Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS205163.roa
File:                     AS205163.roa (raw, json)
Hash identifier:          jocxo74xGRAnuYtduTV9acT2bdSCA5cZNFt16UqMHb8=
Subject key identifier:   0A:96:56:8B:E0:56:A1:91:DA:5C:28:5D:47:9B:98:6A:EC:34:2C:64
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       3CD6D659AF211A1FB57769038943B1659D57D9F1
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS205163.roa
Signing time:             Sat 11 Oct 2025 15:46:57 +0000
ROA not before:           Sat 11 Oct 2025 15:41:57 +0000
ROA not after:            Sat 10 Oct 2026 15:46:57 +0000
asID:                     205163
IP address blocks:        2a06:1281:50::/44 maxlen: 48
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            3c:d6:d6:59:af:21:1a:1f:b5:77:69:03:89:43:b1:65:9d:57:d9:f1
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Oct 11 15:41:57 2025 GMT
            Not After : Oct 10 15:46:57 2026 GMT
        Subject: CN=0A96568BE056A191DA5C285D479B986AEC342C64
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:c0:72:05:02:3c:04:dc:eb:a8:83:fd:81:37:
                    27:5d:07:0f:0f:62:76:65:19:97:f3:5f:16:43:d3:
                    88:00:71:1f:e4:ed:0c:6a:7d:f2:0f:f5:60:9a:0c:
                    19:b4:e1:a8:f5:3e:9a:60:a1:e9:5b:76:49:a1:cc:
                    3d:81:6c:69:84:86:27:e4:11:5f:df:b0:83:de:74:
                    b6:66:48:9f:2b:2c:2a:66:ce:0e:cd:e0:3c:1c:04:
                    84:2e:1f:78:ab:70:0d:bd:2f:83:5c:74:e2:6d:db:
                    0e:38:1a:33:bf:ec:28:e1:b8:60:87:db:12:51:93:
                    d6:a6:d1:6a:a1:9a:d5:88:3a:d4:6a:bf:de:8e:62:
                    76:50:36:fd:c9:cc:65:ed:c7:b5:49:90:50:e4:32:
                    a7:d6:95:ef:0c:c7:90:b1:fa:e5:84:32:05:18:73:
                    54:cb:a8:7b:d8:95:48:ff:a3:d5:13:b8:3d:dc:df:
                    f7:6f:f1:35:5e:79:24:52:18:c6:60:fb:a9:ca:47:
                    03:1d:de:6b:0c:ed:ce:52:0d:47:f4:5b:34:d6:d9:
                    52:5d:33:63:27:cc:86:8c:0a:97:b8:8a:d0:fb:1b:
                    72:aa:d2:dc:9d:ce:44:28:d6:d2:1e:d9:42:3b:fd:
                    8a:55:18:de:e5:fc:68:6b:e0:a1:4f:2a:c5:a6:dc:
                    9d:87
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:96:56:8B:E0:56:A1:91:DA:5C:28:5D:47:9B:98:6A:EC:34:2C:64
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS205163.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a06:1281:50::/44

    Signature Algorithm: sha256WithRSAEncryption
         3a:a3:55:5e:e3:75:ab:b0:c7:a3:06:56:1d:38:bf:1e:83:e8:
         f1:d9:aa:bf:38:c9:ac:8c:65:1e:31:8c:1b:99:01:6b:98:8c:
         36:f6:33:11:a3:8f:2e:c3:84:b7:95:1b:24:f1:15:0e:da:c7:
         61:98:d7:63:9a:5f:83:f1:a3:16:9d:70:c0:5b:1c:5f:ce:5c:
         f9:73:69:28:0f:6e:b3:96:be:31:0d:e9:bf:48:cd:fa:7a:c9:
         87:82:01:b9:19:1f:d2:f8:ee:c1:0d:f4:52:3a:db:76:12:14:
         98:e5:49:11:de:49:ba:e2:55:d9:1f:cb:b1:bb:49:6d:7f:10:
         fa:39:38:68:49:00:b1:98:83:c5:25:66:58:ef:4e:34:0a:0a:
         28:13:c3:ce:12:16:01:ea:e7:36:ab:ee:59:39:66:50:83:1a:
         22:d4:eb:0f:cc:40:10:bd:e3:a5:1b:3f:ec:0f:b7:ee:cf:59:
         78:e8:8b:5d:bc:28:71:72:b9:35:1a:e2:8b:6d:c4:de:72:d7:
         ae:ef:9c:46:fa:5b:3f:42:60:f1:30:24:99:89:f7:43:05:1d:
         a8:64:a3:bc:e1:f2:9f:d6:68:e5:a8:58:3d:7c:fa:5f:bd:a6:
         2d:8c:65:a5:0b:79:eb:82:ef:1c:ec:bd:75:e9:ff:a7:f0:3d:
         7d:5d:9c:dd
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIUPNbWWa8hGh+1d2kDiUOxZZ1X2fEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTEwMTExNTQxNTdaFw0yNjEwMTAxNTQ2NTdaMDMxMTAvBgNV
BAMTKDBBOTY1NjhCRTA1NkExOTFEQTVDMjg1RDQ3OUI5ODZBRUMzNDJDNjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2wHIFAjwE3Ouog/2BNyddBw8P
YnZlGZfzXxZD04gAcR/k7QxqffIP9WCaDBm04aj1PppgoelbdkmhzD2BbGmEhifk
EV/fsIPedLZmSJ8rLCpmzg7N4DwcBIQuH3ircA29L4NcdOJt2w44GjO/7CjhuGCH
2xJRk9am0WqhmtWIOtRqv96OYnZQNv3JzGXtx7VJkFDkMqfWle8Mx5Cx+uWEMgUY
c1TLqHvYlUj/o9UTuD3c3/dv8TVeeSRSGMZg+6nKRwMd3msM7c5SDUf0WzTW2VJd
M2MnzIaMCpe4itD7G3Kq0tydzkQo1tIe2UI7/YpVGN7l/Ghr4KFPKsWm3J2HAgMB
AAGjggHfMIIB2zAdBgNVHQ4EFgQUCpZWi+BWoZHaXChdR5uYauw0LGQwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMDUxNjMucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQq
BhKBAFAwDQYJKoZIhvcNAQELBQADggEBADqjVV7jdauwx6MGVh04vx6D6PHZqr84
yayMZR4xjBuZAWuYjDb2MxGjjy7DhLeVGyTxFQ7ax2GY12OaX4PxoxadcMBbHF/O
XPlzaSgPbrOWvjEN6b9Izfp6yYeCAbkZH9L47sEN9FI623YSFJjlSRHeSbriVdkf
y7G7SW1/EPo5OGhJALGYg8UlZljvTjQKCigTw84SFgHq5zar7lk5ZlCDGiLU6w/M
QBC946UbP+wPt+7PWXjoi128KHFyuTUa4ottxN5y167vnEb6Wz9CYPEwJJmJ90MF
Hahko7zh8p/WaOWoWD18+l+9pi2MZaULeeuC7xzsvXXp/6fwPX1dnN0=
-----END CERTIFICATE-----