Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS18254.roa
File:                     AS18254.roa (raw, json)
Hash identifier:          Fa5rbITeaJ07tzFaaYlEs6zDo38AP5SovTcBY26Fr9k=
Subject key identifier:   1A:74:26:BF:96:47:BF:06:33:B9:90:7C:6D:CC:61:BB:9E:2C:C8:5E
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       738111A47EA84CCBFB72E787A8D44268ABA904AA
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS18254.roa
Signing time:             Fri 07 Feb 2025 08:30:43 +0000
ROA not before:           Fri 07 Feb 2025 08:25:43 +0000
ROA not after:            Fri 06 Feb 2026 08:30:43 +0000
asID:                     18254
IP address blocks:        93.93.246.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 06:13:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            73:81:11:a4:7e:a8:4c:cb:fb:72:e7:87:a8:d4:42:68:ab:a9:04:aa
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Feb  7 08:25:43 2025 GMT
            Not After : Feb  6 08:30:43 2026 GMT
        Subject: CN=1A7426BF9647BF0633B9907C6DCC61BB9E2CC85E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8d:44:a6:1c:c4:37:f0:a2:75:68:01:75:c6:54:
                    8e:f5:16:d4:44:14:90:3a:79:18:f3:2d:9c:84:92:
                    11:a0:6e:1e:b8:1a:d5:af:99:fc:a2:09:39:d7:ab:
                    1a:c3:e4:54:a8:7a:3e:04:45:c8:20:ae:9a:b1:35:
                    fc:5a:54:c1:b5:37:d8:af:3f:9d:5b:93:06:13:8e:
                    a3:7a:bf:17:4c:fc:fc:84:80:94:a4:b6:e3:74:ec:
                    19:c9:11:58:f3:40:d7:05:f9:67:08:b8:ed:84:5d:
                    45:70:91:8a:9a:68:fb:71:1b:44:93:c7:34:5e:9c:
                    51:f0:0b:6d:4f:e2:e6:db:c2:22:ba:2f:cc:79:2d:
                    d3:b8:ad:27:e0:f7:70:e7:63:5f:7a:59:ff:0f:d8:
                    15:9c:7d:59:b0:d0:b2:6a:bf:da:46:9b:3c:da:35:
                    45:f6:08:53:cc:06:34:62:dd:eb:c9:10:50:25:fc:
                    4d:b1:8f:71:11:84:d6:09:fa:d8:6e:6c:35:61:3e:
                    9b:07:9f:50:1c:b2:f4:62:61:41:50:91:53:3a:fc:
                    4f:e1:9f:64:71:e5:a8:0c:63:a2:9f:7b:b8:3b:b8:
                    c1:97:a0:cc:6f:46:f3:5f:c8:92:80:08:c2:8d:70:
                    01:f9:69:a1:33:62:67:40:e6:97:0c:53:e1:e9:c4:
                    17:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1A:74:26:BF:96:47:BF:06:33:B9:90:7C:6D:CC:61:BB:9E:2C:C8:5E
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS18254.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  93.93.246.0/24

    Signature Algorithm: sha256WithRSAEncryption
         9f:1b:83:25:4f:25:72:0b:5d:8b:fb:13:66:8c:1c:25:01:54:
         20:e5:8b:b5:1c:08:73:b4:52:53:60:87:5b:d1:ee:76:a4:9d:
         bd:62:39:9f:34:41:1b:5a:50:9e:7e:6c:87:bc:03:ff:0f:81:
         49:aa:d7:ca:b7:8a:1f:69:40:ad:06:a7:52:49:39:b1:7d:86:
         64:8b:7b:a6:5c:0b:02:78:f4:15:44:bd:8b:b9:3b:86:5e:b0:
         08:ae:dd:9f:86:43:4a:ba:61:04:d4:5e:51:67:73:83:c5:8f:
         b1:8e:3f:82:51:50:24:db:5f:10:11:5e:4b:74:8e:bb:ad:80:
         27:51:9f:19:f8:62:07:da:2c:57:12:b1:c3:79:f0:e9:e9:ff:
         c5:d7:d1:10:07:c9:31:7e:4d:f4:36:d0:2e:9d:c7:f8:d0:99:
         77:d1:d2:02:6f:93:39:92:ce:d7:00:55:83:00:cc:f0:9d:3f:
         82:01:d1:ac:2b:bb:ac:b2:b3:8f:a6:04:a8:52:bb:bb:95:c0:
         c6:72:8a:46:45:69:2f:74:97:9d:80:86:9f:b5:dc:36:e4:ed:
         85:d9:43:d9:2d:27:b8:4c:e7:a2:48:db:7c:c8:dd:52:fb:3a:
         46:76:e2:85:c6:68:d2:32:6b:0f:1e:41:83:31:29:b7:66:96:
         03:47:d8:ad
-----BEGIN CERTIFICATE-----
MIIEmzCCA4OgAwIBAgIUc4ERpH6oTMv7cueHqNRCaKupBKowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNTAyMDcwODI1NDNaFw0yNjAyMDYwODMwNDNaMDMxMTAvBgNV
BAMTKDFBNzQyNkJGOTY0N0JGMDYzM0I5OTA3QzZEQ0M2MUJCOUUyQ0M4NUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNRKYcxDfwonVoAXXGVI71FtRE
FJA6eRjzLZyEkhGgbh64GtWvmfyiCTnXqxrD5FSoej4ERcggrpqxNfxaVMG1N9iv
P51bkwYTjqN6vxdM/PyEgJSktuN07BnJEVjzQNcF+WcIuO2EXUVwkYqaaPtxG0ST
xzRenFHwC21P4ubbwiK6L8x5LdO4rSfg93DnY196Wf8P2BWcfVmw0LJqv9pGmzza
NUX2CFPMBjRi3evJEFAl/E2xj3ERhNYJ+thubDVhPpsHn1AcsvRiYUFQkVM6/E/h
n2Rx5agMY6Kfe7g7uMGXoMxvRvNfyJKACMKNcAH5aaEzYmdA5pcMU+HpxBf/AgMB
AAGjggGlMIIBoTAdBgNVHQ4EFgQUGnQmv5ZHvwYzuZB8bcxhu54syF4wHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMxODI1NC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF1d9jANBgkq
hkiG9w0BAQsFAAOCAQEAnxuDJU8lcgtdi/sTZowcJQFUIOWLtRwIc7RSU2CHW9Hu
dqSdvWI5nzRBG1pQnn5sh7wD/w+BSarXyreKH2lArQanUkk5sX2GZIt7plwLAnj0
FUS9i7k7hl6wCK7dn4ZDSrphBNReUWdzg8WPsY4/glFQJNtfEBFeS3SOu62AJ1Gf
GfhiB9osVxKxw3nw6en/xdfREAfJMX5N9DbQLp3H+NCZd9HSAm+TOZLO1wBVgwDM
8J0/ggHRrCu7rLKzj6YEqFK7u5XAxnKKRkVpL3SXnYCGn7XcNuTthdlD2S0nuEzn
okjbfMjdUvs6RnbihcZo0jJrDx5BgzEpt2aWA0fYrQ==
-----END CERTIFICATE-----