Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/11247/yg82DOkX_6L-Kh28UZWLkfvQMpQ.roa
File:                     yg82DOkX_6L-Kh28UZWLkfvQMpQ.roa (raw, json)
Hash identifier:          V7/2doDSEf1E/6akARTK6SyfG0TRpFueS3LjsjzFy9Y=
Subject key identifier:   CA:0F:36:0C:E9:17:FF:A2:FE:2A:1D:BC:51:95:8B:91:FB:D0:32:94
Certificate issuer:       /CN=FBC46294A5D56437E19A11AEF9FB9B877690143E
Certificate serial:       28
Authority key identifier: FB:C4:62:94:A5:D5:64:37:E1:9A:11:AE:F9:FB:9B:87:76:90:14:3E
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/-8RilKXVZDfhmhGu-fubh3aQFD4.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/11247/yg82DOkX_6L-Kh28UZWLkfvQMpQ.roa
Signing time:             Fri 01 Jul 2022 01:28:06 +0000
ROA not before:           Fri 01 Jul 2022 01:28:06 +0000
ROA not after:            Thu 15 Jun 2023 01:30:04 +0000
asID:                     7684
IP address blocks:        157.17.32.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40 (0x28)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FBC46294A5D56437E19A11AEF9FB9B877690143E
        Validity
            Not Before: Jul  1 01:28:06 2022 GMT
            Not After : Jun 15 01:30:04 2023 GMT
        Subject: CN=CA0F360CE917FFA2FE2A1DBC51958B91FBD03294
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b1:e6:02:b9:68:f4:0f:1d:fc:cd:8f:ef:1c:9d:
                    5e:84:5b:65:84:22:60:47:0b:21:b0:13:18:a2:c3:
                    3b:46:21:5e:0e:fa:f0:c3:56:ca:38:87:60:12:37:
                    40:12:d3:29:c4:e7:f0:4d:a4:26:18:e4:2b:3e:af:
                    37:42:b4:0b:dd:9b:f7:35:cd:8a:96:7c:78:01:1d:
                    b8:7c:b5:47:7a:36:3d:5e:1b:50:3c:03:55:36:c2:
                    64:2e:19:0c:da:a7:f1:8d:47:b3:b8:6e:0d:63:80:
                    82:ce:f7:e1:d5:3c:b3:93:7c:82:8b:02:03:37:21:
                    03:ec:d2:7a:e3:9e:5a:f0:f4:9a:9f:73:fa:69:5e:
                    15:02:5b:cc:9e:c2:38:04:09:71:6b:3e:41:08:81:
                    0c:d5:a8:78:7f:dc:15:ee:48:8b:58:6e:50:fc:71:
                    12:ed:a5:3e:ad:37:f9:94:12:50:9c:ca:bb:24:fa:
                    f8:3a:c0:2c:57:73:2b:3c:4e:84:c9:4c:74:98:84:
                    71:81:e5:32:3c:f2:32:01:44:db:c3:64:ca:2c:08:
                    51:71:80:b8:83:f8:ca:a4:67:ed:d4:cd:f5:d0:62:
                    64:87:f8:c9:54:18:f0:14:74:e3:37:8a:97:fb:cc:
                    2f:b6:cc:25:41:dd:d0:e4:b0:b6:82:f0:27:54:85:
                    7e:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CA:0F:36:0C:E9:17:FF:A2:FE:2A:1D:BC:51:95:8B:91:FB:D0:32:94
            X509v3 Authority Key Identifier:
                keyid:FB:C4:62:94:A5:D5:64:37:E1:9A:11:AE:F9:FB:9B:87:76:90:14:3E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/11247/-8RilKXVZDfhmhGu-fubh3aQFD4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/-8RilKXVZDfhmhGu-fubh3aQFD4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/11247/yg82DOkX_6L-Kh28UZWLkfvQMpQ.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.17.32.0/20

