Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/esUi-7tEn4it4LA2mvp_yGaEqOQ.roa
File:                     esUi-7tEn4it4LA2mvp_yGaEqOQ.roa (raw, json)
Hash identifier:          3nB/Aj2JgEMBp3wmQ3LlMrkbr0waN7N0gVYeyM+6hc0=
Subject key identifier:   7A:C5:22:FB:BB:44:9F:88:AD:E0:B0:36:9A:FA:7F:C8:66:84:A8:E4
Certificate issuer:       /CN=e14ac611614dd165d94557296ed7ed46c8fc025f
Certificate serial:       0184AE51DDBC5EF72D0FD10332A489BCBDAE
Authority key identifier: E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/esUi-7tEn4it4LA2mvp_yGaEqOQ.roa
Signing time:             Fri 25 Nov 2022 10:25:11 +0000
ROA not before:           Fri 25 Nov 2022 10:25:11 +0000
ROA not after:            Sat 01 Jul 2023 00:00:00 +0000
asID:                     12312
IP address blocks:        141.98.44.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:84:ae:51:dd:bc:5e:f7:2d:0f:d1:03:32:a4:89:bc:bd:ae
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=e14ac611614dd165d94557296ed7ed46c8fc025f
        Validity
            Not Before: Nov 25 10:25:11 2022 GMT
            Not After : Jul  1 00:00:00 2023 GMT
        Subject: CN=7ac522fbbb449f88ade0b0369afa7fc86684a8e4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:6d:18:95:7f:eb:eb:55:df:ad:6d:b2:c5:e0:
                    21:fc:2c:34:fc:4e:73:bd:02:68:4e:71:39:fe:55:
                    3a:41:2c:ad:02:ea:c6:52:91:ed:9e:68:69:cc:3d:
                    3c:c2:ce:3e:71:7d:5a:a6:a9:6d:d6:5d:a2:2f:5a:
                    c9:f4:d5:1e:23:55:1a:15:aa:86:87:a0:5d:89:52:
                    8f:c7:ae:62:40:f2:7c:7a:81:66:50:70:8c:b6:23:
                    e3:78:0d:47:7b:3c:85:37:da:44:ce:76:bf:8a:4b:
                    b7:76:0f:ed:d6:6c:81:e4:3f:7e:a4:f7:0b:e2:d3:
                    4a:ab:82:3f:de:cc:cc:62:06:27:4d:2e:86:f2:07:
                    dd:ee:a8:81:fa:32:45:b1:40:49:12:ba:ff:88:f0:
                    e9:84:18:74:72:3f:f5:7e:5b:31:da:e9:35:fb:b3:
                    e1:60:d1:66:d5:b3:3b:82:0c:34:de:f4:a7:01:b0:
                    e2:f8:19:27:d1:4a:a5:9f:24:08:2e:f4:98:07:af:
                    66:41:c3:6e:27:11:81:82:b0:fb:d9:20:80:00:73:
                    d1:83:29:dd:97:35:97:1b:b4:dc:97:1e:f8:20:c2:
                    cb:c2:dc:d7:2a:01:f7:f1:14:f4:07:0d:bf:30:3a:
                    33:84:4a:d2:72:f7:9f:9b:6d:53:0c:5e:4f:d0:52:
                    6f:d1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7A:C5:22:FB:BB:44:9F:88:AD:E0:B0:36:9A:FA:7F:C8:66:84:A8:E4
            X509v3 Authority Key Identifier:
                keyid:E1:4A:C6:11:61:4D:D1:65:D9:45:57:29:6E:D7:ED:46:C8:FC:02:5F

