Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS47553.roa
File:                     AS47553.roa (raw, json)
Hash identifier:          PJsKyNiF7ewIs0pMxOS8RwvuRgFeLpd9PzHZxgf28bA=
Subject key identifier:   06:E8:43:F6:89:4F:52:4F:E2:FE:C5:7B:6C:B8:99:03:67:C4:F8:F3
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       2BE1081866A46D75B1148310DCE2FBA71F470D94
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS47553.roa
Signing time:             Wed 20 Dec 2023 21:30:08 +0000
ROA not before:           Wed 20 Dec 2023 21:25:08 +0000
ROA not after:            Wed 18 Dec 2024 21:30:08 +0000
asID:                     47553
IP address blocks:        2a0f:3b04::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 28 May 2024 14:15:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2b:e1:08:18:66:a4:6d:75:b1:14:83:10:dc:e2:fb:a7:1f:47:0d:94
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Dec 20 21:25:08 2023 GMT
            Not After : Dec 18 21:30:08 2024 GMT
        Subject: CN=06E843F6894F524FE2FEC57B6CB8990367C4F8F3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ed:73:98:c9:03:e2:88:33:e4:da:a0:b9:32:13:
                    fb:df:ae:6b:6d:f3:b8:23:29:aa:60:2e:c9:00:8a:
                    3c:3d:7c:74:18:90:cb:0f:ca:21:7d:be:8d:39:a7:
                    94:6b:69:07:22:19:75:ce:35:d1:14:27:d1:3c:43:
                    1c:d0:2c:a3:b2:a8:2b:f1:b3:1c:71:b9:18:a8:b5:
                    28:c9:be:49:36:51:5a:cf:4e:e9:b4:5c:53:72:44:
                    7b:74:24:00:c2:a3:d4:5e:de:76:e6:9b:5c:15:c1:
                    b3:10:69:21:48:fa:73:0b:31:61:77:d8:ad:fa:d7:
                    3b:d4:9d:8c:4d:39:20:b9:54:42:a6:08:02:1e:09:
                    ff:d9:8f:f8:a4:45:cc:ce:84:b3:53:8e:ce:e3:b7:
                    86:71:f0:e5:db:ac:02:b4:13:52:2e:52:95:ac:b4:
                    23:ae:9e:67:c1:52:e5:ae:7c:97:12:4a:3a:b6:1b:
                    c9:d6:a4:f9:5c:03:fd:e8:1d:57:48:a0:4d:dc:f0:
                    32:c8:72:c5:50:4f:41:7c:30:cd:23:95:9a:02:1c:
                    19:5b:48:a7:3a:8e:52:54:98:46:ca:5d:15:06:43:
                    7d:3c:b2:4b:b6:65:1b:bc:01:a1:23:ca:f9:fa:71:
                    b5:f1:c9:5e:30:95:a1:32:c8:2b:e8:9c:62:bd:0c:
                    c7:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                06:E8:43:F6:89:4F:52:4F:E2:FE:C5:7B:6C:B8:99:03:67:C4:F8:F3
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS47553.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:3b04::/32

    Signature Algorithm: sha256WithRSAEncryption
         82:37:8d:7c:9a:31:23:8b:03:f4:0c:c7:da:6e:51:c6:66:fa:
         99:1e:2c:68:1c:7d:00:cf:9a:0c:ba:fb:d1:94:b7:d5:87:7d:
         37:92:31:5d:2f:56:00:b1:fc:ef:4f:8b:7e:ac:29:25:e7:03:
         0a:5a:4f:e2:69:2b:89:4c:ef:a9:16:52:c2:31:a9:05:a5:74:
         3b:d1:bb:75:e0:f6:b2:84:00:fd:95:ad:14:a5:7e:ba:df:bd:
         46:27:ff:a3:f6:d8:84:3d:62:0e:37:f9:08:e9:c8:e0:5e:e9:
         f1:32:6b:ad:6d:17:c4:e6:32:67:6b:bc:8f:97:37:d8:3f:fe:
         e4:90:5a:e6:d3:49:b9:4c:f4:dc:f2:d3:43:a0:af:92:9d:63:
         19:27:0c:d9:2b:c2:f8:5c:2e:28:a0:8b:7e:13:5a:4d:15:a0:
         83:65:d6:c4:e5:8e:1c:9b:b7:ed:1d:e2:11:40:a4:22:fd:82:
         67:60:19:25:84:7b:97:f3:94:0e:63:cf:a5:d5:99:21:9e:73:
         0e:f4:63:41:b3:59:b2:6b:f2:1c:33:d2:a7:a0:8c:a4:45:ce:
         76:61:15:f5:a6:72:2d:a6:f5:9c:17:31:0e:5a:96:0d:0b:ac:
         6f:2e:46:4e:87:56:d4:3c:46:4d:92:f2:cc:df:79:86:c0:7d:
         93:b0:21:b9
-----BEGIN CERTIFICATE-----
MIIEnDCCA4SgAwIBAgIUK+EIGGakbXWxFIMQ3OL7px9HDZQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMjAyMTI1MDhaFw0yNDEyMTgyMTMwMDhaMDMxMTAvBgNV
BAMTKDA2RTg0M0Y2ODk0RjUyNEZFMkZFQzU3QjZDQjg5OTAzNjdDNEY4RjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDtc5jJA+KIM+TaoLkyE/vfrmtt
87gjKapgLskAijw9fHQYkMsPyiF9vo05p5RraQciGXXONdEUJ9E8QxzQLKOyqCvx
sxxxuRiotSjJvkk2UVrPTum0XFNyRHt0JADCo9Re3nbmm1wVwbMQaSFI+nMLMWF3
2K361zvUnYxNOSC5VEKmCAIeCf/Zj/ikRczOhLNTjs7jt4Zx8OXbrAK0E1IuUpWs
tCOunmfBUuWufJcSSjq2G8nWpPlcA/3oHVdIoE3c8DLIcsVQT0F8MM0jlZoCHBlb
SKc6jlJUmEbKXRUGQ308sku2ZRu8AaEjyvn6cbXxyV4wlaEyyCvonGK9DMfBAgMB
AAGjggGmMIIBojAdBgNVHQ4EFgQUBuhD9olPUk/i/sV7bLiZA2fE+PMwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM0NzU1My5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoPOwQwDQYJ
KoZIhvcNAQELBQADggEBAII3jXyaMSOLA/QMx9puUcZm+pkeLGgcfQDPmgy6+9GU
t9WHfTeSMV0vVgCx/O9Pi36sKSXnAwpaT+JpK4lM76kWUsIxqQWldDvRu3Xg9rKE
AP2VrRSlfrrfvUYn/6P22IQ9Yg43+QjpyOBe6fEya61tF8TmMmdrvI+XN9g//uSQ
WubTSblM9Nzy00Ogr5KdYxknDNkrwvhcLiigi34TWk0VoINl1sTljhybt+0d4hFA
pCL9gmdgGSWEe5fzlA5jz6XVmSGecw70Y0GzWbJr8hwz0qegjKRFznZhFfWmci2m
9ZwXMQ5alg0LrG8uRk6HVtQ8Rk2S8szfeYbAfZOwIbk=
-----END CERTIFICATE-----