Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS205532.roa
File:                     AS205532.roa (raw, json)
Hash identifier:          H5pMf6gc+Bs3fmwGWKTw+DHVaF+GCFTfb4zJJN906x0=
Subject key identifier:   B0:73:B6:E9:68:84:5D:9C:F5:CB:E4:E2:0D:EA:65:0A:5A:65:73:2A
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       61B0350F666BE0DA3333C1124E2C1C7C0ED1C875
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS205532.roa
Signing time:             Wed 22 Oct 2025 21:31:19 +0000
ROA not before:           Wed 22 Oct 2025 21:26:19 +0000
ROA not after:            Wed 21 Oct 2026 21:31:19 +0000
asID:                     205532
IP address blocks:        2a0b:4340:a0::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 24 Oct 2025 02:07:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:b0:35:0f:66:6b:e0:da:33:33:c1:12:4e:2c:1c:7c:0e:d1:c8:75
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Oct 22 21:26:19 2025 GMT
            Not After : Oct 21 21:31:19 2026 GMT
        Subject: CN=B073B6E968845D9CF5CBE4E20DEA650A5A65732A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:0d:1a:35:96:67:3d:c7:4c:9a:5e:41:e4:9d:
                    9d:66:6c:6c:01:4a:41:18:84:e3:62:6b:30:d7:22:
                    04:6e:a3:81:40:fe:64:20:25:95:dd:db:dd:e8:43:
                    d0:0f:da:4f:53:fc:66:d2:71:a0:a2:8e:5f:ee:42:
                    64:ac:e1:d4:1b:53:2d:ee:66:f9:38:7c:20:55:da:
                    af:a6:b3:d0:6d:c0:a0:0c:64:cd:5d:90:5f:93:c7:
                    e0:a3:f9:de:05:31:61:02:d4:0d:d2:c9:5d:f3:3f:
                    d1:46:05:e7:4a:e7:a8:86:2a:45:96:56:08:21:6e:
                    f9:70:3d:cd:cf:d0:82:13:9f:56:60:06:4d:64:75:
                    9f:ef:00:64:0f:f0:c5:37:52:09:a3:02:43:e4:da:
                    7f:1b:42:b7:eb:ea:9d:88:71:a0:cc:7a:cd:a1:5c:
                    58:23:30:c3:7a:92:2d:f3:be:b0:3c:5a:f8:fe:bd:
                    97:21:d1:99:7c:97:32:15:80:7b:30:12:11:57:3d:
                    ca:85:67:1a:ad:f3:b8:e3:16:bb:6b:d1:bd:b9:45:
                    1f:40:d3:56:87:fa:ab:b9:3d:04:e3:70:00:b0:e3:
                    15:95:9d:64:bc:99:14:74:d7:4d:6a:65:c3:a9:40:
                    4a:33:95:b8:c0:55:88:6e:b1:d0:34:54:40:a7:4c:
                    ad:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B0:73:B6:E9:68:84:5D:9C:F5:CB:E4:E2:0D:EA:65:0A:5A:65:73:2A
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS205532.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4340:a0::/44

    Signature Algorithm: sha256WithRSAEncryption
         48:7a:a6:d9:59:b1:3c:ed:7c:8e:dc:f1:5b:90:63:f5:a8:5d:
         ac:37:99:25:0d:14:9f:1b:81:c2:49:e7:91:0a:bf:95:f5:6a:
         51:7d:54:95:e7:a7:05:51:36:5d:f9:c1:f4:53:cb:78:7c:c1:
         b1:c1:07:75:d8:7b:4a:a7:36:c5:a7:d7:e3:3e:11:2e:dd:ea:
         0d:d2:93:43:34:e7:74:c2:3c:9e:23:b3:4c:64:c4:c2:b0:03:
         bd:94:5a:de:7e:41:c4:7b:79:fe:12:41:36:ed:bf:11:bd:a8:
         46:14:6a:22:6d:ef:8f:14:db:28:45:f2:9f:46:92:a4:b3:fd:
         71:65:ea:70:f5:23:30:1f:7d:1b:9e:32:d0:29:e5:2d:35:a9:
         0c:b1:da:85:d0:f2:3c:41:c7:b4:0a:6c:ad:23:3f:95:18:1b:
         12:db:24:c9:8f:83:43:05:71:52:dd:82:c4:11:4b:07:b1:1d:
         bf:c1:45:3c:45:07:51:db:e8:b7:5f:50:2d:07:91:05:b7:bd:
         ce:1c:1e:75:08:6e:ba:81:2b:19:ca:c1:af:28:75:5c:41:fc:
         00:df:c7:d8:d2:ae:4b:29:87:85:ed:5b:f4:91:e2:99:e3:63:
         c8:fc:8f:a7:c4:a1:b2:93:4b:5d:c5:ff:ce:82:62:fe:41:0f:
         35:5a:d5:3e
-----BEGIN CERTIFICATE-----
MIIEnzCCA4egAwIBAgIUYbA1D2Zr4NozM8ESTiwcfA7RyHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNTEwMjIyMTI2MTlaFw0yNjEwMjEyMTMxMTlaMDMxMTAvBgNV
BAMTKEIwNzNCNkU5Njg4NDVEOUNGNUNCRTRFMjBERUE2NTBBNUE2NTczMkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKDRo1lmc9x0yaXkHknZ1mbGwB
SkEYhONiazDXIgRuo4FA/mQgJZXd293oQ9AP2k9T/GbScaCijl/uQmSs4dQbUy3u
Zvk4fCBV2q+ms9BtwKAMZM1dkF+Tx+Cj+d4FMWEC1A3SyV3zP9FGBedK56iGKkWW
VgghbvlwPc3P0IITn1ZgBk1kdZ/vAGQP8MU3UgmjAkPk2n8bQrfr6p2IcaDMes2h
XFgjMMN6ki3zvrA8Wvj+vZch0Zl8lzIVgHswEhFXPcqFZxqt87jjFrtr0b25RR9A
01aH+qu5PQTjcACw4xWVnWS8mRR0101qZcOpQEozlbjAVYhusdA0VECnTK3dAgMB
AAGjggGpMIIBpTAdBgNVHQ4EFgQUsHO26WiEXZz1y+TiDeplClplcyowHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEwGCCsGAQUFBwELBEAwPjA8BggrBgEFBQcwC4YwcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMyMDU1MzIucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQqC0NAAKAw
DQYJKoZIhvcNAQELBQADggEBAEh6ptlZsTztfI7c8VuQY/WoXaw3mSUNFJ8bgcJJ
55EKv5X1alF9VJXnpwVRNl35wfRTy3h8wbHBB3XYe0qnNsWn1+M+ES7d6g3Sk0M0
53TCPJ4js0xkxMKwA72UWt5+QcR7ef4SQTbtvxG9qEYUaiJt748U2yhF8p9GkqSz
/XFl6nD1IzAffRueMtAp5S01qQyx2oXQ8jxBx7QKbK0jP5UYGxLbJMmPg0MFcVLd
gsQRSwexHb/BRTxFB1Hb6LdfUC0HkQW3vc4cHnUIbrqBKxnKwa8odVxB/ADfx9jS
rksph4XtW/SR4pnjY8j8j6fEobKTS13F/86CYv5BDzVa1T4=
-----END CERTIFICATE-----