Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS215760.roa
File:                     AS215760.roa (raw, json)
Hash identifier:          hqVP8uRQ4qZ+IpgQAI0cau73nZ6XR+oUZ376aM+gACw=
Subject key identifier:   0F:A6:17:44:F2:5F:64:04:C1:08:55:DA:90:0F:23:C1:D2:FA:5D:F5
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       57508798F93B61465B4BFE8A46D6BC43C1EA210D
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS215760.roa
Signing time:             Sun 25 Jan 2026 08:00:19 +0000
ROA not before:           Sun 25 Jan 2026 07:55:19 +0000
ROA not after:            Sun 24 Jan 2027 08:00:19 +0000
asID:                     215760
IP address blocks:        2a0f:6284:30::/44 maxlen: 44
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 23 Feb 2026 19:39:55 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            57:50:87:98:f9:3b:61:46:5b:4b:fe:8a:46:d6:bc:43:c1:ea:21:0d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Jan 25 07:55:19 2026 GMT
            Not After : Jan 24 08:00:19 2027 GMT
        Subject: CN=0FA61744F25F6404C10855DA900F23C1D2FA5DF5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:9f:f5:ba:59:0d:8f:54:2d:72:43:f6:cd:15:
                    2c:f2:67:c6:80:0b:1e:4b:c3:c4:47:3d:b2:99:9e:
                    9b:29:fd:1c:cc:08:7c:7f:11:ef:71:7b:09:09:31:
                    1a:da:5a:df:8f:7e:d2:b5:38:43:74:4c:eb:2e:2c:
                    79:fb:d7:d8:1b:01:91:0b:dd:96:be:ff:44:ca:15:
                    32:c1:4d:a0:38:11:2c:c9:f9:02:14:99:b7:19:99:
                    3a:67:6c:10:91:7a:29:63:fd:2a:77:c2:97:fa:67:
                    ca:fc:d2:23:bd:91:4a:41:36:1c:c8:cd:bd:91:90:
                    44:50:fd:c9:85:e6:22:df:bf:27:ae:44:11:ff:df:
                    52:b8:1e:38:81:be:c0:41:9a:91:71:f3:ab:0b:f3:
                    65:bc:2d:6f:85:6a:f4:e7:32:ff:83:9c:2b:70:29:
                    64:db:0a:f4:7e:ff:d4:44:91:72:0d:33:4f:59:bc:
                    ed:c0:ce:88:ef:1d:09:09:bc:24:ef:b1:4a:2f:3b:
                    ec:62:81:85:4b:d4:2b:97:f2:68:10:1f:86:47:28:
                    01:6c:ac:e6:0c:d4:c1:6a:af:4b:0b:a0:9f:e9:19:
                    19:a7:0a:78:27:6c:76:88:29:fb:48:e2:59:8c:6e:
                    b4:12:2e:a6:cb:9f:ae:6f:b6:a3:68:03:8d:bb:94:
                    4f:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:A6:17:44:F2:5F:64:04:C1:08:55:DA:90:0F:23:C1:D2:FA:5D:F5
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS215760.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0f:6284:30::/44

    Signature Algorithm: sha256WithRSAEncryption
         5c:fe:dc:2e:b0:d1:dd:dc:8b:17:f6:0d:9f:c0:ad:05:a2:5a:
         8f:20:97:70:96:3f:52:78:2a:47:1b:cd:00:57:f5:ce:4e:11:
         80:c0:de:1d:f3:f8:79:32:38:f6:d4:3c:d6:a7:5c:0e:be:7e:
         f5:1a:e7:44:35:7a:ea:76:68:ab:bf:62:78:e3:40:7c:1b:47:
         ab:ee:27:90:b4:94:9f:8d:e3:42:fa:31:fe:d1:27:d6:ff:a6:
         af:7b:80:8b:31:56:2a:1c:35:81:ca:23:70:08:cd:e8:5b:e7:
         2b:97:f2:bf:d1:1a:d1:0b:b1:70:04:6e:5e:98:9a:39:79:b3:
         83:6d:f6:20:f4:b1:d6:3d:c0:51:98:61:8d:59:24:d5:97:f5:
         62:c3:36:bb:bb:69:89:10:13:ce:e6:64:dc:17:8d:6e:56:fd:
         eb:5c:9d:d4:56:27:c5:ad:f0:77:c8:f1:6f:20:cb:2e:3f:8e:
         b6:a4:7a:9b:26:8a:e7:61:b3:dd:22:9b:82:e5:91:68:b0:01:
         95:56:3b:ea:02:37:bc:89:4d:a5:c2:0e:54:2f:05:1f:0c:0e:
         9b:19:ff:72:84:2c:fb:79:89:d3:51:1b:60:70:8b:b7:e0:65:
         9d:ab:e7:24:3f:d1:54:4f:b0:b8:5c:ee:1b:0f:81:ef:4b:a5:
         87:1b:40:b8
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIUV1CHmPk7YUZbS/6KRta8Q8HqIQ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNjAxMjUwNzU1MTlaFw0yNzAxMjQwODAwMTlaMDMxMTAvBgNV
BAMTKDBGQTYxNzQ0RjI1RjY0MDRDMTA4NTVEQTkwMEYyM0MxRDJGQTVERjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUn/W6WQ2PVC1yQ/bNFSzyZ8aA
Cx5Lw8RHPbKZnpsp/RzMCHx/Ee9xewkJMRraWt+PftK1OEN0TOsuLHn719gbAZEL
3Za+/0TKFTLBTaA4ESzJ+QIUmbcZmTpnbBCReilj/Sp3wpf6Z8r80iO9kUpBNhzI
zb2RkERQ/cmF5iLfvyeuRBH/31K4HjiBvsBBmpFx86sL82W8LW+FavTnMv+DnCtw
KWTbCvR+/9REkXINM09ZvO3AzojvHQkJvCTvsUovO+xigYVL1CuX8mgQH4ZHKAFs
rOYM1MFqr0sLoJ/pGRmnCngnbHaIKftI4lmMbrQSLqbLn65vtqNoA427lE9xAgMB
AAGjggHfMIIB2zAdBgNVHQ4EFgQUD6YXRPJfZATBCFXakA8jwdL6XfUwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTU3NjAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQq
D2KEADAwDQYJKoZIhvcNAQELBQADggEBAFz+3C6w0d3cixf2DZ/ArQWiWo8gl3CW
P1J4KkcbzQBX9c5OEYDA3h3z+HkyOPbUPNanXA6+fvUa50Q1eup2aKu/YnjjQHwb
R6vuJ5C0lJ+N40L6Mf7RJ9b/pq97gIsxViocNYHKI3AIzehb5yuX8r/RGtELsXAE
bl6Ymjl5s4Nt9iD0sdY9wFGYYY1ZJNWX9WLDNru7aYkQE87mZNwXjW5W/etcndRW
J8Wt8HfI8W8gyy4/jrakepsmiudhs90im4LlkWiwAZVWO+oCN7yJTaXCDlQvBR8M
DpsZ/3KELPt5idNRG2Bwi7fgZZ2r5yQ/0VRPsLhc7hsPge9LpYcbQLg=
-----END CERTIFICATE-----