Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/Pong/1/326131323a646434373a353261303a3a2f34342d3434203d3e20323030313630.roa
File:                     326131323a646434373a353261303a3a2f34342d3434203d3e20323030313630.roa (raw, json)
Hash identifier:          MtYHx1zElbP4Y6PjxTeGQDWWBko96UWi7vsW1viU2Rs=
Subject key identifier:   B4:C9:8B:C9:8C:DB:98:24:1C:F8:C3:B8:15:83:E7:77:CE:5A:02:31
Certificate issuer:       /CN=51E8BF04F872204D7BAF9626F16CDB039E3A2443
Certificate serial:       0F211F87A15948836128A8E9972ED98AB4EAEBD8
Authority key identifier: 51:E8:BF:04:F8:72:20:4D:7B:AF:96:26:F1:6C:DB:03:9E:3A:24:43
Authority info access:    rsync://rpki.co/repo/AS945/1/51E8BF04F872204D7BAF9626F16CDB039E3A2443.cer
Subject info access:      rsync://rpki.co/repo/Pong/1/326131323a646434373a353261303a3a2f34342d3434203d3e20323030313630.roa
Signing time:             Thu 14 Mar 2024 10:14:08 +0000
ROA not before:           Thu 14 Mar 2024 10:09:08 +0000
ROA not after:            Thu 13 Mar 2025 10:14:08 +0000
asID:                     200160
IP address blocks:        2a12:dd47:52a0::/44 maxlen: 44

Validation:               OK
Signature path:           rsync://rpki.co/repo/Pong/1/51E8BF04F872204D7BAF9626F16CDB039E3A2443.crl
                          rsync://rpki.co/repo/Pong/1/51E8BF04F872204D7BAF9626F16CDB039E3A2443.mft
                          rsync://rpki.co/repo/AS945/1/51E8BF04F872204D7BAF9626F16CDB039E3A2443.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://rpki.co/repo/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 28 Mar 2024 20:24:51 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0f:21:1f:87:a1:59:48:83:61:28:a8:e9:97:2e:d9:8a:b4:ea:eb:d8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51E8BF04F872204D7BAF9626F16CDB039E3A2443
        Validity
            Not Before: Mar 14 10:09:08 2024 GMT
            Not After : Mar 13 10:14:08 2025 GMT
        Subject: CN=B4C98BC98CDB98241CF8C3B81583E777CE5A0231
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:2a:6d:3a:a0:70:2d:a3:29:32:3c:21:ad:2c:
                    7e:e3:b0:4b:19:20:b1:6d:5e:13:1c:b2:d6:2c:fb:
                    5f:da:b6:b7:1e:85:8e:0e:0a:49:66:b6:ce:bb:7c:
                    06:8d:c2:21:eb:6d:41:8e:41:1f:bd:32:3f:4a:af:
                    70:f5:4a:bb:67:27:e1:7e:26:72:3d:78:84:e3:fd:
                    50:20:b1:98:1e:0e:04:ca:b5:8d:c5:b0:d2:ea:a6:
                    b2:65:f0:21:7c:8b:75:86:32:ef:08:fd:6b:aa:34:
                    5b:bb:39:1f:da:5c:98:8b:f4:11:b9:73:4d:4e:8f:
                    69:91:00:25:e2:50:c6:ad:da:75:de:2f:03:03:37:
                    27:ce:21:dd:e6:5e:f2:a6:b3:e2:db:25:16:ef:8c:
                    f8:e9:f2:81:b7:64:91:55:f1:0b:81:18:54:c1:55:
                    80:19:4f:d5:e8:85:8f:ab:2e:f6:10:19:13:fd:5e:
                    59:13:9e:ed:90:0f:6a:07:b0:2e:64:22:59:3e:a4:
                    ff:f4:a9:85:15:f2:83:f7:2b:82:a2:e1:44:04:b1:
                    90:b0:32:c9:e2:22:40:f7:73:a4:62:59:37:f9:6f:
                    3a:f6:6a:cf:60:d4:bf:4e:1d:c6:13:90:75:10:4e:
                    43:c7:7a:74:26:d2:32:65:3f:bb:f1:7c:19:ab:12:
                    a7:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B4:C9:8B:C9:8C:DB:98:24:1C:F8:C3:B8:15:83:E7:77:CE:5A:02:31
            X509v3 Authority Key Identifier:
                keyid:51:E8:BF:04:F8:72:20:4D:7B:AF:96:26:F1:6C:DB:03:9E:3A:24:43

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/Pong/1/51E8BF04F872204D7BAF9626F16CDB039E3A2443.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/51E8BF04F872204D7BAF9626F16CDB039E3A2443.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/Pong/1/326131323a646434373a353261303a3a2f34342d3434203d3e20323030313630.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:52a0::/44

