Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/10173/youdh_dJwM2MPGehINsXXmZmX_A.roa
File:                     youdh_dJwM2MPGehINsXXmZmX_A.roa (raw, json)
Hash identifier:          hPBOl2kiL6CyI6SEaWHxXVuNU/xsc14ayPzmgcOsjsw=
Subject key identifier:   CA:8B:9D:87:F7:49:C0:CD:8C:3C:67:A1:20:DB:17:5E:66:66:5F:F0
Certificate issuer:       /CN=101A90E4E74C403ABE8E5E0A1FE8E4157ABD2AE7
Certificate serial:       8F
Authority key identifier: 10:1A:90:E4:E7:4C:40:3A:BE:8E:5E:0A:1F:E8:E4:15:7A:BD:2A:E7
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/EBqQ5OdMQDq-jl4KH-jkFXq9Kuc.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/10173/youdh_dJwM2MPGehINsXXmZmX_A.roa
Signing time:             Thu 13 Apr 2023 09:53:27 +0000
ROA not before:           Thu 13 Apr 2023 09:53:27 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     18126
IP address blocks:        202.62.160.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 143 (0x8f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=101A90E4E74C403ABE8E5E0A1FE8E4157ABD2AE7
        Validity
            Not Before: Apr 13 09:53:27 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=CA8B9D87F749C0CD8C3C67A120DB175E66665FF0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:8f:3e:c3:b1:20:bb:f6:3b:99:90:49:8a:34:
                    c7:fd:6d:84:2d:a2:d8:8a:3f:f6:bc:be:19:24:6d:
                    25:0f:40:fa:7a:4a:64:c4:0a:7c:a0:ba:b8:b5:14:
                    1b:a6:b1:8b:cc:2c:82:dd:87:36:0a:0f:90:a2:ab:
                    0e:32:b7:82:e0:ca:46:8e:e7:a1:73:24:69:9f:66:
                    3f:15:10:fd:19:1f:46:58:1a:48:ac:aa:71:73:41:
                    7d:a2:cc:06:77:83:70:4f:b9:07:45:51:44:db:c4:
                    9e:50:54:fb:a0:30:7c:e6:2b:72:39:c7:24:fe:59:
                    94:6f:22:ab:b9:a1:68:80:48:14:d7:2c:7b:a2:fb:
                    95:07:ae:61:bf:85:41:1d:7b:91:48:ee:9a:b3:84:
                    b0:10:fa:5f:c2:84:23:12:1a:32:bf:b2:90:31:09:
                    94:cd:7a:97:66:31:4c:e3:d7:01:ff:ba:23:b1:7d:
                    27:8e:f9:2c:5d:77:d5:8f:33:e7:ee:ab:09:d5:8d:
                    01:80:fe:28:4d:74:78:b2:18:5a:2a:59:74:3a:27:
                    1a:d5:ec:8b:22:a1:16:65:59:1e:ee:bc:91:2f:ce:
                    89:88:c6:b8:17:8d:ad:b3:81:8a:74:22:da:c4:6a:
                    45:28:08:54:68:2f:35:dd:c3:c6:05:93:c7:07:00:
                    f9:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:8B:9D:87:F7:49:C0:CD:8C:3C:67:A1:20:DB:17:5E:66:66:5F:F0
            X509v3 Authority Key Identifier:
                keyid:10:1A:90:E4:E7:4C:40:3A:BE:8E:5E:0A:1F:E8:E4:15:7A:BD:2A:E7

