Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS16509.roa
File:                     AS16509.roa (raw, json)
Hash identifier:          akAOnqI6NVu3UwJAPVFaXKovdIoH18zX6XpchG8P19w=
Subject key identifier:   D3:90:D5:9D:C0:B0:8D:F8:85:9B:02:09:9C:D6:7D:54:72:70:F6:D6
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       3508D24A6A2D2D2C84739C8077F61A7B41E0D54E
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS16509.roa
Signing time:             Mon 20 Oct 2025 16:49:00 +0000
ROA not before:           Mon 20 Oct 2025 16:44:00 +0000
ROA not after:            Mon 19 Oct 2026 16:49:00 +0000
asID:                     16509
IP address blocks:        45.142.245.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 24 Oct 2025 02:07:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:08:d2:4a:6a:2d:2d:2c:84:73:9c:80:77:f6:1a:7b:41:e0:d5:4e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Oct 20 16:44:00 2025 GMT
            Not After : Oct 19 16:49:00 2026 GMT
        Subject: CN=D390D59DC0B08DF8859B02099CD67D547270F6D6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:07:f3:14:1a:9e:93:91:93:3a:c9:09:24:33:
                    63:49:71:a3:25:d9:16:2b:d7:c7:9b:e1:46:e1:9f:
                    40:13:45:33:45:b6:38:0d:8d:aa:c8:03:a2:a5:4a:
                    22:c3:56:d3:63:eb:92:cf:fc:38:d9:9f:e9:d0:ca:
                    4e:a4:58:e3:10:db:16:15:9a:4f:9c:48:a4:1a:92:
                    12:a4:1a:9a:2a:15:de:c3:74:3f:f8:97:5a:65:a9:
                    a1:5e:17:63:21:fd:77:e9:a2:61:a7:8a:54:72:f9:
                    44:cf:71:ea:40:4b:14:19:c4:bd:8e:10:27:4f:90:
                    4d:7f:b5:6d:63:ef:bd:6d:cb:fe:86:80:a2:79:9f:
                    6f:83:cf:49:24:10:64:35:c6:10:33:00:de:60:ae:
                    d7:61:47:2f:a3:e2:48:bf:41:b9:a4:e5:36:9f:a3:
                    53:96:2d:56:99:af:5e:d9:c9:27:90:81:22:ce:bb:
                    19:1b:c6:aa:9d:32:52:ee:20:67:60:2b:aa:af:e6:
                    c9:e4:1b:32:7b:fe:ae:58:23:59:07:a6:cc:5c:a2:
                    b9:fc:fb:20:52:1b:a6:7d:24:ea:12:99:50:fa:b4:
                    c7:c3:17:d3:51:bc:f1:62:5e:c4:9d:50:f0:91:77:
                    68:d2:8a:f3:a8:a6:29:3e:b3:af:3c:cd:32:31:6c:
                    0d:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D3:90:D5:9D:C0:B0:8D:F8:85:9B:02:09:9C:D6:7D:54:72:70:F6:D6
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS16509.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.245.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b6:3d:51:93:88:8c:07:61:a7:5b:6d:22:5e:99:f3:98:d6:b3:
         3b:6f:6d:fd:00:e5:ac:04:05:47:a3:37:e1:27:0f:49:5e:32:
         85:15:c0:c8:bf:17:6c:49:7e:70:c2:c7:fe:e0:9d:e7:78:20:
         91:26:cb:82:9e:13:66:29:00:4d:8f:a4:fe:cf:14:fe:54:0c:
         b4:e1:61:27:72:95:41:7f:27:c8:c3:f3:61:c7:a5:75:4c:cd:
         b9:01:5e:1b:c6:0e:36:c5:7a:90:96:cb:40:77:ef:21:1e:ad:
         ea:5e:9f:df:71:c7:76:93:6b:47:3f:a8:8d:73:78:ef:a8:ec:
         a1:ad:52:64:05:51:2b:0c:d6:41:c2:99:b4:03:b2:74:eb:07:
         45:bb:02:56:c6:fd:b7:30:2a:01:18:8e:56:6c:df:fb:3c:33:
         92:08:e9:46:95:f1:18:66:85:ee:9c:84:d3:fa:eb:78:35:76:
         fb:71:8e:ad:65:10:e1:ce:aa:f3:e0:4d:bc:34:5e:26:26:53:
         53:d9:ac:49:48:e8:f9:6f:8e:b1:7a:ac:a5:13:b2:ac:23:4b:
         fd:79:58:09:54:6f:e0:2e:e5:01:0f:a4:9c:fa:ef:87:b4:4d:
         02:15:26:58:4a:2d:3e:08:5f:60:94:aa:09:9d:71:1f:bb:7f:
         ca:96:f4:f4
-----BEGIN CERTIFICATE-----
MIIEmzCCA4OgAwIBAgIUNQjSSmotLSyEc5yAd/Yae0Hg1U4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNTEwMjAxNjQ0MDBaFw0yNjEwMTkxNjQ5MDBaMDMxMTAvBgNV
BAMTKEQzOTBENTlEQzBCMDhERjg4NTlCMDIwOTlDRDY3RDU0NzI3MEY2RDYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCdB/MUGp6TkZM6yQkkM2NJcaMl
2RYr18eb4Ubhn0ATRTNFtjgNjarIA6KlSiLDVtNj65LP/DjZn+nQyk6kWOMQ2xYV
mk+cSKQakhKkGpoqFd7DdD/4l1plqaFeF2Mh/XfpomGnilRy+UTPcepASxQZxL2O
ECdPkE1/tW1j771ty/6GgKJ5n2+Dz0kkEGQ1xhAzAN5grtdhRy+j4ki/Qbmk5Taf
o1OWLVaZr17ZySeQgSLOuxkbxqqdMlLuIGdgK6qv5snkGzJ7/q5YI1kHpsxcorn8
+yBSG6Z9JOoSmVD6tMfDF9NRvPFiXsSdUPCRd2jSivOopik+s688zTIxbA0XAgMB
AAGjggGlMIIBoTAdBgNVHQ4EFgQU05DVncCwjfiFmwIJnNZ9VHJw9tYwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMxNjUwOS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAC2O9TANBgkq
hkiG9w0BAQsFAAOCAQEAtj1Rk4iMB2GnW20iXpnzmNazO29t/QDlrAQFR6M34ScP
SV4yhRXAyL8XbEl+cMLH/uCd53ggkSbLgp4TZikATY+k/s8U/lQMtOFhJ3KVQX8n
yMPzYceldUzNuQFeG8YONsV6kJbLQHfvIR6t6l6f33HHdpNrRz+ojXN476jsoa1S
ZAVRKwzWQcKZtAOydOsHRbsCVsb9tzAqARiOVmzf+zwzkgjpRpXxGGaF7pyE0/rr
eDV2+3GOrWUQ4c6q8+BNvDReJiZTU9msSUjo+W+OsXqspROyrCNL/XlYCVRv4C7l
AQ+knPrvh7RNAhUmWEotPghfYJSqCZ1xH7t/ypb09A==
-----END CERTIFICATE-----