Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/131/RBoNVdYVwI_noC3m9cJGKkyeY7A.roa
File:                     RBoNVdYVwI_noC3m9cJGKkyeY7A.roa (raw, json)
Hash identifier:          XbITZmS4AQYLgCMF5g3bqB4B1skY9uXtbAZYxCoYH0k=
Subject key identifier:   44:1A:0D:55:D6:15:C0:8F:E7:A0:2D:E6:F5:C2:46:2A:4C:9E:63:B0
Certificate issuer:       /CN=2FC09923B05A7E8F1ADD9A5984EDC19320DB974B
Certificate serial:       0167
Authority key identifier: 2F:C0:99:23:B0:5A:7E:8F:1A:DD:9A:59:84:ED:C1:93:20:DB:97:4B
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/L8CZI7Bafo8a3ZpZhO3BkyDbl0s.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/131/RBoNVdYVwI_noC3m9cJGKkyeY7A.roa
Signing time:             Mon 01 May 2023 01:30:23 +0000
ROA not before:           Mon 01 May 2023 01:30:23 +0000
ROA not after:            Sun 14 Apr 2024 01:30:02 +0000
asID:                     4713
IP address blocks:        125.172.0.0/14 maxlen: 14

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 359 (0x167)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2FC09923B05A7E8F1ADD9A5984EDC19320DB974B
        Validity
            Not Before: May  1 01:30:23 2023 GMT
            Not After : Apr 14 01:30:02 2024 GMT
        Subject: CN=441A0D55D615C08FE7A02DE6F5C2462A4C9E63B0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b8:de:c5:90:c5:7c:e5:db:f6:6b:79:5a:63:e5:
                    81:81:d9:f9:f6:f5:d3:a3:22:97:71:cb:6d:1b:91:
                    6b:bf:87:6e:71:df:1f:d1:29:81:5e:df:7c:c9:0a:
                    1c:1b:c3:2c:e6:5a:3a:01:35:b0:08:6e:08:5f:d8:
                    9b:c9:38:36:50:67:ee:f7:5b:e7:8a:30:be:b0:13:
                    fb:d1:28:16:ba:0a:f1:2b:0c:14:cb:05:2d:f7:6f:
                    0a:bb:b7:00:73:a0:fe:5a:4a:74:5f:6f:61:0d:eb:
                    16:25:e9:9c:f5:03:f1:d2:7c:7d:66:14:63:f5:e0:
                    5e:4f:08:92:f1:6d:0d:c2:f4:88:45:18:64:3d:a2:
                    20:cb:61:44:02:fe:e1:d9:23:41:e1:0c:43:fd:a8:
                    39:80:ce:1b:e6:5e:ec:ee:3e:02:1a:3e:48:d2:98:
                    14:3f:40:66:8b:ab:d3:36:be:5b:27:62:e1:54:af:
                    e3:37:ae:3f:6b:d1:09:83:79:57:98:ff:c6:9e:9e:
                    d4:92:fc:78:88:1b:f2:ba:66:42:ec:fb:c5:80:c4:
                    c1:c9:d2:26:92:a6:1a:bd:02:6c:ae:85:a9:f5:fd:
                    9c:2d:ed:ec:de:a7:f9:bb:32:21:e9:3d:91:e8:34:
                    80:c4:02:62:46:d4:8f:a0:3a:48:f7:e2:6f:78:11:
                    5d:8f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                44:1A:0D:55:D6:15:C0:8F:E7:A0:2D:E6:F5:C2:46:2A:4C:9E:63:B0
            X509v3 Authority Key Identifier:
                keyid:2F:C0:99:23:B0:5A:7E:8F:1A:DD:9A:59:84:ED:C1:93:20:DB:97:4B

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/131/L8CZI7Bafo8a3ZpZhO3BkyDbl0s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/L8CZI7Bafo8a3ZpZhO3BkyDbl0s.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/131/RBoNVdYVwI_noC3m9cJGKkyeY7A.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  125.172.0.0/14

