Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS214809.roa
File:                     AS214809.roa (raw, json)
Hash identifier:          //bIeprzpfKZhqpQuUWAg9Fes4DscXv10iVKcccoMcc=
Subject key identifier:   B1:50:12:8E:F2:DB:BE:27:B0:6C:DA:BE:B2:B7:8C:12:9C:F6:C6:20
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       0E1790CF2735FE3A67A491307304A1123D93CA89
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS214809.roa
Signing time:             Wed 17 Jun 2026 16:14:06 +0000
ROA not before:           Wed 17 Jun 2026 16:09:06 +0000
ROA not after:            Wed 16 Jun 2027 16:14:06 +0000
asID:                     214809
IP address blocks:        2a0a:6044:b300::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 19 Jun 2026 10:24:22 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            0e:17:90:cf:27:35:fe:3a:67:a4:91:30:73:04:a1:12:3d:93:ca:89
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Jun 17 16:09:06 2026 GMT
            Not After : Jun 16 16:14:06 2027 GMT
        Subject: CN=B150128EF2DBBE27B06CDABEB2B78C129CF6C620
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a6:3d:d8:8b:c2:9a:54:ce:50:82:47:12:61:c1:
                    e9:3c:f8:da:8f:6a:dd:8d:8f:7a:51:37:1c:14:a6:
                    6d:10:e5:e1:43:c0:10:f2:23:e7:dc:6a:86:42:3c:
                    b7:ca:98:6a:f9:78:f1:a9:10:30:fd:65:d3:0a:7f:
                    ee:34:00:46:4b:9a:30:e0:9e:83:8c:b4:21:54:54:
                    f8:12:11:4a:4f:5a:18:32:e9:0c:e8:aa:8d:80:4e:
                    e2:a2:6b:56:64:5a:75:38:c3:10:c1:8c:7a:60:e1:
                    87:10:b6:75:9f:d3:1d:f4:1e:72:c0:2f:ce:72:ef:
                    7b:72:88:cf:0c:d7:cc:38:a2:ec:74:6e:00:ba:dc:
                    1c:58:6b:00:c0:39:54:d4:8b:61:4d:1f:f9:91:2c:
                    82:8d:66:44:60:82:78:7c:42:ed:8a:19:f5:a9:9d:
                    3e:e8:b0:04:37:90:35:6d:04:e0:6f:28:ab:97:6c:
                    1a:c3:c8:9f:27:78:c7:d2:c8:24:da:74:e0:58:2d:
                    b1:01:94:c7:53:27:d5:ef:64:88:a4:a7:aa:05:b6:
                    71:48:28:46:84:e8:01:0a:4b:00:17:6a:ef:06:60:
                    f0:cc:fd:3e:a7:91:3d:a4:d5:c6:b5:b2:f5:ca:e0:
                    fb:e9:ad:eb:48:81:b1:05:21:78:25:a7:51:16:72:
                    ea:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:50:12:8E:F2:DB:BE:27:B0:6C:DA:BE:B2:B7:8C:12:9C:F6:C6:20
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS214809.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:b300::/40

    Signature Algorithm: sha256WithRSAEncryption
         6b:73:f3:9c:ed:85:98:b8:8b:28:a7:aa:25:12:c1:48:3c:1e:
         49:cc:33:8d:7b:ab:62:31:53:6b:bc:e6:c1:94:30:2f:f0:eb:
         77:0d:bf:6d:15:61:1e:41:4d:23:44:35:8d:d9:c2:13:3c:09:
         b8:10:66:41:f4:dc:94:00:d3:06:c8:9a:02:e9:7f:7b:7b:7b:
         13:b8:13:cb:0a:45:68:90:1c:29:ba:ef:57:28:0f:4c:f0:7c:
         31:19:4b:93:78:e9:cb:5f:83:0f:03:b4:8a:20:6c:1d:ad:9e:
         6a:aa:7f:21:63:cb:5e:78:31:85:e4:7e:c2:c4:32:b0:5c:0e:
         f8:b9:6b:ef:85:5b:65:ae:2a:ab:bc:e6:0e:36:24:9d:ec:af:
         f7:7f:58:54:7a:61:a8:ea:38:3b:53:57:60:c7:3d:46:d6:5a:
         cc:e2:34:dc:90:8b:f4:1b:a8:89:17:46:41:b9:3a:37:94:ef:
         d7:21:fe:98:a5:59:f5:06:a5:76:22:43:d2:ef:f2:af:85:fb:
         2c:11:09:a6:b0:cf:b4:e6:fd:8a:48:2b:4d:c7:60:40:3b:ea:
         74:ee:82:eb:7b:47:47:25:96:86:b8:6f:ad:37:19:22:bf:36:
         22:1d:19:5b:f0:b3:4c:5f:26:0a:b1:f5:05:19:80:53:4e:2c:
         14:42:03:81
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIUDheQzyc1/jpnpJEwcwShEj2TyokwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjA2MTcxNjA5MDZaFw0yNzA2MTYxNjE0MDZaMDMxMTAvBgNV
BAMTKEIxNTAxMjhFRjJEQkJFMjdCMDZDREFCRUIyQjc4QzEyOUNGNkM2MjAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmPdiLwppUzlCCRxJhwek8+NqP
at2Nj3pRNxwUpm0Q5eFDwBDyI+fcaoZCPLfKmGr5ePGpEDD9ZdMKf+40AEZLmjDg
noOMtCFUVPgSEUpPWhgy6Qzoqo2ATuKia1ZkWnU4wxDBjHpg4YcQtnWf0x30HnLA
L85y73tyiM8M18w4oux0bgC63BxYawDAOVTUi2FNH/mRLIKNZkRggnh8Qu2KGfWp
nT7osAQ3kDVtBOBvKKuXbBrDyJ8neMfSyCTadOBYLbEBlMdTJ9XvZIikp6oFtnFI
KEaE6AEKSwAXau8GYPDM/T6nkT2k1ca1svXK4PvpretIgbEFIXglp1EWcuqZAgMB
AAGjggHeMIIB2jAdBgNVHQ4EFgQUsVASjvLbviewbNq+sreMEpz2xiAwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTQ4MDkucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAq
CmBEszANBgkqhkiG9w0BAQsFAAOCAQEAa3PznO2FmLiLKKeqJRLBSDweScwzjXur
YjFTa7zmwZQwL/Drdw2/bRVhHkFNI0Q1jdnCEzwJuBBmQfTclADTBsiaAul/e3t7
E7gTywpFaJAcKbrvVygPTPB8MRlLk3jpy1+DDwO0iiBsHa2eaqp/IWPLXngxheR+
wsQysFwO+Llr74VbZa4qq7zmDjYkneyv939YVHphqOo4O1NXYMc9RtZazOI03JCL
9BuoiRdGQbk6N5Tv1yH+mKVZ9QaldiJD0u/yr4X7LBEJprDPtOb9ikgrTcdgQDvq
dO6C63tHRyWWhrhvrTcZIr82Ih0ZW/CzTF8mCrH1BRmAU04sFEIDgQ==
-----END CERTIFICATE-----