Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS48883.roa
File:                     AS48883.roa (raw, json)
Hash identifier:          WQE7QQ/0ECRSEffMMLzV1Yb4NdsVtGFNtHkglupVodc=
Subject key identifier:   24:65:E3:0E:6C:2B:61:BB:65:91:3A:25:4C:F1:CC:9C:6F:C8:E3:37
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       C2FA95FBB3458D9F6935F3F15A33F76F1D4532
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS48883.roa
Signing time:             Wed 22 Oct 2025 21:31:25 +0000
ROA not before:           Wed 22 Oct 2025 21:26:25 +0000
ROA not after:            Wed 21 Oct 2026 21:31:25 +0000
asID:                     48883
IP address blocks:        2a0b:4340:1500::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 23 Oct 2025 22:00:03 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            c2:fa:95:fb:b3:45:8d:9f:69:35:f3:f1:5a:33:f7:6f:1d:45:32
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Oct 22 21:26:25 2025 GMT
            Not After : Oct 21 21:31:25 2026 GMT
        Subject: CN=2465E30E6C2B61BB65913A254CF1CC9C6FC8E337
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:fe:84:b2:e8:60:b4:28:7a:0a:b6:a4:aa:27:
                    3e:1c:05:a7:04:b0:58:06:1b:9f:7d:0d:bb:b4:84:
                    1c:04:a4:96:18:a6:ff:14:6e:f5:0a:b6:fc:ee:52:
                    9b:83:80:80:8d:95:09:3b:89:d6:f5:7d:ac:a1:46:
                    5f:cc:07:50:98:03:a7:11:5b:40:4c:9e:ca:70:b2:
                    47:34:ac:ef:6a:f5:1e:4c:a8:18:f8:2e:a2:1f:03:
                    34:9b:91:66:78:92:61:7a:5d:30:bc:6a:43:4d:92:
                    cd:7f:db:86:53:2d:8b:37:3f:63:d8:1d:bb:71:d1:
                    4e:c9:6e:7f:20:40:fd:81:f6:90:b9:d6:7c:b5:0d:
                    9b:17:2e:56:db:75:33:56:f5:59:67:33:01:26:69:
                    69:57:10:f9:02:06:57:ff:c3:39:fa:37:b9:bc:44:
                    0a:b7:1b:6a:a3:87:3b:75:6a:d8:8a:30:e1:44:fe:
                    ea:9c:f6:99:9f:9b:2a:3e:93:11:d4:ca:9c:5c:2e:
                    df:05:16:cd:1b:64:b3:e7:aa:7b:49:cc:3e:bb:54:
                    bd:81:95:8a:d9:45:02:55:c1:81:f2:dc:c6:70:c4:
                    80:a9:37:d8:fd:04:39:bb:06:b5:70:33:0d:eb:3b:
                    88:b2:08:d4:88:9a:2c:7d:7a:df:e7:2c:d2:1e:0b:
                    64:a3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:65:E3:0E:6C:2B:61:BB:65:91:3A:25:4C:F1:CC:9C:6F:C8:E3:37
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS48883.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4340:1500::/44

    Signature Algorithm: sha256WithRSAEncryption
         88:cc:2c:46:71:7b:d9:1d:a0:94:36:9a:fa:32:ed:9c:80:e2:
         64:b4:85:0c:16:4a:71:75:f3:c2:8b:89:56:8c:ef:34:70:a0:
         0e:1b:a9:e3:fb:8e:6f:7a:1d:f0:3a:9d:fa:76:84:1b:18:80:
         7c:2d:4a:0e:e9:dd:df:98:b3:17:54:ac:8e:a0:99:5e:31:af:
         14:ee:97:89:31:16:00:51:f8:89:37:bb:b1:7d:72:4f:ef:21:
         26:ff:89:6c:27:04:4d:69:80:ab:a7:c5:3a:08:fb:44:94:22:
         56:08:46:5a:35:e9:eb:90:39:bd:99:cb:b4:03:0f:15:b5:54:
         b1:6f:08:56:30:15:88:cf:b2:6a:37:23:c5:a7:40:f2:c4:55:
         c7:53:5b:32:32:8c:04:81:20:9c:1b:28:9f:7f:c1:b4:21:6c:
         b8:65:9d:dc:6c:0a:9c:35:4b:c1:cc:79:6d:86:14:4f:25:08:
         3e:b3:40:e4:5e:3c:71:b8:9d:b1:33:ca:bf:d7:82:ea:48:1a:
         68:fa:eb:e2:47:c0:1b:5c:84:66:c0:2c:05:fe:5c:28:bb:a2:
         0c:7e:e0:92:53:11:cc:16:a8:41:61:3a:db:ee:53:03:29:f5:
         67:fa:33:54:bf:6c:4d:0d:cc:f2:89:0b:86:6b:e8:64:d4:a1:
         22:cd:d9:43
-----BEGIN CERTIFICATE-----
MIIEnjCCA4agAwIBAgIUAML6lfuzRY2faTXz8Voz928dRTIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNTEwMjIyMTI2MjVaFw0yNjEwMjEyMTMxMjVaMDMxMTAvBgNV
BAMTKDI0NjVFMzBFNkMyQjYxQkI2NTkxM0EyNTRDRjFDQzlDNkZDOEUzMzcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCK/oSy6GC0KHoKtqSqJz4cBacE
sFgGG599Dbu0hBwEpJYYpv8UbvUKtvzuUpuDgICNlQk7idb1fayhRl/MB1CYA6cR
W0BMnspwskc0rO9q9R5MqBj4LqIfAzSbkWZ4kmF6XTC8akNNks1/24ZTLYs3P2PY
Hbtx0U7Jbn8gQP2B9pC51ny1DZsXLlbbdTNW9VlnMwEmaWlXEPkCBlf/wzn6N7m8
RAq3G2qjhzt1atiKMOFE/uqc9pmfmyo+kxHUypxcLt8FFs0bZLPnqntJzD67VL2B
lYrZRQJVwYHy3MZwxICpN9j9BDm7BrVwMw3rO4iyCNSImix9et/nLNIeC2SjAgMB
AAGjggGoMIIBpDAdBgNVHQ4EFgQUJGXjDmwrYbtlkTolTPHMnG/I4zcwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM0ODg4My5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoLQ0AVADAN
BgkqhkiG9w0BAQsFAAOCAQEAiMwsRnF72R2glDaa+jLtnIDiZLSFDBZKcXXzwouJ
VozvNHCgDhup4/uOb3od8Dqd+naEGxiAfC1KDund35izF1SsjqCZXjGvFO6XiTEW
AFH4iTe7sX1yT+8hJv+JbCcETWmAq6fFOgj7RJQiVghGWjXp65A5vZnLtAMPFbVU
sW8IVjAViM+yajcjxadA8sRVx1NbMjKMBIEgnBson3/BtCFsuGWd3GwKnDVLwcx5
bYYUTyUIPrNA5F48cbidsTPKv9eC6kgaaPrr4kfAG1yEZsAsBf5cKLuiDH7gklMR
zBaoQWE62+5TAyn1Z/ozVL9sTQ3M8okLhmvoZNShIs3ZQw==
-----END CERTIFICATE-----