Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS50069.roa
File:                     AS50069.roa (raw, json)
Hash identifier:          SYKXVy8HFRfrT9XCd09k7m19Tt71+pXAPIAXvtjSdoE=
Subject key identifier:   6B:28:FE:B1:B7:67:00:FA:CB:45:A2:84:6E:77:29:EC:CD:05:B8:17
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       231DA6238FCAC84C8E2DADAA297ACFA991B00563
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS50069.roa
Signing time:             Mon 30 Sep 2024 07:27:17 +0000
ROA not before:           Mon 30 Sep 2024 07:22:17 +0000
ROA not after:            Mon 29 Sep 2025 07:27:17 +0000
asID:                     50069
IP address blocks:        45.142.245.0/24 maxlen: 24
                          188.244.98.0/23 maxlen: 24
                          2a0d:2900::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:1d:a6:23:8f:ca:c8:4c:8e:2d:ad:aa:29:7a:cf:a9:91:b0:05:63
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Sep 30 07:22:17 2024 GMT
            Not After : Sep 29 07:27:17 2025 GMT
        Subject: CN=6B28FEB1B76700FACB45A2846E7729ECCD05B817
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:6a:d8:e6:64:65:a4:87:34:73:80:99:8a:40:
                    b8:09:85:29:4b:9b:c3:82:24:b8:20:b5:8a:76:db:
                    91:7a:25:68:e3:4b:18:4f:f7:f3:c1:b4:02:1c:97:
                    c4:c5:b0:ca:50:49:e4:5b:ca:c5:c3:0b:54:8e:2a:
                    f5:be:5e:8c:7f:34:3b:4e:7e:58:e3:1d:32:d7:b2:
                    c5:0c:24:b0:a5:b3:80:2c:3a:0e:47:e3:74:ee:0f:
                    1d:b0:57:4a:54:76:3a:ff:d7:62:30:cd:d2:70:b0:
                    55:a0:c8:c4:ea:3d:82:01:79:9d:e2:78:8d:38:64:
                    26:1d:16:e7:c2:31:da:84:65:c9:4e:52:de:d8:9f:
                    ad:7f:7d:3c:5d:72:1f:eb:56:d6:60:10:bd:7c:a1:
                    66:19:8d:68:fe:0c:03:5b:c1:e7:e2:54:62:a1:7b:
                    a5:81:e7:48:34:d3:88:cd:d4:d1:03:0e:a9:c0:60:
                    c3:37:37:80:8b:98:6f:1d:66:aa:e1:1f:80:99:07:
                    64:32:43:a2:0a:e1:08:49:49:e1:42:05:54:77:9e:
                    94:63:9b:16:72:0d:03:e1:9b:01:4f:e8:41:c2:c7:
                    2a:59:c2:95:94:7e:15:4f:c3:6f:ed:53:f7:5d:c0:
                    b7:fd:ad:55:d5:94:74:5f:6d:32:9f:1c:59:19:e7:
                    a2:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6B:28:FE:B1:B7:67:00:FA:CB:45:A2:84:6E:77:29:EC:CD:05:B8:17
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS50069.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.245.0/24
                  188.244.98.0/23
                IPv6:
                  2a0d:2900::/32

    Signature Algorithm: sha256WithRSAEncryption
         96:5c:9f:e6:f2:f6:01:04:96:67:43:35:12:91:79:35:68:9c:
         2f:b1:da:22:bd:c7:19:b8:01:d5:bc:1f:ce:51:70:a4:ff:e3:
         c4:53:fa:cc:48:73:b6:72:4d:0e:ca:54:20:e1:1b:16:9f:44:
         25:5f:ef:7b:72:33:29:32:90:26:80:7c:f3:4f:e6:91:45:4d:
         bb:22:ae:54:67:36:50:fd:7d:e0:af:bb:b5:88:6b:c2:fd:5d:
         5c:bb:42:6e:fd:20:f0:8b:b6:d4:c4:f7:58:cc:94:58:80:e4:
         56:5e:0e:2b:60:ec:05:2d:9d:4e:54:67:97:46:03:89:ff:5f:
         3a:1e:de:c1:95:9c:9d:1f:ec:bf:40:e8:f5:e1:c2:d1:14:52:
         f5:04:a6:9d:84:ec:61:61:60:0e:53:bf:83:cc:c4:94:4f:d7:
         d0:24:55:32:0e:39:d8:3c:ce:5a:5d:5e:bb:81:26:56:12:58:
         3b:c7:04:2c:9c:07:47:5c:7a:aa:1e:dd:9e:52:c5:a8:6e:61:
         09:cf:12:62:a5:66:b8:1f:88:78:46:63:ea:d7:79:5e:9b:8a:
         9b:e9:ad:02:3b:dc:3f:af:6b:d8:4d:0f:b7:72:97:79:f8:ef:
         b2:87:78:7a:16:82:ce:9e:a7:ba:f3:4e:09:49:d7:0b:94:25:
         c1:c9:0e:46
-----BEGIN CERTIFICATE-----
MIIEsDCCA5igAwIBAgIUIx2mI4/KyEyOLa2qKXrPqZGwBWMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNDA5MzAwNzIyMTdaFw0yNTA5MjkwNzI3MTdaMDMxMTAvBgNV
BAMTKDZCMjhGRUIxQjc2NzAwRkFDQjQ1QTI4NDZFNzcyOUVDQ0QwNUI4MTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKatjmZGWkhzRzgJmKQLgJhSlL
m8OCJLggtYp225F6JWjjSxhP9/PBtAIcl8TFsMpQSeRbysXDC1SOKvW+Xox/NDtO
fljjHTLXssUMJLCls4AsOg5H43TuDx2wV0pUdjr/12IwzdJwsFWgyMTqPYIBeZ3i
eI04ZCYdFufCMdqEZclOUt7Yn61/fTxdch/rVtZgEL18oWYZjWj+DANbwefiVGKh
e6WB50g004jN1NEDDqnAYMM3N4CLmG8dZqrhH4CZB2QyQ6IK4QhJSeFCBVR3npRj
mxZyDQPhmwFP6EHCxypZwpWUfhVPw2/tU/ddwLf9rVXVlHRfbTKfHFkZ56KXAgMB
AAGjggG6MIIBtjAdBgNVHQ4EFgQUayj+sbdnAPrLRaKEbncp7M0FuBcwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM1MDA2OS5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjA0BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAC2O9QMEAbz0
YjANBAIAAjAHAwUAKg0pADANBgkqhkiG9w0BAQsFAAOCAQEAllyf5vL2AQSWZ0M1
EpF5NWicL7HaIr3HGbgB1bwfzlFwpP/jxFP6zEhztnJNDspUIOEbFp9EJV/ve3Iz
KTKQJoB880/mkUVNuyKuVGc2UP194K+7tYhrwv1dXLtCbv0g8Iu21MT3WMyUWIDk
Vl4OK2DsBS2dTlRnl0YDif9fOh7ewZWcnR/sv0Do9eHC0RRS9QSmnYTsYWFgDlO/
g8zElE/X0CRVMg452DzOWl1eu4EmVhJYO8cELJwHR1x6qh7dnlLFqG5hCc8SYqVm
uB+IeEZj6td5XpuKm+mtAjvcP69r2E0Pt3KXefjvsod4ehaCzp6nuvNOCUnXC5Ql
wckORg==
-----END CERTIFICATE-----