Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/Matt/2/326131323a646434373a623030303a3a2f33362d3336203d3e203439353932.roa
File:                     326131323a646434373a623030303a3a2f33362d3336203d3e203439353932.roa (raw, json)
Hash identifier:          3GHU+qg9Dg+5cgUFmEh2tlzECqYiIZjGwqQ+tj477Q8=
Subject key identifier:   2E:23:72:1D:05:1E:48:57:83:CE:88:59:3B:3C:25:21:2D:96:53:38
Certificate issuer:       /CN=FDA07574EA362EFB2E46B3038EE05A6ACA0BF301
Certificate serial:       1DD0A13FF9BFEAF723C5B93CDE38DF5AD588C753
Authority key identifier: FD:A0:75:74:EA:36:2E:FB:2E:46:B3:03:8E:E0:5A:6A:CA:0B:F3:01
Authority info access:    rsync://rpki.co/repo/AS945/1/FDA07574EA362EFB2E46B3038EE05A6ACA0BF301.cer
Subject info access:      rsync://rpki.co/repo/Matt/2/326131323a646434373a623030303a3a2f33362d3336203d3e203439353932.roa
Signing time:             Fri 28 Jul 2023 21:36:28 +0000
ROA not before:           Fri 28 Jul 2023 21:31:28 +0000
ROA not after:            Fri 26 Jul 2024 21:36:28 +0000
asID:                     49592
IP address blocks:        2a12:dd47:b000::/36 maxlen: 36

Validation:               OK
Signature path:           rsync://rpki.co/repo/Matt/2/FDA07574EA362EFB2E46B3038EE05A6ACA0BF301.crl
                          rsync://rpki.co/repo/Matt/2/FDA07574EA362EFB2E46B3038EE05A6ACA0BF301.mft
                          rsync://rpki.co/repo/AS945/1/FDA07574EA362EFB2E46B3038EE05A6ACA0BF301.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 22:11:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:d0:a1:3f:f9:bf:ea:f7:23:c5:b9:3c:de:38:df:5a:d5:88:c7:53
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FDA07574EA362EFB2E46B3038EE05A6ACA0BF301
        Validity
            Not Before: Jul 28 21:31:28 2023 GMT
            Not After : Jul 26 21:36:28 2024 GMT
        Subject: CN=2E23721D051E485783CE88593B3C25212D965338
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:85:8b:8d:5a:6a:12:f6:f7:71:7c:34:6b:94:
                    65:c1:b8:9f:33:ff:35:65:2a:17:61:98:2b:4b:2e:
                    ae:1e:d4:e8:63:3e:45:2e:d2:41:94:22:aa:6d:74:
                    4b:ef:6b:73:22:c2:52:56:87:e9:98:23:01:34:96:
                    01:82:20:8c:11:bf:dd:2c:2a:fd:88:b4:f9:ec:fe:
                    71:7f:66:40:e2:8e:a4:dd:e2:28:f0:6b:7b:37:9b:
                    ac:15:61:97:b4:15:b7:b9:ed:88:dd:01:2e:84:2b:
                    14:05:56:bb:79:86:03:12:dc:ae:77:a2:a4:ae:0e:
                    7b:8a:c8:3f:06:10:fd:6c:06:ee:8e:90:e5:38:67:
                    fc:c0:02:66:ee:ee:ca:61:3b:f5:26:ce:82:24:a0:
                    28:a7:9f:27:a7:e7:3d:ab:6f:9d:a7:8b:27:7f:11:
                    1a:e1:78:9b:41:0e:a0:1d:c0:f7:04:48:9d:af:4b:
                    ed:90:d5:7c:56:c8:3f:3c:87:7c:da:fe:f8:0b:e9:
                    e4:be:b3:a0:9d:87:35:3e:f6:c6:50:0f:d0:44:59:
                    f2:b9:41:da:de:34:30:db:9b:03:75:3f:38:8b:51:
                    73:c4:4c:77:4a:18:4d:d3:9a:7a:55:7c:6d:d0:c2:
                    a6:62:c8:87:67:64:36:f2:cb:ce:65:b9:be:6a:a5:
                    23:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2E:23:72:1D:05:1E:48:57:83:CE:88:59:3B:3C:25:21:2D:96:53:38
            X509v3 Authority Key Identifier:
                keyid:FD:A0:75:74:EA:36:2E:FB:2E:46:B3:03:8E:E0:5A:6A:CA:0B:F3:01

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/Matt/2/FDA07574EA362EFB2E46B3038EE05A6ACA0BF301.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/FDA07574EA362EFB2E46B3038EE05A6ACA0BF301.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/Matt/2/326131323a646434373a623030303a3a2f33362d3336203d3e203439353932.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:b000::/36

