Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/Simple/1/326131323a646434363a316666653a3a2f34382d3438203d3e20313939323033.roa
File:                     326131323a646434363a316666653a3a2f34382d3438203d3e20313939323033.roa (raw, json)
Hash identifier:          yOf1+ZpGQsm++ET35zkoK8noSVDhIj/i53G++jOrHMs=
Subject key identifier:   9D:3F:F2:A1:8A:A8:3C:F9:9A:A9:62:05:11:F9:69:50:B1:D7:DB:A0
Certificate issuer:       /CN=40C513034911811188EE6887BB01091E1FE7EE0D
Certificate serial:       7588B15437E8B1A15B62BB65B1EB1DF6558BE932
Authority key identifier: 40:C5:13:03:49:11:81:11:88:EE:68:87:BB:01:09:1E:1F:E7:EE:0D
Authority info access:    rsync://rpki.co/repo/AS945/1/40C513034911811188EE6887BB01091E1FE7EE0D.cer
Subject info access:      rsync://rpki.co/repo/Simple/1/326131323a646434363a316666653a3a2f34382d3438203d3e20313939323033.roa
Signing time:             Fri 16 Feb 2024 12:58:17 +0000
ROA not before:           Fri 16 Feb 2024 12:53:17 +0000
ROA not after:            Fri 14 Feb 2025 12:58:17 +0000
asID:                     199203
IP address blocks:        2a12:dd46:1ffe::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/Simple/1/40C513034911811188EE6887BB01091E1FE7EE0D.crl
                          rsync://rpki.co/repo/Simple/1/40C513034911811188EE6887BB01091E1FE7EE0D.mft
                          rsync://rpki.co/repo/AS945/1/40C513034911811188EE6887BB01091E1FE7EE0D.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 16 Jun 2024 19:09:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            75:88:b1:54:37:e8:b1:a1:5b:62:bb:65:b1:eb:1d:f6:55:8b:e9:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40C513034911811188EE6887BB01091E1FE7EE0D
        Validity
            Not Before: Feb 16 12:53:17 2024 GMT
            Not After : Feb 14 12:58:17 2025 GMT
        Subject: CN=9D3FF2A18AA83CF99AA9620511F96950B1D7DBA0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d0:e8:6a:ad:0c:7b:e7:4e:87:8c:e9:b4:f8:09:
                    25:bf:39:98:a4:11:02:af:e5:0d:1a:26:a7:8a:01:
                    c0:2c:5c:ce:b9:a6:b9:c8:27:aa:d9:f4:ed:75:67:
                    22:e7:90:37:a8:ac:ae:f7:6d:3e:21:65:16:f8:b4:
                    b1:cf:4a:0c:86:9b:e5:05:db:c2:ae:c9:ae:50:08:
                    be:74:f2:0e:03:6e:af:71:1d:19:c4:b8:48:6c:02:
                    e0:25:b6:e5:21:b3:20:c7:fc:32:59:9f:e4:4e:c2:
                    cb:df:71:fd:30:9a:f8:ed:ea:18:0a:cd:df:5f:81:
                    e9:ac:c7:25:5e:cc:35:2b:31:27:75:60:92:d2:7a:
                    5a:ef:3d:b5:e6:48:ec:74:2a:8f:58:37:52:e6:ae:
                    91:01:4a:ef:96:e2:99:75:2b:f4:fc:3f:02:35:ba:
                    0e:0b:82:0f:61:24:fc:73:49:65:9c:25:d3:35:9c:
                    71:09:11:76:a3:15:be:97:0d:74:33:35:9e:f2:ef:
                    f4:1f:8d:a2:96:31:71:58:ab:22:52:34:60:08:3d:
                    b9:1a:23:6d:18:1d:5e:d4:86:ec:74:74:7a:cd:55:
                    07:1c:ae:78:f7:83:e5:bd:b2:d9:d0:c7:06:63:64:
                    8d:e0:7e:25:f5:49:bb:0b:fa:67:37:83:de:ad:a9:
                    32:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9D:3F:F2:A1:8A:A8:3C:F9:9A:A9:62:05:11:F9:69:50:B1:D7:DB:A0
            X509v3 Authority Key Identifier:
