Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/161/z7AayX04We4gzT9vwcy2qSTzFeo.roa
File:                     z7AayX04We4gzT9vwcy2qSTzFeo.roa (raw, json)
Hash identifier:          bVuscLJ4RzVlX/2UNumJMe61+HaOpv1/012Si4fvO9I=
Subject key identifier:   CF:B0:1A:C9:7D:38:59:EE:20:CD:3F:6F:C1:CC:B6:A9:24:F3:15:EA
Certificate issuer:       /CN=15BFA3E53E59149239A168DFD92C75745AB66CB6
Certificate serial:       0167
Authority key identifier: 15:BF:A3:E5:3E:59:14:92:39:A1:68:DF:D9:2C:75:74:5A:B6:6C:B6
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/z7AayX04We4gzT9vwcy2qSTzFeo.roa
Signing time:             Thu 13 Apr 2023 09:50:46 +0000
ROA not before:           Thu 13 Apr 2023 09:50:46 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     2516
IP address blocks:        125.55.0.0/16 maxlen: 16

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 359 (0x167)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=15BFA3E53E59149239A168DFD92C75745AB66CB6
        Validity
            Not Before: Apr 13 09:50:46 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=CFB01AC97D3859EE20CD3F6FC1CCB6A924F315EA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:d9:dc:1d:e1:eb:7b:d3:d1:c0:7c:36:a0:fa:
                    45:97:66:fb:b6:08:b6:32:e7:be:44:46:69:d6:c2:
                    32:bb:db:b7:b5:8a:b5:32:d0:db:5e:73:5f:19:21:
                    21:57:90:3b:5b:02:6f:e8:92:8b:6a:7a:f2:a7:1e:
                    03:8a:73:bf:ee:da:8a:d3:f7:04:8d:23:b3:13:32:
                    cc:02:e6:fd:29:b2:13:0b:3a:6f:f9:9d:6b:28:dd:
                    78:9c:f3:20:79:b1:82:8c:32:30:7d:58:26:1a:0c:
                    a8:99:62:50:5c:c1:b2:2d:db:5a:5b:96:3a:40:74:
                    ca:e0:5c:42:36:23:16:dd:df:6e:f5:95:06:d1:54:
                    cb:68:49:e3:ff:74:a0:07:54:ec:51:ee:0d:1b:62:
                    38:83:74:5b:43:3e:b6:f1:0a:bf:d6:ec:12:b6:9f:
                    ab:3d:3c:a8:d7:66:87:23:64:f2:86:af:cc:aa:bf:
                    c1:5c:0f:79:d3:bf:46:3f:29:db:3c:e7:e4:7c:26:
                    1d:f9:55:86:10:ae:fa:fa:b7:96:dd:f9:33:c7:6e:
                    68:61:c6:45:2e:b0:17:55:7c:68:e8:e3:2f:1f:17:
                    b1:22:9a:49:e9:ca:03:6c:fa:3d:97:61:5f:9c:ae:
                    73:12:13:20:56:8e:f2:c7:f5:9e:f3:fb:2b:04:55:
                    0b:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:B0:1A:C9:7D:38:59:EE:20:CD:3F:6F:C1:CC:B6:A9:24:F3:15:EA
            X509v3 Authority Key Identifier:
                keyid:15:BF:A3:E5:3E:59:14:92:39:A1:68:DF:D9:2C:75:74:5A:B6:6C:B6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fb-j5T5ZFJI5oWjf2Sx1dFq2bLY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/161/z7AayX04We4gzT9vwcy2qSTzFeo.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  125.55.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         31:b2:9c:f9:0c:51:cf:8c:51:af:dd:18:5f:41:d7:a0:32:3b:
