Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS215472.roa
File:                     AS215472.roa (raw, json)
Hash identifier:          f+fhN77goJl7TDZ7X1GreKc5PqE8W6eCZVqCHjWx0Ec=
Subject key identifier:   4D:32:A6:C9:D6:C7:61:FB:58:1B:30:28:7F:EF:2F:2B:CD:24:46:2B
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       1163982315A3CBDED56D5E1BA797F87DD31595F7
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS215472.roa
Signing time:             Sun 28 Jun 2026 18:56:05 +0000
ROA not before:           Sun 28 Jun 2026 18:51:05 +0000
ROA not after:            Sun 27 Jun 2027 18:56:05 +0000
asID:                     215472
IP address blocks:        2a0a:6044:bf00::/40 maxlen: 40
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 01 Jul 2026 09:35:23 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            11:63:98:23:15:a3:cb:de:d5:6d:5e:1b:a7:97:f8:7d:d3:15:95:f7
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Jun 28 18:51:05 2026 GMT
            Not After : Jun 27 18:56:05 2027 GMT
        Subject: CN=4D32A6C9D6C761FB581B30287FEF2F2BCD24462B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:2a:94:f6:7e:ae:fd:b2:8d:9b:c5:15:d9:35:
                    cb:c9:60:5c:91:cf:d6:87:76:54:b4:c6:8d:d3:a8:
                    d0:4e:33:4a:79:19:6b:f4:4e:57:28:ff:72:7b:b8:
                    83:d7:8f:66:ab:a0:fb:4e:a0:80:43:dc:62:09:32:
                    d0:aa:ea:25:51:04:ed:09:94:19:00:e5:c1:33:66:
                    f2:42:bb:37:d3:76:a9:10:22:21:9f:fc:67:b4:95:
                    3c:b2:41:a7:92:b5:b6:42:c2:f9:e9:33:72:b2:a5:
                    b9:94:61:27:15:37:8d:bf:cf:84:05:62:d3:1c:b6:
                    d7:f1:ef:e4:2b:8f:25:ec:3b:e5:f9:0b:58:f6:a5:
                    52:f0:a1:25:0b:e3:92:04:ef:59:99:e3:71:c1:d2:
                    e8:d5:31:bd:7f:a0:5b:e3:c7:2a:c4:d7:71:2e:7e:
                    c1:88:21:d1:17:59:e6:f5:2f:17:c8:72:2e:30:c0:
                    ba:f0:0c:f4:a9:23:62:25:1d:a9:01:f0:2f:98:e1:
                    1d:e1:7d:31:0d:14:6e:11:e4:0c:e1:2a:0c:2b:89:
                    92:57:5a:e8:fa:b7:eb:ac:e1:fc:7c:7c:6b:1a:7f:
                    1f:e1:3b:77:a2:5c:06:af:fb:95:3e:f5:fc:77:66:
                    32:b8:61:51:b8:d6:d0:26:44:23:1a:87:66:62:ce:
                    9a:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4D:32:A6:C9:D6:C7:61:FB:58:1B:30:28:7F:EF:2F:2B:CD:24:46:2B
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS215472.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:bf00::/40

    Signature Algorithm: sha256WithRSAEncryption
         8d:8c:37:07:1a:87:e0:94:42:6d:5c:3d:0d:34:13:c0:ea:8b:
         20:7b:ab:76:4d:3b:1f:6d:68:79:82:00:45:1e:2c:54:e7:13:
         b2:81:10:89:6d:3a:40:9b:97:fe:89:18:06:0c:a7:ff:c4:79:
         2d:24:85:2d:49:6c:9e:45:7a:52:70:ba:6a:86:b1:df:05:f2:
         79:15:ba:3c:bb:bc:b5:98:9a:02:bb:54:e7:57:d0:6b:85:fa:
         b4:91:79:f1:77:ea:f8:df:03:82:86:c5:00:ad:0a:0e:b2:50:
         0f:d3:56:b3:92:a8:0a:2d:75:c9:16:a2:a1:85:fe:9d:67:bb:
         c3:39:44:d4:3c:ce:d4:29:04:e5:ce:34:34:c5:c4:26:4c:97:
         a9:51:dd:9f:26:7c:06:cf:77:d3:01:18:ed:b8:4b:f7:a3:16:
         fc:01:d9:ca:72:fe:24:1b:75:ff:10:5b:ff:33:5a:6d:88:99:
         22:17:11:4b:83:b1:bb:6d:65:d0:89:ca:c5:8a:11:f1:c9:a8:
         3e:43:e9:5b:24:73:a0:73:89:e8:32:81:a7:66:47:8f:13:f6:
         94:82:d8:a0:36:23:e7:df:14:5d:c3:08:86:e3:24:d1:f4:30:
         d9:65:28:d1:94:57:8d:00:2b:3f:16:42:73:ae:26:25:e6:9a:
         1c:16:6f:94
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIUEWOYIxWjy97VbV4bp5f4fdMVlfcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjA2MjgxODUxMDVaFw0yNzA2MjcxODU2MDVaMDMxMTAvBgNV
BAMTKDREMzJBNkM5RDZDNzYxRkI1ODFCMzAyODdGRUYyRjJCQ0QyNDQ2MkIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjKpT2fq79so2bxRXZNcvJYFyR
z9aHdlS0xo3TqNBOM0p5GWv0Tlco/3J7uIPXj2aroPtOoIBD3GIJMtCq6iVRBO0J
lBkA5cEzZvJCuzfTdqkQIiGf/Ge0lTyyQaeStbZCwvnpM3KypbmUYScVN42/z4QF
YtMcttfx7+QrjyXsO+X5C1j2pVLwoSUL45IE71mZ43HB0ujVMb1/oFvjxyrE13Eu
fsGIIdEXWeb1LxfIci4wwLrwDPSpI2IlHakB8C+Y4R3hfTENFG4R5AzhKgwriZJX
Wuj6t+us4fx8fGsafx/hO3eiXAav+5U+9fx3ZjK4YVG41tAmRCMah2ZizprBAgMB
AAGjggHeMIIB2jAdBgNVHQ4EFgQUTTKmydbHYftYGzAof+8vK80kRiswHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTU0NzIucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAq
CmBEvzANBgkqhkiG9w0BAQsFAAOCAQEAjYw3BxqH4JRCbVw9DTQTwOqLIHurdk07
H21oeYIARR4sVOcTsoEQiW06QJuX/okYBgyn/8R5LSSFLUlsnkV6UnC6aoax3wXy
eRW6PLu8tZiaArtU51fQa4X6tJF58Xfq+N8DgobFAK0KDrJQD9NWs5KoCi11yRai
oYX+nWe7wzlE1DzO1CkE5c40NMXEJkyXqVHdnyZ8Bs930wEY7bhL96MW/AHZynL+
JBt1/xBb/zNabYiZIhcRS4Oxu21l0InKxYoR8cmoPkPpWyRzoHOJ6DKBp2ZHjxP2
lILYoDYj598UXcMIhuMk0fQw2WUo0ZRXjQArPxZCc64mJeaaHBZvlA==
-----END CERTIFICATE-----