Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS58313.roa
File:                     AS58313.roa (raw, json)
Hash identifier:          xaG3qXYkqH+8y3a0GuVklJrWTn19JqxNwdpfLoVjz0Y=
Subject key identifier:   AA:AF:63:28:6D:D7:87:59:EA:C3:25:1D:B6:09:FD:4D:A7:7A:0A:1A
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       2E9E11D20801C20E48FFF84528E43FD70FE89905
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS58313.roa
Signing time:             Wed 20 Nov 2024 21:30:35 +0000
ROA not before:           Wed 20 Nov 2024 21:25:35 +0000
ROA not after:            Wed 19 Nov 2025 21:30:35 +0000
asID:                     58313
IP address blocks:        45.142.244.0/24 maxlen: 24
                          2a0f:3b03::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            2e:9e:11:d2:08:01:c2:0e:48:ff:f8:45:28:e4:3f:d7:0f:e8:99:05
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Nov 20 21:25:35 2024 GMT
            Not After : Nov 19 21:30:35 2025 GMT
        Subject: CN=AAAF63286DD78759EAC3251DB609FD4DA77A0A1A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:e5:ae:db:98:7e:21:a3:1a:31:a9:4a:af:66:
                    70:c3:b6:d7:75:0d:d5:25:cd:76:0c:b4:79:26:b9:
                    ff:77:53:09:11:80:31:39:86:a4:d2:30:3e:4c:b4:
                    dd:52:aa:d9:fe:6e:a6:79:ed:71:dd:24:72:2d:d9:
                    66:d4:40:63:97:60:f5:65:bf:bf:4b:1e:0d:91:82:
                    89:c9:bb:22:22:b1:6c:54:29:05:8a:0f:57:71:32:
                    ca:90:1b:15:79:1a:b7:72:26:2b:81:31:9e:9f:7b:
                    e2:4f:1f:b5:28:c1:5a:a3:dc:62:82:f3:0d:75:c3:
                    91:a6:50:45:48:23:1d:5b:a5:ef:99:ec:b8:c6:df:
                    31:11:9b:79:5c:c6:9b:c6:2d:f0:57:a2:24:bb:2a:
                    44:02:92:82:57:f1:ea:8c:f8:83:eb:dc:a3:b6:29:
                    d9:94:08:6a:c0:6c:62:c7:3a:1e:6b:36:ba:42:ec:
                    6f:d7:f1:bc:71:95:02:89:4e:12:ca:9f:25:c1:f9:
                    9d:e2:3f:fc:bf:d3:72:91:c7:db:e8:fe:31:9d:3e:
                    81:73:79:3d:1d:26:a8:6c:bc:5a:c2:0a:2f:a7:ea:
                    ef:1c:63:30:07:e6:54:e5:84:ea:de:c5:53:09:d5:
                    c5:62:e4:40:68:aa:b0:b7:e8:75:37:28:ba:17:4f:
                    28:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:AF:63:28:6D:D7:87:59:EA:C3:25:1D:B6:09:FD:4D:A7:7A:0A:1A
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS58313.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.142.244.0/24
                IPv6:
                  2a0f:3b03::/32

    Signature Algorithm: sha256WithRSAEncryption
         8c:e0:10:81:04:df:09:2a:1e:98:18:e1:79:f6:42:76:34:d9:
         f1:ca:7e:d1:88:33:47:c2:b2:e1:9b:9f:4c:19:35:8c:44:77:
         20:0f:7c:d3:70:8e:ef:47:f7:3b:6b:c2:75:a3:20:bc:79:38:
         3f:e8:c6:de:e6:17:fc:1a:c2:a6:7a:97:0a:71:1d:18:51:cd:
         54:b6:55:4c:c1:11:e2:ab:05:8b:36:b0:55:7c:e0:17:c4:6f:
         11:f3:a0:d2:de:68:b4:3b:ff:60:ff:27:7f:b5:e1:ba:7a:f6:
         e0:20:a6:7f:71:b6:50:55:28:da:67:42:2f:67:47:85:7e:69:
         ef:40:37:b0:f8:3d:f6:16:b1:1f:f3:ed:8f:4f:04:a4:2b:e6:
         92:f9:2e:9e:ed:8c:f3:9f:c7:da:89:04:1c:4e:c8:d5:64:84:
         54:06:0d:65:9b:8d:fd:ea:93:2a:bd:0f:8d:e5:52:e9:65:2b:
         13:da:92:c5:b8:47:63:09:46:65:32:0f:37:47:9b:56:81:cb:
         82:52:62:4f:f2:25:e6:4b:30:0a:7d:72:6b:d6:bc:9c:e8:46:
         21:2b:58:45:0f:ea:10:f3:60:6d:52:07:cd:a9:ef:01:db:15:
         3e:25:96:15:26:f1:2d:eb:23:6f:46:71:7f:2f:a2:8f:76:64:
         9b:50:14:76
-----BEGIN CERTIFICATE-----
MIIEqjCCA5KgAwIBAgIULp4R0ggBwg5I//hFKOQ/1w/omQUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNDExMjAyMTI1MzVaFw0yNTExMTkyMTMwMzVaMDMxMTAvBgNV
BAMTKEFBQUY2MzI4NkRENzg3NTlFQUMzMjUxREI2MDlGRDREQTc3QTBBMUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDa5a7bmH4hoxoxqUqvZnDDttd1
DdUlzXYMtHkmuf93UwkRgDE5hqTSMD5MtN1Sqtn+bqZ57XHdJHIt2WbUQGOXYPVl
v79LHg2RgonJuyIisWxUKQWKD1dxMsqQGxV5GrdyJiuBMZ6fe+JPH7UowVqj3GKC
8w11w5GmUEVIIx1bpe+Z7LjG3zERm3lcxpvGLfBXoiS7KkQCkoJX8eqM+IPr3KO2
KdmUCGrAbGLHOh5rNrpC7G/X8bxxlQKJThLKnyXB+Z3iP/y/03KRx9vo/jGdPoFz
eT0dJqhsvFrCCi+n6u8cYzAH5lTlhOrexVMJ1cVi5EBoqrC36HU3KLoXTyihAgMB
AAGjggG0MIIBsDAdBgNVHQ4EFgQUqq9jKG3Xh1nqwyUdtgn9Tad6ChowHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM1ODMxMy5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAuBggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAC2O9DANBAIA
AjAHAwUAKg87AzANBgkqhkiG9w0BAQsFAAOCAQEAjOAQgQTfCSoemBjhefZCdjTZ
8cp+0YgzR8Ky4ZufTBk1jER3IA9803CO70f3O2vCdaMgvHk4P+jG3uYX/BrCpnqX
CnEdGFHNVLZVTMER4qsFizawVXzgF8RvEfOg0t5otDv/YP8nf7Xhunr24CCmf3G2
UFUo2mdCL2dHhX5p70A3sPg99haxH/Ptj08EpCvmkvkunu2M85/H2okEHE7I1WSE
VAYNZZuN/eqTKr0PjeVS6WUrE9qSxbhHYwlGZTIPN0ebVoHLglJiT/Il5kswCn1y
a9a8nOhGIStYRQ/qEPNgbVIHzanvAdsVPiWWFSbxLesjb0Zxfy+ij3Zkm1AUdg==
-----END CERTIFICATE-----