Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS205941.roa
File:                     AS205941.roa (raw, json)
Hash identifier:          TJmbgMXYy+/BMB+UHzx7N+FDPESbmkaj8V1q1ix738Q=
Subject key identifier:   B8:B9:44:A9:18:28:49:8C:07:A3:01:C2:07:70:63:14:77:FE:62:84
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       781D8964FC15E8F7270BE9C3366A2F527C2C087B
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS205941.roa
Signing time:             Sat 02 Aug 2025 11:44:45 +0000
ROA not before:           Sat 02 Aug 2025 11:39:45 +0000
ROA not after:            Sat 01 Aug 2026 11:44:45 +0000
asID:                     205941
IP address blocks:        2a0a:6044:a190::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Fri 08 Aug 2025 21:49:19 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            78:1d:89:64:fc:15:e8:f7:27:0b:e9:c3:36:6a:2f:52:7c:2c:08:7b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Aug  2 11:39:45 2025 GMT
            Not After : Aug  1 11:44:45 2026 GMT
        Subject: CN=B8B944A91828498C07A301C20770631477FE6284
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:fe:49:18:12:d4:ac:fc:15:ac:3f:4c:ca:cb:
                    a4:9b:39:39:10:70:49:1d:a0:71:36:64:53:21:63:
                    2c:e3:38:6e:eb:13:69:25:0b:ea:f9:f1:dd:70:a5:
                    50:dd:da:d7:a8:46:e3:20:de:a5:91:47:81:39:23:
                    13:79:05:e3:98:af:4f:2d:ec:f7:5a:60:55:1e:d4:
                    b5:cb:3a:25:fd:6d:d4:53:dc:28:11:80:28:0f:15:
                    ec:15:a7:f4:21:7a:e4:19:54:d7:41:4a:9d:07:2a:
                    3d:92:a0:0e:d6:80:d6:15:83:51:40:05:9b:e7:05:
                    48:a3:2c:33:7e:78:1f:51:a0:4e:c2:9e:b6:81:07:
                    dd:a7:ab:0e:e6:97:7b:e9:1b:08:5a:49:5f:79:d4:
                    7b:c7:8e:8b:a8:4a:b3:5c:c1:ae:64:be:4f:09:22:
                    c2:9f:2b:6a:3b:81:15:d7:6e:bf:76:a1:6e:47:e2:
                    c4:cf:a6:47:da:e7:2b:92:69:df:a4:5f:59:c0:d9:
                    c7:69:f6:ab:77:32:9a:38:f6:b9:d0:63:48:08:c2:
                    ae:05:1b:8e:58:78:7a:c9:91:47:fe:a6:0a:fb:88:
                    f6:7e:02:bd:49:d9:e8:41:e6:95:b4:97:e4:b9:ca:
                    14:51:89:e1:cb:1a:c9:52:b6:ec:20:72:c2:4b:df:
                    0f:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B8:B9:44:A9:18:28:49:8C:07:A3:01:C2:07:70:63:14:77:FE:62:84
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS205941.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:a190::/44

    Signature Algorithm: sha256WithRSAEncryption
         49:f8:68:e9:da:1c:67:0e:1c:4f:fb:a6:9b:c9:41:61:8e:55:
         fc:ee:09:20:09:f7:00:31:10:0b:c7:6d:ff:41:ec:98:d6:ac:
         a4:a3:a9:3f:45:d7:1a:d5:64:63:2b:60:a3:f2:45:bb:9f:a8:
         1e:00:cd:19:ee:6a:46:f9:e5:66:9e:54:73:4a:b1:23:16:9f:
         c8:f2:58:f7:de:76:ce:6e:f5:56:ed:a6:77:40:18:fb:22:3d:
         4d:95:d6:d2:d1:be:39:5e:00:2d:18:f0:80:cd:32:82:7f:26:
         6c:9b:a1:48:ef:00:17:6c:95:dd:cd:ff:85:10:b6:f5:38:b8:
         6d:1f:74:33:6b:20:27:82:e7:70:39:a2:4c:96:03:2b:8b:0c:
         aa:c6:f2:4b:0c:cd:e3:9a:39:38:96:00:4c:71:68:9b:99:45:
         6e:60:bd:bc:e6:a8:c5:7d:19:c1:3e:dc:5a:b4:fe:67:69:32:
         d2:80:e5:39:12:ff:ae:d0:6d:f0:1b:a6:d5:2d:2a:fa:c7:91:
         5c:2a:94:c3:b6:34:b4:da:32:11:85:e7:8d:c5:d6:99:3a:4c:
         28:aa:01:5b:1b:33:df:0d:24:ac:bd:c9:a5:2c:1b:c8:1d:eb:
         24:e2:c2:63:b9:f0:46:4f:dd:88:87:0e:5f:66:27:04:34:02:
         76:82:6c:bb
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIUeB2JZPwV6PcnC+nDNmovUnwsCHswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTA4MDIxMTM5NDVaFw0yNjA4MDExMTQ0NDVaMDMxMTAvBgNV
BAMTKEI4Qjk0NEE5MTgyODQ5OEMwN0EzMDFDMjA3NzA2MzE0NzdGRTYyODQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM/kkYEtSs/BWsP0zKy6SbOTkQ
cEkdoHE2ZFMhYyzjOG7rE2klC+r58d1wpVDd2teoRuMg3qWRR4E5IxN5BeOYr08t
7PdaYFUe1LXLOiX9bdRT3CgRgCgPFewVp/QheuQZVNdBSp0HKj2SoA7WgNYVg1FA
BZvnBUijLDN+eB9RoE7CnraBB92nqw7ml3vpGwhaSV951HvHjouoSrNcwa5kvk8J
IsKfK2o7gRXXbr92oW5H4sTPpkfa5yuSad+kX1nA2cdp9qt3Mpo49rnQY0gIwq4F
G45YeHrJkUf+pgr7iPZ+Ar1J2ehB5pW0l+S5yhRRieHLGslStuwgcsJL3w9VAgMB
AAGjggHfMIIB2zAdBgNVHQ4EFgQUuLlEqRgoSYwHowHCB3BjFHf+YoQwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMDU5NDEucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQq
CmBEoZAwDQYJKoZIhvcNAQELBQADggEBAEn4aOnaHGcOHE/7ppvJQWGOVfzuCSAJ
9wAxEAvHbf9B7JjWrKSjqT9F1xrVZGMrYKPyRbufqB4AzRnuakb55WaeVHNKsSMW
n8jyWPfeds5u9VbtpndAGPsiPU2V1tLRvjleAC0Y8IDNMoJ/JmyboUjvABdsld3N
/4UQtvU4uG0fdDNrICeC53A5okyWAyuLDKrG8ksMzeOaOTiWAExxaJuZRW5gvbzm
qMV9GcE+3Fq0/mdpMtKA5TkS/67QbfAbptUtKvrHkVwqlMO2NLTaMhGF543F1pk6
TCiqAVsbM98NJKy9yaUsG8gd6yTiwmO58EZP3YiHDl9mJwQ0AnaCbLs=
-----END CERTIFICATE-----