Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/161/kDMHy_U6kRyxPZgC5R2JxxdB7VQ.roa
File:                     kDMHy_U6kRyxPZgC5R2JxxdB7VQ.roa (raw, json)
Hash identifier:          wJJg5eimvgQMN2H0qeOyd2yBDPP/maxngok8GbmO2e8=
Subject key identifier:   90:33:07:CB:F5:3A:91:1C:B1:3D:98:02:E5:1D:89:C7:17:41:ED:54
Certificate issuer:       /CN=15BFA3E53E59149239A168DFD92C75745AB66CB6
Certificate serial:       022E
Authority key identifier: 15:BF:A3:E5:3E:59:14:92:39:A1:68:DF:D9:2C:75:74:5A:B6:6C:B6
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/kDMHy_U6kRyxPZgC5R2JxxdB7VQ.roa
Signing time:             Mon 01 May 2023 01:39:34 +0000
ROA not before:           Mon 01 May 2023 01:39:34 +0000
ROA not after:            Sun 14 Apr 2024 01:30:02 +0000
asID:                     2516
IP address blocks:        210.238.128.0/17 maxlen: 17

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 558 (0x22e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15BFA3E53E59149239A168DFD92C75745AB66CB6
        Validity
            Not Before: May  1 01:39:34 2023 GMT
            Not After : Apr 14 01:30:02 2024 GMT
        Subject: CN=903307CBF53A911CB13D9802E51D89C71741ED54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:a6:49:02:06:a2:da:c2:b5:0a:8b:35:1b:da:
                    68:42:62:98:64:50:9f:47:18:35:f6:4c:4b:93:da:
                    fa:b8:0f:98:7b:c1:7a:9b:3b:2e:1e:e9:25:fc:e4:
                    7c:35:4c:e3:eb:96:26:48:e2:de:f9:94:b4:c2:8a:
                    fc:72:03:ab:07:31:97:60:3d:95:a7:76:3a:a7:2b:
                    73:67:67:33:c0:f7:a0:01:f3:d0:3b:19:8f:4e:9a:
                    57:0f:a2:07:b4:1e:a4:b0:c4:28:68:55:f7:bd:4e:
                    22:b5:47:6f:ad:fe:cd:2e:59:0b:81:1e:85:b7:dd:
                    4f:8d:9e:1c:8f:7c:65:b0:46:07:d7:f7:42:ae:fc:
                    43:75:58:e9:49:19:fb:6f:ff:d6:b6:43:04:87:b8:
                    aa:f1:b2:22:ef:0c:ab:a6:30:06:0f:9d:00:4a:e7:
                    b1:08:c6:21:6d:27:cd:8b:83:45:95:00:fb:6c:a7:
                    c3:fb:6f:8e:3d:c3:4d:69:ec:82:63:83:48:bf:cc:
                    b9:86:69:93:ef:83:63:84:1c:86:b9:c2:89:25:f4:
                    cd:59:4c:5e:73:f5:1e:33:77:40:47:2c:f6:9f:0f:
                    de:f4:e2:5e:12:8c:3a:0f:e9:00:e5:9f:9e:d4:10:
                    d5:a9:a9:20:fd:ae:e3:45:9c:0a:79:72:b0:3d:aa:
                    5d:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:33:07:CB:F5:3A:91:1C:B1:3D:98:02:E5:1D:89:C7:17:41:ED:54
            X509v3 Authority Key Identifier:
