Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS44421.roa
File:                     AS44421.roa (raw, json)
Hash identifier:          83PVYttkU62uDTQuNUDxdXhwv9DvL9GLlQJvnOuRY0w=
Subject key identifier:   AC:1E:39:B8:DE:0A:44:1A:C9:0A:62:2F:34:71:D0:A3:86:6D:51:0E
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       0C53F4E38C12FE5757F8F16A92015F1657B3D924
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS44421.roa
Signing time:             Sun 26 Apr 2026 16:31:36 +0000
ROA not before:           Sun 26 Apr 2026 16:26:36 +0000
ROA not after:            Sun 25 Apr 2027 16:31:36 +0000
asID:                     44421
IP address blocks:        185.234.214.0/24 maxlen: 24
                          2a0b:4340:c0::/44 maxlen: 48
                          2a0d:2906::/31 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 28 Apr 2026 08:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0c:53:f4:e3:8c:12:fe:57:57:f8:f1:6a:92:01:5f:16:57:b3:d9:24
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Apr 26 16:26:36 2026 GMT
            Not After : Apr 25 16:31:36 2027 GMT
        Subject: CN=AC1E39B8DE0A441AC90A622F3471D0A3866D510E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:ec:be:84:12:98:67:f3:74:8c:2e:fc:cc:19:
                    83:e1:5d:ea:ae:26:4a:79:da:be:e4:db:5b:02:2b:
                    99:d1:eb:eb:df:82:b5:0c:37:3e:5f:d9:be:aa:70:
                    ee:82:41:ae:4a:03:e4:b6:33:d6:75:44:8d:79:fb:
                    18:de:ec:ad:96:b0:3e:d3:98:ac:ca:4f:95:91:24:
                    6c:d3:e2:ac:47:eb:72:83:d0:6b:e7:f8:7a:3a:15:
                    74:a6:08:99:06:f9:33:1c:76:fb:85:db:12:8f:2c:
                    75:0a:47:77:8e:c8:7f:15:9e:0f:d2:1b:ff:c3:ef:
                    15:dd:0a:b2:87:6b:5a:b7:f4:e4:47:98:a1:3f:c0:
                    b3:5b:e9:2e:4e:b7:5f:7a:a4:fc:17:64:16:12:4e:
                    2b:ef:d2:63:af:39:89:6d:b3:34:9f:65:ce:4d:2e:
                    3c:28:ee:3c:ac:14:0a:b1:37:a3:e4:a1:a6:3d:15:
                    75:73:f6:65:ab:2f:76:d9:9e:a0:78:88:57:87:96:
                    70:73:25:aa:91:e1:86:e6:9b:79:a8:3e:b1:4e:82:
                    8c:0f:6f:0e:34:8e:15:6a:96:84:aa:ec:cc:82:bd:
                    a1:be:ab:f6:84:38:f4:6a:d5:61:e8:b8:9c:57:37:
                    bc:bd:42:83:21:d4:d3:d5:a7:c6:72:92:f1:9f:13:
                    ec:b3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AC:1E:39:B8:DE:0A:44:1A:C9:0A:62:2F:34:71:D0:A3:86:6D:51:0E
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS44421.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.234.214.0/24
                IPv6:
                  2a0b:4340:c0::/44
                  2a0d:2906::/31

    Signature Algorithm: sha256WithRSAEncryption
         38:84:c1:19:83:06:be:08:d2:85:99:58:2a:e3:dc:26:89:d7:
         12:c3:d9:39:a8:96:62:4a:a4:98:20:40:e7:63:6d:9f:57:21:
         9c:e3:45:d2:d3:22:f6:64:2b:d6:27:3d:7d:ea:b5:f3:e4:20:
         10:5b:9d:d6:2c:6d:e8:3d:c1:48:b2:27:cf:e0:cb:ba:f4:f3:
         04:cc:33:d4:1a:49:90:0c:76:f3:18:35:93:8e:a7:7d:3c:9a:
         3b:79:7f:5b:cd:ac:88:c3:6c:4b:ec:ba:ae:a0:7d:37:f2:51:
         70:aa:6f:fa:1c:01:61:73:2e:e1:c5:38:1d:31:d8:d4:63:2e:
         e2:9d:c1:f0:1b:eb:7a:7d:1a:32:95:9d:54:35:13:81:20:2b:
         c4:7c:b1:12:2e:67:16:ce:a6:4e:8a:0a:a2:e5:e2:1a:a0:fd:
         4f:81:1c:8d:be:7b:4b:b0:0e:65:12:f3:6b:da:21:31:36:67:
         c8:33:cd:50:18:09:de:88:40:3d:78:1f:cb:63:32:23:ac:78:
         7f:36:bf:e7:5d:e5:2e:9a:e7:42:f8:f5:85:55:ea:75:34:e1:
         77:7c:1c:94:5c:74:73:0a:fd:6f:d0:20:ed:64:bd:38:fe:79:
         1e:e8:e7:07:d2:c6:c6:90:cf:5d:6e:32:f1:d6:28:d7:cf:56:
         21:41:9f:94
-----BEGIN CERTIFICATE-----
MIIEszCCA5ugAwIBAgIUDFP044wS/ldX+PFqkgFfFlez2SQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNjA0MjYxNjI2MzZaFw0yNzA0MjUxNjMxMzZaMDMxMTAvBgNV
BAMTKEFDMUUzOUI4REUwQTQ0MUFDOTBBNjIyRjM0NzFEMEEzODY2RDUxMEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz7L6EEphn83SMLvzMGYPhXequ
Jkp52r7k21sCK5nR6+vfgrUMNz5f2b6qcO6CQa5KA+S2M9Z1RI15+xje7K2WsD7T
mKzKT5WRJGzT4qxH63KD0Gvn+Ho6FXSmCJkG+TMcdvuF2xKPLHUKR3eOyH8Vng/S
G//D7xXdCrKHa1q39ORHmKE/wLNb6S5Ot196pPwXZBYSTivv0mOvOYltszSfZc5N
Ljwo7jysFAqxN6PkoaY9FXVz9mWrL3bZnqB4iFeHlnBzJaqR4Ybmm3moPrFOgowP
bw40jhVqloSq7MyCvaG+q/aEOPRq1WHouJxXN7y9QoMh1NPVp8ZykvGfE+yzAgMB
AAGjggG9MIIBuTAdBgNVHQ4EFgQUrB45uN4KRBrJCmIvNHHQo4ZtUQ4wHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM0NDQyMS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwDAQCAAEwBgMEALnq1jAWBAIA
AjAQAwcEKgtDQADAAwUBKg0pBjANBgkqhkiG9w0BAQsFAAOCAQEAOITBGYMGvgjS
hZlYKuPcJonXEsPZOaiWYkqkmCBA52Ntn1chnONF0tMi9mQr1ic9feq18+QgEFud
1ixt6D3BSLInz+DLuvTzBMwz1BpJkAx28xg1k46nfTyaO3l/W82siMNsS+y6rqB9
N/JRcKpv+hwBYXMu4cU4HTHY1GMu4p3B8Bvren0aMpWdVDUTgSArxHyxEi5nFs6m
TooKouXiGqD9T4Ecjb57S7AOZRLza9ohMTZnyDPNUBgJ3ohAPXgfy2MyI6x4fza/
513lLprnQvj1hVXqdTThd3wclFx0cwr9b9Ag7WS9OP55HujnB9LGxpDPXW4y8dYo
189WIUGflA==
-----END CERTIFICATE-----