Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS205712.roa
File:                     AS205712.roa (raw, json)
Hash identifier:          QFaBeW3CPAVQ+SVm/pFtE5R61IywOaKLPD/5Ti3dwWc=
Subject key identifier:   BC:CF:99:7A:0C:20:C4:F9:E9:10:94:1A:1E:0A:56:D4:04:73:85:80
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       16CDD7765CF1E19CC64B4DCFA59DDF84F18876DC
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS205712.roa
Signing time:             Tue 14 Oct 2025 11:57:57 +0000
ROA not before:           Tue 14 Oct 2025 11:52:57 +0000
ROA not after:            Tue 13 Oct 2026 11:57:57 +0000
asID:                     205712
IP address blocks:        2a0f:6287:9000::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 06:00:58 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            16:cd:d7:76:5c:f1:e1:9c:c6:4b:4d:cf:a5:9d:df:84:f1:88:76:dc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Oct 14 11:52:57 2025 GMT
            Not After : Oct 13 11:57:57 2026 GMT
        Subject: CN=BCCF997A0C20C4F9E910941A1E0A56D404738580
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:8d:ed:b5:72:54:d6:3c:d2:5e:49:ac:45:2e:
                    b1:f8:f1:b7:2d:82:51:f4:1f:41:38:75:2a:85:12:
                    1f:a3:8a:e0:68:dc:7c:d4:40:3d:30:c1:9a:5d:a4:
                    de:45:d0:84:2f:02:92:22:d0:8b:ef:2d:21:62:f0:
                    5d:8d:a4:29:fa:d0:50:5e:47:0e:fc:f4:83:d9:0b:
                    6f:ab:10:c6:4f:e2:a0:cc:fb:07:3c:dd:00:fd:aa:
                    4c:68:0e:b9:b7:d3:e2:e6:38:39:75:cd:fc:7a:9b:
                    63:99:17:29:1a:64:2d:74:84:97:49:b8:32:8b:4d:
                    f2:d7:35:bf:71:df:18:48:72:1e:e0:8c:0d:0d:43:
                    23:7e:ee:d7:a2:9d:b6:dd:d1:75:94:78:08:f2:c0:
                    b4:1d:9b:dc:3f:5b:9e:01:cf:1b:21:03:dc:77:ac:
                    47:3c:12:db:3a:c2:5d:2d:94:00:5c:a2:a2:94:b5:
                    30:e3:bb:41:35:0f:ae:a7:8d:ac:82:9b:0b:52:c7:
                    30:c6:e4:7d:ac:51:0d:ae:df:98:b6:fb:93:d4:e0:
                    a5:5f:71:f6:7d:cb:20:20:a8:81:0c:9e:b4:a0:19:
                    b8:e8:d8:b2:50:71:ad:a5:00:0b:b6:c4:c8:f6:79:
                    91:9d:bc:ca:2e:89:8a:bf:56:ab:f6:3b:03:cd:cb:
                    29:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:CF:99:7A:0C:20:C4:F9:E9:10:94:1A:1E:0A:56:D4:04:73:85:80
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS205712.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:6287:9000::/36

    Signature Algorithm: sha256WithRSAEncryption
         00:ce:65:b3:39:7f:fa:75:3b:0b:24:0e:f2:04:19:19:8e:e2:
         a9:0e:b0:fb:de:21:c9:ef:c5:de:e9:c9:1c:65:e9:57:04:e3:
         49:36:74:0e:98:f9:49:29:00:55:ed:8e:44:b4:89:24:d9:bf:
         c8:1f:c3:e0:76:ea:c6:0a:f0:6a:24:52:71:b1:ce:6f:24:24:
         09:84:29:2e:4e:22:a0:ea:bf:00:f7:99:d2:4f:d3:29:c7:ed:
         35:e0:81:31:47:45:93:c8:e6:2b:07:10:57:3e:74:d4:3f:1f:
         9a:fb:3a:af:0c:86:32:57:c7:6a:17:3b:68:c6:63:28:40:0a:
         dc:54:bf:49:e8:46:c7:16:ae:5b:08:7f:2b:46:29:45:13:44:
         e9:86:c6:b6:3b:9f:8e:22:43:f9:8f:10:9d:f5:02:ef:62:d6:
         bb:fb:07:a7:50:6e:9a:b8:8f:6b:da:a7:49:f3:cf:67:2f:10:
         a6:75:69:e8:3d:d1:7f:85:9d:6f:14:95:b7:9b:16:89:8f:86:
         bb:29:0f:0c:fb:86:82:87:7d:52:6d:9c:40:76:e9:45:b4:8b:
         e8:22:a5:dd:a5:00:74:82:e9:53:7f:c3:ff:d2:f3:9c:5a:80:
         8e:4f:42:6f:d3:bc:3a:d8:41:04:0d:c6:76:39:f9:a5:0a:7e:
         3d:6e:fd:0b
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIUFs3Xdlzx4ZzGS03PpZ3fhPGIdtwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTEwMTQxMTUyNTdaFw0yNjEwMTMxMTU3NTdaMDMxMTAvBgNV
BAMTKEJDQ0Y5OTdBMEMyMEM0RjlFOTEwOTQxQTFFMEE1NkQ0MDQ3Mzg1ODAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgje21clTWPNJeSaxFLrH48bct
glH0H0E4dSqFEh+jiuBo3HzUQD0wwZpdpN5F0IQvApIi0IvvLSFi8F2NpCn60FBe
Rw789IPZC2+rEMZP4qDM+wc83QD9qkxoDrm30+LmODl1zfx6m2OZFykaZC10hJdJ
uDKLTfLXNb9x3xhIch7gjA0NQyN+7teinbbd0XWUeAjywLQdm9w/W54BzxshA9x3
rEc8Ets6wl0tlABcoqKUtTDju0E1D66njayCmwtSxzDG5H2sUQ2u35i2+5PU4KVf
cfZ9yyAgqIEMnrSgGbjo2LJQca2lAAu2xMj2eZGdvMouiYq/Vqv2OwPNyyl3AgMB
AAGjggHeMIIB2jAdBgNVHQ4EFgQUvM+ZegwgxPnpEJQaHgpW1ARzhYAwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMDU3MTIucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQq
D2KHkDANBgkqhkiG9w0BAQsFAAOCAQEAAM5lszl/+nU7CyQO8gQZGY7iqQ6w+94h
ye/F3unJHGXpVwTjSTZ0Dpj5SSkAVe2ORLSJJNm/yB/D4HbqxgrwaiRScbHObyQk
CYQpLk4ioOq/APeZ0k/TKcftNeCBMUdFk8jmKwcQVz501D8fmvs6rwyGMlfHahc7
aMZjKEAK3FS/SehGxxauWwh/K0YpRRNE6YbGtjufjiJD+Y8QnfUC72LWu/sHp1Bu
mriPa9qnSfPPZy8QpnVp6D3Rf4WdbxSVt5sWiY+GuykPDPuGgod9Um2cQHbpRbSL
6CKl3aUAdILpU3/D/9LznFqAjk9Cb9O8OthBBA3Gdjn5pQp+PW79Cw==
-----END CERTIFICATE-----