Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS41780.roa
File:                     AS41780.roa (raw, json)
Hash identifier:          iLoz3GzAffzxYM2hmKIdHeyLscz5rD5+6idSYOvQksw=
Subject key identifier:   9F:5E:ED:83:6F:19:B3:A7:96:26:85:7C:C6:18:99:9C:BF:53:9D:63
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       715A00D1BE53299CC4146658E1DE5EF34F3B2BC3
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS41780.roa
Signing time:             Wed 20 Dec 2023 21:30:07 +0000
ROA not before:           Wed 20 Dec 2023 21:25:07 +0000
ROA not after:            Wed 18 Dec 2024 21:30:07 +0000
asID:                     41780
IP address blocks:        2a0b:4340:40::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 01 Nov 2024 13:28:01 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            71:5a:00:d1:be:53:29:9c:c4:14:66:58:e1:de:5e:f3:4f:3b:2b:c3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Dec 20 21:25:07 2023 GMT
            Not After : Dec 18 21:30:07 2024 GMT
        Subject: CN=9F5EED836F19B3A79626857CC618999CBF539D63
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:24:37:78:74:18:09:44:9d:98:67:27:23:0c:
                    a6:08:74:03:eb:a1:6f:2b:31:99:60:2a:d3:9e:5e:
                    14:6b:2f:1e:8b:d4:07:f5:4a:b6:b5:de:1f:6b:05:
                    f1:2e:28:04:15:e6:10:e5:bc:9f:b2:c4:cd:6a:c8:
                    7f:d4:eb:06:d7:49:20:7f:4e:c8:d3:8b:28:b8:66:
                    09:4f:7d:b8:fa:7d:9c:e6:f8:7c:42:06:cb:e1:d4:
                    3c:72:b2:4c:4f:fa:33:98:0d:3e:8b:11:ad:4f:bf:
                    d2:89:a9:47:56:f5:c2:e4:26:b6:5f:36:fa:ad:8f:
                    c3:3a:4f:61:05:1e:50:b7:cd:f8:0f:35:6d:86:14:
                    80:f4:15:25:8c:d2:53:30:ba:12:2d:e7:77:73:53:
                    84:be:e0:e1:a7:8d:14:bc:0f:3a:d0:f1:2e:b9:5e:
                    05:4a:89:41:35:45:4c:39:71:1a:fd:e4:8c:34:bb:
                    b7:77:0d:32:43:f8:ea:4b:cb:42:ed:fc:09:44:14:
                    8e:92:00:bd:b9:30:9e:0b:3b:a3:4d:44:88:7d:b0:
                    b1:4e:79:4b:30:4a:7d:f9:3e:f0:86:a8:d5:df:ba:
                    a8:3e:da:ac:c5:d8:62:e4:17:c6:f2:0f:10:06:9e:
                    c3:7a:98:3a:90:39:26:d9:ba:eb:b1:b0:84:e4:37:
                    00:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:5E:ED:83:6F:19:B3:A7:96:26:85:7C:C6:18:99:9C:BF:53:9D:63
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS41780.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4340:40::/44

    Signature Algorithm: sha256WithRSAEncryption
         6e:6c:f5:10:b3:fe:ad:7c:a3:0c:2b:71:5c:d4:0c:0e:d0:b2:
         ec:5b:bd:2b:b5:23:d9:87:ce:7f:1f:b2:6a:30:60:f5:b8:1a:
         d3:fc:1f:f5:6d:ce:e2:13:30:4b:1c:20:93:87:4e:c1:e4:eb:
         07:89:5c:30:a9:e4:af:04:fb:50:75:a1:54:4b:05:3b:6a:0f:
         2c:a8:05:2f:9e:1f:0c:6e:2b:1f:9a:8d:31:c4:17:8c:5f:82:
         6d:05:b9:1f:74:b8:35:4f:2e:00:15:1c:cc:81:e8:28:2f:26:
         a5:8d:57:54:24:26:df:7e:e7:2f:a9:a2:35:71:05:c2:f3:1a:
         59:fc:59:e8:db:58:5b:71:31:bf:0d:57:89:4f:3c:58:d3:1d:
         47:04:8c:8b:4f:f1:63:6f:90:39:cd:9d:45:69:b8:35:07:d3:
         99:a1:6b:9a:3e:09:02:7d:b9:e5:24:66:87:b2:7f:b3:ed:5d:
         9f:3f:b3:e7:ff:13:ac:33:3e:79:fb:ae:3e:e1:35:dc:a7:2d:
         41:86:80:c4:ef:cd:4e:4a:1f:9b:a3:5f:22:5b:29:b3:6e:d4:
         13:7b:6d:87:1f:6e:9d:53:93:30:0a:e1:39:d8:cb:0e:05:a3:
         82:54:f2:c5:9b:bd:9f:7d:41:e1:c5:74:93:12:3c:2e:57:3b:
         0e:48:b9:b9
-----BEGIN CERTIFICATE-----
MIIEnjCCA4agAwIBAgIUcVoA0b5TKZzEFGZY4d5e8087K8MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMjAyMTI1MDdaFw0yNDEyMTgyMTMwMDdaMDMxMTAvBgNV
BAMTKDlGNUVFRDgzNkYxOUIzQTc5NjI2ODU3Q0M2MTg5OTlDQkY1MzlENjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtJDd4dBgJRJ2YZycjDKYIdAPr
oW8rMZlgKtOeXhRrLx6L1Af1Sra13h9rBfEuKAQV5hDlvJ+yxM1qyH/U6wbXSSB/
TsjTiyi4ZglPfbj6fZzm+HxCBsvh1DxyskxP+jOYDT6LEa1Pv9KJqUdW9cLkJrZf
Nvqtj8M6T2EFHlC3zfgPNW2GFID0FSWM0lMwuhIt53dzU4S+4OGnjRS8DzrQ8S65
XgVKiUE1RUw5cRr95Iw0u7d3DTJD+OpLy0Lt/AlEFI6SAL25MJ4LO6NNRIh9sLFO
eUswSn35PvCGqNXfuqg+2qzF2GLkF8byDxAGnsN6mDqQOSbZuuuxsITkNwCDAgMB
AAGjggGoMIIBpDAdBgNVHQ4EFgQUn17tg28Zs6eWJoV8xhiZnL9TnWMwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM0MTc4MC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoLQ0AAQDAN
BgkqhkiG9w0BAQsFAAOCAQEAbmz1ELP+rXyjDCtxXNQMDtCy7Fu9K7Uj2YfOfx+y
ajBg9bga0/wf9W3O4hMwSxwgk4dOweTrB4lcMKnkrwT7UHWhVEsFO2oPLKgFL54f
DG4rH5qNMcQXjF+CbQW5H3S4NU8uABUczIHoKC8mpY1XVCQm337nL6miNXEFwvMa
WfxZ6NtYW3Exvw1XiU88WNMdRwSMi0/xY2+QOc2dRWm4NQfTmaFrmj4JAn255SRm
h7J/s+1dnz+z5/8TrDM+efuuPuE13KctQYaAxO/NTkofm6NfIlsps27UE3tthx9u
nVOTMArhOdjLDgWjglTyxZu9n31B4cV0kxI8Llc7Dki5uQ==
-----END CERTIFICATE-----