Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS48883.roa
File:                     AS48883.roa (raw, json)
Hash identifier:          YxwnwnbAA3xNiqD55j/CKwzJu0IBv06R1xve9D/XP+k=
Subject key identifier:   31:2D:A3:9A:7C:D1:93:A9:AC:4A:75:98:57:FB:A4:37:A9:99:7E:62
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       5A7877B57E606FF25FE655598309EBB866ABD27B
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS48883.roa
Signing time:             Wed 20 Dec 2023 21:30:07 +0000
ROA not before:           Wed 20 Dec 2023 21:25:07 +0000
ROA not after:            Wed 18 Dec 2024 21:30:07 +0000
asID:                     48883
IP address blocks:        2a0b:4340:1500::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 29 May 2024 08:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:78:77:b5:7e:60:6f:f2:5f:e6:55:59:83:09:eb:b8:66:ab:d2:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Dec 20 21:25:07 2023 GMT
            Not After : Dec 18 21:30:07 2024 GMT
        Subject: CN=312DA39A7CD193A9AC4A759857FBA437A9997E62
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:22:3c:41:26:e5:88:d6:fe:e6:db:62:77:f2:
                    99:78:b5:b0:2e:67:f5:e4:27:c6:07:95:e7:54:0c:
                    ed:50:42:bb:29:a1:5b:ca:0a:b6:e3:04:f6:f7:36:
                    b4:f9:7c:09:7f:5d:99:d9:20:04:cb:36:bd:08:53:
                    2b:2e:13:4e:a0:c9:44:28:d7:ae:d2:1e:ba:cc:52:
                    f5:6e:91:82:fb:8d:7a:7d:c7:9b:38:50:f0:b9:09:
                    10:b1:14:3c:2e:3c:b3:e5:74:f1:2e:76:24:77:9d:
                    12:e6:ea:9f:48:ff:7a:15:e3:11:16:ba:f0:c8:2c:
                    12:5b:e2:60:b3:ff:9b:66:2a:7a:b9:a6:a4:51:91:
                    f7:71:db:cc:ca:58:ec:06:5b:54:e3:b4:b2:9c:12:
                    32:9b:9b:64:2b:b3:e7:79:67:0a:6e:f0:5c:c0:52:
                    37:62:71:fe:51:f6:5e:fd:88:cc:00:2a:c5:f5:f0:
                    cc:16:56:6a:0f:ab:1f:a0:d4:49:ef:a6:db:74:63:
                    ff:91:af:12:81:83:30:a7:c8:fe:1f:a7:e3:ad:69:
                    98:8d:bd:95:9d:00:db:fc:b2:ef:44:32:33:0a:db:
                    c7:3b:c1:35:c0:84:a9:ef:75:b6:d1:2d:1d:31:c3:
                    1d:52:e9:c3:05:46:c9:97:35:d0:58:0e:03:1f:f4:
                    3b:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                31:2D:A3:9A:7C:D1:93:A9:AC:4A:75:98:57:FB:A4:37:A9:99:7E:62
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS48883.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4340:1500::/44

    Signature Algorithm: sha256WithRSAEncryption
         36:29:d9:a8:a1:b8:b0:96:e2:99:7f:19:84:4d:ae:27:c9:50:
         c2:c1:2d:3a:a1:c0:61:8e:f3:6c:a3:2e:e0:3f:c4:6f:37:5a:
         91:6c:97:77:f0:97:63:4f:24:49:86:27:84:06:d5:5f:d9:2e:
         9c:3d:8d:2e:bb:57:df:61:5f:af:5b:35:34:03:1f:b5:99:b8:
         d4:16:07:1f:3e:8f:75:80:c9:90:30:b2:3a:c0:83:b0:27:84:
         fc:a6:1c:91:2f:a3:b4:86:d9:82:e5:1a:34:b6:6f:c9:06:00:
         d4:64:61:2b:39:d4:ff:e0:95:29:43:b1:f1:bb:86:dc:34:91:
         c3:34:71:8b:e4:5b:58:38:41:9f:3d:51:fe:3c:4f:88:e7:c8:
         1f:86:7a:52:13:da:90:a0:4c:b2:58:36:2e:53:e7:29:09:a0:
         97:17:ed:2d:19:22:eb:bd:0e:c0:b9:2f:36:45:f1:ce:81:cb:
         ab:bd:52:dd:8c:e7:9a:d9:15:fd:f8:5b:eb:07:de:0a:84:22:
         55:6c:b6:09:1a:7b:4b:e6:9e:22:05:16:62:0c:47:7f:56:2d:
         73:9b:c1:3b:54:f3:60:40:5e:b8:8e:dc:4f:5f:f6:7e:b5:57:
         d2:43:40:97:01:1a:1f:a1:10:de:69:99:25:32:57:ec:1c:49:
         21:1f:16:c4
-----BEGIN CERTIFICATE-----
MIIEnjCCA4agAwIBAgIUWnh3tX5gb/Jf5lVZgwnruGar0nswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMjAyMTI1MDdaFw0yNDEyMTgyMTMwMDdaMDMxMTAvBgNV
BAMTKDMxMkRBMzlBN0NEMTkzQTlBQzRBNzU5ODU3RkJBNDM3QTk5OTdFNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrIjxBJuWI1v7m22J38pl4tbAu
Z/XkJ8YHledUDO1QQrspoVvKCrbjBPb3NrT5fAl/XZnZIATLNr0IUysuE06gyUQo
167SHrrMUvVukYL7jXp9x5s4UPC5CRCxFDwuPLPldPEudiR3nRLm6p9I/3oV4xEW
uvDILBJb4mCz/5tmKnq5pqRRkfdx28zKWOwGW1TjtLKcEjKbm2Qrs+d5Zwpu8FzA
Ujdicf5R9l79iMwAKsX18MwWVmoPqx+g1Envptt0Y/+RrxKBgzCnyP4fp+OtaZiN
vZWdANv8su9EMjMK28c7wTXAhKnvdbbRLR0xwx1S6cMFRsmXNdBYDgMf9DvRAgMB
AAGjggGoMIIBpDAdBgNVHQ4EFgQUMS2jmnzRk6msSnWYV/ukN6mZfmIwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM0ODg4My5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoLQ0AVADAN
BgkqhkiG9w0BAQsFAAOCAQEANinZqKG4sJbimX8ZhE2uJ8lQwsEtOqHAYY7zbKMu
4D/EbzdakWyXd/CXY08kSYYnhAbVX9kunD2NLrtX32Ffr1s1NAMftZm41BYHHz6P
dYDJkDCyOsCDsCeE/KYckS+jtIbZguUaNLZvyQYA1GRhKznU/+CVKUOx8buG3DSR
wzRxi+RbWDhBnz1R/jxPiOfIH4Z6UhPakKBMslg2LlPnKQmglxftLRki670OwLkv
NkXxzoHLq71S3YznmtkV/fhb6wfeCoQiVWy2CRp7S+aeIgUWYgxHf1Ytc5vBO1Tz
YEBeuI7cT1/2frVX0kNAlwEaH6EQ3mmZJTJX7BxJIR8WxA==
-----END CERTIFICATE-----