                keyid:40:C5:13:03:49:11:81:11:88:EE:68:87:BB:01:09:1E:1F:E7:EE:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/Simple/1/40C513034911811188EE6887BB01091E1FE7EE0D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/40C513034911811188EE6887BB01091E1FE7EE0D.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/Simple/1/326131323a646434363a316666653a3a2f34382d3438203d3e20313939323033.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd46:1ffe::/48

    Signature Algorithm: sha256WithRSAEncryption
         ce:5c:ed:10:fc:0d:cf:93:13:64:e1:b6:04:f3:16:5d:40:e5:
         b5:5e:63:fc:12:b9:2f:8f:57:34:aa:1e:10:c7:0e:0a:1c:aa:
         ab:bd:2f:cf:9b:1c:20:71:c3:cf:71:75:88:46:ff:0f:d8:1d:
         d6:d2:88:32:c0:af:9c:14:27:ce:ce:eb:6e:55:9f:db:30:fe:
         ca:7e:cb:d7:04:4a:d5:c4:3b:be:88:e0:05:38:31:a4:79:b7:
         66:04:dc:33:fd:e1:65:2b:7b:9b:1e:77:a9:b8:ce:af:cd:06:
         1a:24:46:07:7b:61:5f:f0:1d:2e:c1:4d:a4:96:ab:b7:ea:71:
         6f:5b:1a:a7:88:14:ed:66:b8:18:d6:64:60:0d:55:3d:34:13:
         f4:72:87:2d:a1:3c:bd:7b:7b:bb:b9:80:b8:7e:e3:99:48:30:
         71:8f:ff:a6:a7:7c:71:51:80:69:c6:e2:e1:84:8b:29:f4:92:
         cb:7b:c3:dc:6c:44:ed:31:20:cb:6d:a8:25:8a:e1:0d:c7:86:
         9b:f1:53:b5:7c:bd:d4:a7:ec:7e:c0:b2:07:e8:87:b3:33:e3:
         81:1c:94:7a:83:3a:88:a3:3f:a0:db:e9:26:2c:42:60:c7:de:
         48:08:e6:2f:b0:be:3f:c4:bc:1a:66:92:ab:65:21:fa:c0:ef:
         8d:ff:31:8c
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIUdYixVDfosaFbYrtlsesd9lWL6TIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDBDNTEzMDM0OTExODExMTg4RUU2ODg3QkIwMTA5MUUx
RkU3RUUwRDAeFw0yNDAyMTYxMjUzMTdaFw0yNTAyMTQxMjU4MTdaMDMxMTAvBgNV
BAMTKDlEM0ZGMkExOEFBODNDRjk5QUE5NjIwNTExRjk2OTUwQjFEN0RCQTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQ6GqtDHvnToeM6bT4CSW/OZik
EQKv5Q0aJqeKAcAsXM65prnIJ6rZ9O11ZyLnkDeorK73bT4hZRb4tLHPSgyGm+UF
28Kuya5QCL508g4Dbq9xHRnEuEhsAuAltuUhsyDH/DJZn+ROwsvfcf0wmvjt6hgK
zd9fgemsxyVezDUrMSd1YJLSelrvPbXmSOx0Ko9YN1LmrpEBSu+W4pl1K/T8PwI1
ug4Lgg9hJPxzSWWcJdM1nHEJEXajFb6XDXQzNZ7y7/QfjaKWMXFYqyJSNGAIPbka
I20YHV7Uhux0dHrNVQccrnj3g+W9stnQxwZjZI3gfiX1SbsL+mc3g96tqTKJAgMB
AAGjggHWMIIB0jAdBgNVHQ4EFgQUnT/yoYqoPPmaqWIFEflpULHX26AwHwYDVR0j
BBgwFoAUQMUTA0kRgRGI7miHuwEJHh/n7g0wDgYDVR0PAQH/BAQDAgeAMFsGA1Ud
HwRUMFIwUKBOoEyGSnJzeW5jOi8vcnBraS5jby9yZXBvL1NpbXBsZS8xLzQwQzUx
MzAzNDkxMTgxMTE4OEVFNjg4N0JCMDEwOTFFMUZFN0VFMEQuY3JsMGUGCCsGAQUF
BwEBBFkwVzBVBggrBgEFBQcwAoZJcnN5bmM6Ly9ycGtpLmNvL3JlcG8vQVM5NDUv
MS80MEM1MTMwMzQ5MTE4MTExODhFRTY4ODdCQjAxMDkxRTFGRTdFRTBELmNlcjB+
BggrBgEFBQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5jby9yZXBv
L1NpbXBsZS8xLzMyNjEzMTMyM2E2NDY0MzQzNjNhMzE2NjY2NjUzYTNhMmYzNDM4
MmQzNDM4MjAzZDNlMjAzMTM5MzkzMjMwMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqEt1GH/4wDQYJ
KoZIhvcNAQELBQADggEBAM5c7RD8Dc+TE2ThtgTzFl1A5bVeY/wSuS+PVzSqHhDH
Dgocqqu9L8+bHCBxw89xdYhG/w/YHdbSiDLAr5wUJ87O625Vn9sw/sp+y9cEStXE
O76I4AU4MaR5t2YE3DP94WUre5sed6m4zq/NBhokRgd7YV/wHS7BTaSWq7fqcW9b
GqeIFO1muBjWZGANVT00E/Ryhy2hPL17e7u5gLh+45lIMHGP/6anfHFRgGnG4uGE
iyn0kst7w9xsRO0xIMttqCWK4Q3HhpvxU7V8vdSn7H7Asgfoh7Mz44EclHqDOoij
P6Db6SYsQmDH3kgI5i+wvj/EvBpmkqtlIfrA743/MYw=
-----END CERTIFICATE-----
Generated at Sat Jun 15 23:40:21 2024 by rpki-client on console-fra.rpki-client.org