ab:5b:ac:77:ee:ec:a1:
                    ab:50:11:46:3d:08:91:35:cf:7d:a1:c1:b2:d4:7f:
                    b8:14:df:bf:da:05:f1:b7:a2:b8:8a:d2:77:84:9b:
                    ba:59:01:0e:dc:0b:6b:58:b1:a3:83:82:af:56:90:
                    82:cf:31:d5:16:c2:a5:c7:97:1b:da:50:2d:01:d0:
                    47:15:0b:65:18:35:6b:3c:0e:79:44:7b:d4:67:8c:
                    41:df:ab:4e:b8:3e:ec:03:c9:10:3d:93:47:0b:c1:
                    55:54:d5:95:aa:ee:6a:8a:84:cc:69:3f:56:d1:ef:
                    66:38:09:4a:94:95:41:6b:55:86:3d:9d:c5:6f:d7:
                    fd:7a:d7:e4:6f:14:a0:54:24:0b:04:56:a2:83:d4:
                    eb:36:f4:ca:b5:04:0e:04:8d:3c:09:08:06:df:71:
                    12:f1:b5:17:38:5b:f9:d4:1a:8b:1c:95:2c:2f:86:
                    a3:de:a6:59:2b:4c:1d:1e:54:09:b2:9b:93:e7:e2:
                    6a:25:b7:5d:0b:23:c6:57:2f:1c:ff:da:2d:79:27:
                    76:16:97:cd:08:57:fc:8f:b0:e1:48:7b:aa:ad:e9:
                    6c:b3:0e:f4:b4:53:d6:04:f3:a5:6d:5d:97:33:67:
                    07:e2:36:72:25:a8:dd:60:69:bd:30:42:51:41:0f:
                    2c:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:FD:FA:CF:D8:26:CB:E0:19:1A:DD:12:3D:71:B1:48:A2:C9:04:84
            X509v3 Authority Key Identifier:
                keyid:6D:D1:38:EB:B7:A6:BA:B2:C1:F4:E3:D7:16:70:11:D8:6A:C1:FC:F0

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/Cube/2/6DD138EBB7A6BAB2C1F4E3D7167011D86AC1FCF0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/2/6DD138EBB7A6BAB2C1F4E3D7167011D86AC1FCF0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/Cube/2/323630323a666332333a3136303a3a2f34342d3434203d3e20313531303632.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2602:fc23:160::/44

    Signature Algorithm: sha256WithRSAEncryption
         20:e4:18:c8:f6:d3:ab:0a:bf:cd:01:da:be:dd:5f:dc:9c:b6:
         57:73:61:b1:1d:d6:4f:1a:1b:0b:22:80:a5:aa:61:45:8b:19:
         c5:1d:99:63:4d:a7:18:e7:8e:cd:fa:5e:80:21:5d:f7:18:a1:
         ba:e6:13:5b:7a:4d:08:98:0a:89:9e:25:4d:c1:8a:82:9a:e5:
         49:90:a8:85:fb:f4:a3:f1:de:a4:aa:08:35:5d:19:f7:f3:a1:
         5e:68:f4:28:ae:bb:04:2d:e1:e6:c7:c0:e7:07:07:d8:db:0e:
         a1:ad:38:37:7c:45:6e:ad:d7:d2:f2:bb:50:46:e6:8a:f9:94:
         8d:8c:1c:2e:5c:f2:dc:64:27:bb:2a:c5:08:19:71:e5:ad:6b:
         99:78:e7:8e:c7:fd:29:8b:5d:95:a0:43:f2:21:1c:f0:ac:52:
         bc:c4:3f:83:fc:95:e8:d6:93:00:fa:99:88:8d:f3:de:9b:f9:
         6d:64:3b:50:3d:8a:7f:71:2f:0b:84:ae:1f:5e:7e:c1:de:9f:
         3a:ef:70:50:d3:56:7e:0e:39:be:51:b1:e0:55:fc:f1:9c:16:
         40:0f:86:83:dc:df:f5:85:33:89:cd:25:21:97:dd:8b:38:df:
         b3:3f:79:ab:75:0a:e7:a3:ab:6c:cc:5a:6e:2d:95:59:eb:56:
         33:77:d2:b9
-----BEGIN CERTIFICATE-----
MIIExjCCA66gAwIBAgIUHdxNSUD/LnQgfu0Z886/8NcQ0R8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNkREMTM4RUJCN0E2QkFCMkMxRjRFM0Q3MTY3MDExRDg2
QUMxRkNGMDAeFw0yNDA1MTMwMTEwMzFaFw0yNTA1MTIwMTE1MzFaMDMxMTAvBgNV
BAMTKDk3RkRGQUNGRDgyNkNCRTAxOTFBREQxMjNENzFCMTQ4QTJDOTA0ODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdnKR14UnGq1usd+7soatQEUY9
CJE1z32hwbLUf7gU37/aBfG3oriK0neEm7pZAQ7cC2tYsaODgq9WkILPMdUWwqXH
lxvaUC0B0EcVC2UYNWs8DnlEe9RnjEHfq064PuwDyRA9k0cLwVVU1ZWq7mqKhMxp
P1bR72Y4CUqUlUFrVYY9ncVv1/161+RvFKBUJAsEVqKD1Os29Mq1BA4EjTwJCAbf
cRLxtRc4W/nUGosclSwvhqPeplkrTB0eVAmym5Pn4molt10LI8ZXLxz/2i15J3YW
l80IV/yPsOFIe6qt6WyzDvS0U9YE86VtXZczZwfiNnIlqN1gab0wQlFBDywRAgMB
AAGjggHQMIIBzDAdBgNVHQ4EFgQUl/36z9gmy+AZGt0SPXGxSKLJBIQwHwYDVR0j
BBgwFoAUbdE467emurLB9OPXFnAR2GrB/PAwDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5jby9yZXBvL0N1YmUvMi82REQxMzhF
QkI3QTZCQUIyQzFGNEUzRDcxNjcwMTFEODZBQzFGQ0YwLmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzIv
NkREMTM4RUJCN0E2QkFCMkMxRjRFM0Q3MTY3MDExRDg2QUMxRkNGMC5jZXIwegYI
KwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jwa2kuY28vcmVwby9D
dWJlLzIvMzIzNjMwMzIzYTY2NjMzMjMzM2EzMTM2MzAzYTNhMmYzNDM0MmQzNDM0
MjAzZDNlMjAzMTM1MzEzMDM2MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQmAvwjAWAwDQYJKoZIhvcN
AQELBQADggEBACDkGMj206sKv80B2r7dX9yctldzYbEd1k8aGwsigKWqYUWLGcUd
mWNNpxjnjs36XoAhXfcYobrmE1t6TQiYComeJU3BioKa5UmQqIX79KPx3qSqCDVd
GffzoV5o9CiuuwQt4ebHwOcHB9jbDqGtODd8RW6t19Lyu1BG5or5lI2MHC5c8txk
J7sqxQgZceWta5l4547H/SmLXZWgQ/IhHPCsUrzEP4P8lejWkwD6mYiN896b+W1k
O1A9in9xLwuErh9efsHenzrvcFDTVn4OOb5RseBV/PGcFkAPhoPc3/WFM4nNJSGX
3Ys437M/eat1Cuejq2zMWm4tlVnrVjN30rk=
-----END CERTIFICATE-----
Generated at Sat May 18 08:47:32 2024 by rpki-client on console-fra.rpki-client.org