Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS18254.roa
File:                     AS18254.roa (raw, json)
Hash identifier:          Y5MDGDvCHoqBJcSZyJnf/VTexTJzaXZ7g5kTEOpB9xE=
Subject key identifier:   8C:9D:D6:EB:F2:BB:EE:DC:E2:3E:C5:5E:0C:A3:65:84:73:87:D7:DC
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       43482E07E85FEDE5EBE73334E310F27F9AE273C7
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS18254.roa
Signing time:             Fri 08 Mar 2024 08:15:22 +0000
ROA not before:           Fri 08 Mar 2024 08:10:22 +0000
ROA not after:            Fri 07 Mar 2025 08:15:22 +0000
asID:                     18254
IP address blocks:        93.93.246.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 May 2024 04:53:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            43:48:2e:07:e8:5f:ed:e5:eb:e7:33:34:e3:10:f2:7f:9a:e2:73:c7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Mar  8 08:10:22 2024 GMT
            Not After : Mar  7 08:15:22 2025 GMT
        Subject: CN=8C9DD6EBF2BBEEDCE23EC55E0CA365847387D7DC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:49:df:dd:7b:6b:f7:5a:48:a6:ec:46:7f:21:
                    28:89:d1:8b:be:2c:e6:ff:d9:81:cc:1d:74:b0:c8:
                    7a:02:43:92:e1:d0:5b:da:3b:d9:08:d9:16:f3:a2:
                    bf:b5:bb:78:8a:43:7d:2a:f7:d9:6a:da:93:b1:47:
                    61:76:d1:d4:ce:de:25:b9:c1:d3:e3:58:e7:82:87:
                    77:fd:cb:06:3e:8a:f8:a4:2f:12:54:7b:a9:ec:6e:
                    eb:15:04:80:93:d1:64:3e:1a:5c:8c:da:5e:bd:f0:
                    7d:93:cd:1c:c4:94:f3:ec:0e:62:64:b1:d3:43:3a:
                    e2:72:35:5b:43:08:02:ee:65:18:10:2b:ec:81:26:
                    aa:f6:07:dd:14:19:d8:ed:d3:b3:9f:3f:cd:b7:6c:
                    83:a3:ba:4f:f6:64:e2:78:d9:09:ae:d0:bf:29:9f:
                    93:bc:c6:d9:28:13:f3:df:38:8b:7e:3e:5e:ee:da:
                    6c:6d:95:c4:9e:e1:f6:b8:1e:f1:81:02:de:04:c4:
                    9e:36:bf:c6:6c:3d:d5:f5:1b:8b:63:53:f2:5b:9f:
                    04:19:94:ba:5c:49:f7:1a:4a:c9:9b:05:b5:92:17:
                    58:12:5a:8d:c1:fb:8b:e1:9b:3d:69:30:14:d0:5c:
                    6d:79:91:19:59:2c:1d:a8:26:00:2b:ed:b4:ca:bd:
                    0b:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8C:9D:D6:EB:F2:BB:EE:DC:E2:3E:C5:5E:0C:A3:65:84:73:87:D7:DC
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS18254.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.93.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4c:6b:b5:75:77:85:3c:76:05:f0:49:f9:d4:ed:23:b4:85:f6:
         cc:da:e9:c8:cb:f1:34:1f:54:a8:65:7f:28:1b:4a:0d:a3:17:
         73:33:7c:21:90:58:07:ea:b8:b5:34:af:d0:45:d9:83:ef:b2:
         0a:4c:04:8c:c7:b1:c1:34:85:03:92:56:83:28:ab:90:89:f2:
         ca:ab:8a:bd:d8:49:f3:68:49:84:26:28:b0:23:bd:1d:4a:55:
         fc:cc:80:a0:81:2a:65:a3:d2:a7:7a:98:b9:7a:d2:98:9a:74:
         43:de:64:80:82:93:05:d6:b5:55:f8:00:bb:f5:06:37:77:9f:
         09:42:55:95:c3:57:6f:86:42:11:eb:ef:7c:77:3a:3a:57:96:
         1b:b6:27:9e:73:c6:2c:12:ec:eb:3e:5c:ba:c6:85:6c:55:c0:
         a5:46:c9:06:ea:23:e1:53:43:3b:ff:98:e1:5e:7a:ea:5e:a3:
         68:1b:a2:b4:e6:99:8f:d4:e8:c6:d7:c6:ae:6c:d3:46:21:19:
         76:d1:25:a4:0c:c3:a4:c8:70:f7:71:2b:27:d7:6c:5d:a5:01:
         9f:b7:59:c8:fd:ef:eb:c0:d2:a0:2f:73:9f:6f:ca:d9:2b:b3:
         f8:97:af:35:d3:d8:72:e8:26:62:be:ad:9b:14:6e:84:86:fe:
         d7:ce:72:2f
-----BEGIN CERTIFICATE-----
MIIEmzCCA4OgAwIBAgIUQ0guB+hf7eXr5zM04xDyf5ric8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNDAzMDgwODEwMjJaFw0yNTAzMDcwODE1MjJaMDMxMTAvBgNV
BAMTKDhDOURENkVCRjJCQkVFRENFMjNFQzU1RTBDQTM2NTg0NzM4N0Q3REMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeSd/de2v3Wkim7EZ/ISiJ0Yu+
LOb/2YHMHXSwyHoCQ5Lh0FvaO9kI2Rbzor+1u3iKQ30q99lq2pOxR2F20dTO3iW5
wdPjWOeCh3f9ywY+ivikLxJUe6nsbusVBICT0WQ+GlyM2l698H2TzRzElPPsDmJk
sdNDOuJyNVtDCALuZRgQK+yBJqr2B90UGdjt07OfP823bIOjuk/2ZOJ42Qmu0L8p
n5O8xtkoE/PfOIt+Pl7u2mxtlcSe4fa4HvGBAt4ExJ42v8ZsPdX1G4tjU/JbnwQZ
lLpcSfcaSsmbBbWSF1gSWo3B+4vhmz1pMBTQXG15kRlZLB2oJgAr7bTKvQtDAgMB
AAGjggGlMIIBoTAdBgNVHQ4EFgQUjJ3W6/K77tziPsVeDKNlhHOH19wwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMxODI1NC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF1d9jANBgkq
hkiG9w0BAQsFAAOCAQEATGu1dXeFPHYF8En51O0jtIX2zNrpyMvxNB9UqGV/KBtK
DaMXczN8IZBYB+q4tTSv0EXZg++yCkwEjMexwTSFA5JWgyirkInyyquKvdhJ82hJ
hCYosCO9HUpV/MyAoIEqZaPSp3qYuXrSmJp0Q95kgIKTBda1VfgAu/UGN3efCUJV
lcNXb4ZCEevvfHc6OleWG7YnnnPGLBLs6z5cusaFbFXApUbJBuoj4VNDO/+Y4V56
6l6jaBuitOaZj9ToxtfGrmzTRiEZdtElpAzDpMhw93ErJ9dsXaUBn7dZyP3v68DS
oC9zn2/K2Suz+JevNdPYcugmYr6tmxRuhIb+185yLw==
-----END CERTIFICATE-----