Route Origin Authorization

$ rpki-client -vvf rsync.rp.ki/repo/misakaio/2/AS134575.roa
File:                     AS134575.roa (raw, json)
Hash identifier:          sezJe62hrs/AR/g+KDKvSGnhPAyBUIeGMxG4Ts3D3nA=
Subject key identifier:   0A:40:F1:CA:18:84:8F:67:50:82:CA:69:72:00:32:0B:27:66:65:8D
Certificate issuer:       /CN=359a4b6c6d3713cff3636207de9839058b51815b
Certificate serial:       0D00B0DFDE0F6BE0FF8962AB3CEAEA04C33D6520
Authority key identifier: 35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
Subject info access:      rsync://rsync.rp.ki/repo/misakaio/2/AS134575.roa
Signing time:             Wed 22 Oct 2025 21:31:24 +0000
ROA not before:           Wed 22 Oct 2025 21:26:24 +0000
ROA not after:            Wed 21 Oct 2026 21:31:24 +0000
asID:                     134575
IP address blocks:        2a0b:4340:a1::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl
                          rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 06 Nov 2025 18:17:45 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0d:00:b0:df:de:0f:6b:e0:ff:89:62:ab:3c:ea:ea:04:c3:3d:65:20
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=359a4b6c6d3713cff3636207de9839058b51815b
        Validity
            Not Before: Oct 22 21:26:24 2025 GMT
            Not After : Oct 21 21:31:24 2026 GMT
        Subject: CN=0A40F1CA18848F675082CA697200320B2766658D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:9b:49:f7:19:1c:8b:06:cf:2b:d5:61:96:82:
                    bd:b3:15:24:2e:c5:9e:c8:14:4b:46:2e:f1:21:f8:
                    1d:f3:66:93:89:5d:d7:ae:7c:8f:97:a8:39:16:79:
                    c4:41:66:68:c6:10:c4:0b:03:43:e1:4a:6b:ea:4c:
                    73:82:ab:54:62:bc:d7:27:4f:76:68:13:7e:05:ca:
                    73:49:5f:55:8f:bd:c6:08:2f:b7:ba:45:f7:a9:97:
                    f8:86:f2:9e:69:d0:2a:b4:63:aa:4a:cb:0b:0c:28:
                    36:b2:94:aa:52:75:89:df:7c:d0:03:46:2e:4f:98:
                    66:be:e6:f8:28:95:f6:41:99:2e:a7:b8:84:d3:89:
                    07:79:86:cf:d5:77:ed:64:94:80:a8:6a:ad:a2:62:
                    f5:64:4d:04:43:39:f1:41:d9:d7:3a:e1:7b:24:2d:
                    c2:1e:2f:98:89:fd:22:1a:4f:13:e3:4f:dd:f7:fc:
                    ab:55:6a:6d:bb:5f:8e:fa:e9:75:35:de:42:a6:50:
                    95:0c:a3:fd:5a:34:fe:47:47:b9:93:cc:e8:e9:5e:
                    4d:13:fd:17:eb:e5:04:96:1f:69:b2:3e:f1:3c:0a:
                    53:86:11:20:c7:df:e4:69:f1:98:77:80:34:09:da:
                    19:1b:6b:49:f7:65:98:b9:88:9e:fe:17:87:98:21:
                    21:07
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:40:F1:CA:18:84:8F:67:50:82:CA:69:72:00:32:0B:27:66:65:8D
            X509v3 Authority Key Identifier:
                keyid:35:9A:4B:6C:6D:37:13:CF:F3:63:62:07:DE:98:39:05:8B:51:81:5B

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rsync.rp.ki/repo/misakaio/2/359A4B6C6D3713CFF3636207DE9839058B51815B.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZpLbG03E8_zY2IH3pg5BYtRgVs.cer

            Subject Information Access:
                Signed Object - URI:rsync://rsync.rp.ki/repo/misakaio/2/AS134575.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0b:4340:a1::/48

