Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS216052.roa
File:                     AS216052.roa (raw, json)
Hash identifier:          Z0Emj4KBqqcdOaDM2E+wTFiqZw14fUehMKzXX10dMi4=
Subject key identifier:   C0:27:BD:78:04:FE:8C:0D:A2:90:93:5A:56:02:85:BA:0E:E7:38:F7
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       55CBAA455D772B68A75BCC63A4DD0B9D496FDC4D
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS216052.roa
Signing time:             Thu 03 Jul 2025 15:52:59 +0000
ROA not before:           Thu 03 Jul 2025 15:47:59 +0000
ROA not after:            Thu 02 Jul 2026 15:52:59 +0000
asID:                     216052
IP address blocks:        2a0a:6044:a900::/40 maxlen: 48
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 05 Nov 2025 16:43:30 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            55:cb:aa:45:5d:77:2b:68:a7:5b:cc:63:a4:dd:0b:9d:49:6f:dc:4d
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Jul  3 15:47:59 2025 GMT
            Not After : Jul  2 15:52:59 2026 GMT
        Subject: CN=C027BD7804FE8C0DA290935A560285BA0EE738F7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:29:ab:33:66:a8:09:ab:16:3c:0e:3a:f3:54:
                    cf:7c:91:76:3f:3a:89:6e:04:aa:3b:3e:76:fd:0b:
                    61:a4:a2:81:84:b2:18:e0:97:ab:c9:cd:3e:ee:d3:
                    35:b7:9c:a9:c8:9d:a7:c5:4d:e1:db:09:ee:57:75:
                    83:f9:3f:9f:9c:10:c6:7b:6b:e1:b3:e2:77:db:46:
                    e3:9d:09:28:a1:37:f8:8c:07:e9:aa:ed:90:96:e3:
                    07:0c:99:32:65:9d:80:0d:d3:65:17:6b:c8:83:b0:
                    d8:c6:3d:ab:f9:a8:be:d2:03:a7:a1:d1:9f:08:6f:
                    23:8b:df:09:27:9c:63:2f:49:7c:f7:a3:ec:e4:56:
                    9e:b4:07:35:3c:6b:c4:a6:34:8f:96:70:09:ca:06:
                    f2:53:fe:a7:a2:21:04:f0:f1:4c:b0:62:58:15:03:
                    fa:5a:94:92:ef:8b:10:ff:1e:a1:d1:04:1f:0e:81:
                    a9:a2:be:61:f0:cc:46:ac:82:0d:c8:d5:25:66:95:
                    61:ef:e0:49:4c:39:ed:49:b3:23:f7:f8:28:c1:bd:
                    49:8e:1d:c8:13:9a:7a:af:42:da:26:13:b7:5f:d3:
                    12:8b:94:b9:a3:4b:30:fc:91:06:49:bf:52:f5:e7:
                    7d:f5:a7:02:2c:2d:c1:cf:2d:c9:1c:01:24:d4:f0:
                    36:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C0:27:BD:78:04:FE:8C:0D:A2:90:93:5A:56:02:85:BA:0E:E7:38:F7
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS216052.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:a900::/40

    Signature Algorithm: sha256WithRSAEncryption
         18:53:4d:a7:03:11:1d:f1:1f:14:ad:e1:49:3e:c6:90:eb:b0:
         b1:f6:49:13:05:32:f2:5e:12:f8:03:7e:b3:37:32:88:cf:61:
         c7:10:f7:34:0f:c9:90:9e:d9:3b:ae:64:da:b0:14:2c:2e:71:
         b5:0d:3d:59:59:97:9f:ca:d5:f2:fd:d2:28:a7:45:3b:dc:13:
         50:e9:dd:44:4b:dd:d8:b6:43:b1:53:07:1c:9d:54:d0:1b:b0:
         c3:23:de:69:02:d4:ed:3b:5a:af:79:86:50:5d:4b:9f:08:78:
         3d:70:6a:e7:a0:96:dd:0e:93:52:73:a9:ee:2b:21:c1:17:83:
         84:40:98:62:d6:09:5e:1c:d5:af:5f:19:63:d3:70:c0:55:be:
         1d:e7:43:9b:70:e4:45:da:7e:03:24:13:94:89:e9:97:37:68:
         90:c0:dc:88:a2:f2:b5:f9:8b:72:d7:68:24:e0:bc:4d:4c:39:
         09:29:a4:43:c5:09:23:20:af:5c:93:96:ea:97:66:dc:de:f2:
         94:8a:6a:28:95:38:19:45:be:ad:1e:e8:b6:f9:9b:16:c8:eb:
         54:95:c6:04:aa:59:54:28:db:f5:55:11:a3:3c:90:ea:34:75:
         3d:11:a3:66:9c:0f:2f:c8:b0:21:66:d6:03:c7:5a:62:93:89:
         24:ec:97:6d
-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIUVcuqRV13K2inW8xjpN0LnUlv3E0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTA3MDMxNTQ3NTlaFw0yNjA3MDIxNTUyNTlaMDMxMTAvBgNV
BAMTKEMwMjdCRDc4MDRGRThDMERBMjkwOTM1QTU2MDI4NUJBMEVFNzM4RjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAKaszZqgJqxY8DjrzVM98kXY/
OoluBKo7Pnb9C2GkooGEshjgl6vJzT7u0zW3nKnInafFTeHbCe5XdYP5P5+cEMZ7
a+Gz4nfbRuOdCSihN/iMB+mq7ZCW4wcMmTJlnYAN02UXa8iDsNjGPav5qL7SA6eh
0Z8IbyOL3wknnGMvSXz3o+zkVp60BzU8a8SmNI+WcAnKBvJT/qeiIQTw8UywYlgV
A/palJLvixD/HqHRBB8OgamivmHwzEasgg3I1SVmlWHv4ElMOe1JsyP3+CjBvUmO
HcgTmnqvQtomE7df0xKLlLmjSzD8kQZJv1L15331pwIsLcHPLckcASTU8DbxAgMB
AAGjggHeMIIB2jAdBgNVHQ4EFgQUwCe9eAT+jA2ikJNaVgKFug7nOPcwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTYwNTIucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgACMAgDBgAq
CmBEqTANBgkqhkiG9w0BAQsFAAOCAQEAGFNNpwMRHfEfFK3hST7GkOuwsfZJEwUy
8l4S+AN+szcyiM9hxxD3NA/JkJ7ZO65k2rAULC5xtQ09WVmXn8rV8v3SKKdFO9wT
UOndREvd2LZDsVMHHJ1U0BuwwyPeaQLU7Ttar3mGUF1Lnwh4PXBq56CW3Q6TUnOp
7ishwReDhECYYtYJXhzVr18ZY9NwwFW+HedDm3DkRdp+AyQTlInplzdokMDciKLy
tfmLctdoJOC8TUw5CSmkQ8UJIyCvXJOW6pdm3N7ylIpqKJU4GUW+rR7otvmbFsjr
VJXGBKpZVCjb9VURozyQ6jR1PRGjZpwPL8iwIWbWA8daYpOJJOyXbQ==
-----END CERTIFICATE-----