                keyid:15:BF:A3:E5:3E:59:14:92:39:A1:68:DF:D9:2C:75:74:5A:B6:6C:B6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/kDMHy_U6kRyxPZgC5R2JxxdB7VQ.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  210.238.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         4c:27:96:08:80:e1:34:64:cf:5a:26:88:48:13:e7:5a:79:ae:
         70:a1:e0:1b:d8:44:e0:ca:06:2f:11:44:71:c0:0a:27:ae:5a:
         a6:9d:13:8d:8f:58:c2:e6:30:9c:a0:ee:95:be:1f:8e:f3:92:
         c5:c7:56:a7:ee:e7:64:02:a2:55:56:fb:fc:2c:9b:a0:f7:36:
         48:af:dc:a4:ef:bc:8d:8e:2f:87:0c:aa:23:0a:4b:07:82:67:
         79:4e:62:5c:29:42:9a:41:de:52:e9:b1:5e:1a:8b:9f:2d:62:
         51:8d:a6:31:58:57:28:86:0b:5b:e9:6c:8e:64:d8:6a:50:d2:
         3f:d0:79:30:61:38:0b:d6:10:31:61:23:b4:09:de:5f:c4:b5:
         1b:cd:a9:c4:11:9a:49:8c:36:dc:1d:aa:45:48:ac:9f:0e:d3:
         dc:b5:54:4d:1c:72:a0:fc:f2:0b:b7:86:4c:18:9e:cb:cb:45:
         ce:4e:e5:57:b1:d3:77:aa:63:81:cd:ac:27:f8:52:f7:fd:18:
         9d:1b:a3:07:7f:81:ff:b4:bd:39:dc:6d:fc:42:2e:d1:82:a3:
         a8:31:ac:51:c4:2b:b6:de:c2:15:7b:ca:05:de:dd:6f:02:01:
         a3:31:b0:c5:75:df:89:8b:08:5f:61:6e:a5:ae:a0:aa:05:98:
         8a:f3:ae:39
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAi4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTVC
RkEzRTUzRTU5MTQ5MjM5QTE2OERGRDkyQzc1NzQ1QUI2NkNCNjAeFw0yMzA1MDEw
MTM5MzRaFw0yNDA0MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDkwMzMwN0NCRjUzQTkx
MUNCMTNEOTgwMkU1MUQ4OUM3MTc0MUVENTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDlpkkCBqLawrUKizUb2mhCYphkUJ9HGDX2TEuT2vq4D5h7wXqb
Oy4e6SX85Hw1TOPrliZI4t75lLTCivxyA6sHMZdgPZWndjqnK3NnZzPA96AB89A7
GY9OmlcPoge0HqSwxChoVfe9TiK1R2+t/s0uWQuBHoW33U+NnhyPfGWwRgfX90Ku
/EN1WOlJGftv/9a2QwSHuKrxsiLvDKumMAYPnQBK57EIxiFtJ82Lg0WVAPtsp8P7
b449w01p7IJjg0i/zLmGaZPvg2OEHIa5wokl9M1ZTF5z9R4zd0BHLPafD9704l4S
jDoP6QDln57UENWpqSD9ruNFnAp5crA9ql27AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUkDMHy/U6kRyxPZgC5R2JxxdB7VQwHwYDVR0jBBgwFoAUFb+j5T5ZFJI5oWjf
2Sx1dFq2bLYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzE2MS9GYi1qNVQ1WkZKSTVvV2pmMlN4MWRGcTJiTFkuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9GYi1qNVQ1WkZKSTVvV2pmMlN4MWRG
cTJiTFkuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTYxL2tETUh5X1U2a1J5eFBaZ0M1UjJKeHhkQjdWUS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAfS7oAwDQYJKoZIhvcNAQELBQADggEBAEwnlgiA4TRkz1omiEgT51p5rnCh
4BvYRODKBi8RRHHACieuWqadE42PWMLmMJyg7pW+H47zksXHVqfu52QColVW+/ws
m6D3Nkiv3KTvvI2OL4cMqiMKSweCZ3lOYlwpQppB3lLpsV4ai58tYlGNpjFYVyiG
C1vpbI5k2GpQ0j/QeTBhOAvWEDFhI7QJ3l/EtRvNqcQRmkmMNtwdqkVIrJ8O09y1
VE0ccqD88gu3hkwYnsvLRc5O5Vex03eqY4HNrCf4Uvf9GJ0bowd/gf+0vTncbfxC
LtGCo6gxrFHEK7bewhV7ygXe3W8CAaMxsMV134mLCF9hbqWuoKoFmIrzrjk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:44 2024 by rpki-client on console-fra.rpki-client.org