Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS205651.roa
File:                     AS205651.roa (raw, json)
Hash identifier:          4SIiI1byMhQlfbBHPdR00UWdKqJP39ZBwA+QiQoEGAE=
Subject key identifier:   6D:64:E7:75:9E:6D:B8:74:F5:D7:58:3B:01:BF:42:2D:EF:3F:32:E1
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       309AD8D3CB6A7D4995E4E47C3406EFDBDA1DFE57
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS205651.roa
Signing time:             Wed 20 Nov 2024 21:30:35 +0000
ROA not before:           Wed 20 Nov 2024 21:25:35 +0000
ROA not after:            Wed 19 Nov 2025 21:30:35 +0000
asID:                     205651
IP address blocks:        185.234.215.0/24 maxlen: 24
                          2a0b:4340:20::/44 maxlen: 48
                          2a0d:2904::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:9a:d8:d3:cb:6a:7d:49:95:e4:e4:7c:34:06:ef:db:da:1d:fe:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Nov 20 21:25:35 2024 GMT
            Not After : Nov 19 21:30:35 2025 GMT
        Subject: CN=6D64E7759E6DB874F5D7583B01BF422DEF3F32E1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:66:ea:0c:2e:60:31:86:0a:6d:08:ff:79:81:
                    84:76:c9:88:35:b6:38:e3:d6:90:a1:fe:b1:24:84:
                    31:2c:32:dd:5d:fd:6b:30:be:87:34:2f:b3:30:64:
                    b9:be:80:82:60:8b:3f:1a:3e:6f:02:fa:e8:1c:60:
                    b9:4c:e5:8d:61:ed:82:a8:0e:16:8b:4c:45:17:e7:
                    3e:45:7e:13:da:c7:d2:d5:48:75:af:b2:32:d4:fe:
                    04:ae:81:44:0a:a6:c1:09:14:52:07:6a:ab:ff:70:
                    92:b7:df:d6:9d:21:22:91:08:c4:2b:9a:d2:b2:e1:
                    de:cb:1c:ef:0e:6f:a7:07:42:dd:9d:b1:8a:9a:6f:
                    5e:03:09:84:b1:e2:27:ea:44:d6:63:5b:07:ec:b4:
                    68:cf:b3:f4:ff:3b:a7:5c:59:42:0a:6f:12:c5:42:
                    c8:a0:4d:d5:3e:0d:38:85:88:47:98:d6:ce:d4:ec:
                    46:52:f0:9c:df:48:5f:0d:40:fb:6d:dd:50:0b:52:
                    23:5e:cb:a0:f6:e9:17:e6:21:a8:00:02:e2:7b:61:
                    fc:7d:f5:b8:3d:6a:00:5b:73:7a:e1:bc:c6:ac:c2:
                    c1:1b:06:f9:78:09:2a:24:87:64:99:b5:d0:5f:37:
                    32:cb:bc:67:8b:fe:4b:17:47:d1:07:e4:a2:cc:00:
                    e4:8d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:64:E7:75:9E:6D:B8:74:F5:D7:58:3B:01:BF:42:2D:EF:3F:32:E1
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS205651.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.234.215.0/24
                IPv6:
                  2a0b:4340:20::/44
                  2a0d:2904::/32

    Signature Algorithm: sha256WithRSAEncryption
         61:77:65:84:43:98:f2:03:e3:63:f0:18:8c:0b:10:e8:03:fd:
         32:75:e5:8b:65:e8:f4:94:f9:f1:10:45:fc:2e:4b:ad:7c:7a:
         f1:9c:7e:ff:d6:a4:63:8e:46:c0:41:e3:17:3f:38:5d:82:37:
         a7:cf:d4:7f:84:2b:a8:d3:f5:09:b1:33:0e:8e:4d:32:1f:d5:
         ef:2b:e3:d0:83:6c:b6:93:1d:31:50:b1:ac:1d:af:68:35:e9:
         56:20:76:f7:a1:97:b7:fe:4e:7b:65:5d:be:01:fb:d7:f8:e9:
         35:84:94:92:15:b0:22:bc:af:03:7a:c9:72:03:ca:a9:47:cb:
         9d:9c:a1:76:ee:93:40:32:c8:22:c4:dd:6f:2b:3a:eb:40:e8:
         58:c1:03:d4:8d:e0:06:04:c5:ec:18:a5:ae:39:ed:ea:5c:2a:
         b1:e6:46:dd:44:4c:15:91:7e:65:0a:09:a3:45:c8:43:40:4a:
         21:98:f9:31:7d:06:43:45:8f:2e:4b:e6:08:3f:45:1a:e4:5e:
         61:e4:0b:a0:87:a7:33:0d:cb:d1:c0:d1:b2:85:b4:b7:3b:79:
         6b:7b:64:e5:f0:8b:ff:8a:57:c7:1d:c7:4c:ca:92:79:cc:8e:
         55:ab:22:eb:08:27:fc:34:87:33:a1:5a:a6:21:f3:e1:66:d0:
         90:75:45:0e
-----BEGIN CERTIFICATE-----
MIIEtDCCA5ygAwIBAgIUMJrY08tqfUmV5OR8NAbv29od/lcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNDExMjAyMTI1MzVaFw0yNTExMTkyMTMwMzVaMDMxMTAvBgNV
BAMTKDZENjRFNzc1OUU2REI4NzRGNUQ3NTgzQjAxQkY0MjJERUYzRjMyRTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3ZuoMLmAxhgptCP95gYR2yYg1
tjjj1pCh/rEkhDEsMt1d/Wswvoc0L7MwZLm+gIJgiz8aPm8C+ugcYLlM5Y1h7YKo
DhaLTEUX5z5FfhPax9LVSHWvsjLU/gSugUQKpsEJFFIHaqv/cJK339adISKRCMQr
mtKy4d7LHO8Ob6cHQt2dsYqab14DCYSx4ifqRNZjWwfstGjPs/T/O6dcWUIKbxLF
QsigTdU+DTiFiEeY1s7U7EZS8JzfSF8NQPtt3VALUiNey6D26RfmIagAAuJ7Yfx9
9bg9agBbc3rhvMaswsEbBvl4CSokh2SZtdBfNzLLvGeL/ksXR9EH5KLMAOSNAgMB
AAGjggG+MIIBujAdBgNVHQ4EFgQUbWTndZ5tuHT111g7Ab9CLe8/MuEwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEwGCCsGAQUFBwELBEAwPjA8BggrBgEFBQcwC4YwcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMyMDU2NTEucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMAwEAgABMAYDBAC56tcwFgQC
AAIwEAMHBCoLQ0AAIAMFACoNKQQwDQYJKoZIhvcNAQELBQADggEBAGF3ZYRDmPID
42PwGIwLEOgD/TJ15Ytl6PSU+fEQRfwuS618evGcfv/WpGOORsBB4xc/OF2CN6fP
1H+EK6jT9QmxMw6OTTIf1e8r49CDbLaTHTFQsawdr2g16VYgdvehl7f+TntlXb4B
+9f46TWElJIVsCK8rwN6yXIDyqlHy52coXbuk0AyyCLE3W8rOutA6FjBA9SN4AYE
xewYpa457epcKrHmRt1ETBWRfmUKCaNFyENASiGY+TF9BkNFjy5L5gg/RRrkXmHk
C6CHpzMNy9HA0bKFtLc7eWt7ZOXwi/+KV8cdx0zKknnMjlWrIusIJ/w0hzOhWqYh
8+Fm0JB1RQ4=
-----END CERTIFICATE-----