Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/Rudaki/0/326131323a646434373a353330313a3a2f34382d3438203d3e20323131353039.roa
File:                     326131323a646434373a353330313a3a2f34382d3438203d3e20323131353039.roa (raw, json)
Hash identifier:          /BwD2FrA+RtB39SFKl8GBS1LvI3e1qoPSaTCBf+4ntY=
Subject key identifier:   ED:66:75:5F:A0:64:45:6C:B2:3B:0E:04:88:30:47:A8:A1:A6:79:20
Certificate issuer:       /CN=8D47937E5FB1C1169EEAD229E680E581B175465F
Certificate serial:       0E7C6F86A6539C9337A2644D4CA8B0AC2BA7D08E
Authority key identifier: 8D:47:93:7E:5F:B1:C1:16:9E:EA:D2:29:E6:80:E5:81:B1:75:46:5F
Authority info access:    rsync://rpki.co/repo/AS945/1/8D47937E5FB1C1169EEAD229E680E581B175465F.cer
Subject info access:      rsync://rpki.co/repo/Rudaki/0/326131323a646434373a353330313a3a2f34382d3438203d3e20323131353039.roa
Signing time:             Thu 12 Oct 2023 17:12:39 +0000
ROA not before:           Thu 12 Oct 2023 17:07:39 +0000
ROA not after:            Thu 10 Oct 2024 17:12:39 +0000
asID:                     211509
IP address blocks:        2a12:dd47:5301::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/Rudaki/0/8D47937E5FB1C1169EEAD229E680E581B175465F.crl
                          rsync://rpki.co/repo/Rudaki/0/8D47937E5FB1C1169EEAD229E680E581B175465F.mft
                          rsync://rpki.co/repo/AS945/1/8D47937E5FB1C1169EEAD229E680E581B175465F.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 22:11:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:7c:6f:86:a6:53:9c:93:37:a2:64:4d:4c:a8:b0:ac:2b:a7:d0:8e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=8D47937E5FB1C1169EEAD229E680E581B175465F
        Validity
            Not Before: Oct 12 17:07:39 2023 GMT
            Not After : Oct 10 17:12:39 2024 GMT
        Subject: CN=ED66755FA064456CB23B0E04883047A8A1A67920
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:b4:35:ee:af:46:58:39:d7:d4:01:34:35:62:
                    10:85:bc:78:8f:5a:97:91:fe:84:27:c4:4d:f5:4a:
                    49:b9:ad:cf:2c:70:3a:68:0d:4e:79:14:e0:b4:4a:
                    f6:75:5a:f9:51:ea:8d:68:98:0b:82:26:ba:4a:1a:
                    01:b6:b0:2e:57:82:0a:61:f9:ce:f1:76:57:13:5a:
                    18:19:66:71:ae:38:65:fa:0e:31:7f:49:7a:6b:de:
                    7d:07:37:61:4d:eb:ed:33:4c:dc:3e:d6:50:50:95:
                    90:b1:6c:14:e5:e8:d3:9b:07:95:ad:e5:1e:f9:91:
                    a6:c1:a1:37:37:d3:61:25:78:72:01:61:f7:00:e7:
                    55:77:6c:cc:90:8d:cb:04:76:14:dc:a5:41:e3:bc:
                    3d:96:5a:86:a2:3a:1d:c6:09:04:3d:42:53:40:1b:
                    04:17:91:b0:74:90:e1:ac:b4:73:8f:f6:a4:b3:e3:
                    00:8f:23:a6:1c:33:57:0f:ec:62:40:d1:37:67:3e:
                    b4:a0:5c:30:e0:4b:6b:c3:e7:ae:31:be:8d:cd:84:
                    01:6d:d9:f2:50:1a:74:ec:5e:45:54:c9:79:6c:6d:
                    e2:79:52:11:cb:75:a4:bf:bb:96:62:97:b0:3f:52:
                    71:1e:4f:37:d1:14:cd:03:0f:bb:a1:f5:c1:2a:4c:
                    34:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                ED:66:75:5F:A0:64:45:6C:B2:3B:0E:04:88:30:47:A8:A1:A6:79:20
            X509v3 Authority Key Identifier:
                keyid:8D:47:93:7E:5F:B1:C1:16:9E:EA:D2:29:E6:80:E5:81:B1:75:46:5F

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/Rudaki/0/8D47937E5FB1C1169EEAD229E680E581B175465F.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/8D47937E5FB1C1169EEAD229E680E581B175465F.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/Rudaki/0/326131323a646434373a353330313a3a2f34382d3438203d3e20323131353039.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd47:5301::/48

    Signature Algorithm: sha256WithRSAEncryption
         7a:ec:29:21:78:72:79:dd:4c:8a:f8:4b:d4:f1:70:86:84:19:
         ee:a4:14:02:c4:8e:18:cf:8c:18:d8:db:95:61:73:04:d9:fe:
         ab:13:99:4a:29:e1:d7:6d:87:df:5e:19:26:c9:db:be:3d:5c:
         d9:d0:00:59:6f:72:8a:de:52:a9:9f:fb:9f:1b:5f:b3:b2:ff:
         a1:b1:14:bd:f5:7f:16:ac:51:14:e2:6b:bf:54:2c:54:3b:bd:
         1f:4c:a2:bd:ef:20:9d:d4:37:6b:12:27:36:6c:b9:b1:78:75:
         6b:65:8e:98:5c:5c:3a:03:ec:79:3a:43:19:4e:1d:4e:bc:64:
         59:c5:71:2a:74:64:f7:9e:8a:7e:0a:cf:e6:ac:9b:79:a5:d9:
         db:e7:ea:49:4f:c5:8d:35:e0:f3:fe:eb:bb:fd:01:8d:2a:30:
         0b:b4:19:90:40:04:da:25:44:39:f3:e2:bb:fe:7d:11:79:f6:
         96:ce:23:d6:fd:5c:83:37:d2:a2:e1:8b:8e:48:70:99:a0:8b:
         55:01:0a:bb:ca:d8:2a:38:55:c9:55:41:34:e8:c2:76:a0:0e:
         ab:49:37:18:3f:83:14:17:c1:4b:4e:5c:e7:26:bd:5a:94:85:
         db:60:4e:03:cb:23:1b:9d:2b:1b:10:e3:dd:49:63:c0:57:db:
         bf:4c:de:ce
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIUDnxvhqZTnJM3omRNTKiwrCun0I4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOEQ0NzkzN0U1RkIxQzExNjlFRUFEMjI5RTY4MEU1ODFC
MTc1NDY1RjAeFw0yMzEwMTIxNzA3MzlaFw0yNDEwMTAxNzEyMzlaMDMxMTAvBgNV
BAMTKEVENjY3NTVGQTA2NDQ1NkNCMjNCMEUwNDg4MzA0N0E4QTFBNjc5MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDetDXur0ZYOdfUATQ1YhCFvHiP
WpeR/oQnxE31Skm5rc8scDpoDU55FOC0SvZ1WvlR6o1omAuCJrpKGgG2sC5Xggph
+c7xdlcTWhgZZnGuOGX6DjF/SXpr3n0HN2FN6+0zTNw+1lBQlZCxbBTl6NObB5Wt
5R75kabBoTc302EleHIBYfcA51V3bMyQjcsEdhTcpUHjvD2WWoaiOh3GCQQ9QlNA
GwQXkbB0kOGstHOP9qSz4wCPI6YcM1cP7GJA0TdnPrSgXDDgS2vD564xvo3NhAFt
2fJQGnTsXkVUyXlsbeJ5UhHLdaS/u5Zil7A/UnEeTzfRFM0DD7uh9cEqTDQ9AgMB
AAGjggHWMIIB0jAdBgNVHQ4EFgQU7WZ1X6BkRWyyOw4EiDBHqKGmeSAwHwYDVR0j
BBgwFoAUjUeTfl+xwRae6tIp5oDlgbF1Rl8wDgYDVR0PAQH/BAQDAgeAMFsGA1Ud
HwRUMFIwUKBOoEyGSnJzeW5jOi8vcnBraS5jby9yZXBvL1J1ZGFraS8wLzhENDc5
MzdFNUZCMUMxMTY5RUVBRDIyOUU2ODBFNTgxQjE3NTQ2NUYuY3JsMGUGCCsGAQUF
BwEBBFkwVzBVBggrBgEFBQcwAoZJcnN5bmM6Ly9ycGtpLmNvL3JlcG8vQVM5NDUv
MS84RDQ3OTM3RTVGQjFDMTE2OUVFQUQyMjlFNjgwRTU4MUIxNzU0NjVGLmNlcjB+
BggrBgEFBQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5jby9yZXBv
L1J1ZGFraS8wLzMyNjEzMTMyM2E2NDY0MzQzNzNhMzUzMzMwMzEzYTNhMmYzNDM4
MmQzNDM4MjAzZDNlMjAzMjMxMzEzNTMwMzkucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqEt1HUwEwDQYJ
KoZIhvcNAQELBQADggEBAHrsKSF4cnndTIr4S9TxcIaEGe6kFALEjhjPjBjY25Vh
cwTZ/qsTmUop4ddth99eGSbJ2749XNnQAFlvcoreUqmf+58bX7Oy/6GxFL31fxas
URTia79ULFQ7vR9Mor3vIJ3UN2sSJzZsubF4dWtljphcXDoD7Hk6QxlOHU68ZFnF
cSp0ZPeein4Kz+asm3ml2dvn6klPxY014PP+67v9AY0qMAu0GZBABNolRDnz4rv+
fRF59pbOI9b9XIM30qLhi45IcJmgi1UBCrvK2Co4VclVQTTownagDqtJNxg/gxQX
wUtOXOcmvVqUhdtgTgPLIxudKxsQ491JY8BX279M3s4=
-----END CERTIFICATE-----
Generated at Sun Jun 16 03:33:46 2024 by rpki-client on console-ams.rpki-client.org