Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/2eb41a-6fa6-416b-8752-36ef73f2c900/1/gV_qHJeoWnMcfFNLXta7lsBSgyw.roa
File:                     gV_qHJeoWnMcfFNLXta7lsBSgyw.roa (raw, json)
Hash identifier:          Vsv7KmWJ8aY3uIWYLTeqKxxhQxlnK8e88mATTiw5P/k=
Subject key identifier:   81:5F:EA:1C:97:A8:5A:73:1C:7C:53:4B:5E:D6:BB:96:C0:52:83:2C
Certificate issuer:       /CN=acaec954f476f77ef1a33b619d44a5730bebd7bf
Certificate serial:       01D67788
Authority key identifier: AC:AE:C9:54:F4:76:F7:7E:F1:A3:3B:61:9D:44:A5:73:0B:EB:D7:BF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/rK7JVPR2937xozthnUSlcwvr178.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/00/2eb41a-6fa6-416b-8752-36ef73f2c900/1/gV_qHJeoWnMcfFNLXta7lsBSgyw.roa
Signing time:             Sat 01 Jan 2022 03:00:52 +0000
ROA not before:           Sat 01 Jan 2022 03:00:52 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     50285
IP address blocks:        78.41.56.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 30832520 (0x1d67788)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=acaec954f476f77ef1a33b619d44a5730bebd7bf
        Validity
            Not Before: Jan  1 03:00:52 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=815fea1c97a85a731c7c534b5ed6bb96c052832c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:fd:5d:87:e8:0e:17:b2:75:7c:3e:35:d2:f3:61:
                    15:3c:9c:2b:fa:91:d1:8b:b9:75:5b:50:d7:dc:2d:
                    c2:ae:a4:51:1e:c6:6e:6f:7d:33:ba:da:e4:21:a1:
                    1a:f5:ea:a9:91:7c:b1:47:fd:9d:0b:f8:1e:9a:5b:
                    ff:bd:d0:a3:c2:67:d2:33:24:4f:f2:0c:9e:c3:fd:
                    e8:1a:8e:3a:74:c5:53:9b:17:cc:9b:56:8c:79:d9:
                    56:cc:86:8f:fd:9c:d7:6f:ab:f4:6c:f2:6f:27:ba:
                    83:18:03:59:70:38:2e:21:ee:35:61:c7:e3:3e:dd:
                    88:04:f0:ee:78:e7:c2:04:57:22:a5:c7:38:29:09:
                    a4:88:62:b2:e1:86:57:92:5a:47:ca:25:37:b8:b0:
                    cc:77:7a:0a:59:d8:fc:f7:1b:fa:37:ae:c2:4f:c7:
                    e5:0b:c6:20:b1:53:82:ca:05:e2:93:8f:c4:0a:8e:
                    e9:48:94:79:b8:90:47:74:96:83:cb:d6:d7:2f:f3:
                    23:a0:45:b4:d9:fa:28:d0:67:f3:71:fd:2a:9b:a2:
                    ae:af:f8:37:ed:16:10:65:aa:e1:54:c0:e0:1c:4a:
                    89:69:b6:65:f3:f2:99:57:92:7e:f0:21:c9:7c:bb:
                    bb:34:8e:67:6a:68:70:e3:07:82:0b:3f:de:a6:41:
                    99:17
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                81:5F:EA:1C:97:A8:5A:73:1C:7C:53:4B:5E:D6:BB:96:C0:52:83:2C
            X509v3 Authority Key Identifier:
                keyid:AC:AE:C9:54:F4:76:F7:7E:F1:A3:3B:61:9D:44:A5:73:0B:EB:D7:BF