    Signature Algorithm: sha256WithRSAEncryption
         9a:0b:9d:5b:a3:ab:1e:93:b2:6b:5f:2d:42:a5:48:4a:67:ba:
         09:b6:48:04:bd:62:07:55:d2:b2:04:2d:c3:c7:d1:40:45:33:
         98:d6:b5:88:55:65:6e:93:6f:4b:11:d6:e1:16:bf:9d:67:cc:
         2f:63:33:a1:cf:20:ef:aa:36:f4:05:11:77:2c:90:88:9f:8a:
         86:de:36:a3:82:46:22:1b:6b:78:42:b7:8c:5b:57:8a:67:d0:
         87:70:21:b9:f9:2e:3a:ee:fd:fd:ca:9b:78:fe:22:69:dc:c8:
         91:b2:0a:28:5d:f4:e8:5e:55:19:40:cf:84:b8:82:3c:26:63:
         66:58:ed:87:9a:58:12:3c:ca:b7:e2:96:44:32:b8:91:26:ec:
         f6:31:31:63:c4:8a:48:db:79:f3:91:11:0e:cc:b1:69:c6:e5:
         e6:8c:fa:6f:96:06:c4:ef:69:87:97:bb:18:05:30:b7:d2:3c:
         83:b9:cf:59:23:62:dc:85:11:64:96:ee:24:fc:8f:17:8f:d9:
         f5:45:c8:36:4d:e9:3a:ce:80:75:28:60:7f:6c:92:6a:23:f5:
         0a:36:f7:00:ec:d7:07:47:7e:03:2a:a9:53:ee:8b:78:6f:1b:
         fc:d3:91:91:19:be:3d:03:0a:93:3f:0f:9e:c2:ad:5f:b9:1b:
         55:cf:5c:f4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIBKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGQkM0
NjI5NEE1RDU2NDM3RTE5QTExQUVGOUZCOUI4Nzc2OTAxNDNFMB4XDTIyMDcwMTAx
MjgwNloXDTIzMDYxNTAxMzAwNFowMzExMC8GA1UEAxMoQ0EwRjM2MENFOTE3RkZB
MkZFMkExREJDNTE5NThCOTFGQkQwMzI5NDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALHmArlo9A8d/M2P7xydXoRbZYQiYEcLIbATGKLDO0YhXg768MNW
yjiHYBI3QBLTKcTn8E2kJhjkKz6vN0K0C92b9zXNipZ8eAEduHy1R3o2PV4bUDwD
VTbCZC4ZDNqn8Y1Hs7huDWOAgs734dU8s5N8gosCAzchA+zSeuOeWvD0mp9z+mle
FQJbzJ7COAQJcWs+QQiBDNWoeH/cFe5Ii1huUPxxEu2lPq03+ZQSUJzKuyT6+DrA
LFdzKzxOhMlMdJiEcYHlMjzyMgFE28NkyiwIUXGAuIP4yqRn7dTN9dBiZIf4yVQY
8BR04zeKl/vML7bMJUHd0OSwtoLwJ1SFft8CAwEAAaOCAigwggIkMB0GA1UdDgQW
BBTKDzYM6Rf/ov4qHbxRlYuR+9AylDAfBgNVHSMEGDAWgBT7xGKUpdVkN+GaEa75
+5uHdpAUPjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMTEyNDcvLThSaWxLWFZaRGZobWhHdS1mdWJoM2FRRkQ0LmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvLThSaWxLWFZaRGZobWhHdS1mdWJo
M2FRRkQ0LmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzExMjQ3L3lnODJET2tYXzZMLUtoMjhVWldMa2Z2UU1wUS5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwE
AgABMAYDBASdESAwDQYJKoZIhvcNAQELBQADggEBAJoLnVujqx6TsmtfLUKlSEpn
ugm2SAS9YgdV0rIELcPH0UBFM5jWtYhVZW6Tb0sR1uEWv51nzC9jM6HPIO+qNvQF
EXcskIifiobeNqOCRiIba3hCt4xbV4pn0IdwIbn5Ljru/f3Km3j+ImncyJGyCihd
9OheVRlAz4S4gjwmY2ZY7YeaWBI8yrfilkQyuJEm7PYxMWPEikjbefOREQ7MsWnG
5eaM+m+WBsTvaYeXuxgFMLfSPIO5z1kjYtyFEWSW7iT8jxeP2fVFyDZN6TrOgHUo
YH9skmoj9Qo29wDs1wdHfgMqqVPui3hvG/zTkZEZvj0DCpM/D57CrV+5G1XPXPQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:45:32 2024 by rpki-client on console-ams.rpki-client.org