Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS57483.roa
File:                     AS57483.roa (raw, json)
Hash identifier:          INcOgquMQYMqrghr2xeujOdEPyHoJln7FOK1W4OwB1A=
Subject key identifier:   76:F2:A0:55:24:46:67:32:1F:51:AB:B0:2A:3A:3A:CE:D3:DC:4B:F0
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       7B357CEF62BF6EAE933DD52B50CB5026E6F938
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS57483.roa
Signing time:             Thu 03 Jul 2025 15:53:00 +0000
ROA not before:           Thu 03 Jul 2025 15:48:00 +0000
ROA not after:            Thu 02 Jul 2026 15:53:00 +0000
asID:                     57483
IP address blocks:        2a0a:6044:7100::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 05 Jul 2025 17:00:42 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            7b:35:7c:ef:62:bf:6e:ae:93:3d:d5:2b:50:cb:50:26:e6:f9:38
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Jul  3 15:48:00 2025 GMT
            Not After : Jul  2 15:53:00 2026 GMT
        Subject: CN=76F2A055244667321F51ABB02A3A3ACED3DC4BF0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:94:e5:47:8c:bd:ad:ca:7b:44:19:26:ee:a7:9a:
                    b0:ac:d6:3a:87:86:d9:33:ec:a5:34:0e:4d:e0:1e:
                    19:f5:9d:27:64:6e:fd:d3:ae:1c:eb:2d:47:df:9f:
                    e6:df:62:a1:69:1a:c3:97:87:e7:92:97:f8:c8:6a:
                    85:8a:cb:a1:e2:23:13:cf:fe:95:cb:ed:30:0c:5a:
                    b5:d0:34:e1:6e:0d:9f:41:d9:a1:da:bc:94:97:aa:
                    34:17:43:ec:19:03:74:c5:4d:81:71:51:13:2e:4d:
                    68:3c:7b:e2:0f:65:7d:6b:4d:8e:15:78:d6:0a:14:
                    0b:22:85:bb:87:61:18:c6:f5:c7:84:2d:96:10:0e:
                    99:f5:94:da:18:2b:28:84:3d:b5:f6:6c:3e:21:00:
                    e4:4e:ab:70:37:52:8e:c1:d3:75:a7:60:46:05:cb:
                    44:de:19:68:6b:27:d3:a0:13:68:fa:36:2a:36:ab:
                    35:24:56:ec:9c:5c:48:ff:23:dd:3f:56:73:28:8d:
                    3d:ee:c5:14:f8:9e:ae:52:fc:06:6e:53:e1:44:6f:
                    f5:72:c7:22:86:8c:38:ce:ae:b3:e5:0f:c9:36:a1:
                    82:ed:ff:35:c0:1f:5d:e3:cf:3c:56:3e:05:35:a5:
                    09:28:d0:f4:76:fd:84:c9:79:11:b0:a1:ea:ce:03:
                    d3:3b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:F2:A0:55:24:46:67:32:1F:51:AB:B0:2A:3A:3A:CE:D3:DC:4B:F0
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS57483.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:7100::/40

    Signature Algorithm: sha256WithRSAEncryption
         83:11:64:92:52:a1:d5:5d:28:9f:b4:72:d8:ee:c5:12:bb:be:
