Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS131477.roa
File:                     AS131477.roa (raw, json)
Hash identifier:          jTFnLrXpIjDFaiL7HQA9araGrBI2n5XXnDDUoxmN8SQ=
Subject key identifier:   03:DC:D2:13:66:3D:97:71:C1:06:6E:36:20:7E:DE:33:88:CB:D0:2C
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       46DEE20FC4B14188284BE95EBCCF59AC89650B3F
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS131477.roa
Signing time:             Wed 20 Dec 2023 21:30:08 +0000
ROA not before:           Wed 20 Dec 2023 21:25:08 +0000
ROA not after:            Wed 18 Dec 2024 21:30:08 +0000
asID:                     131477
IP address blocks:        2a0b:4340:530::/44 maxlen: 48
                          2a0b:4340:540::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 08 May 2024 05:00:56 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            46:de:e2:0f:c4:b1:41:88:28:4b:e9:5e:bc:cf:59:ac:89:65:0b:3f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Dec 20 21:25:08 2023 GMT
            Not After : Dec 18 21:30:08 2024 GMT
        Subject: CN=03DCD213663D9771C1066E36207EDE3388CBD02C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c5:eb:f5:dd:29:e5:3a:e2:44:1b:18:08:2c:22:
                    df:62:8b:13:bc:00:59:ec:25:f4:c4:bf:7d:bc:3b:
                    44:b4:d5:1a:03:e4:52:4e:4f:ad:63:f6:d9:3a:17:
                    db:65:80:0a:23:c6:6b:d4:c1:93:c5:0f:71:4a:bc:
                    03:35:c1:e3:1c:ca:81:e8:37:64:ba:26:c6:ef:a7:
                    9b:32:bf:97:f9:4d:e4:a5:6a:07:e5:3e:d8:db:26:
                    8a:59:f1:5e:18:7b:28:88:f8:11:3d:9d:74:14:32:
                    d6:7b:3b:52:d2:90:88:00:e2:88:15:b9:ba:b6:73:
                    f8:9d:a6:5c:7b:4e:16:19:79:7e:8d:67:2f:ff:ef:
                    01:56:52:e4:71:b6:6a:b0:38:45:31:64:9a:24:f0:
                    b3:28:f7:62:ae:b0:f9:67:0f:5b:1e:f5:43:12:83:
                    6b:97:73:3e:e8:c9:6e:ca:cb:01:75:c1:f9:92:28:
                    6c:4a:fa:a4:4e:9b:8d:f4:e1:af:32:20:6f:23:91:
                    7f:a8:48:5b:bd:1d:cd:b2:b4:9a:d0:1f:2f:c4:1c:
                    df:28:84:7b:a5:5b:c3:72:7d:00:33:4f:b7:56:40:
                    b6:84:04:ae:45:71:a2:c1:38:23:f5:5b:ca:8e:ff:
                    e9:41:db:61:04:ca:f6:15:5d:2f:d1:f3:4b:28:e8:
                    42:6f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:DC:D2:13:66:3D:97:71:C1:06:6E:36:20:7E:DE:33:88:CB:D0:2C
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS131477.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4340:530::-2a0b:4340:54f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         55:36:3d:02:11:6a:e8:5a:fc:8a:9d:e5:24:62:c4:f3:4b:99:
         b1:0b:48:7f:3d:c5:ec:ac:fd:5e:9a:15:b4:a6:98:a1:56:14:
         cc:a3:6b:41:b3:e6:db:21:3b:64:83:ae:d3:cd:25:12:a0:7f:
         7d:67:30:e5:96:f0:b5:c7:2e:6e:24:51:72:09:77:c7:ee:e5:
         08:57:36:36:35:f3:0d:88:2f:da:e4:d3:01:15:dd:19:39:42:
         39:11:37:db:23:45:79:c9:83:e4:bd:94:12:33:16:a2:4f:2f:
         48:9a:b7:c9:11:c7:3f:59:23:1e:95:a9:88:cd:aa:b6:c3:43:
         68:39:9f:db:fa:cb:4f:8d:2b:23:fe:55:e5:9e:f4:bc:57:55:
         9d:40:4b:f1:18:9b:24:8b:0d:5c:ea:ba:d5:97:68:80:bf:39:
         88:fa:8a:62:40:c5:87:f6:6d:2b:00:7b:a9:c0:0d:77:da:9a:
         a4:f1:8c:ef:c0:25:4e:e9:21:75:8b:28:80:6d:e4:67:b0:bd:
         ed:2e:3c:2a:37:09:30:94:ab:1a:5a:f7:50:65:bf:d8:40:7e:
         68:aa:d4:98:eb:3e:8f:9b:3f:f8:c3:25:80:a5:6d:7e:dd:cb:
         06:34:89:84:83:05:16:4e:68:89:75:6e:2b:e5:a1:17:39:f0:
         3b:16:e2:4d
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIURt7iD8SxQYgoS+levM9ZrIllCz8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMjAyMTI1MDhaFw0yNDEyMTgyMTMwMDhaMDMxMTAvBgNV
BAMTKDAzRENEMjEzNjYzRDk3NzFDMTA2NkUzNjIwN0VERTMzODhDQkQwMkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDF6/XdKeU64kQbGAgsIt9iixO8
AFnsJfTEv328O0S01RoD5FJOT61j9tk6F9tlgAojxmvUwZPFD3FKvAM1weMcyoHo
N2S6Jsbvp5syv5f5TeSlagflPtjbJopZ8V4YeyiI+BE9nXQUMtZ7O1LSkIgA4ogV
ubq2c/idplx7ThYZeX6NZy//7wFWUuRxtmqwOEUxZJok8LMo92KusPlnD1se9UMS
g2uXcz7oyW7KywF1wfmSKGxK+qROm4304a8yIG8jkX+oSFu9Hc2ytJrQHy/EHN8o
hHulW8NyfQAzT7dWQLaEBK5FcaLBOCP1W8qO/+lB22EEyvYVXS/R80so6EJvAgMB
AAGjggG0MIIBsDAdBgNVHQ4EFgQUA9zSE2Y9l3HBBm42IH7eM4jL0CwwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEwGCCsGAQUFBwELBEAwPjA8BggrBgEFBQcwC4YwcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMxMzE0Nzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgACMBQwEgMHBCoLQ0AF
MAMHBCoLQ0AFQDANBgkqhkiG9w0BAQsFAAOCAQEAVTY9AhFq6Fr8ip3lJGLE80uZ
sQtIfz3F7Kz9XpoVtKaYoVYUzKNrQbPm2yE7ZIOu080lEqB/fWcw5ZbwtccubiRR
cgl3x+7lCFc2NjXzDYgv2uTTARXdGTlCORE32yNFecmD5L2UEjMWok8vSJq3yRHH
P1kjHpWpiM2qtsNDaDmf2/rLT40rI/5V5Z70vFdVnUBL8RibJIsNXOq61ZdogL85
iPqKYkDFh/ZtKwB7qcANd9qapPGM78AlTukhdYsogG3kZ7C97S48KjcJMJSrGlr3
UGW/2EB+aKrUmOs+j5s/+MMlgKVtft3LBjSJhIMFFk5oiXVuK+WhFznwOxbiTQ==
-----END CERTIFICATE-----