Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS14618.roa
File:                     AS14618.roa (raw, json)
Hash identifier:          Ldgc443HsdTW3amzezt6wTwBy1Q7rbaMvXc57ASQCLo=
Subject key identifier:   94:0A:F6:B7:F7:39:38:40:D2:EC:EC:3C:21:7E:AF:11:76:C0:23:78
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       4BEDFA159076A32CB610C93210887D19A69301A0
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS14618.roa
Signing time:             Mon 20 Oct 2025 16:48:47 +0000
ROA not before:           Mon 20 Oct 2025 16:43:47 +0000
ROA not after:            Mon 19 Oct 2026 16:48:47 +0000
asID:                     14618
IP address blocks:        45.142.245.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 24 Oct 2025 02:07:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4b:ed:fa:15:90:76:a3:2c:b6:10:c9:32:10:88:7d:19:a6:93:01:a0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Oct 20 16:43:47 2025 GMT
            Not After : Oct 19 16:48:47 2026 GMT
        Subject: CN=940AF6B7F7393840D2ECEC3C217EAF1176C02378
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:20:c8:93:a4:b1:ad:60:36:d3:b2:d0:19:c1:
                    50:bb:d6:8f:f7:4e:07:b8:33:cf:8e:14:f0:bd:af:
                    12:46:b0:4d:fc:5a:0d:1f:19:f1:6b:fd:dc:5a:51:
                    79:af:02:7e:77:3f:6d:d1:40:39:c8:60:18:b7:bc:
                    1b:c3:40:df:7e:6b:b8:81:e7:54:bd:4b:ae:20:3b:
                    a6:56:67:d8:91:10:3a:fb:0e:12:ee:ab:8f:05:b5:
                    0b:53:a0:f9:57:82:8e:6c:b7:ea:46:0d:b6:ce:b4:
                    06:22:1a:91:f1:7e:3e:bb:44:35:22:9c:4a:8c:78:
                    5f:78:2f:10:32:b7:77:b5:11:04:84:0d:05:51:cc:
                    98:b7:b5:78:9b:84:d8:8f:a7:d8:f4:2c:76:28:e5:
                    e9:f2:6a:96:13:24:cd:a3:ce:3b:67:56:3b:71:62:
                    3a:e1:52:4b:f2:b5:e9:00:46:33:64:cd:10:29:74:
                    b6:6b:36:84:35:a4:f2:b0:38:4d:8f:a3:4e:18:69:
                    9a:72:4b:9e:c8:55:15:7b:a5:dc:ef:da:25:c5:c5:
                    b5:78:0d:64:3d:80:c6:52:3f:62:72:b2:de:cb:55:
                    bf:5b:bb:ea:a1:32:4e:b9:ca:70:cf:08:ff:a9:11:
                    9e:90:5a:05:2f:3f:51:11:3c:70:bc:59:73:79:8a:
                    ec:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                94:0A:F6:B7:F7:39:38:40:D2:EC:EC:3C:21:7E:AF:11:76:C0:23:78
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS14618.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         38:c1:00:30:12:25:48:ea:f4:d5:07:4d:7b:b6:9f:97:14:f2:
         44:8e:48:e3:01:4e:74:88:d0:cc:66:0f:b7:21:a4:7f:5c:31:
         fd:1d:32:38:4a:61:46:b8:7e:eb:69:ff:91:68:37:02:d9:c1:
         19:9d:01:51:7e:8d:16:a1:b8:64:26:04:0b:15:b9:4e:26:fa:
         d1:2a:1c:0d:24:ab:39:76:f7:79:e8:4b:da:a1:92:ae:f5:10:
         65:d5:86:65:73:22:50:a4:05:8b:c1:48:33:48:71:f9:48:6d:
         58:6b:7f:42:ba:0f:f4:ff:70:4b:3a:1f:0f:3e:1b:d7:b9:07:
         6c:8d:58:5a:b4:2a:8e:bd:26:d8:8c:fc:c0:72:64:1a:5b:55:
         8d:63:65:10:b1:80:cc:31:95:3b:b4:87:a2:dc:e3:3f:6e:38:
         b5:ea:16:db:0c:e9:ce:f8:36:ee:39:e6:12:89:23:97:a9:e7:
         94:71:99:30:dc:a4:0c:d8:db:97:7f:6d:60:e4:b6:df:6d:a7:
         ca:d6:40:40:94:bd:3a:c5:62:83:b4:e3:c2:80:ca:93:63:96:
         7e:92:31:7d:71:5a:02:d8:66:94:b2:6f:c6:7f:fd:2d:29:ee:
         2b:fa:a4:70:ad:6f:c9:bb:5b:c5:b8:3c:d5:af:fc:97:4b:05:
         11:92:2c:9f
-----BEGIN CERTIFICATE-----
MIIEmzCCA4OgAwIBAgIUS+36FZB2oyy2EMkyEIh9GaaTAaAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNTEwMjAxNjQzNDdaFw0yNjEwMTkxNjQ4NDdaMDMxMTAvBgNV
BAMTKDk0MEFGNkI3RjczOTM4NDBEMkVDRUMzQzIxN0VBRjExNzZDMDIzNzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfIMiTpLGtYDbTstAZwVC71o/3
Tge4M8+OFPC9rxJGsE38Wg0fGfFr/dxaUXmvAn53P23RQDnIYBi3vBvDQN9+a7iB
51S9S64gO6ZWZ9iREDr7DhLuq48FtQtToPlXgo5st+pGDbbOtAYiGpHxfj67RDUi
nEqMeF94LxAyt3e1EQSEDQVRzJi3tXibhNiPp9j0LHYo5enyapYTJM2jzjtnVjtx
YjrhUkvytekARjNkzRApdLZrNoQ1pPKwOE2Po04YaZpyS57IVRV7pdzv2iXFxbV4
DWQ9gMZSP2Jyst7LVb9bu+qhMk65ynDPCP+pEZ6QWgUvP1ERPHC8WXN5iuxhAgMB
AAGjggGlMIIBoTAdBgNVHQ4EFgQUlAr2t/c5OEDS7Ow8IX6vEXbAI3gwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMxNDYxOC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2O9TANBgkq
hkiG9w0BAQsFAAOCAQEAOMEAMBIlSOr01QdNe7aflxTyRI5I4wFOdIjQzGYPtyGk
f1wx/R0yOEphRrh+62n/kWg3AtnBGZ0BUX6NFqG4ZCYECxW5Tib60SocDSSrOXb3
eehL2qGSrvUQZdWGZXMiUKQFi8FIM0hx+UhtWGt/QroP9P9wSzofDz4b17kHbI1Y
WrQqjr0m2Iz8wHJkGltVjWNlELGAzDGVO7SHotzjP244teoW2wzpzvg27jnmEokj
l6nnlHGZMNykDNjbl39tYOS2322nytZAQJS9OsVig7TjwoDKk2OWfpIxfXFaAthm
lLJvxn/9LSnuK/qkcK1vybtbxbg81a/8l0sFEZIsnw==
-----END CERTIFICATE-----