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4UrGEWFN0WXZRVcpbtftRsj8Al8.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/esUi-7tEn4it4LA2mvp_yGaEqOQ.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/6e79b8-2b8f-4ecc-9a6e-70e898bb38dd/1/4UrGEWFN0WXZRVcpbtftRsj8Al8.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  141.98.44.0/24

    Signature Algorithm: sha256WithRSAEncryption
         db:d0:d2:4e:5e:58:80:82:a5:4b:6a:57:06:68:5b:81:1a:8d:
         b7:88:bf:3b:e9:f4:a5:3d:6c:13:9b:e1:c4:29:d7:6c:a3:ab:
         67:3d:66:8a:60:f0:5e:f9:59:53:3c:4c:d7:96:9d:82:c7:35:
         b6:fc:e4:55:41:69:8a:df:c2:1a:19:03:a8:d3:45:74:69:3f:
         46:6b:5c:40:75:93:d7:3f:b4:4c:5b:24:c5:82:39:09:1c:06:
         94:b1:c7:58:8b:c8:0b:6b:21:18:a9:29:cb:12:6f:c5:f3:31:
         78:f2:e8:c6:a0:94:6c:ee:91:3b:38:6f:dc:3d:66:02:ba:a1:
         eb:85:1d:68:f0:ce:9c:39:ad:f1:64:23:93:35:0d:21:86:08:
         90:bc:1c:41:7a:e8:a8:d0:14:d5:62:9d:30:d9:7c:6d:02:37:
         71:9b:02:af:5a:20:01:84:42:16:77:bf:6e:db:c8:4b:94:47:
         07:d8:19:73:7b:67:fe:59:90:bd:90:62:e6:8e:e6:79:d2:33:
         a9:33:63:6e:93:b2:0b:c2:a2:f7:c3:75:2a:86:74:9e:31:74:
         f3:50:41:05:29:86:6a:87:74:99:e9:bd:de:9f:ea:eb:9c:a7:
         88:10:67:77:7f:52:e5:bb:2a:c2:b1:ad:83:bf:52:f4:cc:39:
         76:1e:ed:08
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSuUd28XvctD9EDMqSJvL2uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNGFjNjExNjE0ZGQxNjVkOTQ1NTcyOTZlZDdlZDQ2Yzhm
YzAyNWYwHhcNMjIxMTI1MTAyNTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWM1MjJmYmJiNDQ5Zjg4YWRlMGIwMzY5YWZhN2ZjODY2ODRhOGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsm0YlX/r61XfrW2yxeAh/Cw0/E5z
vQJoTnE5/lU6QSytAurGUpHtnmhpzD08ws4+cX1apqlt1l2iL1rJ9NUeI1UaFaqG
h6BdiVKPx65iQPJ8eoFmUHCMtiPjeA1HezyFN9pEzna/iku3dg/t1myB5D9+pPcL
4tNKq4I/3szMYgYnTS6G8gfd7qiB+jJFsUBJErr/iPDphBh0cj/1flsx2uk1+7Ph
YNFm1bM7ggw03vSnAbDi+Bkn0UqlnyQILvSYB69mQcNuJxGBgrD72SCAAHPRgynd
lzWXG7Tclx74IMLLwtzXKgH38RT0Bw2/MDozhErScvefm21TDF5P0FJv0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHrFIvu7RJ+IreCwNpr6f8hmhKjkMB8GA1UdIwQY
MBaAFOFKxhFhTdFl2UVXKW7X7UbI/AJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUt
NzBlODk4YmIzOGRkLzEvZXNVaS03dEVuNGl0NExBMm12cF95R2FFcU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82ZTc5YjgtMmI4Zi00ZWNjLTlhNmUtNzBlODk4YmIzOGRk
LzEvNFVyR0VXRk4wV1haUlZjcGJ0ZnRSc2o4QWw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAjWIsMA0G
CSqGSIb3DQEBCwUAA4IBAQDb0NJOXliAgqVLalcGaFuBGo23iL876fSlPWwTm+HE
Kddso6tnPWaKYPBe+VlTPEzXlp2CxzW2/ORVQWmK38IaGQOo00V0aT9Ga1xAdZPX
P7RMWyTFgjkJHAaUscdYi8gLayEYqSnLEm/F8zF48ujGoJRs7pE7OG/cPWYCuqHr
hR1o8M6cOa3xZCOTNQ0hhgiQvBxBeuio0BTVYp0w2XxtAjdxmwKvWiABhEIWd79u
28hLlEcH2Blze2f+WZC9kGLmjuZ50jOpM2Nuk7ILwqL3w3UqhnSeMXTzUEEFKYZq
h3SZ6b3en+rrnKeIEGd3f1LluyrCsa2Dv1L0zDl2Hu0I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:59 2024 by rpki-client on console-fra.rpki-client.org