Route Origin Authorization

$ rpki-client -vvf krill.47272.net/repo/HYEHOST/5/AS214980.roa
File:                     AS214980.roa (raw, json)
Hash identifier:          8p9kia3BHlGT6NLxCGutCL+ao9AXi1Qm48pX80p/5+E=
Subject key identifier:   17:31:46:CB:10:4A:42:A7:C4:56:7C:14:41:44:86:C5:A5:17:BF:87
Certificate issuer:       /CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
Certificate serial:       1D7CC776DE6DF43241B14B9EB4C512D91A90B75B
Authority key identifier: C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7
Authority info access:    rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
Subject info access:      rsync://krill.47272.net/repo/HYEHOST/5/AS214980.roa
Signing time:             Sun 12 Oct 2025 21:08:59 +0000
ROA not before:           Sun 12 Oct 2025 21:03:59 +0000
ROA not after:            Sun 11 Oct 2026 21:08:59 +0000
asID:                     214980
IP address blocks:        2a0a:6044:c100::/44 maxlen: 44
Validation:               OK
Signature path:           rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl
                          rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.mft
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.crl
                          rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/D14B6FCF2B2C69BE085E9F959872DCBE8EA54177.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0Utvzyssab4IXp-VmHLcvo6lQXc.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 11:18:59 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            1d:7c:c7:76:de:6d:f4:32:41:b1:4b:9e:b4:c5:12:d9:1a:90:b7:5b
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=C3CF41898936CB9C573DB1EAAB94C6E669951FD7
        Validity
            Not Before: Oct 12 21:03:59 2025 GMT
            Not After : Oct 11 21:08:59 2026 GMT
        Subject: CN=173146CB104A42A7C4567C14414486C5A517BF87
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:3a:89:e5:ea:e4:55:17:76:b9:f8:71:6c:67:
                    76:b0:dd:d8:83:38:47:76:15:15:0c:92:e2:60:22:
                    98:36:20:ec:0a:a3:69:1f:89:a0:a5:f0:1a:f2:75:
                    16:65:17:4e:5d:0e:c5:75:3a:27:f4:9a:3c:44:f8:
                    eb:5d:a9:16:31:6e:3d:04:fe:be:5e:97:78:54:c0:
                    17:3d:da:ba:12:a5:b2:f1:4b:bd:f4:14:3a:61:fa:
                    5e:32:72:86:03:b4:9c:6e:d7:09:7c:af:8f:af:67:
                    73:80:4d:6f:fc:fb:bf:26:90:7c:74:68:3d:13:aa:
                    18:19:90:04:20:88:59:8a:a0:3d:ea:a4:36:fa:41:
                    27:50:fc:83:63:69:93:f9:24:42:a9:f2:1f:87:c8:
                    07:fb:03:cc:c6:2d:a3:99:20:30:8b:0b:2b:cc:f6:
                    85:e3:8b:e6:ec:1f:0f:9e:78:31:96:ab:b9:49:8c:
                    27:b2:79:89:65:40:a0:0a:be:ea:19:f1:84:75:11:
                    21:f3:d7:68:2a:49:b8:39:a8:21:9c:cc:06:c5:4a:
                    7e:4f:81:ca:ce:f8:c4:2c:2b:08:d0:36:68:f5:76:
                    92:1a:22:62:74:27:9a:8c:48:5b:fd:98:4b:08:c7:
                    fc:c8:a2:fd:54:68:56:12:e3:a5:fe:11:c6:c2:57:
                    d2:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                17:31:46:CB:10:4A:42:A7:C4:56:7C:14:41:44:86:C5:A5:17:BF:87
            X509v3 Authority Key Identifier:
                keyid:C3:CF:41:89:89:36:CB:9C:57:3D:B1:EA:AB:94:C6:E6:69:95:1F:D7

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://krill.47272.net/repo/HYEHOST/5/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/7/C3CF41898936CB9C573DB1EAAB94C6E669951FD7.cer

            Subject Information Access:
                Signed Object - URI:rsync://krill.47272.net/repo/HYEHOST/5/AS214980.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a0a:6044:c100::/44

