Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS57282.roa
File:                     AS57282.roa (raw, json)
Hash identifier:          VFRkMEPFKpURLzRhsjWK+FEE/QArN8T5PfNTXmlExVI=
Subject key identifier:   9B:9D:90:85:5A:C6:55:AB:52:F4:3B:FD:CC:F2:E0:5D:5B:C6:19:78
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       2628E499D9EE738CE523859A899EE2D7E0D54EB5
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS57282.roa
Signing time:             Thu 24 Jul 2025 06:29:44 +0000
ROA not before:           Thu 24 Jul 2025 06:24:44 +0000
ROA not after:            Thu 23 Jul 2026 06:29:44 +0000
asID:                     57282
IP address blocks:        2a0f:6283:1103::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 28 Jul 2025 15:50:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            26:28:e4:99:d9:ee:73:8c:e5:23:85:9a:89:9e:e2:d7:e0:d5:4e:b5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Jul 24 06:24:44 2025 GMT
            Not After : Jul 23 06:29:44 2026 GMT
        Subject: CN=9B9D90855AC655AB52F43BFDCCF2E05D5BC61978
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:c6:3d:c8:6d:51:d2:99:82:41:af:71:ad:a9:
                    60:a2:d2:da:94:42:be:a0:91:2f:1f:e5:80:04:38:
                    2f:d0:c4:fb:1f:54:32:e3:f7:ed:bb:39:4d:ad:48:
                    1a:53:aa:30:24:83:48:ee:e1:b0:04:81:06:18:af:
                    17:7f:e5:81:49:f3:b0:aa:bd:fb:55:17:65:50:3f:
                    58:9f:cc:ac:0c:e4:a7:88:18:cc:5d:97:4c:2e:d0:
                    ee:0b:75:02:19:e6:8a:a8:a6:dd:4c:f1:f4:5e:3b:
                    51:eb:20:4d:2b:1d:2d:ec:c7:43:16:aa:c2:0f:55:
                    ac:33:77:10:ac:56:3e:b0:1f:d6:6a:eb:94:b8:f3:
                    e0:af:1a:da:eb:dc:c5:6d:4b:e6:6a:51:7f:47:39:
                    90:4c:50:d2:c5:ad:b6:28:09:a5:8e:64:4e:6e:cb:
                    90:c8:de:c6:b3:48:c3:57:8b:3d:72:f5:d7:e0:05:
                    87:4d:f3:a3:8b:b9:8d:ba:aa:41:c9:12:69:46:41:
                    e4:ef:24:7e:9d:7b:8e:14:1f:3b:25:56:74:77:33:
                    1a:d4:83:6d:26:3d:80:d6:78:17:5e:7a:47:c6:69:
                    7c:a2:d7:f6:59:85:c1:a7:92:be:41:bb:79:d5:95:
                    d6:c6:02:a7:13:29:de:7f:24:d4:82:a9:a7:dd:41:
                    83:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9B:9D:90:85:5A:C6:55:AB:52:F4:3B:FD:CC:F2:E0:5D:5B:C6:19:78
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS57282.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:6283:1103::/48

    Signature Algorithm: sha256WithRSAEncryption
         15:e0:7f:f4:5f:b4:e5:62:5c:2f:76:2a:5a:52:d3:75:6c:fe:
         84:b4:77:b6:ac:78:d6:1f:6d:54:70:7c:af:58:2e:21:17:35:
         17:0a:2b:ee:53:02:5f:30:ca:85:83:0b:e7:6b:17:c4:bf:db:
         b3:18:8d:51:37:57:13:36:2c:fd:42:90:ff:9f:bb:ca:f9:2c:
         1d:7d:80:c5:12:0b:b1:af:21:0a:62:c6:73:c1:45:48:7b:94:
         4f:05:ec:70:b1:b8:ad:cd:43:82:c8:11:de:30:b2:2f:31:4f:
         84:7c:99:db:9e:c7:98:b0:61:89:61:fb:23:9d:eb:01:6b:91:
         d1:9b:03:b6:30:d0:61:aa:ec:cc:0e:13:40:56:cb:07:29:d0:
         16:c1:17:1e:90:2d:36:29:db:cf:d8:e9:8c:69:38:f6:08:97:
         d7:a7:ff:bf:75:c1:da:52:64:b0:41:3c:ea:44:cb:19:c8:87:
         77:cb:bf:e1:bd:fb:95:c1:f6:56:28:6f:92:c1:57:74:ab:7f:
         d6:d9:07:19:04:f0:3d:3d:a5:37:e8:c5:d4:c6:2d:19:b3:34:
         ac:08:1d:64:d6:c0:8a:cc:e5:a4:56:ef:c6:ba:ab:b8:77:09:
         6a:6d:16:6e:f5:be:4f:94:60:48:dc:e7:c0:60:9d:a3:1f:73:
         56:01:44:29
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIUJijkmdnuc4zlI4WaiZ7i1+DVTrUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTA3MjQwNjI0NDRaFw0yNjA3MjMwNjI5NDRaMDMxMTAvBgNV
BAMTKDlCOUQ5MDg1NUFDNjU1QUI1MkY0M0JGRENDRjJFMDVENUJDNjE5NzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUxj3IbVHSmYJBr3GtqWCi0tqU
Qr6gkS8f5YAEOC/QxPsfVDLj9+27OU2tSBpTqjAkg0ju4bAEgQYYrxd/5YFJ87Cq
vftVF2VQP1ifzKwM5KeIGMxdl0wu0O4LdQIZ5oqopt1M8fReO1HrIE0rHS3sx0MW
qsIPVawzdxCsVj6wH9Zq65S48+CvGtrr3MVtS+ZqUX9HOZBMUNLFrbYoCaWOZE5u
y5DI3sazSMNXiz1y9dfgBYdN86OLuY26qkHJEmlGQeTvJH6de44UHzslVnR3MxrU
g20mPYDWeBdeekfGaXyi1/ZZhcGnkr5Bu3nVldbGAqcTKd5/JNSCqafdQYOlAgMB
AAGjggHeMIIB2jAdBgNVHQ4EFgQUm52QhVrGVatS9Dv9zPLgXVvGGXgwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME4GCCsGAQUFBwELBEIwQDA+BggrBgEFBQcwC4YycnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVM1NzI4Mi5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoP
YoMRAzANBgkqhkiG9w0BAQsFAAOCAQEAFeB/9F+05WJcL3YqWlLTdWz+hLR3tqx4
1h9tVHB8r1guIRc1Fwor7lMCXzDKhYML52sXxL/bsxiNUTdXEzYs/UKQ/5+7yvks
HX2AxRILsa8hCmLGc8FFSHuUTwXscLG4rc1DgsgR3jCyLzFPhHyZ257HmLBhiWH7
I53rAWuR0ZsDtjDQYarszA4TQFbLBynQFsEXHpAtNinbz9jpjGk49giX16f/v3XB
2lJksEE86kTLGciHd8u/4b37lcH2VihvksFXdKt/1tkHGQTwPT2lN+jF1MYtGbM0
rAgdZNbAiszlpFbvxrqruHcJam0WbvW+T5RgSNznwGCdox9zVgFEKQ==
-----END CERTIFICATE-----