Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS41780.roa
File:                     AS41780.roa (raw, json)
Hash identifier:          vvNTZei35tkAAV4jSnMrU3bDLgRYQsgGlFAf2uMh/mk=
Subject key identifier:   92:1D:C4:1F:3D:38:CC:BF:4F:99:36:FE:21:38:4A:2F:37:84:2A:3A
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       58C96955ECF552281027CDF08CBBDC996244E447
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS41780.roa
Signing time:             Wed 22 Oct 2025 21:31:21 +0000
ROA not before:           Wed 22 Oct 2025 21:26:21 +0000
ROA not after:            Wed 21 Oct 2026 21:31:21 +0000
asID:                     41780
IP address blocks:        2a0b:4340:40::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 24 Oct 2025 02:07:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            58:c9:69:55:ec:f5:52:28:10:27:cd:f0:8c:bb:dc:99:62:44:e4:47
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Oct 22 21:26:21 2025 GMT
            Not After : Oct 21 21:31:21 2026 GMT
        Subject: CN=921DC41F3D38CCBF4F9936FE21384A2F37842A3A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:0b:8d:cd:ec:65:99:7b:a3:fc:8c:b1:2e:7d:
                    89:cf:85:84:13:6e:67:0a:95:83:cc:f9:9a:e7:a5:
                    e5:dc:e8:1b:59:a7:06:ac:09:25:86:fc:fd:44:b5:
                    40:38:78:49:ec:5f:11:4d:7e:1d:df:4a:fb:09:73:
                    1a:7c:52:4e:6e:32:40:75:d8:0e:b2:6d:c2:73:8f:
                    ad:54:84:f1:da:b5:42:60:76:63:18:18:67:98:cf:
                    08:5e:6a:bc:6b:99:a8:e3:53:06:c8:5b:01:9f:5f:
                    85:a2:3d:e5:42:1a:93:29:45:1c:c1:2a:34:da:d5:
                    1b:97:61:65:4f:3c:3c:e4:94:f2:b0:3e:da:20:39:
                    72:ab:0c:b0:f0:96:e3:2d:72:7d:a4:f0:c6:f6:dc:
                    fa:8c:23:d0:4a:30:b8:2f:f6:15:2b:08:11:4e:3f:
                    a7:1c:50:2c:c3:c6:8c:07:dc:c2:85:7a:b6:4c:43:
                    83:a0:47:36:d6:6d:2f:be:1d:33:45:0f:f1:bd:d7:
                    be:68:b9:ed:db:c7:e9:94:cf:b9:71:74:a1:c8:10:
                    89:84:0f:60:25:e3:97:04:5c:c4:00:e5:e7:f6:ea:
                    1d:e3:95:23:bc:17:d1:ce:5b:c0:c6:3e:ba:1c:aa:
                    e6:4d:b4:a5:75:e6:d9:01:d1:1a:70:37:36:28:4a:
                    ba:ab
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:1D:C4:1F:3D:38:CC:BF:4F:99:36:FE:21:38:4A:2F:37:84:2A:3A
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS41780.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4340:40::/44

    Signature Algorithm: sha256WithRSAEncryption
         7d:ee:ba:17:24:d7:8a:41:f9:b9:b4:a9:1d:ad:0e:ca:1b:e8:
         2e:6b:6f:ab:ae:bc:54:ab:46:29:63:57:a0:2c:45:c3:fe:f0:
         24:a4:7e:df:64:3d:95:98:6f:61:2f:82:1b:7c:5c:37:91:8f:
         79:eb:0a:c6:85:9c:f1:eb:d3:ad:86:59:59:a2:23:17:ce:f0:
         65:81:da:97:8e:15:6a:ef:ce:a6:a7:d5:08:25:8c:95:12:18:
         fa:53:13:97:49:e1:83:d2:bf:5a:2b:f5:2d:8a:8c:cb:58:0a:
         d6:e1:af:dd:8a:01:46:99:8c:dd:aa:bd:30:0f:52:a9:71:48:
         4f:a5:a4:31:1d:30:16:a4:68:28:e0:0e:54:82:81:15:e4:ff:
         2f:cd:15:66:41:68:63:81:f6:72:08:18:95:66:b4:5d:21:dc:
         6f:17:dc:ad:26:34:c8:79:65:bc:2e:80:9a:46:3b:76:6d:13:
         a8:da:2a:77:85:87:dc:c7:ce:51:85:06:02:7d:ea:4d:61:22:
         92:5c:56:40:84:07:19:41:97:1a:5c:50:0d:93:64:ee:a7:13:
         21:ee:45:2d:9b:a1:63:8d:ab:f5:2d:b2:25:18:01:c4:46:49:
         83:01:f8:40:18:64:3f:09:ed:7b:62:32:03:89:d3:c2:20:64:
         8b:e5:1c:9c
-----BEGIN CERTIFICATE-----
MIIEnjCCA4agAwIBAgIUWMlpVez1UigQJ83wjLvcmWJE5EcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNTEwMjIyMTI2MjFaFw0yNjEwMjEyMTMxMjFaMDMxMTAvBgNV
BAMTKDkyMURDNDFGM0QzOENDQkY0Rjk5MzZGRTIxMzg0QTJGMzc4NDJBM0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZC43N7GWZe6P8jLEufYnPhYQT
bmcKlYPM+ZrnpeXc6BtZpwasCSWG/P1EtUA4eEnsXxFNfh3fSvsJcxp8Uk5uMkB1
2A6ybcJzj61UhPHatUJgdmMYGGeYzwhearxrmajjUwbIWwGfX4WiPeVCGpMpRRzB
KjTa1RuXYWVPPDzklPKwPtogOXKrDLDwluMtcn2k8Mb23PqMI9BKMLgv9hUrCBFO
P6ccUCzDxowH3MKFerZMQ4OgRzbWbS++HTNFD/G9175oue3bx+mUz7lxdKHIEImE
D2Al45cEXMQA5ef26h3jlSO8F9HOW8DGProcquZNtKV15tkB0RpwNzYoSrqrAgMB
AAGjggGoMIIBpDAdBgNVHQ4EFgQUkh3EHz04zL9PmTb+IThKLzeEKjowHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM0MTc4MC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoLQ0AAQDAN
BgkqhkiG9w0BAQsFAAOCAQEAfe66FyTXikH5ubSpHa0OyhvoLmtvq668VKtGKWNX
oCxFw/7wJKR+32Q9lZhvYS+CG3xcN5GPeesKxoWc8evTrYZZWaIjF87wZYHal44V
au/OpqfVCCWMlRIY+lMTl0nhg9K/Wiv1LYqMy1gK1uGv3YoBRpmM3aq9MA9SqXFI
T6WkMR0wFqRoKOAOVIKBFeT/L80VZkFoY4H2cggYlWa0XSHcbxfcrSY0yHllvC6A
mkY7dm0TqNoqd4WH3MfOUYUGAn3qTWEiklxWQIQHGUGXGlxQDZNk7qcTIe5FLZuh
Y42r9S2yJRgBxEZJgwH4QBhkPwnte2IyA4nTwiBki+UcnA==
-----END CERTIFICATE-----