Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/Simple/1/326131323a646434363a316666653a3a2f34382d3438203d3e20323135393933.roa
File:                     326131323a646434363a316666653a3a2f34382d3438203d3e20323135393933.roa (raw, json)
Hash identifier:          TzhvlfNzezP7KSKt17zQfPjRLFP4e64a8u7L8RBHtk4=
Subject key identifier:   9C:8E:C6:2D:0E:DD:9A:F9:CC:DF:69:82:4F:FE:2A:F3:6B:40:92:58
Certificate issuer:       /CN=40C513034911811188EE6887BB01091E1FE7EE0D
Certificate serial:       0AD01FBBAF21FAE449154B342BACFA8727D4D902
Authority key identifier: 40:C5:13:03:49:11:81:11:88:EE:68:87:BB:01:09:1E:1F:E7:EE:0D
Authority info access:    rsync://rpki.co/repo/AS945/1/40C513034911811188EE6887BB01091E1FE7EE0D.cer
Subject info access:      rsync://rpki.co/repo/Simple/1/326131323a646434363a316666653a3a2f34382d3438203d3e20323135393933.roa
Signing time:             Wed 15 Nov 2023 16:06:31 +0000
ROA not before:           Wed 15 Nov 2023 16:01:31 +0000
ROA not after:            Wed 13 Nov 2024 16:06:31 +0000
asID:                     215993
IP address blocks:        2a12:dd46:1ffe::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/Simple/1/40C513034911811188EE6887BB01091E1FE7EE0D.crl
                          rsync://rpki.co/repo/Simple/1/40C513034911811188EE6887BB01091E1FE7EE0D.mft
                          rsync://rpki.co/repo/AS945/1/40C513034911811188EE6887BB01091E1FE7EE0D.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 15 Jun 2024 02:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0a:d0:1f:bb:af:21:fa:e4:49:15:4b:34:2b:ac:fa:87:27:d4:d9:02
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40C513034911811188EE6887BB01091E1FE7EE0D
        Validity
            Not Before: Nov 15 16:01:31 2023 GMT
            Not After : Nov 13 16:06:31 2024 GMT
        Subject: CN=9C8EC62D0EDD9AF9CCDF69824FFE2AF36B409258
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:b6:3b:be:2e:2b:f5:33:a7:94:88:c5:e6:d4:
                    52:01:0b:0b:81:86:50:66:56:93:27:6f:2a:af:ea:
                    f4:2a:af:a0:c2:1e:02:ae:60:f7:a9:79:5c:e2:0d:
                    69:9b:14:ab:b4:bc:2e:14:6e:8a:b2:99:0d:b8:e5:
                    33:d5:9f:99:86:8c:86:b8:f9:00:f3:48:8a:33:ef:
                    c6:52:fc:69:b4:c7:27:0a:f8:ec:ef:31:fa:2c:db:
                    25:f2:22:95:98:09:00:f9:18:52:63:1a:1c:ed:be:
                    3f:f3:49:00:c9:64:57:08:74:68:c3:53:ac:02:d8:
                    ec:88:ab:01:ef:2d:72:53:fc:15:38:85:29:00:8b:
                    8c:e8:52:6b:41:9c:17:10:fb:fb:6f:6a:fe:39:f2:
                    d1:d2:6c:c7:14:ee:87:03:81:d2:c6:3a:47:ae:8a:
                    e9:0f:f6:23:df:0a:50:10:77:3b:26:b4:a9:57:60:
                    c8:c7:09:c7:ba:ac:c9:68:02:8e:fc:f0:fb:ad:11:
                    76:e0:9f:bb:b4:bd:7f:d3:c2:40:3f:ed:cf:ac:f2:
                    0d:76:45:20:bf:1f:7f:b3:39:db:e7:0a:ce:2d:b2:
                    be:5d:9a:54:56:a4:47:ef:7d:bd:4b:bb:84:4a:ed:
                    e1:b8:ec:30:0e:16:34:5b:a7:d3:90:67:9f:e2:71:
                    e2:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:8E:C6:2D:0E:DD:9A:F9:CC:DF:69:82:4F:FE:2A:F3:6B:40:92:58
            X509v3 Authority Key Identifier:
