Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/Pong/1/326131323a646434373a353238303a3a2f34342d3434203d3e20323030313630.roa
File:                     326131323a646434373a353238303a3a2f34342d3434203d3e20323030313630.roa (raw, json)
Hash identifier:          bmM1PgLL6rM6aFNeePFLxPm7dEFycv1LdlHQAK7pR0A=
Subject key identifier:   17:2D:6F:D8:8D:B6:F4:88:B5:0E:24:21:C1:95:06:C4:28:07:8A:5E
Certificate issuer:       /CN=51E8BF04F872204D7BAF9626F16CDB039E3A2443
Certificate serial:       7DE9098C105615B2E4B3CE6B436B6878605555BF
Authority key identifier: 51:E8:BF:04:F8:72:20:4D:7B:AF:96:26:F1:6C:DB:03:9E:3A:24:43
Authority info access:    rsync://rpki.co/repo/AS945/1/51E8BF04F872204D7BAF9626F16CDB039E3A2443.cer
Subject info access:      rsync://rpki.co/repo/Pong/1/326131323a646434373a353238303a3a2f34342d3434203d3e20323030313630.roa
Signing time:             Thu 14 Mar 2024 10:14:08 +0000
ROA not before:           Thu 14 Mar 2024 10:09:08 +0000
ROA not after:            Thu 13 Mar 2025 10:14:08 +0000
asID:                     200160
IP address blocks:        2a12:dd47:5280::/44 maxlen: 44

Validation:               OK
Signature path:           rsync://rpki.co/repo/Pong/1/51E8BF04F872204D7BAF9626F16CDB039E3A2443.crl
                          rsync://rpki.co/repo/Pong/1/51E8BF04F872204D7BAF9626F16CDB039E3A2443.mft
                          rsync://rpki.co/repo/AS945/1/51E8BF04F872204D7BAF9626F16CDB039E3A2443.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://rpki.co/repo/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 28 Mar 2024 20:24:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7d:e9:09:8c:10:56:15:b2:e4:b3:ce:6b:43:6b:68:78:60:55:55:bf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51E8BF04F872204D7BAF9626F16CDB039E3A2443
        Validity
            Not Before: Mar 14 10:09:08 2024 GMT
            Not After : Mar 13 10:14:08 2025 GMT
        Subject: CN=172D6FD88DB6F488B50E2421C19506C428078A5E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:f7:37:a7:63:e7:ca:91:fb:ee:c2:05:60:4e:
                    3b:19:07:e9:99:ca:df:3e:52:3f:e6:52:1d:36:48:
                    7f:ed:ac:de:75:64:ba:f2:71:7a:45:80:25:18:fa:
                    85:de:45:aa:a4:d2:bb:4f:7d:57:01:e1:72:20:6c:
                    aa:72:55:8b:da:d4:e4:82:23:3f:96:24:40:58:b6:
                    aa:35:78:b7:e9:ce:e8:d8:cf:74:2b:4b:4e:91:3e:
                    a5:29:bb:7c:cb:9f:28:2a:b3:3f:37:d5:3b:c1:b7:
                    ee:19:ac:bc:d5:2a:5a:a1:5b:d4:e0:f9:d4:7e:34:
                    90:9d:35:66:10:74:ad:34:f8:f7:1a:44:2c:85:04:
                    19:ee:1a:f0:f2:13:2f:47:6f:e4:42:d0:5c:48:0b:
                    3f:f1:69:eb:1e:b7:50:a0:cb:47:48:8d:50:28:f9:
                    8f:ee:f1:7d:34:91:b8:ca:97:19:95:ab:8c:4d:9e:
                    14:b9:8f:6b:4f:a4:f9:c2:47:51:f9:79:49:7e:79:
                    f5:ad:7b:19:b8:8d:82:a5:08:db:8d:fe:ec:ae:ed:
                    54:24:a2:2d:1c:db:7a:6e:1c:0f:e2:da:94:7b:2e:
                    ad:af:f6:62:53:ec:e2:44:d6:b7:23:7f:ff:cb:ea:
                    e3:16:5b:a9:f7:f2:95:fd:0a:a3:0e:2e:b8:d4:1c:
                    12:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:2D:6F:D8:8D:B6:F4:88:B5:0E:24:21:C1:95:06:C4:28:07:8A:5E
            X509v3 Authority Key Identifier:
                keyid:51:E8:BF:04:F8:72:20:4D:7B:AF:96:26:F1:6C:DB:03:9E:3A:24:43

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/Pong/1/51E8BF04F872204D7BAF9626F16CDB039E3A2443.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/51E8BF04F872204D7BAF9626F16CDB039E3A2443.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/Pong/1/326131323a646434373a353238303a3a2f34342d3434203d3e20323030313630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:5280::/44

