Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/20183/dhKZ6R4-qdD11nIi7axyTqyNDFQ.roa
File:                     dhKZ6R4-qdD11nIi7axyTqyNDFQ.roa (raw, json)
Hash identifier:          NKGYIhHiMeHJnt0pOJ6vUkxBDgS0Cr+V0YDsCvoMTes=
Subject key identifier:   76:12:99:E9:1E:3E:A9:D0:F5:D6:72:22:ED:AC:72:4E:AC:8D:0C:54
Certificate issuer:       /CN=1606BEB137B88DBBEEBA7851A0A8F8D7D18294AF
Certificate serial:       0293
Authority key identifier: 16:06:BE:B1:37:B8:8D:BB:EE:BA:78:51:A0:A8:F8:D7:D1:82:94:AF
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fga-sTe4jbvuunhRoKj419GClK8.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20183/dhKZ6R4-qdD11nIi7axyTqyNDFQ.roa
Signing time:             Mon 20 Feb 2023 08:05:25 +0000
ROA not before:           Mon 20 Feb 2023 08:05:25 +0000
ROA not after:            Thu 15 Feb 2024 01:30:03 +0000
asID:                     146979
IP address blocks:        202.236.90.189/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 659 (0x293)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1606BEB137B88DBBEEBA7851A0A8F8D7D18294AF
        Validity
            Not Before: Feb 20 08:05:25 2023 GMT
            Not After : Feb 15 01:30:03 2024 GMT
        Subject: CN=761299E91E3EA9D0F5D67222EDAC724EAC8D0C54
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:2a:e6:fd:26:56:f1:6c:cc:ef:c9:d9:7f:46:
                    51:c5:14:07:d6:36:d7:d9:57:d0:7b:ac:85:39:73:
                    40:1a:67:1f:da:80:98:3b:05:71:3d:e5:a7:dc:cb:
                    4f:37:ce:ac:5b:7a:51:e4:a2:c4:17:6a:45:00:ee:
                    fa:82:d5:c6:c6:e4:15:c2:db:a6:9c:d0:ff:f8:53:
                    3b:a9:33:f9:39:09:0b:9b:0b:63:87:cd:9a:a3:75:
                    a6:0b:76:49:09:28:01:2c:40:5c:b0:f1:a7:46:b2:
                    aa:6d:51:2f:11:1c:59:5d:ab:24:3a:e0:03:8e:08:
                    76:f6:c5:7e:e2:a6:e6:b5:f4:48:48:38:7a:9d:e1:
                    5a:3d:88:28:9b:e0:68:34:f6:10:f1:06:69:94:31:
                    50:12:2a:22:4d:12:8b:1a:09:53:cb:4f:fb:0b:dc:
                    8d:46:08:40:e2:44:61:75:96:bd:59:9f:0f:77:00:
                    ec:63:1b:a3:77:8c:eb:11:07:3a:dc:e8:af:a5:75:
                    48:69:d3:72:1b:c8:60:b6:36:37:1f:ec:77:d9:22:
                    d8:d1:ad:2e:0a:9b:c4:73:89:f3:03:56:85:c1:44:
                    f3:a1:d3:20:d1:1d:c5:51:88:5f:f0:d7:b4:94:f8:
                    57:f5:76:f7:61:73:bd:d6:f1:2e:5c:98:2f:e0:79:
                    53:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                76:12:99:E9:1E:3E:A9:D0:F5:D6:72:22:ED:AC:72:4E:AC:8D:0C:54
            X509v3 Authority Key Identifier:
                keyid:16:06:BE:B1:37:B8:8D:BB:EE:BA:78:51:A0:A8:F8:D7:D1:82:94:AF

