Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS207193.roa
File:                     AS207193.roa (raw, json)
Hash identifier:          YFzcus6czbCAl1tS+bZL2SB9vTgNlqHgcLPRisVT05s=
Subject key identifier:   50:A4:28:28:41:0A:23:E5:56:16:EE:5A:BB:97:8B:38:A0:88:FF:B6
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       42B4F68E72635616027F60BBA553BC16927F83AD
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS207193.roa
Signing time:             Tue 27 Feb 2024 15:50:49 +0000
ROA not before:           Tue 27 Feb 2024 15:45:49 +0000
ROA not after:            Tue 25 Feb 2025 15:50:49 +0000
asID:                     207193
IP address blocks:        185.209.86.0/24 maxlen: 24
                          185.209.87.0/24 maxlen: 24
                          188.244.96.0/24 maxlen: 24
                          188.244.97.0/24 maxlen: 24

Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 May 2024 04:53:04 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            42:b4:f6:8e:72:63:56:16:02:7f:60:bb:a5:53:bc:16:92:7f:83:ad
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Feb 27 15:45:49 2024 GMT
            Not After : Feb 25 15:50:49 2025 GMT
        Subject: CN=50A42828410A23E55616EE5ABB978B38A088FFB6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:56:9b:0b:40:b2:77:a4:fb:cc:2b:e7:2e:e1:
                    81:83:c9:bd:37:57:fe:26:2e:d4:bb:af:3b:d0:d4:
                    de:0e:ff:58:56:a9:b9:38:66:47:58:7a:58:7a:11:
                    68:06:4d:60:9d:2e:8b:4c:de:44:5e:88:d2:f9:c8:
                    a9:b2:a8:59:13:65:af:6d:bb:57:0a:69:2b:57:1c:
                    94:46:9e:94:11:bf:07:1a:25:0a:dc:b9:d6:70:b9:
                    9b:81:37:f2:6e:39:91:38:c9:c2:52:1c:bd:c2:0b:
                    b4:35:0b:cb:d4:e9:80:88:ba:3a:c3:f4:8e:fb:d9:
                    71:99:fb:1c:02:e5:21:27:d3:e5:12:91:be:16:08:
                    e4:5d:a6:9c:3c:4c:6a:78:77:d5:97:a6:21:98:ee:
                    d4:dd:16:c9:78:f2:45:34:28:fa:bb:9c:25:09:f1:
                    7a:16:d5:a4:a2:2e:b2:92:3f:48:28:b3:88:af:3c:
                    7c:1e:48:fc:05:ca:f2:52:29:bc:ec:29:c8:15:78:
                    3e:ad:12:50:96:68:e9:b6:7f:d4:45:6e:fb:6c:ee:
                    8e:63:9e:77:79:43:8a:ef:e0:ff:28:c6:fc:95:34:
                    fb:0a:bd:ac:02:aa:65:ea:9e:25:eb:a8:bb:21:3a:
                    08:0f:7e:d9:cb:52:81:0a:2e:ee:9f:b1:24:a7:37:
                    21:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                50:A4:28:28:41:0A:23:E5:56:16:EE:5A:BB:97:8B:38:A0:88:FF:B6
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS207193.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.209.86.0/23
                  188.244.96.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7b:8b:2b:09:a7:6f:c7:93:c3:c1:e9:42:cb:26:7b:e3:d5:53:
         86:b2:05:80:ab:26:0a:a0:37:a8:93:74:1a:63:aa:cf:6e:87:
         da:58:0b:a0:e8:a2:7e:18:a1:a2:1a:a9:31:bb:94:22:ec:72:
         34:ce:25:bf:b1:db:4c:aa:5e:14:ef:89:82:1c:ee:84:5d:85:
         a6:b8:4d:87:e5:7e:db:c0:ca:83:a9:b0:5e:90:18:24:7a:ca:
         5e:b3:07:86:1f:93:1c:4e:24:16:80:fd:0c:22:0f:e6:60:f3:
         ac:f1:e5:1f:ee:7c:19:34:42:2c:35:10:69:c8:2d:e9:5f:aa:
         83:af:88:03:aa:f0:98:29:34:86:1d:ed:a5:42:2d:91:1e:78:
         64:b6:82:31:1d:45:0b:9a:b6:73:1e:b3:a8:d9:ef:38:1f:05:
         ce:fa:cd:5c:7a:12:88:e9:0f:5d:1f:a5:03:b6:66:40:d9:67:
         02:21:b5:d5:db:37:62:24:2a:8d:9a:d8:9c:9f:a7:50:f9:0c:
         18:21:bc:7d:d5:2b:00:90:74:63:a9:46:dd:07:25:0a:33:df:
         30:ce:49:02:59:84:38:f4:44:37:aa:df:e1:3f:1c:8d:db:a1:
         d3:d3:8a:4b:13:93:cb:4e:67:b1:8d:e9:a5:65:76:2c:3b:e1:
         75:d6:bf:29
-----BEGIN CERTIFICATE-----
MIIEojCCA4qgAwIBAgIUQrT2jnJjVhYCf2C7pVO8FpJ/g60wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNDAyMjcxNTQ1NDlaFw0yNTAyMjUxNTUwNDlaMDMxMTAvBgNV
BAMTKDUwQTQyODI4NDEwQTIzRTU1NjE2RUU1QUJCOTc4QjM4QTA4OEZGQjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCsVpsLQLJ3pPvMK+cu4YGDyb03
V/4mLtS7rzvQ1N4O/1hWqbk4ZkdYelh6EWgGTWCdLotM3kReiNL5yKmyqFkTZa9t
u1cKaStXHJRGnpQRvwcaJQrcudZwuZuBN/JuOZE4ycJSHL3CC7Q1C8vU6YCIujrD
9I772XGZ+xwC5SEn0+USkb4WCORdppw8TGp4d9WXpiGY7tTdFsl48kU0KPq7nCUJ
8XoW1aSiLrKSP0gos4ivPHweSPwFyvJSKbzsKcgVeD6tElCWaOm2f9RFbvts7o5j
nnd5Q4rv4P8oxvyVNPsKvawCqmXqniXrqLshOggPftnLUoEKLu6fsSSnNyEJAgMB
AAGjggGsMIIBqDAdBgNVHQ4EFgQUUKQoKEEKI+VWFu5au5eLOKCI/7YwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEwGCCsGAQUFBwELBEAwPjA8BggrBgEFBQcwC4YwcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMyMDcxOTMucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAG50VYDBAG8
9GAwDQYJKoZIhvcNAQELBQADggEBAHuLKwmnb8eTw8HpQssme+PVU4ayBYCrJgqg
N6iTdBpjqs9uh9pYC6Doon4YoaIaqTG7lCLscjTOJb+x20yqXhTviYIc7oRdhaa4
TYflftvAyoOpsF6QGCR6yl6zB4YfkxxOJBaA/QwiD+Zg86zx5R/ufBk0Qiw1EGnI
LelfqoOviAOq8JgpNIYd7aVCLZEeeGS2gjEdRQuatnMes6jZ7zgfBc76zVx6Eojp
D10fpQO2ZkDZZwIhtdXbN2IkKo2a2Jyfp1D5DBghvH3VKwCQdGOpRt0HJQoz3zDO
SQJZhDj0RDeq3+E/HI3bodPTiksTk8tOZ7GN6aVldiw74XXWvyk=
-----END CERTIFICATE-----