    Signature Algorithm: sha256WithRSAEncryption
         5f:cd:d1:0e:e8:d1:73:d3:89:2f:c7:e9:e5:b0:bf:1a:40:79:
         7d:1f:11:f3:de:f6:18:35:9c:97:57:2d:92:c6:da:cd:7d:04:
         89:b6:b2:66:a9:28:5e:bc:f3:e4:9e:26:ba:47:d9:d4:f0:2c:
         33:b1:c6:a5:9d:b7:fb:8d:00:3b:6f:01:0e:3b:1e:f7:6c:c1:
         f9:3b:c0:03:53:ad:48:76:0d:f2:ca:a1:52:8c:98:fa:dd:de:
         68:4b:29:04:d0:75:f4:7c:c8:ff:f2:31:95:0f:50:b2:71:76:
         8c:4b:8f:e0:45:18:50:9f:8a:1e:20:0f:c8:7c:a0:00:07:54:
         91:70:53:21:8b:62:24:e5:11:59:f3:82:2e:91:db:ba:94:49:
         c4:c3:5a:3b:57:04:6f:ea:fb:97:73:84:14:0d:ce:9f:a2:55:
         18:aa:72:b7:9b:4d:8d:9c:0d:ab:50:67:08:45:81:aa:59:a0:
         a0:5b:c3:4a:6a:98:eb:e0:fd:bd:69:83:44:c6:9b:85:4d:41:
         75:64:7d:5a:14:28:35:bf:0c:30:e0:b8:5c:15:ff:50:dd:3b:
         96:13:c6:9d:2a:01:b8:f1:a0:f9:b4:02:a3:c1:bc:d5:2d:5d:
         70:54:69:97:e6:86:cf:0e:75:e4:50:4a:90:02:af:2c:4f:e7:
         e5:9c:27:18
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIUDyEfh6FZSINhKKjply7ZirTq69gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNTFFOEJGMDRGODcyMjA0RDdCQUY5NjI2RjE2Q0RCMDM5
RTNBMjQ0MzAeFw0yNDAzMTQxMDA5MDhaFw0yNTAzMTMxMDE0MDhaMDMxMTAvBgNV
BAMTKEI0Qzk4QkM5OENEQjk4MjQxQ0Y4QzNCODE1ODNFNzc3Q0U1QTAyMzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGKm06oHAtoykyPCGtLH7jsEsZ
ILFtXhMcstYs+1/atrcehY4OCklmts67fAaNwiHrbUGOQR+9Mj9Kr3D1SrtnJ+F+
JnI9eITj/VAgsZgeDgTKtY3FsNLqprJl8CF8i3WGMu8I/WuqNFu7OR/aXJiL9BG5
c01Oj2mRACXiUMat2nXeLwMDNyfOId3mXvKms+LbJRbvjPjp8oG3ZJFV8QuBGFTB
VYAZT9XohY+rLvYQGRP9XlkTnu2QD2oHsC5kIlk+pP/0qYUV8oP3K4Ki4UQEsZCw
MsniIkD3c6RiWTf5bzr2as9g1L9OHcYTkHUQTkPHenQm0jJlP7vxfBmrEqcJAgMB
AAGjggHSMIIBzjAdBgNVHQ4EFgQUtMmLyYzbmCQc+MO4FYPnd85aAjEwHwYDVR0j
BBgwFoAUUei/BPhyIE17r5Ym8WzbA546JEMwDgYDVR0PAQH/BAQDAgeAMFkGA1Ud
HwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBraS5jby9yZXBvL1BvbmcvMS81MUU4QkYw
NEY4NzIyMDREN0JBRjk2MjZGMTZDREIwMzlFM0EyNDQzLmNybDBlBggrBgEFBQcB
AQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5jby9yZXBvL0FTOTQ1LzEv
NTFFOEJGMDRGODcyMjA0RDdCQUY5NjI2RjE2Q0RCMDM5RTNBMjQ0My5jZXIwfAYI
KwYBBQUHAQsEcDBuMGwGCCsGAQUFBzALhmByc3luYzovL3Jwa2kuY28vcmVwby9Q
b25nLzEvMzI2MTMxMzIzYTY0NjQzNDM3M2EzNTMyNjEzMDNhM2EyZjM0MzQyZDM0
MzQyMDNkM2UyMDMyMzAzMDMxMzYzMC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEF
BQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoS3UdSoDANBgkqhkiG
9w0BAQsFAAOCAQEAX83RDujRc9OJL8fp5bC/GkB5fR8R8972GDWcl1ctksbazX0E
ibayZqkoXrzz5J4mukfZ1PAsM7HGpZ23+40AO28BDjse92zB+TvAA1OtSHYN8sqh
UoyY+t3eaEspBNB19HzI//IxlQ9QsnF2jEuP4EUYUJ+KHiAPyHygAAdUkXBTIYti
JOURWfOCLpHbupRJxMNaO1cEb+r7l3OEFA3On6JVGKpyt5tNjZwNq1BnCEWBqlmg
oFvDSmqY6+D9vWmDRMabhU1BdWR9WhQoNb8MMOC4XBX/UN07lhPGnSoBuPGg+bQC
o8G81S1dcFRpl+aGzw515FBKkAKvLE/n5ZwnGA==
-----END CERTIFICATE-----
Generated at Thu Mar 28 11:30:30 2024 by rpki-client on console-fra.rpki-client.org