Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/161/CzqWzC24we9JNc9W_4389JBmuyM.roa
File:                     CzqWzC24we9JNc9W_4389JBmuyM.roa (raw, json)
Hash identifier:          0+XAJC42CxHUpim4a+MfVoOiu0g3eFmZShtQv5HIfoY=
Subject key identifier:   0B:3A:96:CC:2D:B8:C1:EF:49:35:CF:56:FF:8D:FC:F4:90:66:BB:23
Certificate issuer:       /CN=15BFA3E53E59149239A168DFD92C75745AB66CB6
Certificate serial:       0215
Authority key identifier: 15:BF:A3:E5:3E:59:14:92:39:A1:68:DF:D9:2C:75:74:5A:B6:6C:B6
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/CzqWzC24we9JNc9W_4389JBmuyM.roa
Signing time:             Mon 01 May 2023 01:37:48 +0000
ROA not before:           Mon 01 May 2023 01:37:48 +0000
ROA not after:            Sun 14 Apr 2024 01:30:02 +0000
asID:                     2516
IP address blocks:        106.161.0.0/16 maxlen: 16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 533 (0x215)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15BFA3E53E59149239A168DFD92C75745AB66CB6
        Validity
            Not Before: May  1 01:37:48 2023 GMT
            Not After : Apr 14 01:30:02 2024 GMT
        Subject: CN=0B3A96CC2DB8C1EF4935CF56FF8DFCF49066BB23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:b3:76:d5:0e:52:6a:0b:c3:42:39:97:3f:d6:
                    59:35:f9:11:c5:a7:a1:50:f5:28:02:e3:61:0d:5c:
                    ec:0b:0f:73:6c:4b:f2:5e:42:03:29:12:0a:4c:0b:
                    ae:8a:81:f7:05:c2:76:8c:f7:27:5d:13:c4:eb:f6:
                    21:73:e9:8c:b2:74:61:6b:13:f2:c0:e5:5b:c3:09:
                    f8:5e:17:cd:e7:0e:9b:dc:fd:cd:35:c7:de:e5:73:
                    86:b7:38:9b:e6:b8:2a:66:08:cb:24:19:10:be:66:
                    fd:1f:11:93:73:59:53:2c:59:91:4d:dd:2b:35:85:
                    06:c5:4f:08:1f:c8:40:7e:8a:be:f2:b7:d4:64:61:
                    a9:a0:1f:bf:2e:bd:eb:5c:db:05:75:b7:54:87:0f:
                    4c:57:7d:41:1d:a7:fb:fb:6d:4a:7b:34:a5:e9:c8:
                    51:3d:0b:10:45:3c:5c:a9:5c:82:1e:4d:ed:11:db:
                    f5:06:5f:cb:fe:72:ee:14:35:ca:ca:39:27:9a:c8:
                    a1:af:59:8c:c9:82:6c:6a:e8:2c:41:05:23:88:0d:
                    44:1b:5a:c9:bc:52:70:0c:4a:f1:49:ee:a2:22:0e:
                    25:0d:03:02:28:75:72:76:ac:99:f0:84:c8:4c:81:
                    7d:a6:3e:21:d3:9e:90:94:12:4e:8a:e7:dd:e4:a0:
                    34:97
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0B:3A:96:CC:2D:B8:C1:EF:49:35:CF:56:FF:8D:FC:F4:90:66:BB:23
            X509v3 Authority Key Identifier:
