Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS62230.roa
File:                     AS62230.roa (raw, json)
Hash identifier:          Ke2d1Umto1inwjrpVXwRxze6MUeaOLbexs8is3HlTpM=
Subject key identifier:   E8:98:76:3B:59:61:1A:0E:CE:44:DB:75:EF:34:D3:E8:89:0C:DE:B9
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       2477205DC3BF3C6012C4909152703AABEF61F2ED
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS62230.roa
Signing time:             Wed 22 Oct 2025 21:31:26 +0000
ROA not before:           Wed 22 Oct 2025 21:26:26 +0000
ROA not after:            Wed 21 Oct 2026 21:31:26 +0000
asID:                     62230
IP address blocks:        2a0d:2901::/32 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 24 Oct 2025 02:07:27 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:77:20:5d:c3:bf:3c:60:12:c4:90:91:52:70:3a:ab:ef:61:f2:ed
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Oct 22 21:26:26 2025 GMT
            Not After : Oct 21 21:31:26 2026 GMT
        Subject: CN=E898763B59611A0ECE44DB75EF34D3E8890CDEB9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:80:6f:68:96:73:02:82:af:14:9a:5f:d0:f1:
                    e0:90:e5:63:e4:f4:f5:f4:6d:75:db:6f:57:b1:ed:
                    38:dd:54:d5:61:d6:f3:b9:10:17:48:da:39:4f:0e:
                    18:f4:84:2b:d7:83:95:64:6f:c3:08:99:d0:e2:1f:
                    77:12:9e:94:3a:e3:5a:30:21:db:93:70:fa:44:ba:
                    29:8f:7a:a3:76:1b:05:49:58:2d:2d:c9:c7:0e:00:
                    da:4d:f8:40:f4:5b:d9:94:bf:06:d9:4b:3e:c7:f5:
                    e4:70:8c:25:c5:d9:6f:30:39:90:86:f2:cd:49:40:
                    a0:f1:74:0c:d9:93:b8:9e:f8:68:be:5a:25:fe:9b:
                    54:8a:6e:51:15:db:3c:40:1c:3e:74:45:37:64:5b:
                    79:95:ad:92:ee:45:99:aa:5d:4d:df:ce:d7:92:9f:
                    89:d9:65:97:31:5e:4f:f1:44:3c:b1:51:20:46:38:
                    7f:8f:dd:37:d4:c5:67:49:c6:39:b8:d8:21:c7:95:
                    f1:a0:b4:6f:00:95:47:e4:17:af:d4:10:8d:12:f1:
                    f2:4f:b1:22:3a:ac:39:7a:20:3f:81:ce:38:be:24:
                    9d:07:40:1e:ad:93:b0:04:be:f4:04:44:37:65:50:
                    b7:11:6b:f7:7b:2b:ad:f5:86:30:49:3f:72:7f:99:
                    f1:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E8:98:76:3B:59:61:1A:0E:CE:44:DB:75:EF:34:D3:E8:89:0C:DE:B9
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS62230.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0d:2901::/32

    Signature Algorithm: sha256WithRSAEncryption
         27:5f:10:cf:95:b4:a5:f7:07:2e:30:85:54:4b:11:b4:2a:8c:
         66:c6:5d:ac:4d:c1:0e:b6:20:fa:f6:10:a5:b4:1c:56:41:5c:
         0e:da:54:06:fe:b2:48:be:0e:49:0c:64:9c:75:dd:73:86:5f:
         c2:45:e9:9e:d6:fe:bb:93:f7:3d:aa:c9:40:7e:d0:bc:47:d5:
         07:57:ea:54:0d:55:8d:d0:1c:78:1f:5b:d0:20:c8:29:92:46:
         d1:13:33:13:f2:44:7a:d1:00:b3:12:4d:c0:af:a5:2e:fd:83:
         ca:e7:8f:67:53:23:0a:ec:d0:3f:4b:81:6a:48:03:e5:0f:3f:
         e8:a2:6e:8c:fc:25:6a:30:0b:8c:0c:f7:be:1b:30:65:84:84:
         85:8c:11:e8:30:55:85:87:e8:ff:51:cf:82:1d:57:d3:ef:ff:
         af:7c:bd:6b:6d:e7:a9:19:7c:75:d4:b9:a9:cf:c6:d2:60:1a:
         92:db:05:f0:05:c1:fe:1a:89:7b:c4:e6:16:74:8d:2e:0b:e7:
         a7:5a:c8:df:0b:ed:47:5b:ac:ba:a7:b0:66:2c:e3:00:dd:ee:
         6a:89:19:95:f5:12:dd:b1:17:17:44:fd:fc:0d:97:77:fc:f2:
         3a:f9:e5:c4:83:e8:58:36:14:e2:24:0a:b6:67:50:9e:99:75:
         5a:8a:b3:9f
-----BEGIN CERTIFICATE-----
MIIEnDCCA4SgAwIBAgIUJHcgXcO/PGASxJCRUnA6q+9h8u0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNTEwMjIyMTI2MjZaFw0yNjEwMjEyMTMxMjZaMDMxMTAvBgNV
BAMTKEU4OTg3NjNCNTk2MTFBMEVDRTQ0REI3NUVGMzREM0U4ODkwQ0RFQjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDagG9olnMCgq8Uml/Q8eCQ5WPk
9PX0bXXbb1ex7TjdVNVh1vO5EBdI2jlPDhj0hCvXg5Vkb8MImdDiH3cSnpQ641ow
IduTcPpEuimPeqN2GwVJWC0tyccOANpN+ED0W9mUvwbZSz7H9eRwjCXF2W8wOZCG
8s1JQKDxdAzZk7ie+Gi+WiX+m1SKblEV2zxAHD50RTdkW3mVrZLuRZmqXU3fzteS
n4nZZZcxXk/xRDyxUSBGOH+P3TfUxWdJxjm42CHHlfGgtG8AlUfkF6/UEI0S8fJP
sSI6rDl6ID+Bzji+JJ0HQB6tk7AEvvQERDdlULcRa/d7K631hjBJP3J/mfHvAgMB
AAGjggGmMIIBojAdBgNVHQ4EFgQU6Jh2O1lhGg7ORNt17zTT6IkM3rkwHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEsGCCsGAQUFBwELBD8wPTA7BggrBgEFBQcwC4YvcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM2MjIzMC5yb2EwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoNKQEwDQYJ
KoZIhvcNAQELBQADggEBACdfEM+VtKX3By4whVRLEbQqjGbGXaxNwQ62IPr2EKW0
HFZBXA7aVAb+ski+DkkMZJx13XOGX8JF6Z7W/ruT9z2qyUB+0LxH1QdX6lQNVY3Q
HHgfW9AgyCmSRtETMxPyRHrRALMSTcCvpS79g8rnj2dTIwrs0D9LgWpIA+UPP+ii
boz8JWowC4wM974bMGWEhIWMEegwVYWH6P9Rz4IdV9Pv/698vWtt56kZfHXUuanP
xtJgGpLbBfAFwf4aiXvE5hZ0jS4L56dayN8L7UdbrLqnsGYs4wDd7mqJGZX1Et2x
FxdE/fwNl3f88jr55cSD6Fg2FOIkCrZnUJ6ZdVqKs58=
-----END CERTIFICATE-----