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/10173/EBqQ5OdMQDq-jl4KH-jkFXq9Kuc.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/EBqQ5OdMQDq-jl4KH-jkFXq9Kuc.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/10173/youdh_dJwM2MPGehINsXXmZmX_A.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.62.160.0/20

    Signature Algorithm: sha256WithRSAEncryption
         ae:c6:80:2c:5f:1c:36:51:50:fb:67:b3:d1:c3:ac:bd:c2:3a:
         91:87:e7:5e:fd:e9:d8:1e:38:b5:ff:45:56:b6:ed:2a:67:58:
         5b:96:55:6b:62:1d:31:c9:65:8f:4e:d5:58:24:b9:72:08:0d:
         db:ff:e8:3d:20:8c:6e:eb:56:1f:37:99:d5:da:84:a1:91:3e:
         66:94:97:27:99:85:b2:e4:24:97:1a:ce:22:2d:e9:2e:9a:bb:
         c1:60:63:09:4b:10:58:b7:d2:45:a6:86:db:b6:88:12:0e:2c:
         44:12:9e:bb:31:4e:60:e0:fb:a6:3d:7c:d0:ed:cf:50:31:1f:
         77:d0:71:a4:d0:4a:2c:19:dd:40:c1:d6:4b:d6:fb:33:bf:8a:
         5d:9a:69:c2:23:51:21:b9:d5:4b:93:f5:f8:af:6b:1c:98:78:
         6c:f3:ba:e9:8d:80:6e:8e:30:9c:b9:5c:17:69:1f:b5:8e:22:
         bf:66:9b:ec:07:ea:8a:a1:a6:03:b6:33:9e:7d:78:ef:da:3e:
         b8:aa:34:c9:96:41:13:6a:dc:5a:8a:3c:2e:7a:de:16:76:12:
         27:08:57:64:77:6a:96:93:64:d9:9f:fa:67:47:78:61:22:33:
         48:78:a7:b8:38:db:c5:71:7d:53:10:c6:21:52:0c:77:28:9f:
         ef:62:70:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgICAI8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTAx
QTkwRTRFNzRDNDAzQUJFOEU1RTBBMUZFOEU0MTU3QUJEMkFFNzAeFw0yMzA0MTMw
OTUzMjdaFw0yNDAzMTQwMTMwMDJaMDMxMTAvBgNVBAMTKENBOEI5RDg3Rjc0OUMw
Q0Q4QzNDNjdBMTIwREIxNzVFNjY2NjVGRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAjz7DsSC79juZkEmKNMf9bYQtotiKP/a8vhkkbSUPQPp6SmTE
Cnyguri1FBumsYvMLILdhzYKD5Ciqw4yt4LgykaO56FzJGmfZj8VEP0ZH0ZYGkis
qnFzQX2izAZ3g3BPuQdFUUTbxJ5QVPugMHzmK3I5xyT+WZRvIqu5oWiASBTXLHui
+5UHrmG/hUEde5FI7pqzhLAQ+l/ChCMSGjK/spAxCZTNepdmMUzj1wH/uiOxfSeO
+Sxdd9WPM+fuqwnVjQGA/ihNdHiyGFoqWXQ6JxrV7IsioRZlWR7uvJEvzomIxrgX
ja2zgYp0ItrEakUoCFRoLzXdw8YFk8cHAPnJAgMBAAGjggIoMIICJDAdBgNVHQ4E
FgQUyoudh/dJwM2MPGehINsXXmZmX/AwHwYDVR0jBBgwFoAUEBqQ5OdMQDq+jl4K
H+jkFXq9KucwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzEwMTczL0VCcVE1T2RNUURxLWpsNEtILWprRlhxOUt1Yy5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL0VCcVE1T2RNUURxLWpsNEtILWpr
RlhxOUt1Yy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8xMDE3My95b3VkaF9kSndNMk1QR2VoSU5zWFhtWm1YX0Eu
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQEyj6gMA0GCSqGSIb3DQEBCwUAA4IBAQCuxoAsXxw2UVD7Z7PRw6y9
wjqRh+de/enYHji1/0VWtu0qZ1hbllVrYh0xyWWPTtVYJLlyCA3b/+g9IIxu61Yf
N5nV2oShkT5mlJcnmYWy5CSXGs4iLekumrvBYGMJSxBYt9JFpobbtogSDixEEp67
MU5g4PumPXzQ7c9QMR930HGk0EosGd1AwdZL1vszv4pdmmnCI1EhudVLk/X4r2sc
mHhs87rpjYBujjCcuVwXaR+1jiK/ZpvsB+qKoaYDtjOefXjv2j64qjTJlkETatxa
ijwuet4WdhInCFdkd2qWk2TZn/pnR3hhIjNIeKe4ONvFcX1TEMYhUgx3KJ/vYnCo
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:41 2024 by rpki-client on console-fra.rpki-client.org