Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS51928.roa
File:                     AS51928.roa (raw, json)
Hash identifier:          mvyJrpJq99y/Otmh38xYLkU4y1TUnoFa0p02p9FuOx0=
Subject key identifier:   8F:ED:C3:6C:30:D0:80:5D:CF:BC:F2:C4:9C:B8:E8:A2:41:DA:F9:A6
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       034EF5173EA678A534851D222FEB6E9390139FB5
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS51928.roa
Signing time:             Wed 20 Nov 2024 21:30:32 +0000
ROA not before:           Wed 20 Nov 2024 21:25:32 +0000
ROA not after:            Wed 19 Nov 2025 21:30:32 +0000
asID:                     51928
IP address blocks:        185.234.212.0/24 maxlen: 24
                          2a0e:6904::/31 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:4e:f5:17:3e:a6:78:a5:34:85:1d:22:2f:eb:6e:93:90:13:9f:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Nov 20 21:25:32 2024 GMT
            Not After : Nov 19 21:30:32 2025 GMT
        Subject: CN=8FEDC36C30D0805DCFBCF2C49CB8E8A241DAF9A6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:d8:94:f5:f4:c1:e6:e4:7f:1e:f9:de:47:05:
                    15:42:91:be:11:d6:4a:cb:74:fc:d2:ca:13:7c:c1:
                    cf:c6:22:6b:01:6a:ae:14:3e:b2:0e:61:14:e6:d7:
                    59:42:e3:a6:86:7a:8e:73:9c:15:d2:98:3a:48:07:
                    4f:41:c5:67:74:4c:50:30:1f:ba:6a:af:98:6b:77:
                    78:93:aa:b7:10:50:27:7d:b3:db:1d:f1:3d:53:d5:
                    fb:3f:47:d6:b1:ce:af:88:23:2f:15:45:ac:be:f9:
                    ac:87:61:ce:7c:64:a8:87:e9:c8:d1:ff:0a:2c:44:
                    2e:93:fb:d9:34:32:47:ee:76:5f:e8:ba:0e:52:df:
                    24:8e:e6:aa:3e:09:06:17:39:f8:9d:20:05:19:0e:
                    f1:f7:78:2e:be:bc:1b:4c:ed:5b:60:f5:cb:6a:98:
                    db:6b:23:1e:e9:28:2d:dd:82:e6:3b:02:e7:56:43:
                    f8:61:e6:73:01:91:75:32:11:ba:7c:77:a7:72:13:
                    0b:98:f0:64:0e:f3:8f:41:5a:dd:ac:b7:a8:42:95:
                    48:6b:66:ca:7d:25:66:bd:4d:84:20:88:3d:d9:ca:
                    41:8a:5a:8b:44:8e:db:f1:65:04:81:b1:e8:f2:f0:
                    4d:02:c4:f3:15:fd:30:ff:75:ff:e1:e7:ce:60:52:
                    19:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8F:ED:C3:6C:30:D0:80:5D:CF:BC:F2:C4:9C:B8:E8:A2:41:DA:F9:A6
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS51928.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.234.212.0/24
                IPv6:
                  2a0e:6904::/31

    Signature Algorithm: sha256WithRSAEncryption
         b3:85:e1:99:76:2d:40:c9:85:b9:00:7c:c1:4b:d6:89:2f:60:
         f8:c1:21:26:58:f7:fe:75:90:5b:d1:bd:fe:86:81:36:3f:60:
         4e:4e:0f:6f:32:26:06:f4:15:50:ad:55:54:40:4e:bc:71:de:
         87:f1:69:8c:90:18:40:83:0d:4c:b4:2b:25:40:8c:34:50:ca:
         1e:19:d6:71:61:45:fc:8b:25:da:79:29:58:c1:c4:64:0a:aa:
         bc:2c:ed:df:2e:a0:fe:09:9f:95:8f:51:32:cd:f5:96:4b:fe:
         93:9a:37:a0:80:75:cc:5f:b0:05:05:e1:20:69:78:56:7c:7d:
         23:f2:48:23:b6:ca:82:5e:dc:72:b8:16:df:14:50:b7:8a:4b:
         16:9e:a9:e5:6d:ed:ea:78:e1:ec:74:2c:ad:3a:e4:1d:bd:8a:
         f0:38:43:9b:4b:92:e9:e8:61:30:6d:65:f4:7e:d0:99:e4:02:
         12:92:03:0b:16:7a:c6:8d:59:aa:73:82:d7:02:db:f4:26:8f:
         e6:d0:16:f0:48:d8:b3:ee:6c:08:92:43:a5:3e:69:ee:6e:f6:
         0d:10:f6:ff:3b:12:cb:6b:23:01:11:31:0b:86:ba:7f:8e:b3:
         9b:1c:57:98:96:be:e0:f6:35:84:1d:78:b6:31:46:ed:08:2f:
         c2:bf:a5:cf
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIUA071Fz6meKU0hR0iL+tuk5ATn7UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNDExMjAyMTI1MzJaFw0yNTExMTkyMTMwMzJaMDMxMTAvBgNV
BAMTKDhGRURDMzZDMzBEMDgwNURDRkJDRjJDNDlDQjhFOEEyNDFEQUY5QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCn2JT19MHm5H8e+d5HBRVCkb4R
1krLdPzSyhN8wc/GImsBaq4UPrIOYRTm11lC46aGeo5znBXSmDpIB09BxWd0TFAw
H7pqr5hrd3iTqrcQUCd9s9sd8T1T1fs/R9axzq+IIy8VRay++ayHYc58ZKiH6cjR
/wosRC6T+9k0Mkfudl/oug5S3ySO5qo+CQYXOfidIAUZDvH3eC6+vBtM7Vtg9ctq
mNtrIx7pKC3dguY7AudWQ/hh5nMBkXUyEbp8d6dyEwuY8GQO849BWt2st6hClUhr
Zsp9JWa9TYQgiD3ZykGKWotEjtvxZQSBsejy8E0CxPMV/TD/df/h585gUhnzAgMB
AAGjggG0MIIBsDAdBgNVHQ4EFgQUj+3DbDDQgF3PvPLEnLjookHa+aYwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM1MTkyOC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALnq1DANBAIA
AjAHAwUBKg5pBDANBgkqhkiG9w0BAQsFAAOCAQEAs4XhmXYtQMmFuQB8wUvWiS9g
+MEhJlj3/nWQW9G9/oaBNj9gTk4PbzImBvQVUK1VVEBOvHHeh/FpjJAYQIMNTLQr
JUCMNFDKHhnWcWFF/Isl2nkpWMHEZAqqvCzt3y6g/gmflY9RMs31lkv+k5o3oIB1
zF+wBQXhIGl4Vnx9I/JII7bKgl7ccrgW3xRQt4pLFp6p5W3t6njh7HQsrTrkHb2K
8DhDm0uS6ehhMG1l9H7QmeQCEpIDCxZ6xo1ZqnOC1wLb9CaP5tAW8EjYs+5sCJJD
pT5p7m72DRD2/zsSy2sjARExC4a6f46zmxxXmJa+4PY1hB14tjFG7Qgvwr+lzw==
-----END CERTIFICATE-----