Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/Simple/1/326131323a646434363a316666643a3a2f34382d3438203d3e20323135393334.roa
File:                     326131323a646434363a316666643a3a2f34382d3438203d3e20323135393334.roa (raw, json)
Hash identifier:          Td8iC5CEwqqV1dohjoI/kG2vMcyAPsVvz4hRqWeM2qI=
Subject key identifier:   1E:2C:B7:F2:48:04:30:9C:6C:6C:58:C7:4F:C1:D1:EF:FA:EC:7D:E7
Certificate issuer:       /CN=40C513034911811188EE6887BB01091E1FE7EE0D
Certificate serial:       203AAC72237D660FB8F9BA7EDA0EA74233BDC01C
Authority key identifier: 40:C5:13:03:49:11:81:11:88:EE:68:87:BB:01:09:1E:1F:E7:EE:0D
Authority info access:    rsync://rpki.co/repo/AS945/1/40C513034911811188EE6887BB01091E1FE7EE0D.cer
Subject info access:      rsync://rpki.co/repo/Simple/1/326131323a646434363a316666643a3a2f34382d3438203d3e20323135393334.roa
Signing time:             Mon 12 Feb 2024 15:09:56 +0000
ROA not before:           Mon 12 Feb 2024 15:04:56 +0000
ROA not after:            Mon 10 Feb 2025 15:09:56 +0000
asID:                     215934
IP address blocks:        2a12:dd46:1ffd::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/Simple/1/40C513034911811188EE6887BB01091E1FE7EE0D.crl
                          rsync://rpki.co/repo/Simple/1/40C513034911811188EE6887BB01091E1FE7EE0D.mft
                          rsync://rpki.co/repo/AS945/1/40C513034911811188EE6887BB01091E1FE7EE0D.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 19:09:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            20:3a:ac:72:23:7d:66:0f:b8:f9:ba:7e:da:0e:a7:42:33:bd:c0:1c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40C513034911811188EE6887BB01091E1FE7EE0D
        Validity
            Not Before: Feb 12 15:04:56 2024 GMT
            Not After : Feb 10 15:09:56 2025 GMT
        Subject: CN=1E2CB7F24804309C6C6C58C74FC1D1EFFAEC7DE7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:c1:f0:7d:ac:f8:0d:d2:d6:2e:17:ec:c9:b7:
                    8b:40:d6:22:e1:c8:b2:ac:4f:93:41:26:13:e8:31:
                    30:f5:d9:88:e8:a0:7e:0a:fe:44:8a:34:54:f7:94:
                    48:1c:63:f3:cd:db:ab:08:60:fd:88:5f:38:a2:ab:
                    79:c6:83:8e:4e:81:fb:ec:62:fc:a9:70:63:d2:47:
                    75:85:c1:44:72:93:a4:74:6f:bf:01:3e:d3:11:b2:
                    29:ce:ee:ff:ad:e0:31:4c:15:f5:37:be:5b:70:cf:
                    b6:87:31:2e:65:07:0a:a4:7b:6e:0e:a9:64:bd:ff:
                    f5:c2:aa:54:29:a2:b1:92:bf:3e:a2:32:10:13:d4:
                    67:04:23:c3:1a:c1:8b:e2:6a:27:59:de:26:17:4b:
                    19:5b:af:9b:00:9f:83:2f:54:85:0c:b2:cd:80:96:
                    45:6a:ef:dd:7c:09:ef:67:44:88:71:38:ec:5b:cb:
                    f8:4d:e7:dd:d7:09:40:86:be:b9:20:15:83:51:41:
                    6f:28:06:52:06:fe:b1:5c:ee:73:5d:b5:88:f7:4f:
                    3b:d8:fc:a3:e5:b3:17:42:9d:f0:dc:60:82:a2:14:
                    1b:8b:25:bb:4d:4a:fb:74:3a:87:1f:bf:b7:c6:f7:
                    20:ed:e0:85:0e:37:f2:5c:2f:18:b6:8e:17:a2:a6:
                    8f:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1E:2C:B7:F2:48:04:30:9C:6C:6C:58:C7:4F:C1:D1:EF:FA:EC:7D:E7
            X509v3 Authority Key Identifier:
                keyid:40:C5:13:03:49:11:81:11:88:EE:68:87:BB:01:09:1E:1F:E7:EE:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/Simple/1/40C513034911811188EE6887BB01091E1FE7EE0D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/40C513034911811188EE6887BB01091E1FE7EE0D.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/Simple/1/326131323a646434363a316666643a3a2f34382d3438203d3e20323135393334.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd46:1ffd::/48

    Signature Algorithm: sha256WithRSAEncryption
         d9:72:e8:cb:6f:af:09:49:c1:82:17:14:be:f8:a2:c8:50:d6:
         4f:91:ef:8d:8d:bf:f8:49:89:98:ba:fc:fd:96:11:ea:7f:b4:
         6c:cc:ef:12:bb:4b:30:65:0c:16:29:05:75:b3:de:cc:1d:26:
         b5:05:23:b3:a0:eb:41:70:c9:09:d7:50:98:9b:b9:97:9b:bd:
         06:25:67:e7:8c:15:e4:f2:94:bc:e3:ae:08:ca:61:bf:68:9f:
         85:81:72:b1:43:a3:10:07:cc:d7:f0:fb:a5:7f:c6:15:d1:b5:
         c8:69:7e:c3:50:b5:6f:be:9a:8b:1b:fc:97:9b:56:c4:55:86:
         f1:a5:73:57:b0:1a:fb:ba:2e:ed:a2:39:1f:79:e8:b0:92:23:
         5b:7f:f8:5e:4c:29:ca:16:f3:4d:01:f5:28:1e:e4:51:2e:6d:
         36:32:60:fb:26:d8:98:c1:eb:0d:c4:c6:66:a1:7e:fe:86:2e:
         94:12:6d:fc:ee:14:8a:b1:00:32:25:93:a8:17:ae:fd:e2:1c:
         64:c3:f7:fe:65:8c:b0:49:5b:28:be:70:24:69:66:3c:8a:ad:
         04:40:c3:91:b1:27:30:66:f5:e4:03:0f:1b:90:ad:a4:70:3b:
         0b:6e:3f:82:7f:5b:79:db:2d:cb:1f:89:79:42:7e:ed:8c:a0:
         b9:25:38:de
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIUIDqsciN9Zg+4+bp+2g6nQjO9wBwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDBDNTEzMDM0OTExODExMTg4RUU2ODg3QkIwMTA5MUUx
RkU3RUUwRDAeFw0yNDAyMTIxNTA0NTZaFw0yNTAyMTAxNTA5NTZaMDMxMTAvBgNV
BAMTKDFFMkNCN0YyNDgwNDMwOUM2QzZDNThDNzRGQzFEMUVGRkFFQzdERTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvwfB9rPgN0tYuF+zJt4tA1iLh
yLKsT5NBJhPoMTD12YjooH4K/kSKNFT3lEgcY/PN26sIYP2IXziiq3nGg45Ogfvs
YvypcGPSR3WFwURyk6R0b78BPtMRsinO7v+t4DFMFfU3vltwz7aHMS5lBwqke24O
qWS9//XCqlQporGSvz6iMhAT1GcEI8MawYviaidZ3iYXSxlbr5sAn4MvVIUMss2A
lkVq7918Ce9nRIhxOOxby/hN593XCUCGvrkgFYNRQW8oBlIG/rFc7nNdtYj3TzvY
/KPlsxdCnfDcYIKiFBuLJbtNSvt0Oocfv7fG9yDt4IUON/JcLxi2jheipo8vAgMB
AAGjggHWMIIB0jAdBgNVHQ4EFgQUHiy38kgEMJxsbFjHT8HR7/rsfecwHwYDVR0j
BBgwFoAUQMUTA0kRgRGI7miHuwEJHh/n7g0wDgYDVR0PAQH/BAQDAgeAMFsGA1Ud
HwRUMFIwUKBOoEyGSnJzeW5jOi8vcnBraS5jby9yZXBvL1NpbXBsZS8xLzQwQzUx
MzAzNDkxMTgxMTE4OEVFNjg4N0JCMDEwOTFFMUZFN0VFMEQuY3JsMGUGCCsGAQUF
BwEBBFkwVzBVBggrBgEFBQcwAoZJcnN5bmM6Ly9ycGtpLmNvL3JlcG8vQVM5NDUv
MS80MEM1MTMwMzQ5MTE4MTExODhFRTY4ODdCQjAxMDkxRTFGRTdFRTBELmNlcjB+
BggrBgEFBQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5jby9yZXBv
L1NpbXBsZS8xLzMyNjEzMTMyM2E2NDY0MzQzNjNhMzE2NjY2NjQzYTNhMmYzNDM4
MmQzNDM4MjAzZDNlMjAzMjMxMzUzOTMzMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqEt1GH/0wDQYJ
KoZIhvcNAQELBQADggEBANly6MtvrwlJwYIXFL74oshQ1k+R742Nv/hJiZi6/P2W
Eep/tGzM7xK7SzBlDBYpBXWz3swdJrUFI7Og60FwyQnXUJibuZebvQYlZ+eMFeTy
lLzjrgjKYb9on4WBcrFDoxAHzNfw+6V/xhXRtchpfsNQtW++mosb/JebVsRVhvGl
c1ewGvu6Lu2iOR956LCSI1t/+F5MKcoW800B9Sge5FEubTYyYPsm2JjB6w3Exmah
fv6GLpQSbfzuFIqxADIlk6gXrv3iHGTD9/5ljLBJWyi+cCRpZjyKrQRAw5GxJzBm
9eQDDxuQraRwOwtuP4J/W3nbLcsfiXlCfu2MoLklON4=
-----END CERTIFICATE-----
Generated at Sat Jun 15 23:40:21 2024 by rpki-client on console-fra.rpki-client.org