Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/20183/k-eow1p4sD0C6yEpAsI_-Gz5ebQ.roa
File:                     k-eow1p4sD0C6yEpAsI_-Gz5ebQ.roa (raw, json)
Hash identifier:          pd6s38tnGsjdlPMUO0II+xB1PG+1w65fUtUOF/eYNr0=
Subject key identifier:   93:E7:A8:C3:5A:78:B0:3D:02:EB:21:29:02:C2:3F:F8:6C:F9:79:B4
Certificate issuer:       /CN=1606BEB137B88DBBEEBA7851A0A8F8D7D18294AF
Certificate serial:       0275
Authority key identifier: 16:06:BE:B1:37:B8:8D:BB:EE:BA:78:51:A0:A8:F8:D7:D1:82:94:AF
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fga-sTe4jbvuunhRoKj419GClK8.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20183/k-eow1p4sD0C6yEpAsI_-Gz5ebQ.roa
Signing time:             Mon 20 Feb 2023 08:03:31 +0000
ROA not before:           Mon 20 Feb 2023 08:03:31 +0000
ROA not after:            Thu 15 Feb 2024 01:30:03 +0000
asID:                     146979
IP address blocks:        202.236.92.140/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 629 (0x275)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1606BEB137B88DBBEEBA7851A0A8F8D7D18294AF
        Validity
            Not Before: Feb 20 08:03:31 2023 GMT
            Not After : Feb 15 01:30:03 2024 GMT
        Subject: CN=93E7A8C35A78B03D02EB212902C23FF86CF979B4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:e2:ab:5f:87:75:fc:da:d6:77:5f:cf:ba:19:
                    cc:38:ba:8d:60:9f:6d:6b:17:1b:92:b6:b9:0a:dc:
                    00:b6:8b:b7:68:12:a4:e0:2e:da:d8:3f:b1:90:4c:
                    ea:fd:68:a9:4c:66:64:41:7e:5e:e1:3b:54:87:5e:
                    2f:62:b5:d8:3e:b7:36:81:15:36:eb:86:ad:aa:4a:
                    32:f0:20:a7:1e:ee:ee:28:30:fb:65:bc:b0:82:09:
                    69:ac:14:68:1c:42:12:2a:b0:4c:07:0a:c1:b5:47:
                    91:3e:76:45:eb:d3:c1:5c:61:e6:1f:88:50:c5:67:
                    05:19:26:d6:e1:0b:98:88:c1:4a:5e:ef:bc:93:0e:
                    bb:79:60:7b:cc:da:bd:85:eb:9c:1f:07:a5:c2:9d:
                    88:9f:9b:48:a8:d0:b8:d5:37:8c:a6:cf:b6:81:d7:
                    35:a5:fd:80:34:ab:c2:e7:24:a9:5f:6b:73:97:54:
                    ca:4a:b5:b8:50:4f:24:30:af:d0:92:41:a9:ff:9a:
                    6f:a8:8e:d3:fa:5a:a7:0e:9b:b7:c3:a1:52:e0:cd:
                    8c:bd:6f:e9:79:08:54:7b:00:ca:41:71:f3:22:a9:
                    ee:35:4b:a6:55:8a:88:d6:85:05:5d:38:3a:22:aa:
                    4a:85:b3:84:3e:8c:92:2e:37:33:15:bb:9f:6c:60:
                    da:25
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:E7:A8:C3:5A:78:B0:3D:02:EB:21:29:02:C2:3F:F8:6C:F9:79:B4
            X509v3 Authority Key Identifier:
                keyid:16:06:BE:B1:37:B8:8D:BB:EE:BA:78:51:A0:A8:F8:D7:D1:82:94:AF