    Signature Algorithm: sha256WithRSAEncryption
         75:40:c6:d8:fa:bb:55:f0:e8:9b:9f:c9:b6:23:7b:e1:20:18:
         05:c9:0d:99:85:74:75:ed:b3:0e:a2:b4:4f:e5:1e:c7:0d:36:
         76:14:eb:94:c9:3e:16:f7:63:5c:14:78:42:ed:c0:d4:c3:8f:
         0e:57:88:3c:96:af:6a:6c:ef:74:2d:fc:d1:ae:3a:cf:5a:8d:
         4f:79:e4:6b:1a:a0:98:ab:77:39:19:1f:ec:be:22:80:7a:48:
         64:90:86:d6:f4:21:a6:3d:81:b6:b0:3b:1c:a8:76:e1:3a:2c:
         2e:8c:bf:0f:05:dc:78:41:0d:7b:66:4b:5a:11:63:fd:93:63:
         a6:6c:32:33:45:f7:62:7d:16:eb:72:ec:d6:c8:4c:ab:0c:f5:
         c1:05:b0:06:07:72:29:ea:14:49:e6:15:98:f9:90:36:58:dd:
         6e:f7:b1:8a:b8:d2:c6:a0:6b:a5:25:a8:96:15:b5:b3:1b:9b:
         12:dc:ba:e6:9e:a8:7a:09:e8:0e:68:8e:35:b2:f3:1f:59:bb:
         a6:91:7c:d5:fd:8f:bb:e1:b3:01:9c:e1:18:15:8a:66:9c:a2:
         1b:dd:cd:40:44:47:58:b9:c5:cb:9d:e1:7a:d9:b1:93:95:0d:
         7a:c4:82:05:4e:1f:2e:0e:6e:06:60:66:98:e8:64:5f:63:61:
         f8:9c:31:4d
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgICAWcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMkZD
MDk5MjNCMDVBN0U4RjFBREQ5QTU5ODRFREMxOTMyMERCOTc0QjAeFw0yMzA1MDEw
MTMwMjNaFw0yNDA0MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDQ0MUEwRDU1RDYxNUMw
OEZFN0EwMkRFNkY1QzI0NjJBNEM5RTYzQjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC43sWQxXzl2/ZreVpj5YGB2fn29dOjIpdxy20bkWu/h25x3x/R
KYFe33zJChwbwyzmWjoBNbAIbghf2JvJODZQZ+73W+eKML6wE/vRKBa6CvErDBTL
BS33bwq7twBzoP5aSnRfb2EN6xYl6Zz1A/HSfH1mFGP14F5PCJLxbQ3C9IhFGGQ9
oiDLYUQC/uHZI0HhDEP9qDmAzhvmXuzuPgIaPkjSmBQ/QGaLq9M2vlsnYuFUr+M3
rj9r0QmDeVeY/8aentSS/HiIG/K6ZkLs+8WAxMHJ0iaSphq9Amyuhan1/Zwt7eze
p/m7MiHpPZHoNIDEAmJG1I+gOkj34m94EV2PAgMBAAGjggIjMIICHzAdBgNVHQ4E
FgQURBoNVdYVwI/noC3m9cJGKkyeY7AwHwYDVR0jBBgwFoAUL8CZI7Bafo8a3ZpZ
hO3BkyDbl0swGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzEzMS9MOENaSTdCYWZvOGEzWnBaaE8zQmt5RGJsMHMuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9MOENaSTdCYWZvOGEzWnBaaE8zQmt5
RGJsMHMuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTMxL1JCb05WZFlWd0lfbm9DM205Y0pHS2t5ZVk3QS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwJ9rDANBgkqhkiG9w0BAQsFAAOCAQEAdUDG2Pq7VfDom5/JtiN74SAYBckN
mYV0de2zDqK0T+Uexw02dhTrlMk+FvdjXBR4Qu3A1MOPDleIPJavamzvdC380a46
z1qNT3nkaxqgmKt3ORkf7L4igHpIZJCG1vQhpj2BtrA7HKh24TosLoy/DwXceEEN
e2ZLWhFj/ZNjpmwyM0X3Yn0W63Ls1shMqwz1wQWwBgdyKeoUSeYVmPmQNljdbvex
irjSxqBrpSWolhW1sxubEty65p6oegnoDmiONbLzH1m7ppF81f2Pu+GzAZzhGBWK
ZpyiG93NQERHWLnFy53hetmxk5UNesSCBU4fLg5uBmBmmOhkX2Nh+JwxTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:42 2024 by rpki-client on console-fra.rpki-client.org