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20183/Fga-sTe4jbvuunhRoKj419GClK8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fga-sTe4jbvuunhRoKj419GClK8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20183/dhKZ6R4-qdD11nIi7axyTqyNDFQ.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.236.90.189/32

    Signature Algorithm: sha256WithRSAEncryption
         71:8d:e1:e0:96:d3:7c:b2:bf:79:ed:49:2c:42:02:6f:9a:63:
         5e:65:c4:6a:76:3f:67:b3:72:e1:fe:22:d0:1f:e3:56:50:20:
         9d:d3:74:fe:98:06:f2:e9:2f:35:a9:52:e9:44:67:90:43:d6:
         71:2a:91:93:6a:40:ed:e5:88:3d:b3:59:ce:64:94:fe:92:b0:
         95:35:5f:86:90:48:68:de:41:9d:24:7b:c9:1a:e7:6e:a2:40:
         fe:7b:e8:7a:f5:0f:48:e1:10:62:d2:2c:88:34:a3:0a:52:e3:
         ab:ac:b0:66:0c:fd:72:06:4d:cd:8a:f9:4d:8f:b2:86:c6:0c:
         6a:1b:f8:55:2f:a4:03:4c:09:70:bb:58:1b:11:70:51:a3:f4:
         24:c2:e1:35:94:81:aa:2d:bf:e3:e6:17:24:1c:d9:ea:66:02:
         e5:e3:ad:df:12:5b:56:23:97:a7:54:e0:b7:7a:2f:32:45:20:
         be:12:9e:c1:42:7c:85:1f:3a:ec:64:55:dc:58:60:c6:34:1c:
         04:ae:77:db:ef:d4:17:8a:0c:a9:fd:a5:4a:72:bc:02:17:5b:
         69:b0:a2:a2:92:53:24:55:a4:15:3c:af:40:91:f6:71:83:b7:
         56:bf:c7:d9:09:c1:c0:97:b4:26:85:2b:a2:30:8f:2d:13:ef:
         b3:cf:9c:04
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgICApMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTYw
NkJFQjEzN0I4OERCQkVFQkE3ODUxQTBBOEY4RDdEMTgyOTRBRjAeFw0yMzAyMjAw
ODA1MjVaFw0yNDAyMTUwMTMwMDNaMDMxMTAvBgNVBAMTKDc2MTI5OUU5MUUzRUE5
RDBGNUQ2NzIyMkVEQUM3MjRFQUM4RDBDNTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC2Kub9JlbxbMzvydl/RlHFFAfWNtfZV9B7rIU5c0AaZx/agJg7
BXE95afcy083zqxbelHkosQXakUA7vqC1cbG5BXC26ac0P/4UzupM/k5CQubC2OH
zZqjdaYLdkkJKAEsQFyw8adGsqptUS8RHFldqyQ64AOOCHb2xX7ipua19EhIOHqd
4Vo9iCib4Gg09hDxBmmUMVASKiJNEosaCVPLT/sL3I1GCEDiRGF1lr1Znw93AOxj
G6N3jOsRBzrc6K+ldUhp03IbyGC2Njcf7HfZItjRrS4Km8RzifMDVoXBRPOh0yDR
HcVRiF/w17SU+Ff1dvdhc73W8S5cmC/geVNdAgMBAAGjggIpMIICJTAdBgNVHQ4E
FgQUdhKZ6R4+qdD11nIi7axyTqyNDFQwHwYDVR0jBBgwFoAUFga+sTe4jbvuunhR
oKj419GClK8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzIwMTgzL0ZnYS1zVGU0amJ2dXVuaFJvS2o0MTlHQ2xLOC5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL0ZnYS1zVGU0amJ2dXVuaFJvS2o0
MTlHQ2xLOC5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8yMDE4My9kaEtaNlI0LXFkRDExbklpN2F4eVRxeU5ERlEu
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAATAHAwUAyuxavTANBgkqhkiG9w0BAQsFAAOCAQEAcY3h4JbTfLK/ee1JLEIC
b5pjXmXEanY/Z7Ny4f4i0B/jVlAgndN0/pgG8ukvNalS6URnkEPWcSqRk2pA7eWI
PbNZzmSU/pKwlTVfhpBIaN5BnSR7yRrnbqJA/nvoevUPSOEQYtIsiDSjClLjq6yw
Zgz9cgZNzYr5TY+yhsYMahv4VS+kA0wJcLtYGxFwUaP0JMLhNZSBqi2/4+YXJBzZ
6mYC5eOt3xJbViOXp1Tgt3ovMkUgvhKewUJ8hR867GRV3FhgxjQcBK532+/UF4oM
qf2lSnK8AhdbabCiopJTJFWkFTyvQJH2cYO3Vr/H2QnBwJe0JoUrojCPLRPvs8+c
BA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:45:55 2024 by rpki-client on console-ams.rpki-client.org