Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/161/IGq2gSozEAqTbTb40zwJykvUPUI.roa
File:                     IGq2gSozEAqTbTb40zwJykvUPUI.roa (raw, json)
Hash identifier:          f0sIIicx6pfyF414X/fn9U60/suJb9xAWO8VC/PmdNE=
Subject key identifier:   20:6A:B6:81:2A:33:10:0A:93:6D:36:F8:D3:3C:09:CA:4B:D4:3D:42
Certificate issuer:       /CN=15BFA3E53E59149239A168DFD92C75745AB66CB6
Certificate serial:       01C5
Authority key identifier: 15:BF:A3:E5:3E:59:14:92:39:A1:68:DF:D9:2C:75:74:5A:B6:6C:B6
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/IGq2gSozEAqTbTb40zwJykvUPUI.roa
Signing time:             Mon 01 May 2023 01:32:14 +0000
ROA not before:           Mon 01 May 2023 01:32:14 +0000
ROA not after:            Sun 14 Apr 2024 01:30:02 +0000
asID:                     2516
IP address blocks:        220.217.0.0/16 maxlen: 16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 453 (0x1c5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15BFA3E53E59149239A168DFD92C75745AB66CB6
        Validity
            Not Before: May  1 01:32:14 2023 GMT
            Not After : Apr 14 01:30:02 2024 GMT
        Subject: CN=206AB6812A33100A936D36F8D33C09CA4BD43D42
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a3:d3:53:73:f7:3a:55:da:3c:22:3f:33:e0:6e:
                    a0:8f:42:8d:fc:5a:3e:0a:16:53:d8:48:dd:82:ac:
                    ed:d3:67:5e:12:a3:39:75:68:10:10:c3:db:11:73:
                    98:c0:bf:66:38:4e:48:59:db:fe:05:4e:9c:ea:ac:
                    84:3c:54:23:5a:44:6d:7c:70:f7:72:5c:4c:25:25:
                    dc:26:ba:ad:78:c6:5a:c1:6c:fd:30:1c:8c:fa:b2:
                    c1:a0:2f:68:3e:95:67:bb:5a:8e:d6:ff:71:f2:91:
                    90:c4:63:96:a3:a9:4b:b2:de:cf:50:9b:5b:71:9d:
                    26:08:33:25:a9:7d:b1:1a:8b:bc:a9:aa:f3:19:e6:
                    54:dd:2b:d9:12:57:9b:cf:48:e4:4a:93:7f:60:05:
                    d4:68:5d:cc:42:63:aa:2a:80:f4:e5:a9:13:72:d8:
                    ca:41:ce:3d:f2:a1:a3:c2:d4:91:16:fd:62:15:52:
                    8e:77:28:63:f5:09:53:a3:d8:3c:98:7d:8b:05:8e:
                    35:74:7e:18:33:5a:28:51:b2:8d:66:87:7c:bd:2d:
                    8f:ad:e6:b8:cb:c8:ef:9d:d4:65:db:70:fc:b4:52:
                    00:e5:dc:a2:23:d1:5f:29:d4:b0:ef:1a:d3:f3:1b:
                    a5:7f:c2:d4:3d:dc:e1:55:4b:10:38:e7:6a:06:5d:
                    1e:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:6A:B6:81:2A:33:10:0A:93:6D:36:F8:D3:3C:09:CA:4B:D4:3D:42
            X509v3 Authority Key Identifier:
                keyid:15:BF:A3:E5:3E:59:14:92:39:A1:68:DF:D9:2C:75:74:5A:B6:6C:B6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/IGq2gSozEAqTbTb40zwJykvUPUI.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.217.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         53:96:02:19:b3:c2:86:ae:5e:f2:97:12:9a:c2:d6:04:a9:64:
         9f:25:3f:a7:54:11:72:de:f7:f3:ed:88:bc:7e:f4:07:9a:fa:
         2d:e1:4f:ed:a4:36:20:21:24:7e:56:57:6d:b6:31:62:09:f9:
         da:1a:4f:be:94:58:85:96:17:b1:aa:c6:57:d7:58:2e:6c:c1:
         e7:b3:04:53:49:4d:66:c7:ec:75:15:e8:4d:42:d6:ab:be:cf:
         d5:45:bf:b5:02:bf:25:bc:f3:ac:c6:e6:8b:1b:0b:31:2f:8f:
         9c:34:6d:e0:f6:eb:68:07:eb:86:87:1f:3a:4a:6d:72:6f:24:
         95:2c:b9:b3:7f:08:de:66:1a:58:e8:d5:31:17:54:e3:4d:ec:
         5a:39:19:82:53:7b:2a:d5:45:7e:9f:c9:25:e0:58:b6:ec:d2:
         93:43:d9:f0:23:bd:82:03:e2:2f:96:f8:9f:f0:e8:eb:b3:6a:
         7a:0b:e5:2c:4b:8a:d3:29:41:5e:75:7c:50:90:7e:6f:8e:ea:
         ad:37:f3:3d:06:47:50:0f:b5:0f:8c:9c:03:45:79:45:be:a3:
         6c:f9:e6:73:a4:2b:a1:c9:c2:98:9e:ff:28:94:bd:9c:08:f1:
         9e:f5:c0:b5:21:e3:17:46:bc:48:c1:eb:f7:1e:df:0f:7d:78:
         30:b5:24:e9
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgICAcUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTVC
RkEzRTUzRTU5MTQ5MjM5QTE2OERGRDkyQzc1NzQ1QUI2NkNCNjAeFw0yMzA1MDEw
MTMyMTRaFw0yNDA0MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDIwNkFCNjgxMkEzMzEw
MEE5MzZEMzZGOEQzM0MwOUNBNEJENDNENDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCj01Nz9zpV2jwiPzPgbqCPQo38Wj4KFlPYSN2CrO3TZ14Sozl1
aBAQw9sRc5jAv2Y4TkhZ2/4FTpzqrIQ8VCNaRG18cPdyXEwlJdwmuq14xlrBbP0w
HIz6ssGgL2g+lWe7Wo7W/3HykZDEY5ajqUuy3s9Qm1txnSYIMyWpfbEai7ypqvMZ
5lTdK9kSV5vPSORKk39gBdRoXcxCY6oqgPTlqRNy2MpBzj3yoaPC1JEW/WIVUo53
KGP1CVOj2DyYfYsFjjV0fhgzWihRso1mh3y9LY+t5rjLyO+d1GXbcPy0UgDl3KIj
0V8p1LDvGtPzG6V/wtQ93OFVSxA452oGXR6FAgMBAAGjggIjMIICHzAdBgNVHQ4E
FgQUIGq2gSozEAqTbTb40zwJykvUPUIwHwYDVR0jBBgwFoAUFb+j5T5ZFJI5oWjf
2Sx1dFq2bLYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzE2MS9GYi1qNVQ1WkZKSTVvV2pmMlN4MWRGcTJiTFkuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9GYi1qNVQ1WkZKSTVvV2pmMlN4MWRG
cTJiTFkuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTYxL0lHcTJnU296RUFxVGJUYjQwendKeWt2VVBVSS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwDc2TANBgkqhkiG9w0BAQsFAAOCAQEAU5YCGbPChq5e8pcSmsLWBKlknyU/
p1QRct738+2IvH70B5r6LeFP7aQ2ICEkflZXbbYxYgn52hpPvpRYhZYXsarGV9dY
LmzB57MEU0lNZsfsdRXoTULWq77P1UW/tQK/JbzzrMbmixsLMS+PnDRt4PbraAfr
hocfOkptcm8klSy5s38I3mYaWOjVMRdU403sWjkZglN7KtVFfp/JJeBYtuzSk0PZ
8CO9ggPiL5b4n/Do67NqegvlLEuK0ylBXnV8UJB+b47qrTfzPQZHUA+1D4ycA0V5
Rb6jbPnmc6QrocnCmJ7/KJS9nAjxnvXAtSHjF0a8SMHr9x7fD314MLUk6Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:43 2024 by rpki-client on console-fra.rpki-client.org