Route Origin Authorization

$ rpki-client -vvf rpki.co/repo/Simple/1/326131323a646434363a316666663a3a2f34382d3438203d3e20323136313233.roa
File:                     326131323a646434363a316666663a3a2f34382d3438203d3e20323136313233.roa (raw, json)
Hash identifier:          qQigDxbgqh1dn9l57biUXEVA9ZWdhqI9Klz2hils5bE=
Subject key identifier:   AB:B0:6B:5D:C3:83:20:8D:24:B4:8B:59:E6:A5:2D:DA:AA:70:9C:3A
Certificate issuer:       /CN=40C513034911811188EE6887BB01091E1FE7EE0D
Certificate serial:       343ECE24D21C7E225050997B7B5C92C5A7818DC7
Authority key identifier: 40:C5:13:03:49:11:81:11:88:EE:68:87:BB:01:09:1E:1F:E7:EE:0D
Authority info access:    rsync://rpki.co/repo/AS945/1/40C513034911811188EE6887BB01091E1FE7EE0D.cer
Subject info access:      rsync://rpki.co/repo/Simple/1/326131323a646434363a316666663a3a2f34382d3438203d3e20323136313233.roa
Signing time:             Fri 03 Nov 2023 12:11:39 +0000
ROA not before:           Fri 03 Nov 2023 12:06:39 +0000
ROA not after:            Fri 01 Nov 2024 12:11:39 +0000
asID:                     216123
IP address blocks:        2a12:dd46:1fff::/48 maxlen: 48

Validation:               OK
Signature path:           rsync://rpki.co/repo/Simple/1/40C513034911811188EE6887BB01091E1FE7EE0D.crl
                          rsync://rpki.co/repo/Simple/1/40C513034911811188EE6887BB01091E1FE7EE0D.mft
                          rsync://rpki.co/repo/AS945/1/40C513034911811188EE6887BB01091E1FE7EE0D.cer
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.crl
                          rsync://rpki.co/repo/AS945/1/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.mft
                          rsync://dev.tw/rpki/August/5/6604289C7E39E08E1AE1255CEE73C05BFD99F3E6.cer
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.crl
                          rsync://dev.tw/rpki/August/5/9D620B45C9098506AC4BF1184BEE6CDBE9D71C4C.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/nWILRckJhQasS_EYS-5s2-nXHEw.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 15 Jun 2024 02:00:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            34:3e:ce:24:d2:1c:7e:22:50:50:99:7b:7b:5c:92:c5:a7:81:8d:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40C513034911811188EE6887BB01091E1FE7EE0D
        Validity
            Not Before: Nov  3 12:06:39 2023 GMT
            Not After : Nov  1 12:11:39 2024 GMT
        Subject: CN=ABB06B5DC383208D24B48B59E6A52DDAAA709C3A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:4b:a1:9d:d5:f6:69:2b:d5:fe:08:30:00:27:
                    8c:ca:0e:a1:48:d0:90:35:f9:6a:1c:d2:6f:c0:8d:
                    f6:62:76:f9:99:ed:f7:6e:e8:ed:72:5f:e9:b8:ff:
                    c3:a4:e0:33:05:71:39:c0:a7:03:44:a6:9b:2c:83:
                    06:25:e1:1d:0b:22:35:87:61:ee:11:ff:49:77:db:
                    70:d3:89:b4:d4:1e:a2:8e:72:f8:10:4c:1b:eb:37:
                    d3:06:54:d9:0c:44:15:95:4c:e3:ca:de:3a:47:38:
                    c5:b7:61:9c:4e:b0:b7:21:79:47:a9:a1:e1:01:ae:
                    4f:ff:9e:f3:97:7d:9e:1e:dd:f7:65:80:69:ae:33:
                    63:51:32:38:16:70:ea:f8:bc:48:17:b3:1f:7c:5f:
                    0a:c3:70:83:6e:de:12:56:c1:60:04:83:49:29:07:
                    ad:02:2c:4a:c0:bf:7a:59:db:92:cb:47:30:14:b8:
                    87:82:6c:c5:0d:ca:aa:a9:06:3b:66:31:86:52:4d:
                    c2:4b:ab:93:cc:a5:6b:fa:61:31:32:73:eb:73:ff:
                    b2:93:31:25:7f:10:a4:30:9e:cb:42:91:62:86:75:
                    e1:48:4d:bf:20:5e:54:6a:25:48:39:6d:d3:c2:54:
                    0a:f2:54:31:e2:01:b1:6e:64:59:d2:ad:41:93:ba:
                    ff:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:B0:6B:5D:C3:83:20:8D:24:B4:8B:59:E6:A5:2D:DA:AA:70:9C:3A
            X509v3 Authority Key Identifier:
                keyid:40:C5:13:03:49:11:81:11:88:EE:68:87:BB:01:09:1E:1F:E7:EE:0D

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.co/repo/Simple/1/40C513034911811188EE6887BB01091E1FE7EE0D.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.co/repo/AS945/1/40C513034911811188EE6887BB01091E1FE7EE0D.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.co/repo/Simple/1/326131323a646434363a316666663a3a2f34382d3438203d3e20323136313233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a12:dd46:1fff::/48

