Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS214731.roa
File:                     AS214731.roa (raw, json)
Hash identifier:          20hee80jSECVNJlojrmn+mQwzq4Vd0w6Txjm7iQjZpk=
Subject key identifier:   EC:6E:20:BB:64:A0:0B:15:64:78:52:A9:A8:4A:A6:C1:C2:5A:E4:88
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       5A06EDE628881EC149BCF346BDD850042AF5071E
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS214731.roa
Signing time:             Thu 03 Jul 2025 15:53:04 +0000
ROA not before:           Thu 03 Jul 2025 15:48:04 +0000
ROA not after:            Thu 02 Jul 2026 15:53:04 +0000
asID:                     214731
IP address blocks:        2a06:1281:4000::/36 maxlen: 48
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5a:06:ed:e6:28:88:1e:c1:49:bc:f3:46:bd:d8:50:04:2a:f5:07:1e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Jul  3 15:48:04 2025 GMT
            Not After : Jul  2 15:53:04 2026 GMT
        Subject: CN=EC6E20BB64A00B15647852A9A84AA6C1C25AE488
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:8d:48:0a:07:21:e2:ac:56:1d:e3:4f:97:23:
                    ed:dd:b0:e3:47:60:47:e2:34:6d:2a:94:06:c9:5f:
                    3a:70:f2:b7:7c:25:da:f2:26:56:8b:04:de:2c:00:
                    89:b3:d6:38:a2:72:e4:f6:12:71:93:b3:9c:f2:bb:
                    a9:06:f0:10:1e:84:06:e4:0f:cf:9c:23:df:57:70:
                    56:f2:6b:0a:d2:18:ac:86:9c:dc:ba:4d:13:26:ef:
                    a7:12:09:1c:e2:08:21:13:f7:81:a3:0f:4c:8f:75:
                    f5:d5:4a:c2:4d:77:9c:15:a7:ce:e5:4f:e6:6f:3e:
                    6d:77:69:73:e0:85:da:d7:2e:28:f4:4d:44:c5:78:
                    05:f9:37:f6:ac:b8:52:60:1c:3d:d3:14:0a:0e:a9:
                    e3:98:82:33:4f:40:c2:05:83:97:74:94:3c:f9:fb:
                    32:f7:d8:28:d2:bf:40:cf:23:6c:b5:9c:c4:4b:8b:
                    82:b2:d2:51:dd:90:9f:8f:4f:b7:a5:66:5f:04:4d:
                    f5:96:fa:4e:f8:2f:4f:74:41:f2:e3:e8:37:2f:77:
                    6c:21:d1:26:10:88:41:4a:bc:95:4f:e4:7b:20:08:
                    d9:ac:63:19:b0:81:42:d3:cf:f2:ef:f1:b3:66:e7:
                    62:d7:0e:50:b5:96:f9:61:a5:5c:c1:0a:6e:e0:9e:
                    5f:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EC:6E:20:BB:64:A0:0B:15:64:78:52:A9:A8:4A:A6:C1:C2:5A:E4:88
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS214731.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:1281:4000::/36

    Signature Algorithm: sha256WithRSAEncryption
         16:1f:d2:6b:be:67:a5:99:e6:60:8e:b5:44:b0:e0:e9:40:2c:
         9c:9b:c6:9e:cd:bf:60:ab:fe:2d:3b:0e:04:55:11:61:d7:33:
         be:1e:58:60:47:0d:18:07:4c:f4:e7:e1:69:b0:f3:1e:35:d1:
         c7:62:ce:c2:94:52:5f:dd:60:51:ba:81:0c:56:39:90:42:6a:
         ad:c4:5e:1c:ef:3e:1d:67:85:8d:90:3b:f2:78:c1:41:2d:5f:
         7f:23:05:2f:61:bd:6c:f2:ca:61:39:ac:c5:57:72:75:81:c3:
         57:ac:26:da:b0:4f:ac:b2:73:0c:f4:41:d9:23:ea:23:19:67:
         81:9b:48:fb:27:89:84:28:88:fb:81:4d:98:cc:eb:86:fd:a2:
         1e:c5:8d:40:3a:08:20:82:3a:c3:e7:5d:08:4d:ab:fa:2a:44:
         0c:52:14:dd:88:9a:83:51:bd:c7:fc:77:5f:e1:15:96:c2:3c:
         16:df:1b:b1:67:43:ac:2d:cb:d3:6c:da:24:8a:61:54:c7:54:
         54:02:1d:11:f0:d4:8a:b8:6e:ab:2f:48:d8:e7:de:c2:14:a1:
         64:5f:ee:2a:ee:b1:4f:1b:b3:23:05:07:86:f9:8c:0f:5a:04:
         76:6b:81:c8:cf:95:37:f8:da:bc:0d:21:c5:83:80:38:44:97:
         ef:dc:10:f8
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIUWgbt5iiIHsFJvPNGvdhQBCr1Bx4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTA3MDMxNTQ4MDRaFw0yNjA3MDIxNTUzMDRaMDMxMTAvBgNV
BAMTKEVDNkUyMEJCNjRBMDBCMTU2NDc4NTJBOUE4NEFBNkMxQzI1QUU0ODgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIjUgKByHirFYd40+XI+3dsONH
YEfiNG0qlAbJXzpw8rd8JdryJlaLBN4sAImz1jiicuT2EnGTs5zyu6kG8BAehAbk
D8+cI99XcFbyawrSGKyGnNy6TRMm76cSCRziCCET94GjD0yPdfXVSsJNd5wVp87l
T+ZvPm13aXPghdrXLij0TUTFeAX5N/asuFJgHD3TFAoOqeOYgjNPQMIFg5d0lDz5
+zL32CjSv0DPI2y1nMRLi4Ky0lHdkJ+PT7elZl8ETfWW+k74L090QfLj6Dcvd2wh
0SYQiEFKvJVP5HsgCNmsYxmwgULTz/Lv8bNm52LXDlC1lvlhpVzBCm7gnl9dAgMB
AAGjggHeMIIB2jAdBgNVHQ4EFgQU7G4gu2SgCxVkeFKpqEqmwcJa5IgwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTQ3MzEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQq
BhKBQDANBgkqhkiG9w0BAQsFAAOCAQEAFh/Sa75npZnmYI61RLDg6UAsnJvGns2/
YKv+LTsOBFURYdczvh5YYEcNGAdM9OfhabDzHjXRx2LOwpRSX91gUbqBDFY5kEJq
rcReHO8+HWeFjZA78njBQS1ffyMFL2G9bPLKYTmsxVdydYHDV6wm2rBPrLJzDPRB
2SPqIxlngZtI+yeJhCiI+4FNmMzrhv2iHsWNQDoIIII6w+ddCE2r+ipEDFIU3Yia
g1G9x/x3X+EVlsI8Ft8bsWdDrC3L02zaJIphVMdUVAIdEfDUirhuqy9I2OfewhSh
ZF/uKu6xTxuzIwUHhvmMD1oEdmuByM+VN/javA0hxYOAOESX79wQ+A==
-----END CERTIFICATE-----