Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS215522.roa
File:                     AS215522.roa (raw, json)
Hash identifier:          LQUXlJp86n7FGPynx6NysuqhSQojO1+bg0CkRwtN7PA=
Subject key identifier:   A2:41:81:11:84:26:E5:2D:8F:50:A1:DD:74:89:2F:98:4B:09:8C:69
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       2431E95FCA1AF5DA6C4BD358E75C1BFBA65C5C43
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS215522.roa
Signing time:             Mon 15 Sep 2025 12:18:50 +0000
ROA not before:           Mon 15 Sep 2025 12:13:50 +0000
ROA not after:            Mon 14 Sep 2026 12:18:50 +0000
asID:                     215522
IP address blocks:        2a0f:6284:5000::/36 maxlen: 36
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Thu 09 Oct 2025 03:37:34 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            24:31:e9:5f:ca:1a:f5:da:6c:4b:d3:58:e7:5c:1b:fb:a6:5c:5c:43
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Sep 15 12:13:50 2025 GMT
            Not After : Sep 14 12:18:50 2026 GMT
        Subject: CN=A24181118426E52D8F50A1DD74892F984B098C69
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:9f:cf:40:6c:d3:97:ff:5b:c4:69:31:8c:e0:
                    7d:d2:9a:3b:74:d3:6c:14:51:eb:fa:be:b0:7e:5b:
                    ea:86:f5:7b:8d:7a:77:80:7c:49:c2:e2:76:df:87:
                    dc:36:fa:9c:3b:53:b3:c2:74:e8:4d:c6:cd:6d:ef:
                    14:14:f7:50:c4:94:89:71:0b:0a:45:e9:08:7f:56:
                    27:e6:0a:03:89:16:17:9b:68:9d:d5:3e:fe:2d:06:
                    bf:09:77:0a:cf:23:c4:4e:9c:c8:84:56:90:1a:ab:
                    fc:b4:67:58:6e:37:a3:fb:f1:3c:c6:56:e0:d7:ae:
                    92:6f:3d:7e:e6:10:2b:a4:83:88:6c:d0:6b:6f:e9:
                    4d:61:49:c2:45:f8:5c:60:19:e4:ce:7b:99:bb:c4:
                    4d:9f:c0:36:35:0a:38:b8:36:b9:da:ea:3f:f0:50:
                    5f:47:7a:fc:d4:40:18:d2:53:72:c0:ef:23:af:b8:
                    b5:96:ce:27:14:9d:f7:ef:e5:27:96:ba:94:25:1d:
                    f7:6f:9a:14:f9:26:be:5e:88:41:91:8e:a0:4b:30:
                    7e:5b:86:4b:ba:77:25:1c:55:ba:44:37:cd:71:cc:
                    07:6f:8c:ba:5f:dd:81:15:37:a0:c4:ee:d6:40:a3:
                    14:bd:7f:9a:b4:e4:7a:b6:82:8b:6f:fc:a0:27:39:
                    2e:9f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A2:41:81:11:84:26:E5:2D:8F:50:A1:DD:74:89:2F:98:4B:09:8C:69
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS215522.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:6284:5000::/36

    Signature Algorithm: sha256WithRSAEncryption
         7b:72:e6:f7:cb:88:c7:a0:ea:43:81:14:fd:e1:1a:1a:c9:6e:
         31:7c:88:22:0e:06:ba:6e:92:8e:ef:07:17:89:0c:2f:2d:f8:
         86:33:9f:ed:0c:dc:49:7c:4c:c4:15:8c:75:ee:d3:ea:73:5a:
         48:e6:06:94:f2:35:73:d5:a1:d3:37:d9:71:40:fd:ca:82:03:
         6c:05:3a:51:cf:c9:b5:7a:8f:ee:f2:e9:d8:38:c2:a1:00:13:
         a4:0e:7e:ba:b4:d6:27:75:7b:60:bb:ab:92:ef:4a:57:5b:3c:
         ee:73:6d:3f:19:2e:1c:2e:13:e8:cc:62:10:35:05:19:98:d2:
         5c:4c:c1:69:cc:05:40:3e:42:26:76:2b:03:58:b2:df:05:32:
         7d:e4:65:2c:51:12:ff:6a:d9:c6:ec:90:65:7c:63:fa:34:5a:
         83:3f:80:f1:e4:a3:0b:64:c4:0f:d7:20:17:d7:9a:5b:d0:f8:
         8a:10:3e:7e:f6:70:3c:a1:66:00:16:29:6b:73:d7:e6:0b:46:
         e1:fe:0e:a5:52:09:41:07:3e:39:c4:a5:76:25:d5:10:7b:df:
         42:8b:e8:5b:7d:71:8d:7e:98:d7:69:64:00:c5:e6:dc:da:da:
         d4:fa:10:7a:1b:9f:94:32:ac:46:e7:af:34:05:12:de:27:bb:
         2e:5d:55:c7
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIUJDHpX8oa9dpsS9NY51wb+6ZcXEMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTA5MTUxMjEzNTBaFw0yNjA5MTQxMjE4NTBaMDMxMTAvBgNV
BAMTKEEyNDE4MTExODQyNkU1MkQ4RjUwQTFERDc0ODkyRjk4NEIwOThDNjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCjn89AbNOX/1vEaTGM4H3Smjt0
02wUUev6vrB+W+qG9XuNeneAfEnC4nbfh9w2+pw7U7PCdOhNxs1t7xQU91DElIlx
CwpF6Qh/VifmCgOJFhebaJ3VPv4tBr8JdwrPI8ROnMiEVpAaq/y0Z1huN6P78TzG
VuDXrpJvPX7mECukg4hs0Gtv6U1hScJF+FxgGeTOe5m7xE2fwDY1Cji4Nrna6j/w
UF9HevzUQBjSU3LA7yOvuLWWzicUnffv5SeWupQlHfdvmhT5Jr5eiEGRjqBLMH5b
hku6dyUcVbpEN81xzAdvjLpf3YEVN6DE7tZAoxS9f5q05Hq2gotv/KAnOS6fAgMB
AAGjggHeMIIB2jAdBgNVHQ4EFgQUokGBEYQm5S2PUKHddIkvmEsJjGkwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTU1MjIucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgQq
D2KEUDANBgkqhkiG9w0BAQsFAAOCAQEAe3Lm98uIx6DqQ4EU/eEaGsluMXyIIg4G
um6Sju8HF4kMLy34hjOf7QzcSXxMxBWMde7T6nNaSOYGlPI1c9Wh0zfZcUD9yoID
bAU6Uc/JtXqP7vLp2DjCoQATpA5+urTWJ3V7YLurku9KV1s87nNtPxkuHC4T6Mxi
EDUFGZjSXEzBacwFQD5CJnYrA1iy3wUyfeRlLFES/2rZxuyQZXxj+jRagz+A8eSj
C2TED9cgF9eaW9D4ihA+fvZwPKFmABYpa3PX5gtG4f4OpVIJQQc+OcSldiXVEHvf
QovoW31xjX6Y12lkAMXm3Nra1PoQehuflDKsRuevNAUS3ie7Ll1Vxw==
-----END CERTIFICATE-----