Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS47553.roa
File:                     AS47553.roa (raw, json)
Hash identifier:          Dp+B0R6vbfmBVmiAYsdBcM1ozRbfYdCyQM0zcVpgwNc=
Subject key identifier:   03:61:A6:EF:03:AE:D6:45:E1:79:DB:4D:97:27:0A:B9:38:18:66:62
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       30941F825B8723E71EA134B4E8A60C0BB114F257
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS47553.roa
Signing time:             Wed 22 Oct 2025 21:31:21 +0000
ROA not before:           Wed 22 Oct 2025 21:26:21 +0000
ROA not after:            Wed 21 Oct 2026 21:31:21 +0000
asID:                     47553
IP address blocks:        2a0f:3b04::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 28 Oct 2025 14:58:39 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            30:94:1f:82:5b:87:23:e7:1e:a1:34:b4:e8:a6:0c:0b:b1:14:f2:57
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Oct 22 21:26:21 2025 GMT
            Not After : Oct 21 21:31:21 2026 GMT
        Subject: CN=0361A6EF03AED645E179DB4D97270AB938186662
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:34:2b:09:a1:1e:09:7d:89:0d:db:91:0c:72:
                    25:fa:8c:ce:c7:65:38:df:a1:ea:7a:d6:3e:eb:c2:
                    a2:d9:48:9f:2a:2b:c7:6d:a9:e6:9e:73:a9:86:29:
                    f6:9e:fc:ce:bc:f3:5c:b8:aa:53:2b:18:b1:b2:d3:
                    16:27:42:51:96:f3:16:86:07:7b:68:b0:52:e6:4e:
                    07:46:8f:61:c6:3d:a6:58:76:46:7b:81:72:ec:05:
                    17:34:eb:ae:30:f2:f5:eb:a5:01:7e:2c:c1:ff:ae:
                    5f:d9:69:e3:53:e2:9a:7f:07:42:de:2f:55:16:e2:
                    55:6b:92:2c:c7:2d:73:ef:e0:83:31:06:a7:b8:a4:
                    e4:8b:bf:c7:71:ce:0e:83:5c:a7:3c:ff:84:83:24:
                    34:b0:b0:da:54:ce:3f:4e:65:55:22:3a:2b:0f:90:
                    2f:0a:cd:33:d0:2f:10:0a:d8:48:ed:c7:9c:db:6e:
                    92:b6:02:e5:0c:c7:22:8a:ec:94:2b:14:56:47:d5:
                    36:75:65:e7:8e:c9:38:67:29:4d:d4:56:ab:14:6b:
                    3a:5b:a9:db:2f:37:f1:cf:8e:f7:f1:59:bc:a1:89:
                    77:3a:d9:e6:79:5d:c6:6f:b2:8d:fd:c7:37:bc:df:
                    e9:f4:af:f4:50:81:0d:4f:04:31:06:dd:b8:db:c9:
                    e1:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                03:61:A6:EF:03:AE:D6:45:E1:79:DB:4D:97:27:0A:B9:38:18:66:62
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS47553.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:3b04::/32

    Signature Algorithm: sha256WithRSAEncryption
         02:2a:16:d4:74:8a:67:07:1d:52:c5:fc:1e:ab:da:f8:07:5d:
         fd:70:eb:a5:9e:3e:14:c9:5f:e1:3d:76:5b:97:1e:ba:4a:fd:
         b1:2d:bb:fd:13:36:36:9f:f6:3b:cf:98:91:ca:e3:ac:09:de:
         73:d3:59:32:bc:d2:4d:e3:ef:d1:0c:1f:84:d9:52:51:b0:ec:
         a9:66:9a:00:a1:a2:d0:56:df:e9:39:ec:0b:da:65:66:00:6c:
         26:5b:d5:b0:39:ce:33:f5:4f:d0:2b:9d:65:0c:08:f4:b4:6c:
         da:ba:cd:ce:11:3b:c3:59:70:3d:73:58:b6:ed:17:03:53:fe:
         b3:5e:25:07:bc:67:a0:14:e1:0c:b5:2a:9f:be:8e:35:b6:06:
         9e:d9:a9:6f:32:07:32:5a:96:ba:8e:8c:75:48:98:36:1b:b0:
         f0:39:18:8a:e5:8a:dd:39:76:82:95:67:42:db:55:df:d1:e4:
         fb:54:30:7a:b6:c1:1f:39:9b:4d:8b:e7:ee:1a:1a:9c:01:f0:
         f5:98:6c:41:87:a6:61:1c:4d:c4:0f:ec:74:9e:b9:13:f7:6d:
         d3:fd:4c:dc:f8:3d:48:39:4e:e3:3e:4a:47:b8:95:ee:89:5f:
         ed:78:81:9f:23:5c:93:e1:f0:0c:1e:70:58:86:9e:8b:b3:75:
         0d:b0:85:9a
-----BEGIN CERTIFICATE-----
MIIEnDCCA4SgAwIBAgIUMJQfgluHI+ceoTS06KYMC7EU8lcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNTEwMjIyMTI2MjFaFw0yNjEwMjEyMTMxMjFaMDMxMTAvBgNV
BAMTKDAzNjFBNkVGMDNBRUQ2NDVFMTc5REI0RDk3MjcwQUI5MzgxODY2NjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTNCsJoR4JfYkN25EMciX6jM7H
ZTjfoep61j7rwqLZSJ8qK8dtqeaec6mGKfae/M6881y4qlMrGLGy0xYnQlGW8xaG
B3tosFLmTgdGj2HGPaZYdkZ7gXLsBRc0664w8vXrpQF+LMH/rl/ZaeNT4pp/B0Le
L1UW4lVrkizHLXPv4IMxBqe4pOSLv8dxzg6DXKc8/4SDJDSwsNpUzj9OZVUiOisP
kC8KzTPQLxAK2Ejtx5zbbpK2AuUMxyKK7JQrFFZH1TZ1ZeeOyThnKU3UVqsUazpb
qdsvN/HPjvfxWbyhiXc62eZ5XcZvso39xze83+n0r/RQgQ1PBDEG3bjbyeEtAgMB
AAGjggGmMIIBojAdBgNVHQ4EFgQUA2Gm7wOu1kXhedtNlycKuTgYZmIwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM0NzU1My5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoPOwQwDQYJ
KoZIhvcNAQELBQADggEBAAIqFtR0imcHHVLF/B6r2vgHXf1w66WePhTJX+E9dluX
HrpK/bEtu/0TNjaf9jvPmJHK46wJ3nPTWTK80k3j79EMH4TZUlGw7KlmmgChotBW
3+k57AvaZWYAbCZb1bA5zjP1T9ArnWUMCPS0bNq6zc4RO8NZcD1zWLbtFwNT/rNe
JQe8Z6AU4Qy1Kp++jjW2Bp7ZqW8yBzJalrqOjHVImDYbsPA5GIrlit05doKVZ0Lb
Vd/R5PtUMHq2wR85m02L5+4aGpwB8PWYbEGHpmEcTcQP7HSeuRP3bdP9TNz4PUg5
TuM+Ske4le6JX+14gZ8jXJPh8AwecFiGnouzdQ2whZo=
-----END CERTIFICATE-----