         56:be:e1:af:14:7c:77:a4:c6:15:09:1b:7c:22:1b:c5:a3:05:
         9f:af:04:2b:4a:fa:e1:e7:76:8f:21:5e:c3:cd:e5:58:5e:0c:
         66:f8:ca:51:9b:5d:4f:f7:d4:c7:70:d7:5c:e1:b1:79:46:e3:
         86:67:71:66:e3:76:04:93:86:d4:74:ed:86:e0:3e:11:fb:38:
         6d:fb:f9:d4:04:36:52:0c:e3:8b:a7:0f:07:ad:73:4e:bc:13:
         e0:5b:28:f6:03:d8:76:43:d9:b9:2c:67:eb:94:9f:cd:b2:d8:
         20:3e:cf:48:b6:86:ee:57:b9:9b:13:2b:92:c2:99:12:13:24:
         3d:43:32:be:12:a6:54:d1:f2:a5:23:7f:92:c8:a0:ea:91:ac:
         e7:1e:39:41:78:12:41:8a:1f:de:b5:1c:77:63:d2:f1:5d:f3:
         eb:b8:a1:f2:7c:5a:81:3c:c1:71:0f:ec:51:fe:61:77:a5:f1:
         6c:52:5f:a0:75:1d:a7:5e:1c:0d:eb:cd:e3:ae:c7:20:3d:aa:
         3e:65:a1:a5:55:74:2e:d2:f8:54:f4:e7:b2:05:5e:21:d6:19:
         8a:cf:94:eb:94:fb:7e:68:c9:76:9c:a3:e0:f1:70:53:fe:9b:
         f7:b8:eb:15
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgICAWcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTVC
RkEzRTUzRTU5MTQ5MjM5QTE2OERGRDkyQzc1NzQ1QUI2NkNCNjAeFw0yMzA0MTMw
OTUwNDZaFw0yNDAzMTQwMTMwMDJaMDMxMTAvBgNVBAMTKENGQjAxQUM5N0QzODU5
RUUyMENEM0Y2RkMxQ0NCNkE5MjRGMzE1RUEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDC2dwd4et709HAfDag+kWXZvu2CLYy575ERmnWwjK727e1irUy
0Ntec18ZISFXkDtbAm/okotqevKnHgOKc7/u2orT9wSNI7MTMswC5v0pshMLOm/5
nWso3Xic8yB5sYKMMjB9WCYaDKiZYlBcwbIt21pbljpAdMrgXEI2Ixbd3271lQbR
VMtoSeP/dKAHVOxR7g0bYjiDdFtDPrbxCr/W7BK2n6s9PKjXZocjZPKGr8yqv8Fc
D3nTv0Y/Kds85+R8Jh35VYYQrvr6t5bd+TPHbmhhxkUusBdVfGjo4y8fF7Eimknp
ygNs+j2XYV+crnMSEyBWjvLH9Z7z+ysEVQvlAgMBAAGjggIjMIICHzAdBgNVHQ4E
FgQUz7AayX04We4gzT9vwcy2qSTzFeowHwYDVR0jBBgwFoAUFb+j5T5ZFJI5oWjf
2Sx1dFq2bLYwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzE2MS9GYi1qNVQ1WkZKSTVvV2pmMlN4MWRGcTJiTFkuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9GYi1qNVQ1WkZKSTVvV2pmMlN4MWRG
cTJiTFkuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMTYxL3o3QWF5WDA0V2U0Z3pUOXZ3Y3kycVNUekZlby5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwB9NzANBgkqhkiG9w0BAQsFAAOCAQEAMbKc+QxRz4xRr90YX0HXoDI7Vr7h
rxR8d6TGFQkbfCIbxaMFn68EK0r64ed2jyFew83lWF4MZvjKUZtdT/fUx3DXXOGx
eUbjhmdxZuN2BJOG1HTthuA+Efs4bfv51AQ2Ugzji6cPB61zTrwT4Fso9gPYdkPZ
uSxn65SfzbLYID7PSLaG7le5mxMrksKZEhMkPUMyvhKmVNHypSN/ksig6pGs5x45
QXgSQYof3rUcd2PS8V3z67ih8nxagTzBcQ/sUf5hd6XxbFJfoHUdp14cDevN467H
ID2qPmWhpVV0LtL4VPTnsgVeIdYZis+U65T7fmjJdpyj4PFwU/6b97jrFQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:45:39 2024 by rpki-client on console-ams.rpki-client.org