Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS202224.roa
File:                     AS202224.roa (raw, json)
Hash identifier:          KI5ysKyzm18HsQG96ajd5Nur+T374uYyjO0jjPmRveg=
Subject key identifier:   AE:0A:AC:CC:35:91:86:27:EB:F8:74:4A:53:0A:D8:31:AD:8A:C2:F5
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       1B83B2B2DFD73F212441DC31469875DE2EB697E8
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS202224.roa
Signing time:             Thu 03 Jul 2025 15:53:02 +0000
ROA not before:           Thu 03 Jul 2025 15:48:02 +0000
ROA not after:            Thu 02 Jul 2026 15:53:02 +0000
asID:                     202224
IP address blocks:        2a0a:6044:7000::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1b:83:b2:b2:df:d7:3f:21:24:41:dc:31:46:98:75:de:2e:b6:97:e8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Jul  3 15:48:02 2025 GMT
            Not After : Jul  2 15:53:02 2026 GMT
        Subject: CN=AE0AACCC35918627EBF8744A530AD831AD8AC2F5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:95:56:ae:c1:f9:20:13:ee:3e:d8:1d:16:3c:0a:
                    43:e1:c9:1c:38:24:09:be:18:85:be:c6:93:5d:f0:
                    34:8d:61:67:57:64:e5:ab:4f:83:c9:e2:cd:2e:8d:
                    2d:12:65:87:f6:4a:37:5f:98:89:c7:99:1c:83:04:
                    3f:b1:5b:fb:d5:17:92:3a:40:c1:af:73:d9:28:98:
                    93:e8:5f:85:de:57:23:c0:d5:db:2c:88:3b:15:67:
                    8b:a3:54:8f:47:fd:48:19:b3:05:2f:45:8f:96:bb:
                    ae:bb:ec:89:1d:9b:44:8f:f0:20:99:94:3d:c0:9f:
                    80:9f:1f:13:19:a6:83:04:35:5a:28:58:84:2d:9b:
                    f3:80:48:c1:e8:0f:70:6f:74:17:ab:1d:a9:73:fb:
                    ca:bc:39:33:b5:90:a1:aa:8b:9f:74:61:b7:78:02:
                    1a:a7:f6:51:2a:45:ce:8d:26:83:32:2c:7a:9e:49:
                    ef:52:2d:74:9e:10:8b:ad:25:e3:c2:45:27:51:db:
                    4d:3b:c0:7c:44:7e:38:cc:96:7f:6c:66:d5:6a:ff:
                    41:71:85:00:77:b4:d8:b9:51:6f:91:17:71:44:6a:
                    58:57:ee:f5:05:30:13:fa:1c:91:3b:37:e3:95:08:
                    bb:d6:52:b3:fc:bc:00:3b:45:c5:7a:82:00:e9:74:
                    48:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AE:0A:AC:CC:35:91:86:27:EB:F8:74:4A:53:0A:D8:31:AD:8A:C2:F5
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS202224.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:7000::/40

    Signature Algorithm: sha256WithRSAEncryption
         0b:74:4c:38:19:7f:42:6d:18:ff:1c:06:88:cd:89:b1:9f:33:
         a0:6c:d4:88:bd:ea:7a:68:98:a9:4d:b6:9d:1b:84:d8:25:bc:
         79:77:88:46:c1:a2:e1:4d:9e:ba:01:98:8a:7a:c2:6c:28:6e:
         51:91:49:76:50:c2:4b:36:8a:19:1a:a3:1d:c4:57:07:b5:7d:
         72:2b:60:45:41:f2:9f:41:99:35:b3:81:89:53:e1:de:a6:e7:
         d6:b2:3b:50:ec:9b:29:22:fc:b7:e1:e2:c2:90:fd:4a:be:8f:
         10:77:83:97:a8:76:98:0a:0c:12:33:fc:5f:e1:8f:e6:47:99:
         66:3a:d4:6d:90:27:87:b6:5c:31:8d:d2:2b:25:74:cc:9f:9b:
         72:52:51:be:9d:9f:fb:14:02:3d:3b:cf:e2:fb:fe:06:5d:ff:
         b9:c5:87:f0:9f:1f:c7:39:07:4c:39:7b:ce:4f:49:9f:72:19:
         e4:5e:f1:a6:ac:20:d3:88:02:27:a6:89:fc:af:a8:61:59:d4:
         a5:43:66:e1:50:90:4b:89:e8:78:fe:d7:f9:37:83:27:4a:e9:
         c3:43:8a:36:72:cc:2c:67:60:fe:fe:18:2a:fb:e7:2f:80:16:
         01:25:83:19:25:46:57:27:87:de:8b:c9:5f:94:d1:10:49:44:
         b7:41:eb:d7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIUG4Oyst/XPyEkQdwxRph13i62l+gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTA3MDMxNTQ4MDJaFw0yNjA3MDIxNTUzMDJaMDMxMTAvBgNV
BAMTKEFFMEFBQ0NDMzU5MTg2MjdFQkY4NzQ0QTUzMEFEODMxQUQ4QUMyRjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCVVq7B+SAT7j7YHRY8CkPhyRw4
JAm+GIW+xpNd8DSNYWdXZOWrT4PJ4s0ujS0SZYf2SjdfmInHmRyDBD+xW/vVF5I6
QMGvc9komJPoX4XeVyPA1dssiDsVZ4ujVI9H/UgZswUvRY+Wu6677Ikdm0SP8CCZ
lD3An4CfHxMZpoMENVooWIQtm/OASMHoD3BvdBerHalz+8q8OTO1kKGqi590Ybd4
Ahqn9lEqRc6NJoMyLHqeSe9SLXSeEIutJePCRSdR2007wHxEfjjMln9sZtVq/0Fx
hQB3tNi5UW+RF3FEalhX7vUFMBP6HJE7N+OVCLvWUrP8vAA7RcV6ggDpdEg1AgMB
AAGjggHeMIIB2jAdBgNVHQ4EFgQUrgqszDWRhifr+HRKUwrYMa2KwvUwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMDIyMjQucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAq
CmBEcDANBgkqhkiG9w0BAQsFAAOCAQEAC3RMOBl/Qm0Y/xwGiM2JsZ8zoGzUiL3q
emiYqU22nRuE2CW8eXeIRsGi4U2eugGYinrCbChuUZFJdlDCSzaKGRqjHcRXB7V9
citgRUHyn0GZNbOBiVPh3qbn1rI7UOybKSL8t+HiwpD9Sr6PEHeDl6h2mAoMEjP8
X+GP5keZZjrUbZAnh7ZcMY3SKyV0zJ+bclJRvp2f+xQCPTvP4vv+Bl3/ucWH8J8f
xzkHTDl7zk9Jn3IZ5F7xpqwg04gCJ6aJ/K+oYVnUpUNm4VCQS4noeP7X+TeDJ0rp
w0OKNnLMLGdg/v4YKvvnL4AWASWDGSVGVyeH3ovJX5TREElEt0Hr1w==
-----END CERTIFICATE-----