                keyid:15:BF:A3:E5:3E:59:14:92:39:A1:68:DF:D9:2C:75:74:5A:B6:6C:B6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/CzqWzC24we9JNc9W_4389JBmuyM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  106.161.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         06:74:08:ef:23:3d:56:1e:cf:bb:19:28:e7:af:23:57:3e:7a:
         8d:a6:3f:9d:15:4d:94:fc:fd:01:18:a4:a9:a0:dc:bd:0e:8e:
         ee:84:5c:81:b8:a4:56:21:81:84:9d:da:d5:22:aa:5b:01:ef:
         d9:ec:8e:da:81:72:df:c8:61:56:78:55:c7:58:fa:cb:20:ab:
         1e:6d:c2:65:9e:b8:c1:4d:30:67:19:5e:26:14:3a:99:09:3e:
         7e:bf:99:27:f6:d7:3b:29:61:f3:cf:49:db:63:e0:25:4a:38:
         35:45:17:77:d7:c5:02:7c:d6:14:4f:09:a3:6a:52:e7:f4:37:
         62:81:18:e2:0b:c8:82:83:27:2a:33:8b:e6:9b:0a:c3:87:44:
         79:99:59:ba:92:5f:09:1c:dc:da:52:9d:0c:4e:c3:1a:39:28:
         84:12:fe:aa:c3:fd:b9:04:04:f2:dd:f0:a3:f9:a6:bf:93:2c:
         d9:5c:cb:9d:17:fe:66:22:9e:ae:19:9c:29:f3:34:f4:11:96:
         ac:37:15:a6:4b:c8:2b:e1:2d:99:63:6f:92:61:8f:8c:4f:e2:
         4e:37:ba:c5:e7:43:f5:46:87:86:9d:d7:fd:5c:0b:98:44:14:
         e1:63:4b:db:93:3d:d9:f6:21:4b:69:d8:87:26:22:41:84:1c:
         8c:11:fe:68
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgICAhUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTVC
RkEzRTUzRTU5MTQ5MjM5QTE2OERGRDkyQzc1NzQ1QUI2NkNCNjAeFw0yMzA1MDEw
MTM3NDhaFw0yNDA0MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDBCM0E5NkNDMkRCOEMx
RUY0OTM1Q0Y1NkZGOERGQ0Y0OTA2NkJCMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzs3bVDlJqC8NCOZc/1lk1+RHFp6FQ9SgC42ENXOwLD3NsS/Je
QgMpEgpMC66KgfcFwnaM9yddE8Tr9iFz6YyydGFrE/LA5VvDCfheF83nDpvc/c01
x97lc4a3OJvmuCpmCMskGRC+Zv0fEZNzWVMsWZFN3Ss1hQbFTwgfyEB+ir7yt9Rk
YamgH78uvetc2wV1t1SHD0xXfUEdp/v7bUp7NKXpyFE9CxBFPFypXIIeTe0R2/UG
X8v+cu4UNcrKOSeayKGvWYzJgmxq6CxBBSOIDUQbWsm8UnAMSvFJ7qIiDiUNAwIo
dXJ2rJnwhMhMgX2mPiHTnpCUEk6K593koDSXAgMBAAGjggIjMIICHzAdBgNVHQ4E
FgQUCzqWzC24we9JNc9W/4389JBmuyMwHwYDVR0jBBgwFoAUFb+j5T5ZFJI5oWjf
2Sx1dFq2bLYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzE2MS9GYi1qNVQ1WkZKSTVvV2pmMlN4MWRGcTJiTFkuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9GYi1qNVQ1WkZKSTVvV2pmMlN4MWRG
cTJiTFkuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTYxL0N6cVd6QzI0d2U5Sk5jOVdfNDM4OUpCbXV5TS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwBqoTANBgkqhkiG9w0BAQsFAAOCAQEABnQI7yM9Vh7Puxko568jVz56jaY/
nRVNlPz9ARikqaDcvQ6O7oRcgbikViGBhJ3a1SKqWwHv2eyO2oFy38hhVnhVx1j6
yyCrHm3CZZ64wU0wZxleJhQ6mQk+fr+ZJ/bXOylh889J22PgJUo4NUUXd9fFAnzW
FE8Jo2pS5/Q3YoEY4gvIgoMnKjOL5psKw4dEeZlZupJfCRzc2lKdDE7DGjkohBL+
qsP9uQQE8t3wo/mmv5Ms2VzLnRf+ZiKerhmcKfM09BGWrDcVpkvIK+EtmWNvkmGP
jE/iTje6xedD9UaHhp3X/VwLmEQU4WNL25M92fYhS2nYhyYiQYQcjBH+aA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:45:38 2024 by rpki-client on console-ams.rpki-client.org