Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS997.roa
File:                     AS997.roa (raw, json)
Hash identifier:          CDJQnoOLi2tyWviTrxUOtkyrmQhXc6Dx7qAynxEWmWA=
Subject key identifier:   6C:08:44:C6:82:59:C5:DF:B9:B5:B9:8C:BD:1E:1E:1E:2B:11:4B:2E
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       6B8E7ED2871649E665E737BF9DA581E7126AE140
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS997.roa
Signing time:             Fri 07 Feb 2025 08:30:43 +0000
ROA not before:           Fri 07 Feb 2025 08:25:43 +0000
ROA not after:            Fri 06 Feb 2026 08:30:43 +0000
asID:                     997
IP address blocks:        93.93.244.0/22 maxlen: 24
                          93.93.246.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 06 Apr 2025 04:00:49 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:8e:7e:d2:87:16:49:e6:65:e7:37:bf:9d:a5:81:e7:12:6a:e1:40
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Feb  7 08:25:43 2025 GMT
            Not After : Feb  6 08:30:43 2026 GMT
        Subject: CN=6C0844C68259C5DFB9B5B98CBD1E1E1E2B114B2E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:c5:11:ef:cc:6f:8b:72:64:db:1c:f4:5f:bd:
                    f5:86:52:f9:d6:ea:97:5d:27:e0:70:7c:7c:01:38:
                    5e:cf:b5:f4:b2:b8:56:6b:a5:27:38:1a:35:63:04:
                    d9:90:f5:cd:fc:df:34:93:01:52:df:f1:68:f8:5f:
                    5e:28:30:eb:89:81:1e:12:12:5d:7c:33:50:a9:de:
                    df:a6:21:10:9b:bc:d0:77:cf:5f:51:67:c2:3c:0e:
                    af:f9:24:b7:b7:03:18:1c:b3:f8:84:35:d4:80:39:
                    43:d7:34:92:80:a0:10:66:4d:fa:8e:8b:f6:f6:07:
                    59:f5:6a:19:53:5c:d6:ec:c4:ef:2d:9b:9c:b5:30:
                    9e:26:7c:e4:38:6c:d7:c8:20:74:65:4e:91:62:1b:
                    71:fd:c5:8e:13:51:4c:30:c4:ab:37:47:2f:d3:11:
                    18:b2:08:f0:e5:b1:8f:65:53:08:16:a5:22:dd:af:
                    07:dd:13:a6:a9:a4:df:3b:35:c5:0a:b4:4b:6d:9e:
                    60:b3:10:c8:bb:d1:42:90:c9:60:85:55:88:69:c0:
                    86:68:88:5f:09:c7:12:9f:7f:c5:6e:e2:fb:2c:f3:
                    3c:e7:8c:cb:4b:f4:ba:6a:4c:9f:3e:f4:7b:d0:4c:
                    8e:d6:6a:b8:5d:a4:20:2d:e0:87:7b:fb:90:43:3a:
                    37:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6C:08:44:C6:82:59:C5:DF:B9:B5:B9:8C:BD:1E:1E:1E:2B:11:4B:2E
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS997.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.93.244.0/22

    Signature Algorithm: sha256WithRSAEncryption
         13:ec:a1:3c:95:a6:4f:e6:d6:e6:8e:39:62:2e:47:46:c5:a8:
         8e:03:97:f5:6e:05:17:db:21:d4:c6:87:fb:f7:ab:61:34:a8:
         c0:6f:13:88:f1:ce:be:57:83:41:4a:36:46:8f:0d:c4:ef:ef:
         9c:68:41:46:be:00:db:40:0b:97:d0:9c:62:9c:eb:28:0f:cf:
         6b:e5:37:ec:b4:c5:3f:37:f4:27:a1:47:c6:5f:85:c2:cc:3c:
         4d:a4:74:8d:4f:ef:12:04:67:46:2a:86:60:c6:d9:53:09:3c:
         98:65:53:35:56:ac:22:14:e8:c0:27:81:86:8a:f0:df:43:eb:
         bd:7b:eb:5f:52:7f:80:69:66:1d:8d:67:78:ed:2f:77:df:64:
         20:d4:98:8c:9a:df:b2:06:ef:ec:2c:dd:90:cf:d4:85:e1:36:
         c5:e1:f1:7c:d3:76:93:38:ea:86:62:57:f9:81:ce:db:9e:d8:
         a9:46:c9:5b:f2:5e:29:32:f1:2e:6d:c9:2c:21:1c:ce:78:c6:
         42:36:89:a2:98:81:50:fd:9c:36:ae:51:25:2a:e8:bd:84:3d:
         7f:67:99:11:4b:51:ec:e5:0c:ee:c3:96:3b:0d:f7:96:4b:88:
         fb:34:ba:1c:4f:2c:00:a4:ba:2c:e6:00:f4:72:f5:76:e3:c8:
         f4:f8:c4:81
-----BEGIN CERTIFICATE-----
MIIEmTCCA4GgAwIBAgIUa45+0ocWSeZl5ze/naWB5xJq4UAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNTAyMDcwODI1NDNaFw0yNjAyMDYwODMwNDNaMDMxMTAvBgNV
BAMTKDZDMDg0NEM2ODI1OUM1REZCOUI1Qjk4Q0JEMUUxRTFFMkIxMTRCMkUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzxRHvzG+LcmTbHPRfvfWGUvnW
6pddJ+BwfHwBOF7PtfSyuFZrpSc4GjVjBNmQ9c383zSTAVLf8Wj4X14oMOuJgR4S
El18M1Cp3t+mIRCbvNB3z19RZ8I8Dq/5JLe3Axgcs/iENdSAOUPXNJKAoBBmTfqO
i/b2B1n1ahlTXNbsxO8tm5y1MJ4mfOQ4bNfIIHRlTpFiG3H9xY4TUUwwxKs3Ry/T
ERiyCPDlsY9lUwgWpSLdrwfdE6appN87NcUKtEttnmCzEMi70UKQyWCFVYhpwIZo
iF8JxxKff8Vu4vss8zznjMtL9LpqTJ8+9HvQTI7WarhdpCAt4Id7+5BDOjdlAgMB
AAGjggGjMIIBnzAdBgNVHQ4EFgQUbAhExoJZxd+5tbmMvR4eHisRSy4wHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEkGCCsGAQUFBwELBD0wOzA5BggrBgEFBQcwC4YtcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM5OTcucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJdXfQwDQYJKoZI
hvcNAQELBQADggEBABPsoTyVpk/m1uaOOWIuR0bFqI4Dl/VuBRfbIdTGh/v3q2E0
qMBvE4jxzr5Xg0FKNkaPDcTv75xoQUa+ANtAC5fQnGKc6ygPz2vlN+y0xT839Ceh
R8ZfhcLMPE2kdI1P7xIEZ0YqhmDG2VMJPJhlUzVWrCIU6MAngYaK8N9D6717619S
f4BpZh2NZ3jtL3ffZCDUmIya37IG7+ws3ZDP1IXhNsXh8XzTdpM46oZiV/mBztue
2KlGyVvyXiky8S5tySwhHM54xkI2iaKYgVD9nDauUSUq6L2EPX9nmRFLUezlDO7D
ljsN95ZLiPs0uhxPLACkuizmAPRy9XbjyPT4xIE=
-----END CERTIFICATE-----