    Signature Algorithm: sha256WithRSAEncryption
         9b:f8:31:d9:e0:2f:d8:64:15:78:b3:dd:1e:70:81:fb:68:02:
         c7:4e:40:e5:46:95:a9:d9:38:3e:e9:d8:dc:ae:1e:aa:ec:ff:
         2f:51:42:0e:44:e8:58:3f:46:22:ab:7e:0b:64:c0:57:4a:00:
         7f:33:e3:e7:d7:ff:58:1f:ae:14:db:e2:7d:e3:7e:f9:c7:ff:
         49:52:60:b0:64:41:df:32:b1:0c:db:18:d5:8b:de:9e:8b:6e:
         87:b6:26:5e:76:ca:07:81:1a:87:22:a0:aa:48:9b:47:44:43:
         08:3a:97:1e:ac:f5:cf:4a:cf:05:64:9f:09:cf:39:5e:66:54:
         e1:7d:18:3a:23:5e:41:22:91:87:7d:fd:89:cd:13:ee:3f:5d:
         57:47:c4:97:39:f5:e8:ef:4e:6d:a9:79:77:a7:19:b2:dd:fc:
         d8:8e:23:71:4d:64:ce:1c:61:b2:ae:58:d0:b5:d1:6d:87:30:
         1d:39:c4:b6:29:95:b6:ff:71:bf:2a:53:c2:fe:58:de:b5:a4:
         f8:1e:d6:4b:dc:be:09:dc:09:e5:89:c0:a2:31:51:7a:79:2f:
         5b:c5:fc:bc:35:0d:47:4c:9b:1f:37:d1:89:9f:95:a0:9b:b5:
         41:62:51:e2:11:a5:cf:74:18:87:4e:34:4b:c2:e9:a8:4d:6d:
         21:fb:ae:2f
-----BEGIN CERTIFICATE-----
MIIEnzCCA4egAwIBAgIUDQCw394Pa+D/iWKrPOrqBMM9ZSAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMzU5YTRiNmM2ZDM3MTNjZmYzNjM2MjA3ZGU5ODM5MDU4
YjUxODE1YjAeFw0yNTEwMjIyMTI2MjRaFw0yNjEwMjEyMTMxMjRaMDMxMTAvBgNV
BAMTKDBBNDBGMUNBMTg4NDhGNjc1MDgyQ0E2OTcyMDAzMjBCMjc2NjY1OEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZm0n3GRyLBs8r1WGWgr2zFSQu
xZ7IFEtGLvEh+B3zZpOJXdeufI+XqDkWecRBZmjGEMQLA0PhSmvqTHOCq1RivNcn
T3ZoE34FynNJX1WPvcYIL7e6Rfepl/iG8p5p0Cq0Y6pKywsMKDaylKpSdYnffNAD
Ri5PmGa+5vgolfZBmS6nuITTiQd5hs/Vd+1klICoaq2iYvVkTQRDOfFB2dc64Xsk
LcIeL5iJ/SIaTxPjT933/KtVam27X4766XU13kKmUJUMo/1aNP5HR7mTzOjpXk0T
/Rfr5QSWH2myPvE8ClOGESDH3+Rp8Zh3gDQJ2hkba0n3ZZi5iJ7+F4eYISEHAgMB
AAGjggGpMIIBpTAdBgNVHQ4EFgQUCkDxyhiEj2dQgsppcgAyCydmZY0wHwYDVR0j
BBgwFoAUNZpLbG03E8/zY2IH3pg5BYtRgVswDgYDVR0PAQH/BAQDAgeAMGEGA1Ud
HwRaMFgwVqBUoFKGUHJzeW5jOi8vcnN5bmMucnAua2kvcmVwby9taXNha2Fpby8y
LzM1OUE0QjZDNkQzNzEzQ0ZGMzYzNjIwN0RFOTgzOTA1OEI1MTgxNUIuY3JsMGQG
CCsGAQUFBwEBBFgwVjBUBggrBgEFBQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0
L3JlcG9zaXRvcnkvREVGQVVMVC9OWnBMYkcwM0U4X3pZMklIM3BnNUJZdFJnVnMu
Y2VyMEwGCCsGAQUFBwELBEAwPjA8BggrBgEFBQcwC4YwcnN5bmM6Ly9yc3luYy5y
cC5raS9yZXBvL21pc2FrYWlvLzIvQVMxMzQ1NzUucm9hMBgGA1UdIAEB/wQOMAww
CgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwAqC0NAAKEw
DQYJKoZIhvcNAQELBQADggEBAJv4MdngL9hkFXiz3R5wgftoAsdOQOVGlanZOD7p
2NyuHqrs/y9RQg5E6Fg/RiKrfgtkwFdKAH8z4+fX/1gfrhTb4n3jfvnH/0lSYLBk
Qd8ysQzbGNWL3p6Lboe2Jl52ygeBGocioKpIm0dEQwg6lx6s9c9KzwVknwnPOV5m
VOF9GDojXkEikYd9/YnNE+4/XVdHxJc59ejvTm2peXenGbLd/NiOI3FNZM4cYbKu
WNC10W2HMB05xLYplbb/cb8qU8L+WN61pPge1kvcvgncCeWJwKIxUXp5L1vF/Lw1
DUdMmx830YmflaCbtUFiUeIRpc90GIdONEvC6ahNbSH7ri8=
-----END CERTIFICATE-----