Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS62230.roa
File:                     AS62230.roa (raw, json)
Hash identifier:          Y2+iI+G0nNLUt5RRwlbFFbd8krhrrbP+lZSA7GfKfMU=
Subject key identifier:   4A:91:1D:81:35:3A:AE:1F:F5:C2:28:7F:19:7D:97:6B:19:75:3B:DA
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       26CFA50B9B345AB4ECF36AD39A542FA817E4235F
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS62230.roa
Signing time:             Wed 20 Nov 2024 21:30:30 +0000
ROA not before:           Wed 20 Nov 2024 21:25:30 +0000
ROA not after:            Wed 19 Nov 2025 21:30:30 +0000
asID:                     62230
IP address blocks:        2a0d:2901::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 23 Nov 2024 03:00:10 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:cf:a5:0b:9b:34:5a:b4:ec:f3:6a:d3:9a:54:2f:a8:17:e4:23:5f
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Nov 20 21:25:30 2024 GMT
            Not After : Nov 19 21:30:30 2025 GMT
        Subject: CN=4A911D81353AAE1FF5C2287F197D976B19753BDA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f6:f8:c5:01:dd:86:0d:9d:6b:4f:77:ed:34:68:
                    ba:60:bc:fe:9a:fa:cc:d3:f2:5e:4e:13:c6:60:12:
                    f4:8f:c6:c3:2b:0f:74:1e:f7:8a:4b:6f:10:5e:cd:
                    17:b4:42:2e:be:62:f0:9e:ea:ab:dc:6e:c1:05:4a:
                    5d:97:f1:82:5f:be:65:a4:12:11:19:d0:e5:66:51:
                    25:cf:8c:db:11:fa:2d:29:7e:20:e0:fb:f7:6c:ed:
                    2a:cc:85:1e:9d:b6:8e:40:ec:d7:af:9c:a2:5b:f5:
                    45:dc:27:ff:cf:7e:71:4d:ab:68:03:38:92:2b:c7:
                    6d:88:38:18:c9:33:c1:64:f9:2d:22:a6:e5:24:c5:
                    39:4c:aa:a1:18:d9:41:e8:ff:a1:33:a1:08:b9:75:
                    fe:72:99:6e:d0:87:ee:17:47:c0:15:b7:f4:95:56:
                    d3:33:78:1f:70:be:6a:40:d9:5f:07:36:5e:75:1c:
                    2f:f1:4c:4d:07:12:f1:a0:fc:5f:b4:a2:29:39:68:
                    91:c2:7d:ac:21:9f:4e:f7:ab:3b:af:5d:64:4e:2a:
                    62:23:58:9f:5e:1c:42:ae:af:1c:97:6e:89:87:0a:
                    1f:40:4d:94:af:3f:e3:d5:58:84:61:7e:09:3f:6e:
                    56:ed:73:a7:e6:06:0f:6c:3c:0f:32:c0:a2:e9:dd:
                    1b:0b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4A:91:1D:81:35:3A:AE:1F:F5:C2:28:7F:19:7D:97:6B:19:75:3B:DA
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS62230.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:2901::/32

    Signature Algorithm: sha256WithRSAEncryption
         38:68:2f:79:1d:c0:61:50:d9:30:e0:f0:e1:c4:2e:fe:9b:68:
         d1:8a:7c:d3:3d:fc:a1:35:4b:4e:7d:15:a6:cd:a8:e4:46:d0:
         49:a8:b8:b6:43:1f:57:96:51:72:ad:8b:70:81:f3:98:e5:f1:
         9c:41:9d:50:ba:b7:87:05:79:56:ee:f5:16:b2:20:e3:c3:26:
         82:61:23:dd:b5:a9:7e:32:51:04:53:20:69:f3:40:65:ec:8a:
         d0:a4:68:97:6e:02:53:36:6b:31:7b:66:89:9c:4c:07:a4:9d:
         86:1c:c8:ad:a3:10:b7:9e:7b:12:77:86:83:c6:b6:d4:08:09:
         d9:af:15:9b:fa:b9:97:1d:5c:87:35:71:66:d6:c3:a9:b6:5d:
         c5:58:9e:09:8b:c2:7a:dd:72:9e:23:b5:34:cf:85:b7:b5:b0:
         b6:d8:57:6e:66:d3:f1:d8:0f:69:c8:3c:60:00:67:a9:da:ea:
         51:06:93:c1:cc:7b:f6:4f:05:0e:ab:ae:a3:28:5d:cb:f7:a7:
         c5:a4:23:29:4d:d4:3b:c9:39:eb:e2:f5:55:c4:26:a7:81:f3:
         e5:2e:e6:a7:61:21:f8:73:53:ba:81:28:6f:c0:bd:02:6c:62:
         ea:cd:9c:7f:c2:3a:f7:a3:dc:f9:86:5a:f7:b6:f0:8e:b9:b9:
         38:1e:a8:03
-----BEGIN CERTIFICATE-----
MIIEnDCCA4SgAwIBAgIUJs+lC5s0WrTs82rTmlQvqBfkI18wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNDExMjAyMTI1MzBaFw0yNTExMTkyMTMwMzBaMDMxMTAvBgNV
BAMTKDRBOTExRDgxMzUzQUFFMUZGNUMyMjg3RjE5N0Q5NzZCMTk3NTNCREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD2+MUB3YYNnWtPd+00aLpgvP6a
+szT8l5OE8ZgEvSPxsMrD3Qe94pLbxBezRe0Qi6+YvCe6qvcbsEFSl2X8YJfvmWk
EhEZ0OVmUSXPjNsR+i0pfiDg+/ds7SrMhR6dto5A7NevnKJb9UXcJ//PfnFNq2gD
OJIrx22IOBjJM8Fk+S0ipuUkxTlMqqEY2UHo/6EzoQi5df5ymW7Qh+4XR8AVt/SV
VtMzeB9wvmpA2V8HNl51HC/xTE0HEvGg/F+0oik5aJHCfawhn073qzuvXWROKmIj
WJ9eHEKurxyXbomHCh9ATZSvP+PVWIRhfgk/blbtc6fmBg9sPA8ywKLp3RsLAgMB
AAGjggGmMIIBojAdBgNVHQ4EFgQUSpEdgTU6rh/1wih/GX2Xaxl1O9owHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM2MjIzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoNKQEwDQYJ
KoZIhvcNAQELBQADggEBADhoL3kdwGFQ2TDg8OHELv6baNGKfNM9/KE1S059FabN
qORG0EmouLZDH1eWUXKti3CB85jl8ZxBnVC6t4cFeVbu9RayIOPDJoJhI921qX4y
UQRTIGnzQGXsitCkaJduAlM2azF7ZomcTAeknYYcyK2jELeeexJ3hoPGttQICdmv
FZv6uZcdXIc1cWbWw6m2XcVYngmLwnrdcp4jtTTPhbe1sLbYV25m0/HYD2nIPGAA
Z6na6lEGk8HMe/ZPBQ6rrqMoXcv3p8WkIylN1DvJOevi9VXEJqeB8+Uu5qdhIfhz
U7qBKG/AvQJsYurNnH/COvej3PmGWve28I65uTgeqAM=
-----END CERTIFICATE-----