Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS48883.roa
File:                     AS48883.roa (raw, json)
Hash identifier:          g2OkbV4gddBEAdqA0K/nU/hVCG6w0LDTKrxr7e6xShU=
Subject key identifier:   5E:8D:28:7C:D4:2B:C6:C4:78:D7:7D:C5:50:46:02:A7:75:20:7C:E3
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       353540333F2C070CE351E46D1536F21C2BBD4534
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS48883.roa
Signing time:             Wed 20 Nov 2024 21:30:29 +0000
ROA not before:           Wed 20 Nov 2024 21:25:29 +0000
ROA not after:            Wed 19 Nov 2025 21:30:29 +0000
asID:                     48883
IP address blocks:        2a0b:4340:1500::/44 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 26 Nov 2024 14:42:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            35:35:40:33:3f:2c:07:0c:e3:51:e4:6d:15:36:f2:1c:2b:bd:45:34
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Nov 20 21:25:29 2024 GMT
            Not After : Nov 19 21:30:29 2025 GMT
        Subject: CN=5E8D287CD42BC6C478D77DC5504602A775207CE3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:7d:5c:1f:8a:77:d4:25:af:a7:03:d1:0b:57:
                    be:09:f8:28:2b:e3:88:44:31:2f:36:86:fc:f3:72:
                    36:e8:69:1d:e4:d5:d2:3c:dd:f2:06:40:ba:6d:b7:
                    aa:9e:2d:26:f2:4b:b5:4f:f8:98:1e:7f:ea:1d:68:
                    34:0b:eb:a8:51:17:a7:3b:e8:cf:26:e2:83:e5:e8:
                    a2:74:5a:69:57:32:a3:a2:44:49:25:fd:aa:44:07:
                    cd:cf:c2:42:28:9b:41:8e:bf:8b:37:de:0d:43:15:
                    40:9c:ce:d9:63:a2:9a:f8:00:a5:8a:44:9d:48:79:
                    3e:e8:47:21:14:39:8e:7a:7a:99:fd:27:d2:03:72:
                    30:9b:14:87:ab:41:a7:c3:29:49:33:f7:1d:62:59:
                    22:e0:a8:7e:29:f6:eb:db:80:d2:10:a2:6d:da:e3:
                    3f:d4:66:bd:25:d6:6a:62:43:5c:64:5c:22:5d:41:
                    fc:3d:1c:45:69:40:c5:86:10:68:a0:cc:25:60:b7:
                    4f:4a:4f:c8:3d:7c:9b:2b:ee:82:48:83:1f:10:79:
                    dd:7f:3d:b0:ce:09:9a:6c:11:2f:c1:6b:6e:0c:e9:
                    ec:3c:2e:90:8f:e3:ef:2e:49:70:a7:cb:1d:09:de:
                    8f:45:be:aa:60:a7:7f:06:81:5e:77:05:a0:f8:1f:
                    ee:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:8D:28:7C:D4:2B:C6:C4:78:D7:7D:C5:50:46:02:A7:75:20:7C:E3
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS48883.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4340:1500::/44

    Signature Algorithm: sha256WithRSAEncryption
         73:2b:6c:cf:f9:76:26:86:e9:ff:e5:7e:98:0b:1b:c5:1a:8f:
         64:2d:45:19:75:a1:8f:43:1e:92:57:1a:db:56:1d:77:2e:aa:
         0a:c8:64:a5:47:0a:0e:b4:1c:44:d0:dc:22:03:f1:89:ba:14:
         e3:2e:94:fe:f9:4c:94:b9:7b:ba:fc:ce:78:b9:96:5f:f9:14:
         dd:d6:4a:3f:34:7b:bd:28:6c:94:82:58:c8:25:80:fa:fb:73:
         9e:e2:54:06:5f:6c:91:e3:68:14:20:59:79:2a:3f:8f:d8:6f:
         82:95:c2:17:08:9b:69:b0:07:8d:30:46:39:22:44:6c:52:60:
         85:12:c0:cb:1d:ed:85:ca:ce:c4:ad:a9:44:a9:10:05:7d:53:
         36:9b:11:e0:1b:0d:1a:2c:27:82:20:23:c8:34:a1:d1:aa:e8:
         4c:c9:77:84:f5:cf:38:e7:ed:af:c9:f0:19:51:b4:d0:18:c9:
         52:3f:55:43:17:8f:bc:f8:6d:cc:4a:ad:8c:02:95:ce:e7:a8:
         2e:47:95:e9:5d:c2:61:5b:e8:f1:d1:6c:c9:c4:73:66:45:22:
         4a:f2:1d:68:05:fa:a7:ba:ec:86:ac:7d:88:7a:0d:00:46:c9:
         d8:a4:f0:de:c2:2f:23:4a:43:ab:c2:7b:54:3f:1b:49:79:ad:
         ef:b4:09:06
-----BEGIN CERTIFICATE-----
MIIEnjCCA4agAwIBAgIUNTVAMz8sBwzjUeRtFTbyHCu9RTQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNDExMjAyMTI1MjlaFw0yNTExMTkyMTMwMjlaMDMxMTAvBgNV
BAMTKDVFOEQyODdDRDQyQkM2QzQ3OEQ3N0RDNTUwNDYwMkE3NzUyMDdDRTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKfVwfinfUJa+nA9ELV74J+Cgr
44hEMS82hvzzcjboaR3k1dI83fIGQLptt6qeLSbyS7VP+Jgef+odaDQL66hRF6c7
6M8m4oPl6KJ0WmlXMqOiREkl/apEB83PwkIom0GOv4s33g1DFUCcztljopr4AKWK
RJ1IeT7oRyEUOY56epn9J9IDcjCbFIerQafDKUkz9x1iWSLgqH4p9uvbgNIQom3a
4z/UZr0l1mpiQ1xkXCJdQfw9HEVpQMWGEGigzCVgt09KT8g9fJsr7oJIgx8Qed1/
PbDOCZpsES/Ba24M6ew8LpCP4+8uSXCnyx0J3o9Fvqpgp38GgV53BaD4H+4NAgMB
AAGjggGoMIIBpDAdBgNVHQ4EFgQUXo0ofNQrxsR4133FUEYCp3UgfOMwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM0ODg4My5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoLQ0AVADAN
BgkqhkiG9w0BAQsFAAOCAQEAcytsz/l2Jobp/+V+mAsbxRqPZC1FGXWhj0Meklca
21Yddy6qCshkpUcKDrQcRNDcIgPxiboU4y6U/vlMlLl7uvzOeLmWX/kU3dZKPzR7
vShslIJYyCWA+vtznuJUBl9skeNoFCBZeSo/j9hvgpXCFwibabAHjTBGOSJEbFJg
hRLAyx3thcrOxK2pRKkQBX1TNpsR4BsNGiwngiAjyDSh0aroTMl3hPXPOOftr8nw
GVG00BjJUj9VQxePvPhtzEqtjAKVzueoLkeV6V3CYVvo8dFsycRzZkUiSvIdaAX6
p7rshqx9iHoNAEbJ2KTw3sIvI0pDq8J7VD8bSXmt77QJBg==
-----END CERTIFICATE-----