Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS969.roa
File:                     AS969.roa (raw, json)
Hash identifier:          7RKCXJcfZEDI41+Cz9BGJu2bM+f52oEcGtRXVrN70nE=
Subject key identifier:   C7:95:63:9E:A8:AE:C2:68:B6:E1:10:7A:C1:59:67:10:E5:60:9A:FD
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       76A219C607963FC1CE666ED95F397B1F74A89D7E
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS969.roa
Signing time:             Wed 20 Dec 2023 21:30:10 +0000
ROA not before:           Wed 20 Dec 2023 21:25:10 +0000
ROA not after:            Wed 18 Dec 2024 21:30:10 +0000
asID:                     969
IP address blocks:        45.11.107.0/24 maxlen: 32

Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 29 May 2024 14:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            76:a2:19:c6:07:96:3f:c1:ce:66:6e:d9:5f:39:7b:1f:74:a8:9d:7e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Dec 20 21:25:10 2023 GMT
            Not After : Dec 18 21:30:10 2024 GMT
        Subject: CN=C795639EA8AEC268B6E1107AC1596710E5609AFD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:6b:23:db:fd:7c:3d:46:89:ee:d7:d3:27:6e:
                    bc:72:fd:ec:36:86:ee:e7:45:9b:94:25:bb:b7:55:
                    b2:10:40:f9:f6:e5:40:2a:e9:aa:02:5c:5e:6b:44:
                    c9:c4:74:58:9b:05:e5:9f:5d:19:f1:fa:87:d9:ae:
                    00:ab:4b:03:45:78:4f:17:66:35:4d:b8:8a:e1:3a:
                    96:26:46:b1:c7:d2:8a:e7:f4:15:0a:c0:24:a3:a0:
                    2b:5a:69:d5:48:34:3c:78:8b:b3:c3:d9:2d:70:a7:
                    69:ed:0b:95:c9:a6:7b:aa:8d:6d:61:59:9d:55:7e:
                    ae:0b:2a:20:4e:59:e5:9f:5f:3a:83:15:26:d0:d8:
                    2e:ed:a8:11:56:c8:ec:d4:a1:a7:ef:b3:da:fa:65:
                    fe:41:76:a2:61:22:3c:c6:71:cd:b7:a2:1b:2e:80:
                    cb:fc:c2:56:6e:02:61:85:95:66:a2:c2:7a:a7:9b:
                    eb:dd:ad:17:60:b4:75:e7:3c:0b:ce:ff:2f:3a:3f:
                    16:00:bf:4b:38:80:3b:1e:11:89:36:c2:47:fc:b5:
                    7d:1a:3b:da:8f:7d:92:cd:96:8e:21:d1:6d:8a:38:
                    0a:36:1e:85:59:34:60:03:84:52:29:48:ee:f5:79:
                    42:ee:14:37:a8:48:f4:25:7a:a0:fc:d5:67:e0:34:
                    94:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C7:95:63:9E:A8:AE:C2:68:B6:E1:10:7A:C1:59:67:10:E5:60:9A:FD
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS969.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  45.11.107.0/24

    Signature Algorithm: sha256WithRSAEncryption
         26:ea:d5:4b:24:e6:90:30:8f:eb:0a:85:54:81:7f:77:4c:28:
         97:12:10:44:c1:ff:cc:fb:7b:58:e2:9e:25:da:cf:56:ab:17:
         da:85:aa:7f:be:81:a0:9c:c7:6a:8b:69:63:af:3c:0e:5c:83:
         a2:10:8f:20:83:02:3b:2f:23:33:d0:37:56:8a:f2:b1:5e:31:
         c5:8e:af:3c:9d:82:ba:69:72:05:18:32:1a:17:42:86:1a:02:
         a3:d7:2e:c0:0a:e4:a3:25:7e:f6:4e:50:ae:fb:ac:6b:c7:5b:
         35:0e:54:b6:c7:64:88:4a:fc:15:61:b2:be:b4:1b:24:f6:1e:
         3e:38:03:68:55:32:1f:b4:37:27:47:c4:d0:12:14:e8:63:b7:
         a4:2a:f7:2b:e1:47:4a:bc:31:62:39:22:35:47:e0:a3:27:64:
         fc:48:a3:1b:e4:27:de:41:15:df:08:e9:0f:91:44:41:93:e6:
         54:d5:cc:04:54:58:39:dc:1c:12:83:51:05:db:aa:20:d7:55:
         17:a7:f1:ce:b5:39:95:67:8c:b8:ba:13:f4:3e:36:56:07:9a:
         f3:cf:61:a2:8f:c1:cb:17:df:ab:47:3d:ba:91:4b:70:aa:9f:
         02:fa:61:2e:42:75:95:96:5a:41:ae:28:f9:1b:da:f1:79:a8:
         c2:57:10:6e
-----BEGIN CERTIFICATE-----
MIIEmTCCA4GgAwIBAgIUdqIZxgeWP8HOZm7ZXzl7H3SonX4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yMzEyMjAyMTI1MTBaFw0yNDEyMTgyMTMwMTBaMDMxMTAvBgNV
BAMTKEM3OTU2MzlFQThBRUMyNjhCNkUxMTA3QUMxNTk2NzEwRTU2MDlBRkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmayPb/Xw9Ronu19Mnbrxy/ew2
hu7nRZuUJbu3VbIQQPn25UAq6aoCXF5rRMnEdFibBeWfXRnx+ofZrgCrSwNFeE8X
ZjVNuIrhOpYmRrHH0orn9BUKwCSjoCtaadVINDx4i7PD2S1wp2ntC5XJpnuqjW1h
WZ1Vfq4LKiBOWeWfXzqDFSbQ2C7tqBFWyOzUoafvs9r6Zf5BdqJhIjzGcc23ohsu
gMv8wlZuAmGFlWaiwnqnm+vdrRdgtHXnPAvO/y86PxYAv0s4gDseEYk2wkf8tX0a
O9qPfZLNlo4h0W2KOAo2HoVZNGADhFIpSO71eULuFDeoSPQleqD81WfgNJTdAgMB
AAGjggGjMIIBnzAdBgNVHQ4EFgQUx5Vjnqiuwmi24RB6wVlnEOVgmv0wHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEkGCCsGAQUFBwELBD0wOzA5BggrBgEFBQcwC4YtcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVM5Njkucm9hMBgGA1UdIAEB/wQOMAwwCgYI
KwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAAtC2swDQYJKoZI
hvcNAQELBQADggEBACbq1Usk5pAwj+sKhVSBf3dMKJcSEETB/8z7e1jiniXaz1ar
F9qFqn++gaCcx2qLaWOvPA5cg6IQjyCDAjsvIzPQN1aK8rFeMcWOrzydgrppcgUY
MhoXQoYaAqPXLsAK5KMlfvZOUK77rGvHWzUOVLbHZIhK/BVhsr60GyT2Hj44A2hV
Mh+0NydHxNASFOhjt6Qq9yvhR0q8MWI5IjVH4KMnZPxIoxvkJ95BFd8I6Q+RREGT
5lTVzARUWDncHBKDUQXbqiDXVRen8c61OZVnjLi6E/Q+NlYHmvPPYaKPwcsX36tH
PbqRS3CqnwL6YS5CdZWWWkGuKPkb2vF5qMJXEG4=
-----END CERTIFICATE-----