Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS207193.roa
File:                     AS207193.roa (raw, json)
Hash identifier:          PA1/mif9gStj02hW4ro/CvsNDJIg1dShqQskjNxrUTU=
Subject key identifier:   3C:40:EA:3E:67:F2:EA:2D:55:78:95:C3:B8:42:0F:55:FC:79:AC:B0
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       5A5BFCBC92173A119A24A0ED4041B4050D085520
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS207193.roa
Signing time:             Sun 09 Jun 2024 18:31:48 +0000
ROA not before:           Sun 09 Jun 2024 18:26:48 +0000
ROA not after:            Sun 08 Jun 2025 18:31:48 +0000
asID:                     207193
IP address blocks:        188.244.96.0/24 maxlen: 24
                          188.244.97.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 17 Feb 2025 06:13:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:5b:fc:bc:92:17:3a:11:9a:24:a0:ed:40:41:b4:05:0d:08:55:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Jun  9 18:26:48 2024 GMT
            Not After : Jun  8 18:31:48 2025 GMT
        Subject: CN=3C40EA3E67F2EA2D557895C3B8420F55FC79ACB0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:aa:bf:6f:ea:49:4e:bc:73:05:a5:d8:7a:9b:
                    33:09:c6:18:f3:da:e2:93:66:4f:b1:8a:0b:de:44:
                    ce:5a:cd:42:aa:e1:0b:74:64:2d:e7:10:7a:e3:95:
                    6a:31:d1:32:f4:af:01:6d:a5:f4:ef:bd:a4:f7:32:
                    d6:69:94:f1:b7:1f:29:d8:e6:82:44:2d:dd:6b:20:
                    ea:e3:59:25:b9:93:a9:a0:3b:62:4d:f5:f0:90:ab:
                    0b:af:11:71:0e:aa:3d:4a:84:97:56:a2:e4:e9:a5:
                    f7:56:25:15:2a:b5:1c:0c:14:81:de:d5:cb:ba:4b:
                    61:b8:7f:7f:e3:fc:e7:a1:51:6c:42:5b:96:61:b6:
                    30:e7:fb:85:9a:b8:85:fa:32:05:13:fe:5f:b4:ec:
                    e0:22:fc:ad:e0:93:af:46:b4:a8:09:16:07:34:6d:
                    8f:40:34:5c:fa:45:ec:bc:6e:69:e4:d6:05:69:71:
                    b4:ea:01:21:79:d2:b0:ec:ff:ac:73:23:3d:a5:99:
                    94:87:6f:5c:7f:2d:73:4f:de:e1:06:f6:be:79:dd:
                    6f:dc:11:16:1a:0f:32:f7:d3:aa:e5:02:91:ca:16:
                    07:f5:5c:f8:a6:71:e9:68:3c:d8:c1:cd:8f:94:04:
                    25:b9:13:ee:9d:b3:0b:ea:82:e0:9e:41:0c:6e:81:
                    d1:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3C:40:EA:3E:67:F2:EA:2D:55:78:95:C3:B8:42:0F:55:FC:79:AC:B0
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS207193.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  188.244.96.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c1:0d:38:3c:1f:19:8b:20:e5:30:95:d9:5c:2a:61:73:b4:00:
         db:25:6d:d6:2e:f2:16:57:5d:13:dd:3d:1b:88:fa:e6:7e:7c:
         5b:cb:9b:24:70:da:f0:df:3a:89:19:93:28:e7:f1:50:ca:87:
         6a:e1:b5:a9:83:e7:d5:c8:8e:28:02:f6:68:b1:26:4b:76:53:
         01:a0:86:2c:1a:c7:64:7d:a5:16:75:f7:8f:2f:c0:a0:1f:db:
         45:4e:f5:0c:8d:9a:a4:2a:da:bf:81:f9:1e:80:28:4e:f1:7a:
         2c:d0:ac:d6:d9:df:c8:b4:9a:18:c1:41:19:6f:85:0d:12:36:
         45:91:4e:b4:ef:0e:6e:4e:e6:c5:c1:be:12:ff:2b:f4:91:50:
         7e:d3:de:00:fc:64:0b:00:2a:db:3b:6a:0a:da:05:a0:3e:c4:
         e4:38:57:cc:78:21:6e:f5:e9:d3:45:db:bb:8c:1f:1d:2f:ed:
         1f:15:b3:6c:84:c7:af:42:cd:ed:9a:26:8a:9c:1a:81:21:79:
         1b:51:11:91:bb:1e:33:f9:8c:b2:39:d3:c9:d6:9c:39:a1:a5:
         c0:78:f2:53:6c:91:b6:4f:4f:1c:06:ed:97:c2:82:6a:45:1d:
         85:06:31:d8:ac:82:d9:84:3f:31:e7:fa:53:e5:6e:70:76:7d:
         ca:97:cf:5f
-----BEGIN CERTIFICATE-----
MIIEnDCCA4SgAwIBAgIUWlv8vJIXOhGaJKDtQEG0BQ0IVSAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNDA2MDkxODI2NDhaFw0yNTA2MDgxODMxNDhaMDMxMTAvBgNV
BAMTKDNDNDBFQTNFNjdGMkVBMkQ1NTc4OTVDM0I4NDIwRjU1RkM3OUFDQjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBqr9v6klOvHMFpdh6mzMJxhjz
2uKTZk+xigveRM5azUKq4Qt0ZC3nEHrjlWox0TL0rwFtpfTvvaT3MtZplPG3HynY
5oJELd1rIOrjWSW5k6mgO2JN9fCQqwuvEXEOqj1KhJdWouTppfdWJRUqtRwMFIHe
1cu6S2G4f3/j/OehUWxCW5ZhtjDn+4WauIX6MgUT/l+07OAi/K3gk69GtKgJFgc0
bY9ANFz6Rey8bmnk1gVpcbTqASF50rDs/6xzIz2lmZSHb1x/LXNP3uEG9r553W/c
ERYaDzL306rlApHKFgf1XPimceloPNjBzY+UBCW5E+6dswvqguCeQQxugdExAgMB
AAGjggGmMIIBojAdBgNVHQ4EFgQUPEDqPmfy6i1VeJXDuEIPVfx5rLAwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEwGCCsGAQUFBwELBEAwPjA8BggrBgEFBQcwC4YwcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMyMDcxOTMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAG89GAwDQYJ
KoZIhvcNAQELBQADggEBAMENODwfGYsg5TCV2VwqYXO0ANslbdYu8hZXXRPdPRuI
+uZ+fFvLmyRw2vDfOokZkyjn8VDKh2rhtamD59XIjigC9mixJkt2UwGghiwax2R9
pRZ1948vwKAf20VO9QyNmqQq2r+B+R6AKE7xeizQrNbZ38i0mhjBQRlvhQ0SNkWR
TrTvDm5O5sXBvhL/K/SRUH7T3gD8ZAsAKts7agraBaA+xOQ4V8x4IW716dNF27uM
Hx0v7R8Vs2yEx69Cze2aJoqcGoEheRtREZG7HjP5jLI508nWnDmhpcB48lNskbZP
TxwG7ZfCgmpFHYUGMdisgtmEPzHn+lPlbnB2fcqXz18=
-----END CERTIFICATE-----