Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS131477.roa
File:                     AS131477.roa (raw, json)
Hash identifier:          RGTaw97BizLnd7Qw2MQ68jw7INF/TAkUcBmGgkwpss8=
Subject key identifier:   C3:87:25:D0:6D:48:07:01:A4:9F:D2:F6:F7:91:E3:38:12:6C:2E:29
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       6299E16583B6D7C5B28A5B070991418B3BFBBBCD
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS131477.roa
Signing time:             Wed 22 Oct 2025 21:31:22 +0000
ROA not before:           Wed 22 Oct 2025 21:26:22 +0000
ROA not after:            Wed 21 Oct 2026 21:31:22 +0000
asID:                     131477
IP address blocks:        2a0b:4340:530::/44 maxlen: 48
                          2a0b:4340:540::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 23 Oct 2025 22:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:99:e1:65:83:b6:d7:c5:b2:8a:5b:07:09:91:41:8b:3b:fb:bb:cd
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Oct 22 21:26:22 2025 GMT
            Not After : Oct 21 21:31:22 2026 GMT
        Subject: CN=C38725D06D480701A49FD2F6F791E338126C2E29
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:7d:a1:1f:7c:f3:83:54:96:a0:28:b3:13:61:
                    f2:80:0e:c2:64:56:a9:09:36:b1:23:4d:22:12:e1:
                    99:5e:5e:b2:63:36:a1:11:cf:94:c5:df:58:9e:cb:
                    63:3d:2f:cf:2b:2e:4d:41:0c:1e:bd:21:d0:30:21:
                    ef:d1:2d:62:c9:c4:ed:a6:4b:60:f0:fb:df:3d:e7:
                    1d:64:b6:6f:c4:d8:c6:74:61:bb:d9:fb:87:33:70:
                    68:82:12:1e:66:f4:19:2d:cd:43:c5:26:28:00:95:
                    d1:8f:6a:5b:b5:fd:0d:e7:b7:1a:c8:bc:bc:7c:9c:
                    b6:3b:52:d6:5d:3e:2f:0f:ba:87:8d:c3:89:96:90:
                    7c:ab:3a:d2:a6:ef:bf:b4:b9:ab:f7:05:a8:99:d9:
                    61:5c:cc:2c:da:10:c1:c0:0e:64:9e:ec:80:31:21:
                    4f:f1:3b:12:d8:96:6d:0c:49:a3:3e:bd:3b:77:ff:
                    3c:2f:dd:50:bc:5c:b6:51:a3:a3:3f:35:da:21:6b:
                    be:e7:e2:8d:ff:1b:09:0c:50:f5:96:b0:52:a7:01:
                    2b:e7:ef:5e:f2:12:00:2d:ea:66:c0:44:39:84:31:
                    39:02:bd:81:3a:c3:06:11:61:7e:b9:b0:c1:e4:00:
                    7d:8b:fd:c6:30:ee:3a:a7:08:85:3f:74:30:8a:ca:
                    be:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C3:87:25:D0:6D:48:07:01:A4:9F:D2:F6:F7:91:E3:38:12:6C:2E:29
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS131477.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4340:530::-2a0b:4340:54f:ffff:ffff:ffff:ffff:ffff

    Signature Algorithm: sha256WithRSAEncryption
         1a:1c:5c:aa:45:79:e8:3e:97:3f:65:8c:eb:6f:96:4c:64:0f:
         84:c2:33:63:ab:04:e6:ef:39:b8:b3:31:5f:c3:97:7a:db:e0:
         3d:0f:b3:8c:e3:e3:a4:29:0b:ac:1d:2e:50:28:8c:20:4c:21:
         98:41:7e:2d:c7:84:cf:12:65:cc:f4:8f:22:6b:aa:f9:a2:c6:
         ee:8c:43:e1:06:ba:9d:de:c9:b0:01:91:e1:d4:7e:17:e6:65:
         19:41:1c:eb:cb:64:d7:49:19:be:82:b8:d0:18:96:53:9e:7a:
         d9:36:d1:2b:5c:e3:2b:c5:68:a1:ff:04:0f:12:d6:75:66:15:
         e6:41:97:f9:f7:33:a3:24:ce:76:33:0e:7d:56:e7:97:04:a1:
         56:6e:4c:ab:db:a7:5d:cc:96:b0:57:53:8d:25:2e:44:a3:8b:
         ae:97:d6:53:83:a5:b0:b8:6a:39:14:63:4a:60:4f:8f:a1:59:
         c1:a2:d5:5c:25:37:83:f0:a2:ec:c6:3c:35:24:1d:1f:04:68:
         cd:2f:99:b9:2c:8b:41:64:19:40:64:a8:e2:f7:cc:9d:01:ed:
         5a:65:cd:1b:9f:8f:98:dd:55:bd:b9:b6:90:74:32:1e:c9:72:
         68:0c:49:6b:9f:5c:42:8f:bd:60:b5:ed:07:51:ab:90:7e:82:
         70:d6:75:07
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIUYpnhZYO218WyilsHCZFBizv7u80wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNTEwMjIyMTI2MjJaFw0yNjEwMjEyMTMxMjJaMDMxMTAvBgNV
BAMTKEMzODcyNUQwNkQ0ODA3MDFBNDlGRDJGNkY3OTFFMzM4MTI2QzJFMjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvfaEffPODVJagKLMTYfKADsJk
VqkJNrEjTSIS4ZleXrJjNqERz5TF31iey2M9L88rLk1BDB69IdAwIe/RLWLJxO2m
S2Dw+9895x1ktm/E2MZ0YbvZ+4czcGiCEh5m9BktzUPFJigAldGPalu1/Q3ntxrI
vLx8nLY7UtZdPi8PuoeNw4mWkHyrOtKm77+0uav3BaiZ2WFczCzaEMHADmSe7IAx
IU/xOxLYlm0MSaM+vTt3/zwv3VC8XLZRo6M/Ndoha77n4o3/GwkMUPWWsFKnASvn
717yEgAt6mbARDmEMTkCvYE6wwYRYX65sMHkAH2L/cYw7jqnCIU/dDCKyr7BAgMB
AAGjggG0MIIBsDAdBgNVHQ4EFgQUw4cl0G1IBwGkn9L295HjOBJsLikwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEwGCCsGAQUFBwELBEAwPjA8BggrBgEFBQcwC4YwcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMxMzE0Nzcucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgACMBQwEgMHBCoLQ0AF
MAMHBCoLQ0AFQDANBgkqhkiG9w0BAQsFAAOCAQEAGhxcqkV56D6XP2WM62+WTGQP
hMIzY6sE5u85uLMxX8OXetvgPQ+zjOPjpCkLrB0uUCiMIEwhmEF+LceEzxJlzPSP
Imuq+aLG7oxD4Qa6nd7JsAGR4dR+F+ZlGUEc68tk10kZvoK40BiWU5562TbRK1zj
K8Voof8EDxLWdWYV5kGX+fczoyTOdjMOfVbnlwShVm5Mq9unXcyWsFdTjSUuRKOL
rpfWU4OlsLhqORRjSmBPj6FZwaLVXCU3g/Ci7MY8NSQdHwRozS+ZuSyLQWQZQGSo
4vfMnQHtWmXNG5+PmN1Vvbm2kHQyHslyaAxJa59cQo+9YLXtB1GrkH6CcNZ1Bw==
-----END CERTIFICATE-----