Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS205152.roa
File:                     AS205152.roa (raw, json)
Hash identifier:          JnjQ9fa7uf65V3uVidK2Jfnt1LulDbjaWs9+yrF/BB4=
Subject key identifier:   F6:28:67:7A:79:76:17:B8:8B:07:94:F6:3A:76:AD:AE:CA:18:C4:1D
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       47B47A31F7710BE83AD30BE527B375D526DA499A
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS205152.roa
Signing time:             Wed 22 Oct 2025 21:31:21 +0000
ROA not before:           Wed 22 Oct 2025 21:26:21 +0000
ROA not after:            Wed 21 Oct 2026 21:31:21 +0000
asID:                     205152
IP address blocks:        2a0b:4340:1300::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 04 Nov 2025 11:43:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            47:b4:7a:31:f7:71:0b:e8:3a:d3:0b:e5:27:b3:75:d5:26:da:49:9a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Oct 22 21:26:21 2025 GMT
            Not After : Oct 21 21:31:21 2026 GMT
        Subject: CN=F628677A797617B88B0794F63A76ADAECA18C41D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:21:34:d7:b7:48:8a:48:9e:20:42:4e:8d:77:
                    04:f1:85:03:2e:c0:92:09:41:89:e9:23:6d:9a:73:
                    24:19:fa:f7:a9:43:81:6f:a4:90:74:2a:7e:39:b4:
                    93:e3:23:27:c7:45:b9:9a:11:18:ca:9a:9f:98:17:
                    28:cf:d6:47:7f:e2:27:e3:df:79:fd:3f:ef:e9:12:
                    ab:86:25:df:e8:4d:fe:59:be:f0:58:96:1f:12:30:
                    a2:13:07:0b:1e:05:9f:ac:0e:5b:d3:8c:96:97:67:
                    e6:37:66:e7:f0:af:46:69:c8:aa:f4:c5:00:61:df:
                    f7:30:61:9c:13:2b:04:d6:f9:f8:86:36:ca:38:bf:
                    3e:08:40:cc:4e:53:92:8f:f2:7f:77:61:42:10:4e:
                    ba:55:77:ec:be:9a:39:02:16:40:62:0d:92:58:5f:
                    79:4b:d7:b3:b4:8d:b4:ec:d6:4e:93:92:47:fa:55:
                    f5:2f:1c:12:3e:86:6b:4b:b2:d4:c3:85:aa:67:88:
                    c7:39:45:23:cd:93:1f:22:45:7e:ad:aa:46:30:9d:
                    f3:81:1d:4f:b2:11:78:6a:80:a3:bf:6f:fc:fa:10:
                    10:1e:84:dc:fc:1b:78:28:c2:79:95:b7:78:9b:81:
                    e3:d8:91:a9:35:7f:76:02:08:6b:71:0f:c0:9d:a3:
                    6d:fb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F6:28:67:7A:79:76:17:B8:8B:07:94:F6:3A:76:AD:AE:CA:18:C4:1D
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS205152.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4340:1300::/40

    Signature Algorithm: sha256WithRSAEncryption
         5a:35:57:d6:a8:b4:2f:e6:e2:0d:48:bf:a3:ca:bf:33:f0:4a:
         d6:76:ba:30:50:2d:fb:e9:8f:b9:24:29:99:1d:0e:0c:18:30:
         51:02:53:c3:65:14:af:92:84:ca:52:1d:98:fb:17:ca:4d:b9:
         f9:f0:82:69:a5:67:1c:64:2d:5a:7d:81:bc:2b:a1:fa:66:02:
         a4:4d:a4:22:9c:06:96:a1:9f:c9:7f:f2:a6:26:81:60:eb:ad:
         c7:51:8c:e7:f7:12:25:ea:e8:b8:26:88:48:34:d6:df:97:1e:
         f6:93:6d:7b:62:a0:98:f9:88:fa:47:a0:36:ab:ca:6a:0a:cb:
         e8:01:1e:ea:f7:13:87:e4:cc:5b:42:b6:56:ff:fb:76:82:4e:
         ee:d7:63:e3:4a:4f:54:de:66:14:88:76:c1:91:7b:21:13:16:
         f7:51:46:00:9b:d6:b3:5e:18:5a:60:a0:12:25:1c:ad:9b:e1:
         b1:75:96:ed:1a:fe:1a:93:e2:b2:20:dd:6a:2b:15:0d:d7:72:
         e0:82:53:24:25:5d:b8:ba:0b:14:e1:32:6d:14:75:52:da:4a:
         09:0c:3e:4e:6a:a4:22:03:13:ca:75:a3:26:ae:fd:07:39:11:
         5e:55:e2:08:c4:af:0a:4a:47:8e:6b:32:8a:de:6c:ca:aa:c4:
         0e:e4:f8:9f
-----BEGIN CERTIFICATE-----
MIIEnjCCA4agAwIBAgIUR7R6MfdxC+g60wvlJ7N11SbaSZowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNTEwMjIyMTI2MjFaFw0yNjEwMjEyMTMxMjFaMDMxMTAvBgNV
BAMTKEY2Mjg2NzdBNzk3NjE3Qjg4QjA3OTRGNjNBNzZBREFFQ0ExOEM0MUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkITTXt0iKSJ4gQk6NdwTxhQMu
wJIJQYnpI22acyQZ+vepQ4FvpJB0Kn45tJPjIyfHRbmaERjKmp+YFyjP1kd/4ifj
33n9P+/pEquGJd/oTf5ZvvBYlh8SMKITBwseBZ+sDlvTjJaXZ+Y3Zufwr0ZpyKr0
xQBh3/cwYZwTKwTW+fiGNso4vz4IQMxOU5KP8n93YUIQTrpVd+y+mjkCFkBiDZJY
X3lL17O0jbTs1k6Tkkf6VfUvHBI+hmtLstTDhapniMc5RSPNkx8iRX6tqkYwnfOB
HU+yEXhqgKO/b/z6EBAehNz8G3gownmVt3ibgePYkak1f3YCCGtxD8Cdo237AgMB
AAGjggGoMIIBpDAdBgNVHQ4EFgQU9ihnenl2F7iLB5T2OnatrsoYxB0wHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEwGCCsGAQUFBwELBEAwPjA8BggrBgEFBQcwC4YwcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMyMDUxNTIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAqC0NAEzAN
BgkqhkiG9w0BAQsFAAOCAQEAWjVX1qi0L+biDUi/o8q/M/BK1na6MFAt++mPuSQp
mR0ODBgwUQJTw2UUr5KEylIdmPsXyk25+fCCaaVnHGQtWn2BvCuh+mYCpE2kIpwG
lqGfyX/ypiaBYOutx1GM5/cSJerouCaISDTW35ce9pNte2KgmPmI+kegNqvKagrL
6AEe6vcTh+TMW0K2Vv/7doJO7tdj40pPVN5mFIh2wZF7IRMW91FGAJvWs14YWmCg
EiUcrZvhsXWW7Rr+GpPisiDdaisVDddy4IJTJCVduLoLFOEybRR1UtpKCQw+Tmqk
IgMTynWjJq79BzkRXlXiCMSvCkpHjmsyit5syqrEDuT4nw==
-----END CERTIFICATE-----