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rK7JVPR2937xozthnUSlcwvr178.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/2eb41a-6fa6-416b-8752-36ef73f2c900/1/gV_qHJeoWnMcfFNLXta7lsBSgyw.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/00/2eb41a-6fa6-416b-8752-36ef73f2c900/1/rK7JVPR2937xozthnUSlcwvr178.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  78.41.56.0/21

    Signature Algorithm: sha256WithRSAEncryption
         be:bb:2e:fc:45:86:90:1e:86:f8:62:f8:a0:1c:bb:62:ae:54:
         32:24:5d:23:d4:2c:72:4f:4d:3f:9e:7d:89:39:b0:9a:5b:ed:
         0e:5d:b5:74:6d:41:64:7f:1e:e2:d0:16:08:8f:26:4e:41:d3:
         3e:8e:4b:5b:12:59:e7:b4:d2:0f:d2:c6:2f:8d:77:78:35:1e:
         e3:55:c8:ca:d4:59:53:cf:d8:d7:1d:cd:b4:10:d4:94:d2:bb:
         d1:ba:20:f9:8d:a3:e2:6c:4c:47:16:ed:29:2e:8d:b9:8c:28:
         0c:65:09:2e:5f:b1:07:de:41:bf:22:4e:73:7c:00:40:3d:56:
         11:f9:3f:90:66:f5:ee:09:62:4f:2f:16:2f:c5:4a:f2:85:f3:
         28:ea:22:4d:96:ca:9e:1a:a7:96:61:88:73:4b:67:af:94:06:
         89:ca:a7:3d:f5:33:cc:c1:3c:0b:6f:aa:6e:61:57:9d:dc:c2:
         25:93:b7:be:35:bb:a1:b7:dc:2e:ef:f0:08:5a:9d:67:1f:29:
         29:c3:9b:3d:b9:97:7f:86:fe:84:02:b1:63:07:46:2b:3a:ab:
         b6:51:5a:df:31:7b:dd:ab:62:69:35:92:87:bb:60:d4:33:29:
         e2:fe:b7:14:d4:79:0d:8d:bc:9b:72:dc:f1:60:8f:84:59:83:
         a3:82:b3:58
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAdZ3iDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Y2FlYzk1NGY0NzZmNzdlZjFhMzNiNjE5ZDQ0YTU3MzBiZWJkN2JmMB4XDTIyMDEw
MTAzMDA1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODE1ZmVhMWM5N2E4
NWE3MzFjN2M1MzRiNWVkNmJiOTZjMDUyODMyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAP1dh+gOF7J1fD410vNhFTycK/qR0Yu5dVtQ19wtwq6kUR7G
bm99M7ra5CGhGvXqqZF8sUf9nQv4Hppb/73Qo8Jn0jMkT/IMnsP96BqOOnTFU5sX
zJtWjHnZVsyGj/2c12+r9Gzybye6gxgDWXA4LiHuNWHH4z7diATw7njnwgRXIqXH
OCkJpIhisuGGV5JaR8olN7iwzHd6ClnY/Pcb+jeuwk/H5QvGILFTgsoF4pOPxAqO
6UiUebiQR3SWg8vW1y/zI6BFtNn6KNBn83H9Kpuirq/4N+0WEGWq4VTA4BxKiWm2
ZfPymVeSfvAhyXy7uzSOZ2pocOMHggs/3qZBmRcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSBX+ocl6hacxx8U0te1ruWwFKDLDAfBgNVHSMEGDAWgBSsrslU9Hb3fvGj
O2GdRKVzC+vXvzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JLN0pWUFIyOTM3eG96dGhuVVNsY3d2cjE3OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvMmViNDFhLTZmYTYtNDE2Yi04NzUyLTM2ZWY3M2YyYzkwMC8x
L2dWX3FISmVvV25NY2ZGTkxYdGE3bHNCU2d5dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
MmViNDFhLTZmYTYtNDE2Yi04NzUyLTM2ZWY3M2YyYzkwMC8xL3JLN0pWUFIyOTM3
eG96dGhuVVNsY3d2cjE3OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA04pODANBgkqhkiG9w0BAQsFAAOC
AQEAvrsu/EWGkB6G+GL4oBy7Yq5UMiRdI9Qsck9NP559iTmwmlvtDl21dG1BZH8e
4tAWCI8mTkHTPo5LWxJZ57TSD9LGL413eDUe41XIytRZU8/Y1x3NtBDUlNK70bog
+Y2j4mxMRxbtKS6NuYwoDGUJLl+xB95BvyJOc3wAQD1WEfk/kGb17gliTy8WL8VK
8oXzKOoiTZbKnhqnlmGIc0tnr5QGicqnPfUzzME8C2+qbmFXndzCJZO3vjW7obfc
Lu/wCFqdZx8pKcObPbmXf4b+hAKxYwdGKzqrtlFa3zF73atiaTWSh7tg1DMp4v63
FNR5DY28m3Lc8WCPhFmDo4KzWA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:41:50 2023 by rpki-client on console-fra.rpki-client.org