    Signature Algorithm: sha256WithRSAEncryption
         29:08:e6:b5:1d:30:46:ae:cd:52:e8:4e:b3:31:13:83:41:67:
         61:63:ed:bf:38:d3:d7:d3:29:49:49:3c:0e:2e:10:ab:3f:84:
         cd:e8:27:72:50:fd:ac:c7:5c:2f:93:0e:6b:96:1e:cc:ad:43:
         e2:9f:61:26:99:9e:c3:78:20:9e:fc:b8:d3:53:ab:63:a2:e0:
         fc:7f:6f:a3:83:99:02:c6:09:11:c5:48:e4:57:13:42:f2:c7:
         e1:a7:16:de:ee:e3:aa:3f:0d:60:cc:6c:f9:76:4f:f5:34:71:
         99:1f:6e:90:e0:fb:01:fa:ce:d7:14:14:c2:b9:a7:d8:ee:13:
         9e:8f:44:e3:be:20:8a:4c:c7:c9:9b:6f:72:5b:77:42:c5:6a:
         5b:95:20:00:7c:5d:08:b2:30:b5:d4:80:c4:7f:3e:93:33:7c:
         21:3c:c2:ee:42:cc:54:91:39:c4:fd:54:ad:af:a2:83:6f:1b:
         c7:61:61:3c:ca:3a:31:f0:d4:cc:e6:ce:cd:ba:22:6a:77:ca:
         9e:ee:f9:44:a5:8d:1c:9a:5d:39:4e:73:ab:e9:c4:ac:86:f4:
         e3:77:d8:18:43:ae:b2:08:1d:87:9f:a8:11:fd:9d:b1:e9:be:
         03:c1:5b:3a:77:cd:99:85:bd:a3:19:85:ca:c5:0e:25:41:a3:
         81:1a:18:09
-----BEGIN CERTIFICATE-----
MIIExTCCA62gAwIBAgIUHdChP/m/6vcjxbk83jjfWtWIx1MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoRkRBMDc1NzRFQTM2MkVGQjJFNDZCMzAzOEVFMDVBNkFD
QTBCRjMwMTAeFw0yMzA3MjgyMTMxMjhaFw0yNDA3MjYyMTM2MjhaMDMxMTAvBgNV
BAMTKDJFMjM3MjFEMDUxRTQ4NTc4M0NFODg1OTNCM0MyNTIxMkQ5NjUzMzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDahYuNWmoS9vdxfDRrlGXBuJ8z
/zVlKhdhmCtLLq4e1OhjPkUu0kGUIqptdEvva3MiwlJWh+mYIwE0lgGCIIwRv90s
Kv2ItPns/nF/ZkDijqTd4ijwa3s3m6wVYZe0Fbe57YjdAS6EKxQFVrt5hgMS3K53
oqSuDnuKyD8GEP1sBu6OkOU4Z/zAAmbu7sphO/UmzoIkoCinnyen5z2rb52niyd/
ERrheJtBDqAdwPcESJ2vS+2Q1XxWyD88h3za/vgL6eS+s6CdhzU+9sZQD9BEWfK5
QdreNDDbmwN1PziLUXPETHdKGE3TmnpVfG3QwqZiyIdnZDbyy85lub5qpSPBAgMB
AAGjggHPMIIByzAdBgNVHQ4EFgQULiNyHQUeSFeDzohZOzwlIS2WUzgwHwYDVR0j
BBgwFoAU/aB1dOo2LvsuRrMDjuBaasoL8wEwDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5jby9yZXBvL01hdHQvMi9GREEwNzU3
NEVBMzYyRUZCMkU0NkIzMDM4RUUwNUE2QUNBMEJGMzAxLmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEv
RkRBMDc1NzRFQTM2MkVGQjJFNDZCMzAzOEVFMDVBNkFDQTBCRjMwMS5jZXIwegYI
KwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jwa2kuY28vcmVwby9N
YXR0LzIvMzI2MTMxMzIzYTY0NjQzNDM3M2E2MjMwMzAzMDNhM2EyZjMzMzYyZDMz
MzYyMDNkM2UyMDM0MzkzNTM5MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUH
DgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQqEt1HsDANBgkqhkiG9w0B
AQsFAAOCAQEAKQjmtR0wRq7NUuhOszETg0FnYWPtvzjT19MpSUk8Di4Qqz+Ezegn
clD9rMdcL5MOa5YezK1D4p9hJpmew3ggnvy401OrY6Lg/H9vo4OZAsYJEcVI5FcT
QvLH4acW3u7jqj8NYMxs+XZP9TRxmR9ukOD7AfrO1xQUwrmn2O4Tno9E474gikzH
yZtvclt3QsVqW5UgAHxdCLIwtdSAxH8+kzN8ITzC7kLMVJE5xP1Ura+ig28bx2Fh
PMo6MfDUzObOzboianfKnu75RKWNHJpdOU5zq+nErIb043fYGEOusggdh5+oEf2d
sem+A8FbOnfNmYW9oxmFysUOJUGjgRoYCQ==
-----END CERTIFICATE-----
Generated at Sun Jun 16 10:14:30 2024 by rpki-client on console-fra.rpki-client.org