         2f:47:fb:81:bd:64:ad:11:cc:81:7b:45:30:57:93:aa:6e:15:
         57:97:36:83:36:3e:01:e5:26:aa:30:0f:fe:14:af:c0:91:ed:
         05:db:21:8a:0e:6f:60:92:d3:e3:94:78:48:b3:16:1c:a6:21:
         76:b6:b4:a3:e1:f2:44:b2:0a:36:92:15:1a:f0:e7:60:7f:d9:
         26:d7:53:71:d0:1f:4c:e3:59:c7:b7:8c:63:c1:cd:d5:40:fa:
         49:e3:9b:61:88:14:71:98:13:25:a8:27:2f:b2:9a:4f:78:44:
         dd:1d:cf:b9:fb:08:17:2b:0b:39:a2:56:6f:4b:d3:f1:c0:c3:
         70:0e:82:75:7f:f7:84:69:44:17:40:e5:d8:fe:40:ee:63:be:
         72:6d:6d:f8:e8:50:9b:db:e6:33:a3:de:2a:1f:a4:0c:b8:b2:
         ac:0f:39:c0:98:74:1a:fb:d9:a0:9d:f1:03:45:d7:b0:e6:a0:
         0c:09:40:1d:42:76:29:5f:e4:6f:d3:49:e8:88:23:a1:95:50:
         76:6f:57:37:b7:34:fc:55:ef:9d:e5:bc:d6:64:9b:f2:2d:95:
         4d:7d:dc:bd:96:2c:60:e8:71:b2:5b:a3:a2:b5:12:60:1c:05:
         f8:e9:38:49
-----BEGIN CERTIFICATE-----
MIIE0jCCA7qgAwIBAgITezV872K/bq6TPdUrUMtQJub5ODANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyhDM0NGNDE4OTg5MzZDQjlDNTczREIxRUFBQjk0QzZFNjY5
OTUxRkQ3MB4XDTI1MDcwMzE1NDgwMFoXDTI2MDcwMjE1NTMwMFowMzExMC8GA1UE
AxMoNzZGMkEwNTUyNDQ2NjczMjFGNTFBQkIwMkEzQTNBQ0VEM0RDNEJGMDCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJTlR4y9rcp7RBkm7qeasKzWOoeG
2TPspTQOTeAeGfWdJ2Ru/dOuHOstR9+f5t9ioWkaw5eH55KX+MhqhYrLoeIjE8/+
lcvtMAxatdA04W4Nn0HZodq8lJeqNBdD7BkDdMVNgXFREy5NaDx74g9lfWtNjhV4
1goUCyKFu4dhGMb1x4QtlhAOmfWU2hgrKIQ9tfZsPiEA5E6rcDdSjsHTdadgRgXL
RN4ZaGsn06ATaPo2KjarNSRW7JxcSP8j3T9WcyiNPe7FFPierlL8Bm5T4URv9XLH
IoaMOM6us+UPyTahgu3/NcAfXePPPFY+BTWlCSjQ9Hb9hMl5EbCh6s4D0zsCAwEA
AaOCAd0wggHZMB0GA1UdDgQWBBR28qBVJEZnMh9Rq7AqOjrO09xL8DAfBgNVHSME
GDAWgBTDz0GJiTbLnFc9seqrlMbmaZUf1zAOBgNVHQ8BAf8EBAMCB4AwZAYDVR0f
BF0wWzBZoFegVYZTcnN5bmM6Ly9rcmlsbC40NzI3Mi5uZXQvcmVwby9IWUVIT1NU
LzUvQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2OTk1MUZENy5jcmww
gZMGCCsGAQUFBwEBBIGGMIGDMIGABggrBgEFBQcwAoZ0cnN5bmM6Ly9ycGtpLXJw
cy5hcmluLm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1Yzkx
YmUzZjlkLzcvQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2OTk1MUZE
Ny5jZXIwTgYIKwYBBQUHAQsEQjBAMD4GCCsGAQUFBzALhjJyc3luYzovL2tyaWxs
LjQ3MjcyLm5ldC9yZXBvL0hZRUhPU1QvNS9BUzU3NDgzLnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgpg
RHEwDQYJKoZIhvcNAQELBQADggEBAIMRZJJSodVdKJ+0ctjuxRK7vi9H+4G9ZK0R
zIF7RTBXk6puFVeXNoM2PgHlJqowD/4Ur8CR7QXbIYoOb2CS0+OUeEizFhymIXa2
tKPh8kSyCjaSFRrw52B/2SbXU3HQH0zjWce3jGPBzdVA+knjm2GIFHGYEyWoJy+y
mk94RN0dz7n7CBcrCzmiVm9L0/HAw3AOgnV/94RpRBdA5dj+QO5jvnJtbfjoUJvb
5jOj3iofpAy4sqwPOcCYdBr72aCd8QNF17DmoAwJQB1Cdilf5G/TSeiII6GVUHZv
Vze3NPxV753lvNZkm/ItlU193L2WLGDocbJbo6K1EmAcBfjpOEk=
-----END CERTIFICATE-----