Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS205058.roa
File:                     AS205058.roa (raw, json)
Hash identifier:          q32xSJB4cJoEhJXjTbZY1uqaaWA1nyePxhRKGoFt6wQ=
Subject key identifier:   60:47:26:DF:59:DB:F7:43:FF:7A:B5:3D:5E:EF:41:8E:9E:7F:56:99
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       39354695C36B1314C5CC2ADE51E8D15A9AA70AB2
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS205058.roa
Signing time:             Wed 20 Nov 2024 21:30:34 +0000
ROA not before:           Wed 20 Nov 2024 21:25:34 +0000
ROA not after:            Wed 19 Nov 2025 21:30:34 +0000
asID:                     205058
IP address blocks:        2a0b:4340:b0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:35:46:95:c3:6b:13:14:c5:cc:2a:de:51:e8:d1:5a:9a:a7:0a:b2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Nov 20 21:25:34 2024 GMT
            Not After : Nov 19 21:30:34 2025 GMT
        Subject: CN=604726DF59DBF743FF7AB53D5EEF418E9E7F5699
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:90:61:97:cc:3c:05:cd:0b:ca:ad:d3:2c:70:11:
                    ed:78:a6:14:80:6d:2c:85:dd:95:f9:a6:9e:97:e7:
                    6d:70:3a:98:ac:9a:3a:22:83:c6:05:a2:ef:3f:38:
                    dd:96:59:b4:b0:32:38:b2:0b:dc:77:b2:e0:8e:28:
                    94:d3:35:4e:ce:17:05:79:e1:3d:38:3c:a0:8a:d7:
                    f3:ea:20:c1:62:18:f0:c2:47:9d:f4:63:15:cb:57:
                    73:c7:56:89:75:0b:b5:c1:eb:63:17:41:31:d0:d6:
                    a0:d7:a1:fd:50:a9:f8:5b:27:c5:96:32:46:11:26:
                    46:56:35:fb:10:49:d1:0d:d4:06:8f:3f:1e:bc:4c:
                    28:29:da:2a:46:bc:a7:47:fd:85:74:15:53:bc:73:
                    45:c3:44:2a:54:69:ac:7a:b9:78:d4:77:10:cd:ed:
                    df:5b:ac:87:35:07:b9:66:4c:f6:fc:82:cd:34:48:
                    72:58:ff:91:ea:2d:5a:b5:06:b6:c5:84:a6:81:7c:
                    d2:6c:7d:68:8b:57:59:3a:ff:c6:22:23:18:91:4c:
                    bf:77:a5:0e:90:6f:8f:2d:ad:52:e3:62:7d:f3:49:
                    6b:b4:f3:b8:b5:0f:bc:bd:a9:56:0d:3c:50:8e:0a:
                    b1:13:2b:61:68:39:51:4c:a1:00:28:56:75:60:4a:
                    e5:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                60:47:26:DF:59:DB:F7:43:FF:7A:B5:3D:5E:EF:41:8E:9E:7F:56:99
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS205058.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4340:b0::/44

    Signature Algorithm: sha256WithRSAEncryption
         31:79:b0:eb:7d:52:f9:f0:3f:c2:ac:ac:44:18:d5:b3:55:85:
         5a:b5:ee:13:fd:3c:88:56:49:1c:78:90:74:ba:93:95:f9:ea:
         c5:90:44:03:44:02:14:c1:b5:52:c8:04:bf:5b:98:3f:de:73:
         f8:89:9d:b3:85:62:15:3e:2a:3a:3b:7b:b1:3c:7d:5b:93:6d:
         bb:4d:fa:9d:a8:fb:37:95:6d:5c:31:11:5d:6d:78:b2:5a:2c:
         26:03:bf:6a:ee:41:df:7d:53:39:67:57:d4:b8:76:ee:a2:59:
         fc:af:24:fd:bb:ef:a7:bf:51:b4:b0:2f:36:68:50:cc:5b:ae:
         46:a4:32:ef:51:4d:13:57:55:ad:17:bf:b3:90:bb:62:72:d9:
         40:25:21:2e:bd:42:37:9f:0d:b6:eb:03:cb:e9:b8:32:de:0d:
         5a:cb:46:cf:e0:ed:6b:4e:ac:01:cf:d9:57:d6:59:3d:dd:8a:
         be:73:9c:b6:4f:12:47:ec:3d:67:a3:c3:e9:65:27:37:be:58:
         1f:90:61:01:49:1a:f6:d7:27:a4:29:dc:b6:d0:1a:95:63:ea:
         48:b8:ff:0e:41:6a:a9:ae:9c:2c:7e:42:98:bf:8a:7d:bb:55:
         b0:4f:29:38:b9:27:19:ee:93:65:82:c1:82:ac:6a:fe:00:93:
         08:ed:7a:ba
-----BEGIN CERTIFICATE-----
MIIEnzCCA4egAwIBAgIUOTVGlcNrExTFzCreUejRWpqnCrIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNDExMjAyMTI1MzRaFw0yNTExMTkyMTMwMzRaMDMxMTAvBgNV
BAMTKDYwNDcyNkRGNTlEQkY3NDNGRjdBQjUzRDVFRUY0MThFOUU3RjU2OTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQYZfMPAXNC8qt0yxwEe14phSA
bSyF3ZX5pp6X521wOpismjoig8YFou8/ON2WWbSwMjiyC9x3suCOKJTTNU7OFwV5
4T04PKCK1/PqIMFiGPDCR530YxXLV3PHVol1C7XB62MXQTHQ1qDXof1QqfhbJ8WW
MkYRJkZWNfsQSdEN1AaPPx68TCgp2ipGvKdH/YV0FVO8c0XDRCpUaax6uXjUdxDN
7d9brIc1B7lmTPb8gs00SHJY/5HqLVq1BrbFhKaBfNJsfWiLV1k6/8YiIxiRTL93
pQ6Qb48trVLjYn3zSWu087i1D7y9qVYNPFCOCrETK2FoOVFMoQAoVnVgSuVVAgMB
AAGjggGpMIIBpTAdBgNVHQ4EFgQUYEcm31nb90P/erU9Xu9Bjp5/VpkwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEwGCCsGAQUFBwELBEAwPjA8BggrBgEFBQcwC4YwcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMyMDUwNTgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQqC0NAALAw
DQYJKoZIhvcNAQELBQADggEBADF5sOt9UvnwP8KsrEQY1bNVhVq17hP9PIhWSRx4
kHS6k5X56sWQRANEAhTBtVLIBL9bmD/ec/iJnbOFYhU+Kjo7e7E8fVuTbbtN+p2o
+zeVbVwxEV1teLJaLCYDv2ruQd99UzlnV9S4du6iWfyvJP2776e/UbSwLzZoUMxb
rkakMu9RTRNXVa0Xv7OQu2Jy2UAlIS69QjefDbbrA8vpuDLeDVrLRs/g7WtOrAHP
2VfWWT3dir5znLZPEkfsPWejw+llJze+WB+QYQFJGvbXJ6Qp3LbQGpVj6ki4/w5B
aqmunCx+Qpi/in27VbBPKTi5Jxnuk2WCwYKsav4Akwjtero=
-----END CERTIFICATE-----