Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS205618.roa
File:                     AS205618.roa (raw, json)
Hash identifier:          ft/Tb2uEPJsGhIpMjMs7V3ked96c7sA1cN3yLE1XXuY=
Subject key identifier:   15:38:76:EB:D4:E9:D8:A6:A4:35:E4:CA:2A:71:A1:75:EB:B9:23:A8
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       14D2416F12E5DDA78F0C23600DF4F915169DF99D
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS205618.roa
Signing time:             Wed 20 Dec 2023 21:30:09 +0000
ROA not before:           Wed 20 Dec 2023 21:25:09 +0000
ROA not after:            Wed 18 Dec 2024 21:30:09 +0000
asID:                     205618
IP address blocks:        2a0b:4340:70::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 29 May 2024 08:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            14:d2:41:6f:12:e5:dd:a7:8f:0c:23:60:0d:f4:f9:15:16:9d:f9:9d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Dec 20 21:25:09 2023 GMT
            Not After : Dec 18 21:30:09 2024 GMT
        Subject: CN=153876EBD4E9D8A6A435E4CA2A71A175EBB923A8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d2:78:a8:2c:e4:52:79:4d:2e:32:20:f0:e4:c2:
                    cb:5f:f8:e4:ff:af:49:95:88:08:21:c6:75:48:4d:
                    98:1c:16:a7:7a:98:ca:c6:ef:81:7e:13:53:ba:7a:
                    26:2e:78:31:bf:80:b2:4f:40:9d:6c:47:6f:eb:20:
                    18:1b:4d:6a:cb:39:80:9a:2b:e0:65:0a:2d:49:12:
                    b5:6c:0c:a0:4f:c5:8b:32:d5:4b:bc:ca:1a:e5:60:
                    82:6a:5b:f4:52:8e:d6:c8:d3:da:51:c4:cb:01:70:
                    df:4f:e1:b0:77:de:d0:9a:63:d8:bf:7f:be:57:75:
                    0e:f9:e3:7f:1a:57:79:bb:03:b5:ad:be:c3:50:3b:
                    0c:ae:cd:79:b3:bc:db:c9:15:5b:9e:02:f7:8e:d2:
                    88:bb:9e:f2:07:50:6d:bd:14:5c:db:9a:d9:24:e1:
                    7c:0a:bc:49:d4:07:78:bb:21:4c:ea:8c:83:73:a9:
                    a2:3f:6d:d6:fe:76:48:51:56:13:a7:88:6c:24:55:
                    4e:82:40:49:02:3a:bb:84:20:d1:f9:1e:b7:ae:ca:
                    d7:81:20:1a:24:93:3d:17:71:6e:4f:95:ad:02:6e:
                    b3:26:cb:24:c8:84:1f:30:05:b2:b4:35:c6:91:61:
                    56:ac:dd:1d:ea:61:65:49:ea:54:58:b7:f3:cd:af:
                    2c:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                15:38:76:EB:D4:E9:D8:A6:A4:35:E4:CA:2A:71:A1:75:EB:B9:23:A8
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS205618.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4340:70::/44

    Signature Algorithm: sha256WithRSAEncryption
         98:d9:ad:27:3b:72:4c:0d:36:fc:d1:80:0e:cf:aa:b4:22:c2:
         f2:c8:54:c4:80:24:a5:94:36:0f:16:a0:ce:57:97:b4:f9:86:
         f2:88:8d:8f:59:68:a1:01:22:d6:59:81:90:36:8c:d6:36:24:
         13:c2:7a:d6:c6:64:61:7b:2a:a8:a3:a1:68:27:f4:b9:1f:6c:
         8d:f0:c8:46:73:a0:9f:6e:fb:03:b1:41:c6:48:87:fd:02:8f:
         71:52:f3:b9:ff:0e:dd:e6:5c:34:5e:70:a4:bd:fb:89:8f:6e:
         b0:75:6b:29:cc:77:1f:f7:ea:16:de:d1:0e:04:47:2d:34:2a:
         43:8a:fe:52:54:f6:a0:93:fc:aa:ff:d9:a2:f7:f0:94:85:20:
         50:92:8f:da:5b:cd:08:7d:85:08:b9:04:3b:3e:ee:13:b1:e6:
         ab:25:75:cb:6a:7f:e0:87:53:dc:0d:00:58:53:e4:f7:78:57:
         39:4b:fd:ce:ee:9a:58:f1:23:73:b2:77:49:95:e9:21:ac:f6:
         91:24:be:be:78:27:e1:f6:4e:32:35:38:2a:8a:65:25:9a:35:
         b4:9e:2c:6f:f3:7e:a8:6d:00:7f:d8:a2:d9:9a:e1:f1:6a:69:
         7d:25:63:12:73:f8:a0:10:4f:5d:52:2c:ab:eb:2d:41:d9:6f:
         8f:8a:97:20
-----BEGIN CERTIFICATE-----
MIIEnzCCA4egAwIBAgIUFNJBbxLl3aePDCNgDfT5FRad+Z0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMjAyMTI1MDlaFw0yNDEyMTgyMTMwMDlaMDMxMTAvBgNV
BAMTKDE1Mzg3NkVCRDRFOUQ4QTZBNDM1RTRDQTJBNzFBMTc1RUJCOTIzQTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSeKgs5FJ5TS4yIPDkwstf+OT/
r0mViAghxnVITZgcFqd6mMrG74F+E1O6eiYueDG/gLJPQJ1sR2/rIBgbTWrLOYCa
K+BlCi1JErVsDKBPxYsy1Uu8yhrlYIJqW/RSjtbI09pRxMsBcN9P4bB33tCaY9i/
f75XdQ75438aV3m7A7WtvsNQOwyuzXmzvNvJFVueAveO0oi7nvIHUG29FFzbmtkk
4XwKvEnUB3i7IUzqjINzqaI/bdb+dkhRVhOniGwkVU6CQEkCOruEINH5HreuyteB
IBokkz0XcW5Pla0CbrMmyyTIhB8wBbK0NcaRYVas3R3qYWVJ6lRYt/PNryyFAgMB
AAGjggGpMIIBpTAdBgNVHQ4EFgQUFTh269Tp2KakNeTKKnGhdeu5I6gwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEwGCCsGAQUFBwELBEAwPjA8BggrBgEFBQcwC4YwcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMyMDU2MTgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQqC0NAAHAw
DQYJKoZIhvcNAQELBQADggEBAJjZrSc7ckwNNvzRgA7PqrQiwvLIVMSAJKWUNg8W
oM5Xl7T5hvKIjY9ZaKEBItZZgZA2jNY2JBPCetbGZGF7KqijoWgn9LkfbI3wyEZz
oJ9u+wOxQcZIh/0Cj3FS87n/Dt3mXDRecKS9+4mPbrB1aynMdx/36hbe0Q4ERy00
KkOK/lJU9qCT/Kr/2aL38JSFIFCSj9pbzQh9hQi5BDs+7hOx5qsldctqf+CHU9wN
AFhT5Pd4VzlL/c7umljxI3Oyd0mV6SGs9pEkvr54J+H2TjI1OCqKZSWaNbSeLG/z
fqhtAH/Yotma4fFqaX0lYxJz+KAQT11SLKvrLUHZb4+KlyA=
-----END CERTIFICATE-----