Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS62230.roa
File:                     AS62230.roa (raw, json)
Hash identifier:          J9Nl54BrifM0oGMAjtZsQCDgk4nczKb7wlqa5O3mzg0=
Subject key identifier:   1D:3C:24:30:27:68:E8:E4:D6:DA:7F:67:CF:F7:09:EF:55:1C:FE:D5
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       231F3B6CB64EACF85BAE68B6F19E132AFAEF2C6D
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS62230.roa
Signing time:             Wed 20 Dec 2023 21:30:06 +0000
ROA not before:           Wed 20 Dec 2023 21:25:06 +0000
ROA not after:            Wed 18 Dec 2024 21:30:06 +0000
asID:                     62230
IP address blocks:        2a0d:2901::/32 maxlen: 48

Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 29 May 2024 08:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            23:1f:3b:6c:b6:4e:ac:f8:5b:ae:68:b6:f1:9e:13:2a:fa:ef:2c:6d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Dec 20 21:25:06 2023 GMT
            Not After : Dec 18 21:30:06 2024 GMT
        Subject: CN=1D3C24302768E8E4D6DA7F67CFF709EF551CFED5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:f9:a1:d6:fa:8b:5d:bc:c2:56:ae:46:01:45:
                    66:39:25:f1:fe:c9:69:c2:01:1e:74:29:0a:b4:e5:
                    65:04:9d:79:74:64:c6:06:fa:a6:93:16:2c:63:66:
                    2f:94:ac:02:94:eb:d9:81:43:71:5e:8a:23:7a:34:
                    29:be:b6:66:b4:90:a1:f3:0b:df:06:b6:b0:15:8a:
                    d2:a1:77:eb:25:a4:c1:06:b4:8c:dd:3e:ae:ab:b8:
                    47:ce:95:43:73:05:24:02:17:6e:b6:9b:83:f8:ce:
                    f6:05:60:e5:0f:a3:6e:d8:40:95:5b:6f:32:2c:bc:
                    fc:8d:52:f0:44:b8:c8:88:06:53:98:7e:28:c1:00:
                    0a:7c:d6:0f:c7:f9:9d:b8:93:ec:27:fe:be:37:86:
                    a5:5d:e0:ab:a1:7a:68:38:0b:fc:d8:a5:2d:a6:da:
                    8a:66:f7:6e:d2:35:79:51:31:70:34:dc:27:e7:70:
                    fe:7a:c9:1a:4e:24:1e:11:88:09:06:4b:24:8d:17:
                    97:e0:29:99:b3:fd:ab:e7:b7:76:a7:7f:91:83:c7:
                    e3:52:c7:12:41:73:f6:53:89:22:00:19:9a:e2:41:
                    89:da:96:65:2a:1b:48:f6:91:94:bb:7d:1f:4d:78:
                    ad:df:66:19:22:fa:3e:d5:db:46:fa:4a:7b:9a:32:
                    bf:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:3C:24:30:27:68:E8:E4:D6:DA:7F:67:CF:F7:09:EF:55:1C:FE:D5
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS62230.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:2901::/32

    Signature Algorithm: sha256WithRSAEncryption
         97:51:45:f8:5f:dc:73:5e:11:82:93:4a:7e:a4:61:3c:ce:31:
         6c:ad:30:a5:4b:45:60:42:fc:9b:71:55:9a:99:6d:ab:5d:90:
         fb:1f:3a:e4:6f:ba:45:cd:0c:00:8c:0e:60:55:bb:d9:a5:a0:
         da:1e:0b:6e:31:ab:3e:83:0b:d0:da:40:03:39:66:25:b2:ee:
         f6:c1:b8:af:1d:18:f8:6d:e6:6b:9a:10:4c:17:ea:ed:5c:06:
         07:1a:be:44:73:84:9a:97:2c:dc:03:55:ef:27:0c:c7:95:e9:
         fb:8d:8b:fa:80:3d:24:c2:18:8a:a0:dc:7f:36:ab:e2:94:ad:
         48:f1:6b:ad:cf:ad:fa:a0:49:05:06:78:c6:62:7a:bf:39:cf:
         df:63:e8:5c:72:43:ed:09:53:9c:9f:b9:ba:f9:67:da:12:3a:
         ee:ad:6d:19:8f:cd:df:2d:c0:76:5e:28:5a:8c:75:5a:98:ab:
         d6:8c:a6:30:d4:df:3c:49:65:01:02:5f:01:e6:ae:c1:02:d8:
         18:28:d2:8e:76:76:c3:cd:6a:1e:cb:a4:37:0a:0d:27:38:1f:
         af:99:08:d8:99:fd:f6:47:d8:9e:fa:51:8a:0d:00:5c:9e:75:
         7c:31:8b:23:33:ba:db:db:86:53:cb:03:a4:94:df:95:26:ca:
         77:2c:79:6e
-----BEGIN CERTIFICATE-----
MIIEnDCCA4SgAwIBAgIUIx87bLZOrPhbrmi28Z4TKvrvLG0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMjAyMTI1MDZaFw0yNDEyMTgyMTMwMDZaMDMxMTAvBgNV
BAMTKDFEM0MyNDMwMjc2OEU4RTRENkRBN0Y2N0NGRjcwOUVGNTUxQ0ZFRDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDG+aHW+otdvMJWrkYBRWY5JfH+
yWnCAR50KQq05WUEnXl0ZMYG+qaTFixjZi+UrAKU69mBQ3FeiiN6NCm+tma0kKHz
C98GtrAVitKhd+slpMEGtIzdPq6ruEfOlUNzBSQCF262m4P4zvYFYOUPo27YQJVb
bzIsvPyNUvBEuMiIBlOYfijBAAp81g/H+Z24k+wn/r43hqVd4Kuhemg4C/zYpS2m
2opm927SNXlRMXA03CfncP56yRpOJB4RiAkGSySNF5fgKZmz/avnt3anf5GDx+NS
xxJBc/ZTiSIAGZriQYnalmUqG0j2kZS7fR9NeK3fZhki+j7V20b6SnuaMr9NAgMB
AAGjggGmMIIBojAdBgNVHQ4EFgQUHTwkMCdo6OTW2n9nz/cJ71Uc/tUwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM2MjIzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoNKQEwDQYJ
KoZIhvcNAQELBQADggEBAJdRRfhf3HNeEYKTSn6kYTzOMWytMKVLRWBC/JtxVZqZ
batdkPsfOuRvukXNDACMDmBVu9mloNoeC24xqz6DC9DaQAM5ZiWy7vbBuK8dGPht
5muaEEwX6u1cBgcavkRzhJqXLNwDVe8nDMeV6fuNi/qAPSTCGIqg3H82q+KUrUjx
a63PrfqgSQUGeMZier85z99j6FxyQ+0JU5yfubr5Z9oSOu6tbRmPzd8twHZeKFqM
dVqYq9aMpjDU3zxJZQECXwHmrsEC2Bgo0o52dsPNah7LpDcKDSc4H6+ZCNiZ/fZH
2J76UYoNAFyedXwxiyMzutvbhlPLA6SU35UmyncseW4=
-----END CERTIFICATE-----