Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS205651.roa
File:                     AS205651.roa (raw, json)
Hash identifier:          FVWt5twid8PvxRJhc3nspKGEmxoGT5SjkgDOeJ3/rTI=
Subject key identifier:   14:44:79:52:32:20:91:62:6D:2C:E1:D2:56:8E:48:68:70:FD:6F:6B
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       3F8E011F0BAB0DB6DE8DEF24B5079D61E71E1E1E
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS205651.roa
Signing time:             Wed 22 Oct 2025 21:31:23 +0000
ROA not before:           Wed 22 Oct 2025 21:26:23 +0000
ROA not after:            Wed 21 Oct 2026 21:31:23 +0000
asID:                     205651
IP address blocks:        185.234.215.0/24 maxlen: 24
                          2a0b:4340:20::/44 maxlen: 48
                          2a0d:2904::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 24 Oct 2025 02:07:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3f:8e:01:1f:0b:ab:0d:b6:de:8d:ef:24:b5:07:9d:61:e7:1e:1e:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Oct 22 21:26:23 2025 GMT
            Not After : Oct 21 21:31:23 2026 GMT
        Subject: CN=14447952322091626D2CE1D2568E486870FD6F6B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:10:d6:35:e0:d9:e8:4b:2c:c9:4b:69:e5:9b:
                    1c:1f:de:3d:00:a4:af:0a:37:b2:6a:2c:ac:50:d6:
                    4e:2c:88:68:ea:e6:82:dc:60:d7:be:35:39:b7:53:
                    0f:a3:dd:b7:b1:6c:6a:96:43:11:e5:87:3d:06:8c:
                    15:18:0c:91:8d:e8:91:a4:14:50:b3:7f:c6:3e:f4:
                    44:de:34:1e:38:65:0e:79:bb:83:ee:2a:6f:0b:56:
                    9c:7f:26:34:6b:40:63:2f:42:06:29:06:30:1c:ed:
                    7e:fb:86:ed:af:03:ad:b5:a7:03:26:c1:24:59:46:
                    e6:90:ba:45:ff:81:1a:0a:7f:70:ef:99:ed:58:86:
                    55:fa:45:97:55:88:bc:24:05:09:40:97:07:a7:e8:
                    a6:60:57:8e:2c:0c:d0:8a:cb:82:f0:95:96:3a:c2:
                    6a:d4:49:67:ae:e7:43:91:5c:e7:1d:cf:6a:fc:ad:
                    94:46:78:2c:a2:6f:24:87:56:00:d0:c9:e0:a2:5a:
                    03:9b:97:e0:e8:11:dd:6a:78:ec:54:e8:a8:3a:76:
                    7d:c1:a1:07:84:1e:af:2f:22:ea:a5:30:ff:ab:87:
                    d1:a5:c5:57:cd:53:23:ce:59:c7:aa:b6:56:52:fd:
                    32:60:51:6f:f0:0b:81:b1:e4:0a:98:2e:6c:70:f8:
                    34:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:44:79:52:32:20:91:62:6D:2C:E1:D2:56:8E:48:68:70:FD:6F:6B
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS205651.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.234.215.0/24
                IPv6:
                  2a0b:4340:20::/44
                  2a0d:2904::/32

    Signature Algorithm: sha256WithRSAEncryption
         a2:e8:e1:3a:9a:c8:4a:57:6f:e9:76:0f:b1:44:d1:48:ce:cf:
         a6:52:9e:27:8f:74:a3:38:cd:17:93:68:61:58:06:06:a2:da:
         24:3f:20:5e:49:b1:7e:fe:66:39:e7:0b:02:8c:c5:1c:14:f9:
         e6:31:24:fb:a2:5f:76:57:30:8d:15:94:1c:cf:7a:43:ff:33:
         02:3e:c6:a9:0b:90:91:81:e4:8e:93:49:03:e9:67:d1:a2:d2:
         4a:d6:1a:db:a4:06:0b:82:cd:08:b0:5b:43:84:40:3a:fb:ba:
         c0:9e:4b:46:58:d1:d0:5d:d7:af:b8:9b:70:21:b1:9a:09:b0:
         2a:5d:cd:46:f5:b7:ab:b8:33:0c:4c:7f:60:ec:ff:c3:17:cc:
         ec:12:02:e1:ec:1c:67:12:1d:5a:4e:5a:ac:8b:2e:99:3b:fb:
         82:05:ac:eb:3b:5c:e3:8f:d4:50:4f:a1:83:f0:0e:ad:bb:e5:
         d0:b5:21:96:e8:7a:95:bb:07:d2:d5:16:79:71:a0:b6:76:d7:
         95:02:31:91:ea:0a:4d:35:1a:b0:48:1a:ec:f8:ec:92:81:84:
         f1:79:89:1a:ed:1b:7e:d4:e6:82:d3:14:ec:06:43:19:ff:7e:
         4e:b0:aa:56:06:0f:40:36:9d:57:3c:24:d5:fa:05:25:91:e4:
         36:87:7d:a8
-----BEGIN CERTIFICATE-----
MIIEtDCCA5ygAwIBAgIUP44BHwurDbbeje8ktQedYeceHh4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNTEwMjIyMTI2MjNaFw0yNjEwMjEyMTMxMjNaMDMxMTAvBgNV
BAMTKDE0NDQ3OTUyMzIyMDkxNjI2RDJDRTFEMjU2OEU0ODY4NzBGRDZGNkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChENY14NnoSyzJS2nlmxwf3j0A
pK8KN7JqLKxQ1k4siGjq5oLcYNe+NTm3Uw+j3bexbGqWQxHlhz0GjBUYDJGN6JGk
FFCzf8Y+9ETeNB44ZQ55u4PuKm8LVpx/JjRrQGMvQgYpBjAc7X77hu2vA621pwMm
wSRZRuaQukX/gRoKf3Dvme1YhlX6RZdViLwkBQlAlwen6KZgV44sDNCKy4LwlZY6
wmrUSWeu50ORXOcdz2r8rZRGeCyibySHVgDQyeCiWgObl+DoEd1qeOxU6Kg6dn3B
oQeEHq8vIuqlMP+rh9GlxVfNUyPOWceqtlZS/TJgUW/wC4Gx5AqYLmxw+DTPAgMB
AAGjggG+MIIBujAdBgNVHQ4EFgQUFER5UjIgkWJtLOHSVo5IaHD9b2swHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEwGCCsGAQUFBwELBEAwPjA8BggrBgEFBQcwC4YwcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMyMDU2NTEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMAwEAgABMAYDBAC56tcwFgQC
AAIwEAMHBCoLQ0AAIAMFACoNKQQwDQYJKoZIhvcNAQELBQADggEBAKLo4TqayEpX
b+l2D7FE0UjOz6ZSniePdKM4zReTaGFYBgai2iQ/IF5JsX7+ZjnnCwKMxRwU+eYx
JPuiX3ZXMI0VlBzPekP/MwI+xqkLkJGB5I6TSQPpZ9Gi0krWGtukBguCzQiwW0OE
QDr7usCeS0ZY0dBd16+4m3AhsZoJsCpdzUb1t6u4MwxMf2Ds/8MXzOwSAuHsHGcS
HVpOWqyLLpk7+4IFrOs7XOOP1FBPoYPwDq275dC1IZboepW7B9LVFnlxoLZ215UC
MZHqCk01GrBIGuz47JKBhPF5iRrtG37U5oLTFOwGQxn/fk6wqlYGD0A2nVc8JNX6
BSWR5DaHfag=
-----END CERTIFICATE-----