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20183/Fga-sTe4jbvuunhRoKj419GClK8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fga-sTe4jbvuunhRoKj419GClK8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20183/k-eow1p4sD0C6yEpAsI_-Gz5ebQ.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.236.92.140/32

    Signature Algorithm: sha256WithRSAEncryption
         2f:3c:74:67:ca:55:eb:b1:1b:9d:9e:90:9d:e5:2a:19:a4:1d:
         68:40:a9:d5:60:11:f3:66:7d:0b:d1:69:30:0b:e8:17:44:0b:
         7a:4a:c6:83:f1:3e:9d:7a:3e:ec:bb:03:9b:de:66:73:ea:7c:
         e4:33:e4:b8:7f:25:29:79:9a:f7:74:f2:83:ea:5d:8e:34:82:
         4b:9e:e8:d9:36:80:81:83:d4:ac:fa:7f:77:ca:56:5a:98:fe:
         47:fa:73:0e:b1:b1:0a:74:87:bc:15:95:23:4c:dd:65:4d:09:
         fa:a3:2a:14:31:c5:38:08:c7:bd:37:eb:aa:ed:f0:56:b1:8e:
         a0:ed:92:29:54:4e:cb:5a:f4:88:6a:3b:bf:b7:16:78:b1:15:
         2f:91:c5:bb:91:39:5b:52:82:55:5b:fb:d0:51:20:10:d1:f5:
         eb:4e:ee:44:df:c1:86:67:f4:bc:f0:89:17:16:96:cf:93:6c:
         81:92:c4:6a:9a:cc:a4:69:f7:c7:20:72:62:0e:13:16:90:30:
         23:b0:1d:45:f8:4d:24:c9:5e:e5:c1:e8:27:0e:74:ce:53:13:
         57:d6:2d:06:24:42:12:46:01:b0:36:ca:c9:42:f0:56:04:62:
         48:27:0b:7d:5d:e3:a9:65:69:5a:50:ee:b9:5c:4f:cc:31:07:
         44:26:1b:46
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgICAnUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMTYw
NkJFQjEzN0I4OERCQkVFQkE3ODUxQTBBOEY4RDdEMTgyOTRBRjAeFw0yMzAyMjAw
ODAzMzFaFw0yNDAyMTUwMTMwMDNaMDMxMTAvBgNVBAMTKDkzRTdBOEMzNUE3OEIw
M0QwMkVCMjEyOTAyQzIzRkY4NkNGOTc5QjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCw4qtfh3X82tZ3X8+6Gcw4uo1gn21rFxuStrkK3AC2i7doEqTg
LtrYP7GQTOr9aKlMZmRBfl7hO1SHXi9itdg+tzaBFTbrhq2qSjLwIKce7u4oMPtl
vLCCCWmsFGgcQhIqsEwHCsG1R5E+dkXr08FcYeYfiFDFZwUZJtbhC5iIwUpe77yT
Drt5YHvM2r2F65wfB6XCnYifm0io0LjVN4ymz7aB1zWl/YA0q8LnJKlfa3OXVMpK
tbhQTyQwr9CSQan/mm+ojtP6WqcOm7fDoVLgzYy9b+l5CFR7AMpBcfMiqe41S6ZV
iojWhQVdODoiqkqFs4Q+jJIuNzMVu59sYNolAgMBAAGjggIpMIICJTAdBgNVHQ4E
FgQUk+eow1p4sD0C6yEpAsI/+Gz5ebQwHwYDVR0jBBgwFoAUFga+sTe4jbvuunhR
oKj419GClK8wGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzIwMTgzL0ZnYS1zVGU0amJ2dXVuaFJvS2o0MTlHQ2xLOC5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL0ZnYS1zVGU0amJ2dXVuaFJvS2o0
MTlHQ2xLOC5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8yMDE4My9rLWVvdzFwNHNEMEM2eUVwQXNJXy1HejVlYlEu
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAATAHAwUAyuxcjDANBgkqhkiG9w0BAQsFAAOCAQEALzx0Z8pV67EbnZ6QneUq
GaQdaECp1WAR82Z9C9FpMAvoF0QLekrGg/E+nXo+7LsDm95mc+p85DPkuH8lKXma
93Tyg+pdjjSCS57o2TaAgYPUrPp/d8pWWpj+R/pzDrGxCnSHvBWVI0zdZU0J+qMq
FDHFOAjHvTfrqu3wVrGOoO2SKVROy1r0iGo7v7cWeLEVL5HFu5E5W1KCVVv70FEg
ENH1607uRN/Bhmf0vPCJFxaWz5NsgZLEaprMpGn3xyByYg4TFpAwI7AdRfhNJMle
5cHoJw50zlMTV9YtBiRCEkYBsDbKyULwVgRiSCcLfV3jqWVpWlDuuVxPzDEHRCYb
Rg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:48 2024 by rpki-client on console-fra.rpki-client.org