Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS214675.roa
File:                     AS214675.roa (raw, json)
Hash identifier:          obVPZTEIvH9IiEgcmnayPJIZI1jkqnZomNn/gdg35j4=
Subject key identifier:   AB:9B:DE:D8:CB:1C:37:58:58:40:65:D7:72:C1:0C:7A:9F:7D:43:20
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       387978BBB9A9A73C337C6FA2E3772718F02CC6CA
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS214675.roa
Signing time:             Thu 04 Jun 2026 16:51:49 +0000
ROA not before:           Thu 04 Jun 2026 16:46:49 +0000
ROA not after:            Thu 03 Jun 2027 16:51:49 +0000
asID:                     214675
IP address blocks:        2a0a:6044:aca0::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 06 Jun 2026 17:49:09 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:79:78:bb:b9:a9:a7:3c:33:7c:6f:a2:e3:77:27:18:f0:2c:c6:ca
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Jun  4 16:46:49 2026 GMT
            Not After : Jun  3 16:51:49 2027 GMT
        Subject: CN=AB9BDED8CB1C3758584065D772C10C7A9F7D4320
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:73:fa:46:3f:c1:3a:2b:9b:b3:1f:52:5a:f5:
                    32:08:91:fa:7e:5e:92:c0:aa:19:00:fa:8e:71:04:
                    d6:0b:80:7e:c9:9e:bc:7a:8e:a6:4c:d8:12:59:3d:
                    05:47:2e:d3:37:83:5c:fb:2b:42:45:00:77:63:5e:
                    0d:97:b3:05:eb:5c:5e:8a:f3:75:a2:3f:aa:a3:ad:
                    f7:55:3b:dd:fc:ba:78:15:90:19:f7:a8:e3:25:50:
                    2e:f7:b1:49:78:cc:82:e5:95:7d:f1:92:24:33:54:
                    fb:30:3f:5f:93:0c:c6:c9:d7:a1:df:6b:2b:54:fa:
                    c1:9f:85:1f:58:33:6a:c3:f7:2a:01:1d:4a:51:7d:
                    bd:af:ea:2d:95:74:d5:6e:d5:13:09:0b:07:da:9c:
                    08:eb:f9:3c:af:53:48:43:f1:0f:88:43:38:b2:57:
                    7b:2d:e0:c4:c4:62:45:09:ae:ea:68:e8:c6:71:95:
                    e8:0f:d4:14:b2:dd:4f:b1:0c:9f:04:94:9a:e0:12:
                    44:8f:26:f2:f8:80:b2:b9:ba:c6:85:4f:14:6c:ee:
                    63:9b:1d:10:46:a1:6c:55:8a:34:8d:74:59:36:38:
                    32:0e:75:5e:7f:02:d0:50:0e:cb:df:6d:ed:51:3a:
                    dc:4e:98:df:e5:68:c5:56:5b:22:6d:e9:dd:c6:ae:
                    3a:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:9B:DE:D8:CB:1C:37:58:58:40:65:D7:72:C1:0C:7A:9F:7D:43:20
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS214675.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:aca0::/44

    Signature Algorithm: sha256WithRSAEncryption
         8c:72:71:cd:c6:e5:50:cf:34:32:16:f9:86:2e:33:a0:81:84:
         eb:cf:25:3f:a2:07:0d:0c:71:fa:00:65:66:cd:24:05:f2:7d:
         25:0d:62:af:33:f3:75:2a:0a:91:17:78:4f:6d:3a:c9:28:d6:
         ab:b0:4a:0e:e4:fc:f6:0e:3d:73:16:c3:90:25:71:3f:67:2c:
         7d:85:49:14:b5:64:9a:5e:b8:82:72:1a:2b:d9:7b:e4:a1:f0:
         5e:61:3c:05:dc:b0:78:62:39:e9:a8:da:54:86:5e:38:4d:93:
         99:e3:ff:ed:39:e5:90:8b:de:cb:cf:15:05:44:94:3b:f9:20:
         a3:31:c1:56:23:f8:0a:02:c7:26:51:bd:f2:65:01:c3:24:f1:
         fd:5f:c7:0a:b0:7a:87:f4:b4:58:13:7c:4b:c0:16:6b:ac:2a:
         f8:ba:0f:9d:09:8c:22:93:ea:02:ec:32:92:eb:41:ba:03:73:
         b1:f2:29:f3:81:0a:22:f8:7d:d3:3c:de:5f:d5:24:bd:3e:50:
         3a:5c:84:b1:e6:ac:f6:0d:9e:5c:8f:cb:6a:88:26:da:c4:89:
         24:36:cd:1b:44:a3:01:c9:c2:ae:d1:50:0c:9c:b4:22:a1:d2:
         9a:52:96:0c:cf:78:15:95:cf:8b:27:10:a7:3a:5b:0c:d7:69:
         63:4c:ba:5b
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIUOHl4u7mppzwzfG+i43cnGPAsxsowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjA2MDQxNjQ2NDlaFw0yNzA2MDMxNjUxNDlaMDMxMTAvBgNV
BAMTKEFCOUJERUQ4Q0IxQzM3NTg1ODQwNjVENzcyQzEwQzdBOUY3RDQzMjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHc/pGP8E6K5uzH1Ja9TIIkfp+
XpLAqhkA+o5xBNYLgH7Jnrx6jqZM2BJZPQVHLtM3g1z7K0JFAHdjXg2XswXrXF6K
83WiP6qjrfdVO938ungVkBn3qOMlUC73sUl4zILllX3xkiQzVPswP1+TDMbJ16Hf
aytU+sGfhR9YM2rD9yoBHUpRfb2v6i2VdNVu1RMJCwfanAjr+TyvU0hD8Q+IQziy
V3st4MTEYkUJrupo6MZxlegP1BSy3U+xDJ8ElJrgEkSPJvL4gLK5usaFTxRs7mOb
HRBGoWxVijSNdFk2ODIOdV5/AtBQDsvfbe1ROtxOmN/laMVWWyJt6d3Grjo1AgMB
AAGjggHfMIIB2zAdBgNVHQ4EFgQUq5ve2MscN1hYQGXXcsEMep99QyAwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTQ2NzUucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQq
CmBErKAwDQYJKoZIhvcNAQELBQADggEBAIxycc3G5VDPNDIW+YYuM6CBhOvPJT+i
Bw0McfoAZWbNJAXyfSUNYq8z83UqCpEXeE9tOsko1quwSg7k/PYOPXMWw5AlcT9n
LH2FSRS1ZJpeuIJyGivZe+Sh8F5hPAXcsHhiOemo2lSGXjhNk5nj/+055ZCL3svP
FQVElDv5IKMxwVYj+AoCxyZRvfJlAcMk8f1fxwqweof0tFgTfEvAFmusKvi6D50J
jCKT6gLsMpLrQboDc7HyKfOBCiL4fdM83l/VJL0+UDpchLHmrPYNnlyPy2qIJtrE
iSQ2zRtEowHJwq7RUAyctCKh0ppSlgzPeBWVz4snEKc6WwzXaWNMuls=
-----END CERTIFICATE-----