    Signature Algorithm: sha256WithRSAEncryption
         c0:98:9e:d1:af:6b:4f:c1:b5:5c:27:85:b2:b2:78:35:cf:d3:
         c6:6d:b2:13:1b:cb:18:23:2f:e2:f1:4a:d9:20:86:a1:81:ab:
         37:19:26:24:59:cb:e4:bd:12:fd:06:5a:d7:70:ad:53:6c:03:
         0f:07:d6:cc:65:28:99:3f:d1:6d:5e:51:3b:5a:05:fc:b8:45:
         51:48:9d:b0:41:87:32:40:6a:68:ed:77:d5:27:6c:43:de:43:
         9c:be:88:38:44:75:d6:32:7f:58:a8:6d:45:3f:9d:0f:f0:bd:
         ad:81:a2:bd:e2:0e:2a:c6:60:1c:9e:88:fe:0d:aa:62:fb:3e:
         e4:a6:9c:8c:93:c8:e1:03:a3:33:a6:94:98:df:d1:c5:4b:fc:
         77:23:a7:ef:2b:db:50:bb:c5:d2:d8:74:20:bf:99:cd:c4:4b:
         bc:e7:d5:0c:4b:8a:80:86:62:56:38:81:4d:73:9d:8e:ff:70:
         30:68:a9:ec:de:ca:ec:7f:32:37:78:f2:4b:36:f2:0f:21:92:
         c9:08:1a:e2:63:8c:d8:3d:5d:df:d0:23:51:1a:9a:cd:00:46:
         23:cd:cb:b5:ea:d7:58:fb:78:3e:91:2c:5d:87:0c:20:46:13:
         56:a9:e0:9a:54:7c:ee:76:c0:a2:77:3f:55:db:aa:e3:ca:51:
         c5:91:56:69
-----BEGIN CERTIFICATE-----
MIIEzDCCA7SgAwIBAgIUND7OJNIcfiJQUJl7e1ySxaeBjccwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDBDNTEzMDM0OTExODExMTg4RUU2ODg3QkIwMTA5MUUx
RkU3RUUwRDAeFw0yMzExMDMxMjA2MzlaFw0yNDExMDExMjExMzlaMDMxMTAvBgNV
BAMTKEFCQjA2QjVEQzM4MzIwOEQyNEI0OEI1OUU2QTUyRERBQUE3MDlDM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/S6Gd1fZpK9X+CDAAJ4zKDqFI
0JA1+Woc0m/AjfZidvmZ7fdu6O1yX+m4/8Ok4DMFcTnApwNEppssgwYl4R0LIjWH
Ye4R/0l323DTibTUHqKOcvgQTBvrN9MGVNkMRBWVTOPK3jpHOMW3YZxOsLcheUep
oeEBrk//nvOXfZ4e3fdlgGmuM2NRMjgWcOr4vEgXsx98XwrDcINu3hJWwWAEg0kp
B60CLErAv3pZ25LLRzAUuIeCbMUNyqqpBjtmMYZSTcJLq5PMpWv6YTEyc+tz/7KT
MSV/EKQwnstCkWKGdeFITb8gXlRqJUg5bdPCVAryVDHiAbFuZFnSrUGTuv/RAgMB
AAGjggHWMIIB0jAdBgNVHQ4EFgQUq7BrXcODII0ktItZ5qUt2qpwnDowHwYDVR0j
BBgwFoAUQMUTA0kRgRGI7miHuwEJHh/n7g0wDgYDVR0PAQH/BAQDAgeAMFsGA1Ud
HwRUMFIwUKBOoEyGSnJzeW5jOi8vcnBraS5jby9yZXBvL1NpbXBsZS8xLzQwQzUx
MzAzNDkxMTgxMTE4OEVFNjg4N0JCMDEwOTFFMUZFN0VFMEQuY3JsMGUGCCsGAQUF
BwEBBFkwVzBVBggrBgEFBQcwAoZJcnN5bmM6Ly9ycGtpLmNvL3JlcG8vQVM5NDUv
MS80MEM1MTMwMzQ5MTE4MTExODhFRTY4ODdCQjAxMDkxRTFGRTdFRTBELmNlcjB+
BggrBgEFBQcBCwRyMHAwbgYIKwYBBQUHMAuGYnJzeW5jOi8vcnBraS5jby9yZXBv
L1NpbXBsZS8xLzMyNjEzMTMyM2E2NDY0MzQzNjNhMzE2NjY2NjYzYTNhMmYzNDM4
MmQzNDM4MjAzZDNlMjAzMjMxMzYzMTMyMzMucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqEt1GH/8wDQYJ
KoZIhvcNAQELBQADggEBAMCYntGva0/BtVwnhbKyeDXP08ZtshMbyxgjL+LxStkg
hqGBqzcZJiRZy+S9Ev0GWtdwrVNsAw8H1sxlKJk/0W1eUTtaBfy4RVFInbBBhzJA
amjtd9UnbEPeQ5y+iDhEddYyf1iobUU/nQ/wva2Bor3iDirGYByeiP4NqmL7PuSm
nIyTyOEDozOmlJjf0cVL/Hcjp+8r21C7xdLYdCC/mc3ES7zn1QxLioCGYlY4gU1z
nY7/cDBoqezeyux/Mjd48ks28g8hkskIGuJjjNg9Xd/QI1Eams0ARiPNy7Xq11j7
eD6RLF2HDCBGE1ap4JpUfO52wKJ3P1XbquPKUcWRVmk=
-----END CERTIFICATE-----
Generated at Fri Jun 14 12:00:30 2024 by rpki-client on console-ams.rpki-client.org