Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS47553.roa
File:                     AS47553.roa (raw, json)
Hash identifier:          IgIdkc7GGLc8lkD+URsiEkwodrbto37j5tNGOLOHfwA=
Subject key identifier:   7C:46:1B:22:FE:1B:07:39:A7:28:27:C1:7C:74:5D:3F:98:4D:58:3A
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       487426BD832AD17154921116E385E03D13BFF32A
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS47553.roa
Signing time:             Wed 20 Nov 2024 21:30:34 +0000
ROA not before:           Wed 20 Nov 2024 21:25:34 +0000
ROA not after:            Wed 19 Nov 2025 21:30:34 +0000
asID:                     47553
IP address blocks:        2a0f:3b04::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            48:74:26:bd:83:2a:d1:71:54:92:11:16:e3:85:e0:3d:13:bf:f3:2a
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Nov 20 21:25:34 2024 GMT
            Not After : Nov 19 21:30:34 2025 GMT
        Subject: CN=7C461B22FE1B0739A72827C17C745D3F984D583A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:6a:b3:0b:6a:bc:64:0d:7b:8a:43:e4:29:61:
                    06:84:00:3e:64:47:53:b1:fe:9d:79:eb:e3:c7:82:
                    93:5d:21:af:a4:09:f5:be:f6:0f:92:95:76:e8:17:
                    25:71:0f:58:6d:74:99:a6:81:50:33:d1:6a:79:e2:
                    88:18:3f:76:f4:66:6e:22:eb:fc:98:17:a9:8d:d9:
                    ca:10:7a:66:cc:1c:6a:86:56:cd:ea:c2:c7:30:8b:
                    26:a9:f6:ea:1a:a4:c0:0c:7a:84:9f:89:55:bc:db:
                    b9:92:55:c7:91:db:82:21:c2:77:97:80:d8:37:d2:
                    c7:82:db:2f:b9:c5:8b:e1:c7:59:13:5d:81:2d:94:
                    77:c8:ce:9d:ec:2b:48:99:98:1a:a1:4d:66:2e:ec:
                    ef:a0:5d:38:88:fc:9a:87:88:8d:ef:d1:1f:a1:e6:
                    af:a3:9b:5c:5f:e3:72:e4:8a:2f:c2:44:0f:c3:2e:
                    fc:70:8f:9a:3e:78:1d:5c:5b:ee:cc:6a:fa:aa:30:
                    f9:a0:60:a4:03:f9:fd:05:dc:e6:1b:6f:f3:8b:a6:
                    0c:55:fe:44:d9:7f:1d:a1:60:ca:5c:07:9b:18:b8:
                    70:8b:60:14:b5:67:43:e1:d6:83:51:31:9a:54:1c:
                    6d:f9:52:0b:d2:1a:b0:86:5a:f7:7c:5f:a5:e9:25:
                    46:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7C:46:1B:22:FE:1B:07:39:A7:28:27:C1:7C:74:5D:3F:98:4D:58:3A
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS47553.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:3b04::/32

    Signature Algorithm: sha256WithRSAEncryption
         6a:dd:c1:f4:7d:da:47:c4:e6:ef:86:95:72:0b:e4:57:60:55:
         b7:77:06:f3:c5:11:c4:ca:66:1f:e9:0f:36:94:97:10:a2:8e:
         1c:7e:cb:5f:9e:a3:24:78:ca:8b:da:a8:ed:e8:d9:23:b0:0a:
         0e:4f:85:78:af:58:72:94:20:16:f0:e6:4b:51:2a:c6:a7:8c:
         ec:d1:be:2e:cf:15:c4:69:88:4c:4c:40:a3:81:be:cb:3b:b7:
         6e:d5:8e:9a:f2:65:c7:b3:89:1a:57:69:98:df:0e:99:94:10:
         16:95:2b:28:2b:76:bd:35:e5:34:66:09:5e:ee:2f:41:03:0a:
         b3:bd:94:91:0e:ee:ec:f4:47:8a:e3:0b:f4:20:f8:ab:5d:e2:
         d3:4a:72:bd:42:1d:aa:aa:9d:51:56:13:48:dd:07:b6:ca:af:
         87:e4:7a:52:02:64:57:e5:6d:80:e9:55:6c:25:c4:46:71:a5:
         6e:ab:7c:b7:fe:60:99:9a:4b:b1:bd:12:56:2f:fd:c8:38:7b:
         40:57:d6:34:3d:62:86:2f:eb:71:ca:3a:36:15:63:f4:a1:dd:
         46:2b:f0:0e:ca:f6:73:15:d0:a4:17:ab:e5:8f:05:31:5c:0e:
         05:5c:6f:86:29:3b:36:b1:a2:fd:a2:22:f1:45:19:c4:34:e8:
         c1:5c:6c:c2
-----BEGIN CERTIFICATE-----
MIIEnDCCA4SgAwIBAgIUSHQmvYMq0XFUkhEW44XgPRO/8yowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNDExMjAyMTI1MzRaFw0yNTExMTkyMTMwMzRaMDMxMTAvBgNV
BAMTKDdDNDYxQjIyRkUxQjA3MzlBNzI4MjdDMTdDNzQ1RDNGOTg0RDU4M0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDDarMLarxkDXuKQ+QpYQaEAD5k
R1Ox/p156+PHgpNdIa+kCfW+9g+SlXboFyVxD1htdJmmgVAz0Wp54ogYP3b0Zm4i
6/yYF6mN2coQembMHGqGVs3qwscwiyap9uoapMAMeoSfiVW827mSVceR24IhwneX
gNg30seC2y+5xYvhx1kTXYEtlHfIzp3sK0iZmBqhTWYu7O+gXTiI/JqHiI3v0R+h
5q+jm1xf43Lkii/CRA/DLvxwj5o+eB1cW+7MavqqMPmgYKQD+f0F3OYbb/OLpgxV
/kTZfx2hYMpcB5sYuHCLYBS1Z0Ph1oNRMZpUHG35UgvSGrCGWvd8X6XpJUY/AgMB
AAGjggGmMIIBojAdBgNVHQ4EFgQUfEYbIv4bBzmnKCfBfHRdP5hNWDowHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM0NzU1My5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoPOwQwDQYJ
KoZIhvcNAQELBQADggEBAGrdwfR92kfE5u+GlXIL5FdgVbd3BvPFEcTKZh/pDzaU
lxCijhx+y1+eoyR4yovaqO3o2SOwCg5PhXivWHKUIBbw5ktRKsanjOzRvi7PFcRp
iExMQKOBvss7t27VjpryZceziRpXaZjfDpmUEBaVKygrdr015TRmCV7uL0EDCrO9
lJEO7uz0R4rjC/Qg+Ktd4tNKcr1CHaqqnVFWE0jdB7bKr4fkelICZFflbYDpVWwl
xEZxpW6rfLf+YJmaS7G9ElYv/cg4e0BX1jQ9YoYv63HKOjYVY/Sh3UYr8A7K9nMV
0KQXq+WPBTFcDgVcb4YpOzaxov2iIvFFGcQ06MFcbMI=
-----END CERTIFICATE-----