How to use the bless.ssh.certificate_authorities.rsa_certificate_authority.RSACertificateAuthority function in bless

def get_basic_rsa_ca():
    return RSACertificateAuthority(RSA_CA_PRIVATE_KEY, RSA_CA_PRIVATE_KEY_PASSWORD)

def test_valid_key_valid_password():
    ca = get_ssh_certificate_authority(RSA_CA_PRIVATE_KEY, RSA_CA_PRIVATE_KEY_PASSWORD)
    assert isinstance(ca, RSACertificateAuthority)
    assert SSHPublicKeyType.RSA == ca.public_key_type
    assert 65537 == ca.e
    assert ca.get_signature_key() == RSA_CA_SSH_PUBLIC_KEY

def get_ssh_certificate_authority(private_key, password=None):
    """
    Returns the proper SSHCertificateAuthority instance based off the private_key type.
    :param private_key: ASCII bytes of an SSH compatible Private Key (e.g., PEM or SSH Protocol 2 Private Key).
    It should be encrypted with a password, but that is not required.
    :param password: ASCII bytes of the Password to decrypt the Private Key, if it is encrypted.  Which it should be.
    :return: An SSHCertificateAuthority instance.
    """
    if private_key.decode('ascii').startswith(SSHCertificateAuthorityPrivateKeyType.RSA):
        return RSACertificateAuthority(private_key, password)
    else:
        raise TypeError("Unsupported CA Private Key Type")