Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS205618.roa
File:                     AS205618.roa (raw, json)
Hash identifier:          5SFOmwqc2Zxke+NK9VXcQDLkfBdGk2Vmf3wgCnMTshw=
Subject key identifier:   B8:68:A7:63:5D:1B:2A:E2:0D:F1:EC:A6:67:C0:AD:B3:E4:0B:1A:E6
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       62AFA2E165690CB078DFE0B2A47E88E2D36FADBC
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS205618.roa
Signing time:             Wed 22 Oct 2025 21:31:19 +0000
ROA not before:           Wed 22 Oct 2025 21:26:19 +0000
ROA not after:            Wed 21 Oct 2026 21:31:19 +0000
asID:                     205618
IP address blocks:        2a0b:4340:70::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 24 Oct 2025 02:07:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            62:af:a2:e1:65:69:0c:b0:78:df:e0:b2:a4:7e:88:e2:d3:6f:ad:bc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Oct 22 21:26:19 2025 GMT
            Not After : Oct 21 21:31:19 2026 GMT
        Subject: CN=B868A7635D1B2AE20DF1ECA667C0ADB3E40B1AE6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:48:60:18:b4:25:e6:11:1c:06:f7:84:68:ce:
                    59:94:60:de:ca:cb:15:af:3f:e8:ed:01:96:90:05:
                    fd:b6:89:df:29:1e:0f:7e:00:3b:ee:b4:8f:d8:9b:
                    93:4a:de:49:df:f4:57:75:35:f4:95:3d:12:c4:ca:
                    e7:0d:d4:36:c2:54:11:59:82:5c:92:04:0f:76:07:
                    d5:84:a0:77:5d:5e:dd:d9:99:0e:b2:02:c6:5a:f8:
                    7c:67:cd:10:af:bd:60:04:5f:b3:04:28:0e:23:80:
                    eb:93:86:0d:c6:b4:51:95:2a:6c:5b:b3:04:57:89:
                    fa:e3:70:37:ab:27:6d:01:83:75:14:5c:17:ce:79:
                    4d:7e:1a:71:68:e7:64:f3:b6:cc:f4:9f:a4:33:1c:
                    bc:44:49:f5:e3:8e:6a:b5:25:18:61:cf:8f:91:98:
                    25:2c:14:f6:6a:09:87:2e:ef:7a:d7:29:0a:91:08:
                    0f:32:82:42:fb:0a:61:ee:ac:61:78:01:fe:89:31:
                    47:9a:dd:2d:5d:59:ee:aa:6c:b6:f8:d7:4f:31:7d:
                    5b:af:03:3f:35:c2:0f:d1:d6:9c:32:5c:17:a6:f5:
                    bb:96:1a:5e:90:67:86:49:8d:5c:47:60:51:15:8b:
                    ee:fb:81:a4:6a:75:96:27:07:59:1b:25:58:dc:94:
                    cf:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:68:A7:63:5D:1B:2A:E2:0D:F1:EC:A6:67:C0:AD:B3:E4:0B:1A:E6
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS205618.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4340:70::/44

    Signature Algorithm: sha256WithRSAEncryption
         b0:fd:49:9a:0f:8c:1b:5f:5b:c5:65:6f:a0:7e:82:e8:67:9e:
         ab:e4:15:a5:c7:f9:7d:4a:34:a3:90:9a:0c:fc:48:9c:e3:79:
         c9:78:c7:d0:9f:ce:65:44:b8:86:8f:41:4c:44:25:0d:42:66:
         2c:11:a6:7b:13:9f:9f:7c:8b:b2:13:29:83:37:8e:9d:6b:eb:
         94:35:ba:71:d0:cb:57:6e:02:91:5d:62:0b:4f:11:ea:c4:df:
         cd:9f:8c:4d:d1:89:b0:9a:07:e1:44:e7:fa:da:9b:72:3e:b4:
         c9:2b:cd:fe:1d:3f:48:7b:34:2d:22:50:13:fb:7b:e1:f0:6a:
         07:75:31:62:76:d0:7f:68:41:b1:e9:e1:25:44:cf:17:1c:dc:
         5a:ab:49:f8:80:cd:b3:fa:ab:03:42:76:22:fc:77:bb:10:e3:
         95:17:61:39:a0:8e:9a:9c:ee:e4:a8:e3:2c:98:c9:b2:b1:df:
         75:fd:d4:3b:5e:e2:09:59:29:33:47:3a:e5:90:00:c9:b0:73:
         62:e6:92:d4:94:13:c1:75:76:7b:46:b2:91:e4:bb:58:c4:2d:
         a5:b0:8c:23:f9:b2:33:30:15:65:11:50:19:4b:10:46:9d:7d:
         39:33:f7:32:21:e1:d7:ef:3d:29:fa:d3:5b:93:2f:e3:35:15:
         1f:71:cb:a1
-----BEGIN CERTIFICATE-----
MIIEnzCCA4egAwIBAgIUYq+i4WVpDLB43+CypH6I4tNvrbwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNTEwMjIyMTI2MTlaFw0yNjEwMjEyMTMxMTlaMDMxMTAvBgNV
BAMTKEI4NjhBNzYzNUQxQjJBRTIwREYxRUNBNjY3QzBBREIzRTQwQjFBRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNSGAYtCXmERwG94RozlmUYN7K
yxWvP+jtAZaQBf22id8pHg9+ADvutI/Ym5NK3knf9Fd1NfSVPRLEyucN1DbCVBFZ
glySBA92B9WEoHddXt3ZmQ6yAsZa+HxnzRCvvWAEX7MEKA4jgOuThg3GtFGVKmxb
swRXifrjcDerJ20Bg3UUXBfOeU1+GnFo52Tztsz0n6QzHLxESfXjjmq1JRhhz4+R
mCUsFPZqCYcu73rXKQqRCA8ygkL7CmHurGF4Af6JMUea3S1dWe6qbLb4108xfVuv
Az81wg/R1pwyXBem9buWGl6QZ4ZJjVxHYFEVi+77gaRqdZYnB1kbJVjclM/VAgMB
AAGjggGpMIIBpTAdBgNVHQ4EFgQUuGinY10bKuIN8eymZ8Cts+QLGuYwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEwGCCsGAQUFBwELBEAwPjA8BggrBgEFBQcwC4YwcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMyMDU2MTgucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQqC0NAAHAw
DQYJKoZIhvcNAQELBQADggEBALD9SZoPjBtfW8Vlb6B+guhnnqvkFaXH+X1KNKOQ
mgz8SJzjecl4x9CfzmVEuIaPQUxEJQ1CZiwRpnsTn598i7ITKYM3jp1r65Q1unHQ
y1duApFdYgtPEerE382fjE3RibCaB+FE5/ram3I+tMkrzf4dP0h7NC0iUBP7e+Hw
agd1MWJ20H9oQbHp4SVEzxcc3FqrSfiAzbP6qwNCdiL8d7sQ45UXYTmgjpqc7uSo
4yyYybKx33X91Dte4glZKTNHOuWQAMmwc2LmktSUE8F1dntGspHku1jELaWwjCP5
sjMwFWURUBlLEEadfTkz9zIh4dfvPSn601uTL+M1FR9xy6E=
-----END CERTIFICATE-----