Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS205532.roa
File:                     AS205532.roa (raw, json)
Hash identifier:          /x5Sd9sEXz288tKFv/kEPorB4ioGyBYfRJUaoARfPH8=
Subject key identifier:   0D:65:2E:32:2D:A7:CC:72:53:D7:1C:EC:8A:A0:90:02:89:E4:8D:3B
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       2368F069CBAFFDB53689BEF594EBB1FF41BC51AF
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS205532.roa
Signing time:             Wed 20 Dec 2023 21:30:08 +0000
ROA not before:           Wed 20 Dec 2023 21:25:08 +0000
ROA not after:            Wed 18 Dec 2024 21:30:08 +0000
asID:                     205532
IP address blocks:        2a0b:4340:a0::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 May 2024 04:53:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:68:f0:69:cb:af:fd:b5:36:89:be:f5:94:eb:b1:ff:41:bc:51:af
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Dec 20 21:25:08 2023 GMT
            Not After : Dec 18 21:30:08 2024 GMT
        Subject: CN=0D652E322DA7CC7253D71CEC8AA0900289E48D3B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:bb:ec:28:5a:c9:e2:90:e2:bc:dd:04:c4:f0:
                    9e:0d:40:fe:68:1e:dc:ac:3e:37:62:df:7d:65:8e:
                    be:34:72:c0:86:3e:2b:8e:7b:fd:6a:b5:a1:ac:e5:
                    74:51:c8:f7:d0:fd:7e:7a:37:d2:db:4c:71:60:91:
                    5a:50:30:22:21:60:0e:1a:49:23:55:7b:a8:25:ef:
                    ce:7f:0b:38:8c:da:55:e5:9f:8c:c9:2d:96:bb:9a:
                    9a:b3:d0:ad:58:c1:4a:01:34:9e:1b:d5:f4:d6:a1:
                    b0:62:68:e6:8a:f1:39:8a:e3:db:0b:14:8d:8a:5b:
                    22:68:79:c7:7a:92:fb:5e:8f:04:67:88:cf:2b:bb:
                    ca:90:f5:15:c8:77:be:56:90:c2:48:91:77:9e:ef:
                    b8:90:39:18:c6:c3:04:a7:f1:66:99:26:8f:85:c9:
                    03:a7:0e:f4:d4:4a:93:9e:3f:ed:85:4c:5f:a8:97:
                    38:82:da:01:82:1e:61:49:08:9f:50:30:d7:e1:cf:
                    87:80:98:f9:12:37:59:19:b3:4c:63:0b:76:63:85:
                    9d:72:7f:59:fd:aa:48:3c:32:a3:be:21:31:09:82:
                    2c:92:0d:ad:aa:18:17:0f:25:2b:67:ae:48:79:b3:
                    e0:52:02:29:e5:71:9c:79:75:b6:5d:3e:25:fc:06:
                    9b:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:65:2E:32:2D:A7:CC:72:53:D7:1C:EC:8A:A0:90:02:89:E4:8D:3B
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS205532.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4340:a0::/44

    Signature Algorithm: sha256WithRSAEncryption
         97:24:23:1e:49:78:86:b2:82:c8:f9:66:9a:9d:19:3a:ea:db:
         a6:70:3a:c9:ad:ef:0b:5b:6a:4e:81:ee:3a:5d:81:22:70:c6:
         cb:89:b4:78:22:2c:c0:43:3f:26:81:5b:e6:43:ca:a2:69:f6:
         da:83:10:3e:bb:66:c3:d1:87:9e:9b:5f:26:96:3e:db:07:6e:
         11:41:a2:cc:ab:ea:7c:95:2e:a9:c4:7f:c8:1f:5e:41:37:f8:
         46:6e:68:4d:18:46:34:cd:a1:bf:19:e4:e7:78:8e:e9:18:d7:
         0d:3d:d4:54:e2:b1:ab:20:0b:8c:35:54:17:01:ab:44:bf:46:
         a8:d3:30:74:30:c7:77:d4:f1:c5:22:8a:69:1e:d1:70:cd:c5:
         70:20:03:23:0a:cc:b0:52:23:5a:3d:52:af:c5:34:35:fe:f7:
         e6:79:7d:23:11:19:ec:e3:85:01:4c:e9:c8:a1:c8:27:cf:f6:
         35:3a:c8:c0:94:09:bf:89:df:34:42:ff:a6:51:35:8c:45:35:
         79:49:20:47:c9:f0:89:2f:15:be:31:af:c8:f5:9a:32:c8:58:
         44:c7:ea:67:4d:8b:d0:10:db:3a:36:54:df:b5:47:13:96:d9:
         0d:ff:c6:36:a3:d5:7e:91:ed:75:50:07:df:d9:da:c5:b4:d3:
         8a:9e:9c:5e
-----BEGIN CERTIFICATE-----
MIIEnzCCA4egAwIBAgIUI2jwacuv/bU2ib71lOux/0G8Ua8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMjAyMTI1MDhaFw0yNDEyMTgyMTMwMDhaMDMxMTAvBgNV
BAMTKDBENjUyRTMyMkRBN0NDNzI1M0Q3MUNFQzhBQTA5MDAyODlFNDhEM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCju+woWsnikOK83QTE8J4NQP5o
HtysPjdi331ljr40csCGPiuOe/1qtaGs5XRRyPfQ/X56N9LbTHFgkVpQMCIhYA4a
SSNVe6gl785/CziM2lXln4zJLZa7mpqz0K1YwUoBNJ4b1fTWobBiaOaK8TmK49sL
FI2KWyJoecd6kvtejwRniM8ru8qQ9RXId75WkMJIkXee77iQORjGwwSn8WaZJo+F
yQOnDvTUSpOeP+2FTF+olziC2gGCHmFJCJ9QMNfhz4eAmPkSN1kZs0xjC3ZjhZ1y
f1n9qkg8MqO+ITEJgiySDa2qGBcPJStnrkh5s+BSAinlcZx5dbZdPiX8Bpu7AgMB
AAGjggGpMIIBpTAdBgNVHQ4EFgQUDWUuMi2nzHJT1xzsiqCQAonkjTswHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEwGCCsGAQUFBwELBEAwPjA8BggrBgEFBQcwC4YwcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMyMDU1MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQqC0NAAKAw
DQYJKoZIhvcNAQELBQADggEBAJckIx5JeIaygsj5ZpqdGTrq26ZwOsmt7wtbak6B
7jpdgSJwxsuJtHgiLMBDPyaBW+ZDyqJp9tqDED67ZsPRh56bXyaWPtsHbhFBosyr
6nyVLqnEf8gfXkE3+EZuaE0YRjTNob8Z5Od4jukY1w091FTisasgC4w1VBcBq0S/
RqjTMHQwx3fU8cUiimke0XDNxXAgAyMKzLBSI1o9Uq/FNDX+9+Z5fSMRGezjhQFM
6cihyCfP9jU6yMCUCb+J3zRC/6ZRNYxFNXlJIEfJ8IkvFb4xr8j1mjLIWETH6mdN
i9AQ2zo2VN+1RxOW2Q3/xjaj1X6R7XVQB9/Z2sW004qenF4=
-----END CERTIFICATE-----