Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS58313.roa
File:                     AS58313.roa (raw, json)
Hash identifier:          SQ63gOL6QvTzVortizycU1Du2Yfq/Jb9Y37PcaaDlBs=
Subject key identifier:   99:1B:89:C6:35:0F:62:62:FE:1D:E2:9E:59:0F:C5:A1:6F:3A:CD:19
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       44A6D047E7448E8785C280CCF76C7930FAE8557D
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS58313.roa
Signing time:             Wed 22 Oct 2025 21:31:25 +0000
ROA not before:           Wed 22 Oct 2025 21:26:25 +0000
ROA not after:            Wed 21 Oct 2026 21:31:25 +0000
asID:                     58313
IP address blocks:        45.142.244.0/24 maxlen: 24
                          2a0f:3b03::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 24 Oct 2025 02:07:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:a6:d0:47:e7:44:8e:87:85:c2:80:cc:f7:6c:79:30:fa:e8:55:7d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Oct 22 21:26:25 2025 GMT
            Not After : Oct 21 21:31:25 2026 GMT
        Subject: CN=991B89C6350F6262FE1DE29E590FC5A16F3ACD19
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f0:c0:e3:5e:fb:51:e2:29:70:96:f1:16:60:d7:
                    98:95:4a:71:59:17:19:5e:71:56:e7:6f:9d:4e:50:
                    e4:9f:00:3c:02:48:cd:a4:2a:6e:e5:71:b8:50:60:
                    48:b7:7a:9a:d0:20:e1:ce:62:21:87:7f:05:86:83:
                    16:46:bb:e7:fe:05:6e:fd:55:6a:f8:af:eb:b2:ee:
                    f7:46:ed:23:d3:98:db:08:a4:4c:28:3e:c8:27:88:
                    dc:69:bd:8d:53:27:86:83:71:0e:72:0d:c6:d9:8a:
                    f9:87:10:ec:26:2f:9e:55:45:66:2d:99:99:e5:db:
                    ef:80:97:58:c6:1b:9d:f9:bf:74:65:cf:27:a1:0a:
                    0e:d8:59:2c:bd:da:df:ec:30:27:a8:85:a1:e8:08:
                    ba:f9:ed:89:b9:1f:05:57:52:1a:05:8e:58:27:f8:
                    cc:9d:18:b5:ba:3e:1a:1d:96:1f:b1:8b:58:7f:7f:
                    1e:7b:2d:22:c7:76:3c:c3:dd:50:bf:69:99:5c:90:
                    be:91:80:14:cb:2b:95:ac:53:e2:51:2a:1e:25:62:
                    6a:b2:0c:55:1c:03:43:88:58:07:a5:31:fc:cb:3a:
                    80:da:bb:08:94:e9:ff:94:48:36:a7:e3:52:3d:19:
                    63:c3:56:c3:d0:06:ae:45:1c:67:e1:12:d3:6c:9f:
                    97:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                99:1B:89:C6:35:0F:62:62:FE:1D:E2:9E:59:0F:C5:A1:6F:3A:CD:19
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS58313.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.244.0/24
                IPv6:
                  2a0f:3b03::/32

    Signature Algorithm: sha256WithRSAEncryption
         c3:ab:42:00:70:b6:d0:c9:17:57:9c:ba:f6:5e:04:5f:67:32:
         ba:a1:cc:a0:28:36:43:9a:81:b8:3c:8b:4d:1e:dd:ee:53:72:
         ee:4a:c8:c0:e1:a0:cb:54:61:cb:e8:40:81:5e:c1:9f:42:af:
         c9:e5:21:e3:88:f9:67:4d:99:28:70:ff:1d:42:da:85:bb:92:
         47:1e:a8:81:d3:87:a2:5f:ea:7a:df:bb:cd:e6:ec:5d:ed:5c:
         82:c6:1b:84:5f:2c:4b:92:f2:ee:52:cd:3b:be:bb:f4:90:6f:
         dc:3c:44:8d:59:8f:ef:3b:0f:8a:7f:52:ec:c6:f6:41:95:29:
         e2:4f:64:fb:b1:59:23:43:0b:3e:47:fd:72:8f:03:fc:14:92:
         f2:dc:e4:b8:ac:78:00:d3:79:0c:bd:e7:87:ca:e4:cc:9b:07:
         b1:3c:82:e1:f7:67:26:3f:ef:93:9a:12:ee:a8:21:55:ba:c0:
         dc:c6:5f:c2:08:1d:ba:12:87:67:93:6e:fb:65:4e:99:5f:4c:
         e6:46:3e:65:ac:00:72:22:16:a6:f8:d7:ca:51:1a:88:b5:f3:
         03:87:c8:98:6b:45:5d:d5:bd:09:51:69:5c:d4:24:6d:2d:b0:
         15:4c:28:66:2f:89:7a:7e:1e:4d:79:a8:d3:d8:59:71:50:ea:
         39:0c:10:99
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIURKbQR+dEjoeFwoDM92x5MProVX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNTEwMjIyMTI2MjVaFw0yNjEwMjEyMTMxMjVaMDMxMTAvBgNV
BAMTKDk5MUI4OUM2MzUwRjYyNjJGRTFERTI5RTU5MEZDNUExNkYzQUNEMTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDwwONe+1HiKXCW8RZg15iVSnFZ
FxlecVbnb51OUOSfADwCSM2kKm7lcbhQYEi3eprQIOHOYiGHfwWGgxZGu+f+BW79
VWr4r+uy7vdG7SPTmNsIpEwoPsgniNxpvY1TJ4aDcQ5yDcbZivmHEOwmL55VRWYt
mZnl2++Al1jGG535v3RlzyehCg7YWSy92t/sMCeohaHoCLr57Ym5HwVXUhoFjlgn
+MydGLW6Phodlh+xi1h/fx57LSLHdjzD3VC/aZlckL6RgBTLK5WsU+JRKh4lYmqy
DFUcA0OIWAelMfzLOoDauwiU6f+USDan41I9GWPDVsPQBq5FHGfhEtNsn5dJAgMB
AAGjggG0MIIBsDAdBgNVHQ4EFgQUmRuJxjUPYmL+HeKeWQ/FoW86zRkwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM1ODMxMy5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAC2O9DANBAIA
AjAHAwUAKg87AzANBgkqhkiG9w0BAQsFAAOCAQEAw6tCAHC20MkXV5y69l4EX2cy
uqHMoCg2Q5qBuDyLTR7d7lNy7krIwOGgy1Rhy+hAgV7Bn0KvyeUh44j5Z02ZKHD/
HULahbuSRx6ogdOHol/qet+7zebsXe1cgsYbhF8sS5Ly7lLNO7679JBv3DxEjVmP
7zsPin9S7Mb2QZUp4k9k+7FZI0MLPkf9co8D/BSS8tzkuKx4ANN5DL3nh8rkzJsH
sTyC4fdnJj/vk5oS7qghVbrA3MZfwggduhKHZ5Nu+2VOmV9M5kY+ZawAciIWpvjX
ylEaiLXzA4fImGtFXdW9CVFpXNQkbS2wFUwoZi+Jen4eTXmo09hZcVDqOQwQmQ==
-----END CERTIFICATE-----