                keyid:40:C5:13:03:49:11:81:11:88:EE:68:87:BB:01:09:1E:1F:E7:EE:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/Simple/1/40C513034911811188EE6887BB01091E1FE7EE0D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/40C513034911811188EE6887BB01091E1FE7EE0D.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/Simple/1/326131323a646434363a316666653a3a2f34382d3438203d3e20323135393933.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd46:1ffe::/48

    Signature Algorithm: sha256WithRSAEncryption
         21:6b:fe:e1:05:cc:48:e1:6c:af:ef:d7:ac:c6:1a:ee:73:7b:
         6d:42:6e:b7:d0:10:5a:6c:9e:e2:4f:e2:66:32:c5:89:33:af:
         1e:6b:68:26:72:55:74:a1:4f:65:7f:11:32:72:d5:da:ee:42:
         bc:3a:9a:8b:a1:c0:f9:90:f9:1d:00:30:ea:06:65:6b:0c:24:
         e0:6c:25:ae:52:c2:d8:c9:91:c1:0f:cb:33:87:c6:00:38:57:
         de:dd:35:2f:25:fb:dd:a7:8e:0c:ed:e8:a4:82:51:bd:ad:ca:
         3d:99:71:39:34:ea:d6:f0:bb:4f:fe:2a:73:5b:3a:50:af:ca:
         79:3c:58:52:b5:7d:5c:14:55:3c:78:c3:d2:4d:c2:be:2a:a7:
         29:c1:91:db:6f:dd:1f:57:da:4d:48:4c:8a:0e:90:a4:b7:e3:
         1d:4d:20:e2:56:af:46:bf:f9:6a:27:ed:ed:05:0a:0b:ec:39:
         4d:a4:82:43:8d:4a:b6:6a:5e:f6:87:9a:43:3f:72:27:ff:57:
         83:70:0e:4c:da:6e:03:84:83:6d:4f:eb:61:22:e1:f0:02:be:
         91:3e:2b:bb:d2:ec:50:f3:c6:08:f4:16:88:d2:23:58:bc:ab:
         6e:72:af:50:c6:c8:6b:46:4e:ff:6e:46:41:56:1a:64:ea:10:
         e2:a3:67:48
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIUCtAfu68h+uRJFUs0K6z6hyfU2QIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDBDNTEzMDM0OTExODExMTg4RUU2ODg3QkIwMTA5MUUx
RkU3RUUwRDAeFw0yMzExMTUxNjAxMzFaFw0yNDExMTMxNjA2MzFaMDMxMTAvBgNV
BAMTKDlDOEVDNjJEMEVERDlBRjlDQ0RGNjk4MjRGRkUyQUYzNkI0MDkyNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMtju+Liv1M6eUiMXm1FIBCwuB
hlBmVpMnbyqv6vQqr6DCHgKuYPepeVziDWmbFKu0vC4UboqymQ245TPVn5mGjIa4
+QDzSIoz78ZS/Gm0xycK+OzvMfos2yXyIpWYCQD5GFJjGhztvj/zSQDJZFcIdGjD
U6wC2OyIqwHvLXJT/BU4hSkAi4zoUmtBnBcQ+/tvav458tHSbMcU7ocDgdLGOkeu
iukP9iPfClAQdzsmtKlXYMjHCce6rMloAo788PutEXbgn7u0vX/TwkA/7c+s8g12
RSC/H3+zOdvnCs4tsr5dmlRWpEfvfb1Lu4RK7eG47DAOFjRbp9OQZ5/iceJDAgMB
AAGjggHWMIIB0jAdBgNVHQ4EFgQUnI7GLQ7dmvnM32mCT/4q82tAklgwHwYDVR0j
BBgwFoAUQMUTA0kRgRGI7miHuwEJHh/n7g0wDgYDVR0PAQH/BAQDAgeAMFsGA1Ud
HwRUMFIwUKBOoEyGSnJzeW5jOi8vcnBraS5jby9yZXBvL1NpbXBsZS8xLzQwQzUx
MzAzNDkxMTgxMTE4OEVFNjg4N0JCMDEwOTFFMUZFN0VFMEQuY3JsMGUGCCsGAQUF
BwEBBFkwVzBVBggrBgEFBQcwAoZJcnN5bmM6Ly9ycGtpLmNvL3JlcG8vQVM5NDUv
MS80MEM1MTMwMzQ5MTE4MTExODhFRTY4ODdCQjAxMDkxRTFGRTdFRTBELmNlcjB+
BggrBgEFBQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5jby9yZXBv
L1NpbXBsZS8xLzMyNjEzMTMyM2E2NDY0MzQzNjNhMzE2NjY2NjUzYTNhMmYzNDM4
MmQzNDM4MjAzZDNlMjAzMjMxMzUzOTM5MzMucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqEt1GH/4wDQYJ
KoZIhvcNAQELBQADggEBACFr/uEFzEjhbK/v16zGGu5ze21CbrfQEFpsnuJP4mYy
xYkzrx5raCZyVXShT2V/ETJy1druQrw6mouhwPmQ+R0AMOoGZWsMJOBsJa5SwtjJ
kcEPyzOHxgA4V97dNS8l+92njgzt6KSCUb2tyj2ZcTk06tbwu0/+KnNbOlCvynk8
WFK1fVwUVTx4w9JNwr4qpynBkdtv3R9X2k1ITIoOkKS34x1NIOJWr0a/+Won7e0F
CgvsOU2kgkONSrZqXvaHmkM/cif/V4NwDkzabgOEg21P62Ei4fACvpE+K7vS7FDz
xgj0FojSI1i8q25yr1DGyGtGTv9uRkFWGmTqEOKjZ0g=
-----END CERTIFICATE-----
Generated at Fri Jun 14 12:00:30 2024 by rpki-client on console-ams.rpki-client.org