Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS204150.roa
File:                     AS204150.roa (raw, json)
Hash identifier:          CmuGzea69A+1NedX5rHH7CKg2fip3PHQw+TwAz37jg4=
Subject key identifier:   C5:1A:85:FC:7C:85:97:B3:09:67:01:80:5B:63:FC:FE:A1:FA:48:5A
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       1FF3AA8AA8887FE9906304D91FC12C9BF4CC3D81
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS204150.roa
Signing time:             Tue 03 Mar 2026 10:02:52 +0000
ROA not before:           Tue 03 Mar 2026 09:57:52 +0000
ROA not after:            Tue 02 Mar 2027 10:02:52 +0000
asID:                     204150
IP address blocks:        2a0f:6284:800::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 05 Mar 2026 09:46:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1f:f3:aa:8a:a8:88:7f:e9:90:63:04:d9:1f:c1:2c:9b:f4:cc:3d:81
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Mar  3 09:57:52 2026 GMT
            Not After : Mar  2 10:02:52 2027 GMT
        Subject: CN=C51A85FC7C8597B3096701805B63FCFEA1FA485A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:bd:b7:47:99:3d:3e:b9:40:c9:3b:31:9a:05:
                    cb:18:81:b2:8a:e2:56:69:8a:5e:48:e3:e7:8c:ce:
                    96:38:f2:81:a9:d3:62:31:c0:10:ef:d1:16:2e:cb:
                    e8:3b:c2:35:f0:5a:18:7b:1c:62:89:8c:6b:41:8e:
                    80:71:96:16:b7:94:fa:4a:f1:e1:4c:fd:ac:db:b8:
                    99:22:c8:be:c5:94:a7:6f:21:38:08:6e:6e:06:93:
                    a3:42:f5:64:a7:74:f3:2a:0a:71:41:be:c8:b0:af:
                    92:ed:10:aa:af:c5:8f:10:0f:f1:28:9e:bf:f3:61:
                    4f:fd:40:5d:83:ad:2a:96:af:f1:f5:ff:f7:bd:9f:
                    08:70:80:80:5f:70:11:69:06:96:42:ab:5a:40:e9:
                    7a:4b:8a:a3:84:af:14:88:84:44:a0:d0:79:36:da:
                    df:45:db:55:86:ca:58:4e:69:c8:54:f5:32:05:dd:
                    49:43:15:4f:5a:0a:7e:f2:53:21:bf:5b:85:33:b3:
                    7c:97:88:79:ef:eb:7c:05:a8:b0:11:1a:ff:db:c6:
                    50:2f:b0:52:e2:a5:09:b1:cd:62:a9:e1:8c:62:77:
                    06:2e:20:df:24:10:da:d9:79:26:3a:10:44:a5:2d:
                    39:5c:27:ec:62:14:44:2e:08:c1:1a:31:eb:9e:b9:
                    26:81
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:1A:85:FC:7C:85:97:B3:09:67:01:80:5B:63:FC:FE:A1:FA:48:5A
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS204150.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:6284:800::/40

    Signature Algorithm: sha256WithRSAEncryption
         36:f5:97:e5:f5:58:14:82:ff:10:f1:a8:3d:ed:a9:9c:86:b1:
         0e:36:c0:dd:63:ac:9f:c3:21:e6:ff:2b:08:ae:7f:6c:a3:1b:
         0f:6d:d1:d7:05:fb:56:67:c3:ee:80:4a:be:73:b8:32:9b:7f:
         7d:b9:1b:bb:81:1e:85:7d:be:83:4b:dc:ab:ba:e5:5a:6a:37:
         c3:b5:55:27:1f:3c:5d:99:f6:b9:96:ac:43:d3:61:48:02:e3:
         32:0e:d4:da:c0:01:91:b1:89:ad:45:c3:9d:79:54:cb:a6:e0:
         6a:c5:1d:c6:5c:27:f0:49:e6:fd:d1:aa:00:b5:7e:dd:72:ec:
         75:69:55:24:63:38:f2:37:a4:12:9c:8a:99:b5:e9:fd:2a:3c:
         0b:d8:9d:1b:cd:7c:1d:f5:49:16:21:0c:00:77:22:82:bc:e5:
         1a:35:e6:22:a6:97:a4:f0:57:f0:ee:3f:52:05:4d:4b:22:28:
         a9:80:4a:a6:16:f1:07:27:72:6b:63:46:64:24:f8:18:c7:65:
         67:66:f6:08:03:1b:1d:55:1c:ea:99:d1:58:37:21:2b:cc:da:
         e0:26:9d:cd:90:8c:23:eb:28:27:03:33:81:1a:76:6d:25:29:
         a0:09:2c:f4:24:33:a3:bc:79:68:7b:1b:06:29:5a:46:6b:f5:
         e2:f1:37:ef
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIUH/OqiqiIf+mQYwTZH8Esm/TMPYEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjAzMDMwOTU3NTJaFw0yNzAzMDIxMDAyNTJaMDMxMTAvBgNV
BAMTKEM1MUE4NUZDN0M4NTk3QjMwOTY3MDE4MDVCNjNGQ0ZFQTFGQTQ4NUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDNvbdHmT0+uUDJOzGaBcsYgbKK
4lZpil5I4+eMzpY48oGp02IxwBDv0RYuy+g7wjXwWhh7HGKJjGtBjoBxlha3lPpK
8eFM/azbuJkiyL7FlKdvITgIbm4Gk6NC9WSndPMqCnFBvsiwr5LtEKqvxY8QD/Eo
nr/zYU/9QF2DrSqWr/H1//e9nwhwgIBfcBFpBpZCq1pA6XpLiqOErxSIhESg0Hk2
2t9F21WGylhOachU9TIF3UlDFU9aCn7yUyG/W4Uzs3yXiHnv63wFqLARGv/bxlAv
sFLipQmxzWKp4YxidwYuIN8kENrZeSY6EESlLTlcJ+xiFEQuCMEaMeueuSaBAgMB
AAGjggHeMIIB2jAdBgNVHQ4EFgQUxRqF/HyFl7MJZwGAW2P8/qH6SFowHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMDQxNTAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAq
D2KECDANBgkqhkiG9w0BAQsFAAOCAQEANvWX5fVYFIL/EPGoPe2pnIaxDjbA3WOs
n8Mh5v8rCK5/bKMbD23R1wX7VmfD7oBKvnO4Mpt/fbkbu4EehX2+g0vcq7rlWmo3
w7VVJx88XZn2uZasQ9NhSALjMg7U2sABkbGJrUXDnXlUy6bgasUdxlwn8Enm/dGq
ALV+3XLsdWlVJGM48jekEpyKmbXp/So8C9idG818HfVJFiEMAHcigrzlGjXmIqaX
pPBX8O4/UgVNSyIoqYBKphbxBydya2NGZCT4GMdlZ2b2CAMbHVUc6pnRWDchK8za
4CadzZCMI+soJwMzgRp2bSUpoAks9CQzo7x5aHsbBilaRmv14vE37w==
-----END CERTIFICATE-----