    Signature Algorithm: sha256WithRSAEncryption
         92:60:89:de:95:e0:1f:2e:f5:ef:a9:e3:1e:d0:e7:48:0c:68:
         2f:ad:df:63:df:17:5b:98:a6:a3:25:8e:5b:64:18:dd:dd:d9:
         b6:b0:0d:f5:47:14:b3:66:de:d4:46:92:07:84:5f:ee:8a:c9:
         04:a0:bd:4b:11:ad:83:84:10:e2:1a:73:f9:7b:53:55:33:e2:
         84:dd:89:09:75:8e:34:36:72:93:7b:af:c0:c0:0a:91:aa:4d:
         19:63:4c:4b:9f:14:26:07:dc:b9:48:ef:0c:14:5f:8c:c7:a4:
         5e:65:c3:7b:6e:60:19:b6:76:0e:0d:d1:5c:b8:b2:05:f8:c7:
         fe:8a:b3:df:10:4f:e1:9c:08:aa:05:09:c1:26:c6:5a:5e:34:
         b5:71:c8:b3:2f:54:f3:9b:2e:d7:02:ca:f8:e9:21:4c:5a:45:
         e1:6a:a9:25:9d:a2:21:f6:46:82:c8:dc:e8:c0:f7:0f:39:c1:
         90:ee:f4:18:31:29:90:34:0e:2a:21:f0:fb:2d:d6:d4:98:73:
         2c:89:bd:7d:2c:cb:b4:41:67:45:75:e0:dc:ef:3c:4b:fb:f3:
         f3:57:9a:60:00:e3:f5:cb:75:9c:f7:42:73:7d:df:0f:e3:9e:
         88:91:f3:4b:dc:db:11:b6:00:63:bb:0c:7c:7e:d7:7c:df:06:
         c9:43:f3:b4
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgIUHXzHdt5t9DJBsUuetMUS2RqQt1swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQzNDRjQxODk4OTM2Q0I5QzU3M0RCMUVBQUI5NEM2RTY2
OTk1MUZENzAeFw0yNTEwMTIyMTAzNTlaFw0yNjEwMTEyMTA4NTlaMDMxMTAvBgNV
BAMTKDE3MzE0NkNCMTA0QTQyQTdDNDU2N0MxNDQxNDQ4NkM1QTUxN0JGODcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpOonl6uRVF3a5+HFsZ3aw3diD
OEd2FRUMkuJgIpg2IOwKo2kfiaCl8BrydRZlF05dDsV1Oif0mjxE+OtdqRYxbj0E
/r5el3hUwBc92roSpbLxS730FDph+l4ycoYDtJxu1wl8r4+vZ3OATW/8+78mkHx0
aD0TqhgZkAQgiFmKoD3qpDb6QSdQ/INjaZP5JEKp8h+HyAf7A8zGLaOZIDCLCyvM
9oXji+bsHw+eeDGWq7lJjCeyeYllQKAKvuoZ8YR1ESHz12gqSbg5qCGczAbFSn5P
gcrO+MQsKwjQNmj1dpIaImJ0J5qMSFv9mEsIx/zIov1UaFYS46X+EcbCV9IjAgMB
AAGjggHfMIIB2zAdBgNVHQ4EFgQUFzFGyxBKQqfEVnwUQUSGxaUXv4cwHwYDVR0j
BBgwFoAUw89BiYk2y5xXPbHqq5TG5mmVH9cwDgYDVR0PAQH/BAQDAgeAMGQGA1Ud
HwRdMFswWaBXoFWGU3JzeW5jOi8va3JpbGwuNDcyNzIubmV0L3JlcG8vSFlFSE9T
VC81L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFGRDcuY3Js
MIGTBggrBgEFBQcBAQSBhjCBgzCBgAYIKwYBBQUHMAKGdHJzeW5jOi8vcnBraS1y
cHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5
MWJlM2Y5ZC83L0MzQ0Y0MTg5ODkzNkNCOUM1NzNEQjFFQUFCOTRDNkU2Njk5NTFG
RDcuY2VyME8GCCsGAQUFBwELBEMwQTA/BggrBgEFBQcwC4YzcnN5bmM6Ly9rcmls
bC40NzI3Mi5uZXQvcmVwby9IWUVIT1NULzUvQVMyMTQ5ODAucm9hMBgGA1UdIAEB
/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgACMAkDBwQq
CmBEwQAwDQYJKoZIhvcNAQELBQADggEBAJJgid6V4B8u9e+p4x7Q50gMaC+t32Pf
F1uYpqMljltkGN3d2bawDfVHFLNm3tRGkgeEX+6KyQSgvUsRrYOEEOIac/l7U1Uz
4oTdiQl1jjQ2cpN7r8DACpGqTRljTEufFCYH3LlI7wwUX4zHpF5lw3tuYBm2dg4N
0Vy4sgX4x/6Ks98QT+GcCKoFCcEmxlpeNLVxyLMvVPObLtcCyvjpIUxaReFqqSWd
oiH2RoLI3OjA9w85wZDu9BgxKZA0Dioh8Pst1tSYcyyJvX0sy7RBZ0V14NzvPEv7
8/NXmmAA4/XLdZz3QnN93w/jnoiR80vc2xG2AGO7DHx+13zfBslD87Q=
-----END CERTIFICATE-----