    Signature Algorithm: sha256WithRSAEncryption
         ad:ec:b3:d3:6a:e9:23:1d:45:a4:fd:3b:6d:30:61:a1:bc:85:
         dc:93:11:de:57:3b:27:04:96:12:4a:d8:bd:30:f7:a2:36:44:
         87:f6:80:6b:9c:ae:81:a3:c1:4f:89:44:49:e2:6c:a6:02:82:
         27:12:3d:48:1a:f8:59:e8:2d:7c:7c:43:83:dc:5d:d3:17:4d:
         5c:ba:d1:bb:22:1b:07:c6:b8:b5:b6:41:5c:4b:2b:23:54:4d:
         30:c2:ed:b0:21:48:df:34:42:9e:c4:ca:80:39:c4:7f:33:3b:
         bf:86:70:3e:e0:25:9f:af:47:02:46:b2:af:6a:8b:9e:53:08:
         89:76:bc:cf:79:ae:14:83:6a:a9:55:b7:37:e2:1e:11:07:f3:
         55:e1:c1:dd:e8:71:c7:a8:ad:60:e9:49:1e:16:3d:52:b2:93:
         87:89:50:d2:7e:23:8c:36:56:99:77:d3:b4:75:da:7e:3e:28:
         3a:12:80:a0:d8:f4:08:dd:36:2e:28:ce:71:9a:35:91:ec:62:
         eb:31:99:48:9d:04:66:eb:fd:e2:19:af:e3:36:fc:52:ce:a7:
         f0:d5:8f:06:d9:2f:2f:1e:dc:14:69:41:ec:6b:b4:0e:17:d2:
         27:a4:d0:36:2a:8e:26:98:dc:b1:4e:43:e9:5f:c1:ef:96:b4:
         e3:8d:2a:3c
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIUfekJjBBWFbLks85rQ2toeGBVVb8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTFFOEJGMDRGODcyMjA0RDdCQUY5NjI2RjE2Q0RCMDM5
RTNBMjQ0MzAeFw0yNDAzMTQxMDA5MDhaFw0yNTAzMTMxMDE0MDhaMDMxMTAvBgNV
BAMTKDE3MkQ2RkQ4OERCNkY0ODhCNTBFMjQyMUMxOTUwNkM0MjgwNzhBNUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn9zenY+fKkfvuwgVgTjsZB+mZ
yt8+Uj/mUh02SH/trN51ZLrycXpFgCUY+oXeRaqk0rtPfVcB4XIgbKpyVYva1OSC
Iz+WJEBYtqo1eLfpzujYz3QrS06RPqUpu3zLnygqsz831TvBt+4ZrLzVKlqhW9Tg
+dR+NJCdNWYQdK00+PcaRCyFBBnuGvDyEy9Hb+RC0FxICz/xaeset1Cgy0dIjVAo
+Y/u8X00kbjKlxmVq4xNnhS5j2tPpPnCR1H5eUl+efWtexm4jYKlCNuN/uyu7VQk
oi0c23puHA/i2pR7Lq2v9mJT7OJE1rcjf//L6uMWW6n38pX9CqMOLrjUHBLNAgMB
AAGjggHSMIIBzjAdBgNVHQ4EFgQUFy1v2I229Ii1DiQhwZUGxCgHil4wHwYDVR0j
BBgwFoAUUei/BPhyIE17r5Ym8WzbA546JEMwDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5jby9yZXBvL1BvbmcvMS81MUU4QkYw
NEY4NzIyMDREN0JBRjk2MjZGMTZDREIwMzlFM0EyNDQzLmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEv
NTFFOEJGMDRGODcyMjA0RDdCQUY5NjI2RjE2Q0RCMDM5RTNBMjQ0My5jZXIwfAYI
KwYBBQUHAQsEcDBuMGwGCCsGAQUFBzALhmByc3luYzovL3Jwa2kuY28vcmVwby9Q
b25nLzEvMzI2MTMxMzIzYTY0NjQzNDM3M2EzNTMyMzgzMDNhM2EyZjM0MzQyZDM0
MzQyMDNkM2UyMDMyMzAzMDMxMzYzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoS3UdSgDANBgkqhkiG
9w0BAQsFAAOCAQEAreyz02rpIx1FpP07bTBhobyF3JMR3lc7JwSWEkrYvTD3ojZE
h/aAa5yugaPBT4lESeJspgKCJxI9SBr4WegtfHxDg9xd0xdNXLrRuyIbB8a4tbZB
XEsrI1RNMMLtsCFI3zRCnsTKgDnEfzM7v4ZwPuAln69HAkayr2qLnlMIiXa8z3mu
FINqqVW3N+IeEQfzVeHB3ehxx6itYOlJHhY9UrKTh4lQ0n4jjDZWmXfTtHXafj4o
OhKAoNj0CN02LijOcZo1kexi6zGZSJ0EZuv94hmv4zb8Us6n8NWPBtkvLx7cFGlB
7Gu0DhfSJ6TQNiqOJpjcsU5D6V/B75a0440qPA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:30:30 2024 by rpki-client on console-fra.rpki-client.org