Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/20183/kJ4YQa1dtr2h6NpsSdJQb4BHMw0.roa
File:                     kJ4YQa1dtr2h6NpsSdJQb4BHMw0.roa (raw, json)
Hash identifier:          ntG32c+XXrMTba2CqGK2tlb2odun8BFCA3SfTqJgZ1c=
Subject key identifier:   90:9E:18:41:AD:5D:B6:BD:A1:E8:DA:6C:49:D2:50:6F:80:47:33:0D
Certificate issuer:       /CN=1606BEB137B88DBBEEBA7851A0A8F8D7D18294AF
Certificate serial:       28
Authority key identifier: 16:06:BE:B1:37:B8:8D:BB:EE:BA:78:51:A0:A8:F8:D7:D1:82:94:AF
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fga-sTe4jbvuunhRoKj419GClK8.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20183/kJ4YQa1dtr2h6NpsSdJQb4BHMw0.roa
Signing time:             Fri 10 Feb 2023 07:39:07 +0000
ROA not before:           Fri 10 Feb 2023 07:39:07 +0000
ROA not after:            Mon 15 Jan 2024 01:30:02 +0000
asID:                     146979
IP address blocks:        202.236.90.246/32 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40 (0x28)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=1606BEB137B88DBBEEBA7851A0A8F8D7D18294AF
        Validity
            Not Before: Feb 10 07:39:07 2023 GMT
            Not After : Jan 15 01:30:02 2024 GMT
        Subject: CN=909E1841AD5DB6BDA1E8DA6C49D2506F8047330D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:aa:eb:61:8b:b3:20:e8:39:41:95:8b:b1:cf:7a:
                    33:b2:1b:9c:49:95:1d:c6:b9:94:f1:41:d8:4d:c1:
                    58:6e:10:23:da:7a:49:52:5b:15:20:77:68:9d:17:
                    4d:b7:34:4e:cc:bc:d3:89:e3:73:0d:d4:9b:be:70:
                    02:66:bf:ea:be:6d:d0:e5:10:8e:6f:0c:8c:ee:9f:
                    9f:65:41:bd:61:ca:73:1e:fb:3b:e7:1d:b5:4f:75:
                    dd:86:58:78:87:26:3b:15:a5:22:49:ff:4f:0e:be:
                    07:ee:ec:d9:b1:b4:75:a9:22:28:ac:63:50:ae:ad:
                    16:97:8e:c8:06:05:df:91:40:7c:cd:84:ee:e9:04:
                    c8:0c:47:77:45:cc:b2:5c:a0:94:a1:d8:f4:8f:cd:
                    c3:7f:32:0d:87:a9:b4:51:7d:7e:36:84:15:48:3f:
                    c5:50:ad:26:e2:5e:e5:6d:5a:f8:a7:a3:b6:19:16:
                    3b:e3:d2:f1:fa:03:6d:ed:83:76:99:fc:08:ff:a0:
                    5d:de:b2:e9:54:3a:39:ca:52:a5:8b:5b:d2:0b:07:
                    bd:b8:92:ce:74:59:dd:45:33:93:c9:55:3f:d1:d2:
                    5c:6a:0c:1e:ba:2a:26:6c:e6:13:83:08:9e:fb:03:
                    c7:65:3b:03:2c:36:40:f1:f8:44:14:cf:e1:9a:f2:
                    18:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                90:9E:18:41:AD:5D:B6:BD:A1:E8:DA:6C:49:D2:50:6F:80:47:33:0D
            X509v3 Authority Key Identifier:
                keyid:16:06:BE:B1:37:B8:8D:BB:EE:BA:78:51:A0:A8:F8:D7:D1:82:94:AF

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20183/Fga-sTe4jbvuunhRoKj419GClK8.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Fga-sTe4jbvuunhRoKj419GClK8.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/20183/kJ4YQa1dtr2h6NpsSdJQb4BHMw0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.236.90.246/32

    Signature Algorithm: sha256WithRSAEncryption
         58:be:d1:cb:6e:a5:97:82:00:d0:52:76:bd:2f:97:48:b5:b3:
         8d:63:5b:b8:6f:de:3b:3a:e1:cc:22:00:5b:5f:fb:8f:df:c7:
         fa:7f:f3:eb:9c:7c:96:13:02:b1:92:e9:19:ab:20:21:4e:dd:
         42:95:f7:3e:38:65:3b:e3:ec:7e:41:ac:bb:c4:f8:34:c4:94:
         be:f7:f6:b6:a8:2f:a4:34:23:41:fd:03:d6:fc:80:3b:52:27:
         2a:f6:6e:a9:de:f4:69:a1:b6:93:20:5a:a9:fd:d5:32:1c:54:
         a9:29:bc:4f:29:fa:92:f3:c1:0c:56:df:f9:ab:92:29:81:a1:
         f3:4d:76:3f:4c:05:e7:fb:bd:43:d1:7d:e3:bb:8e:4b:d5:c6:
         28:8c:9d:ec:f8:84:52:96:a9:4f:8b:c0:30:e4:cc:78:8e:ef:
         03:cc:e2:34:79:05:81:12:a2:56:a9:f1:ba:a7:31:3d:1b:d4:
         9d:d5:92:eb:4f:2a:8d:1d:ed:da:fb:b4:3b:07:2c:17:be:64:
         25:21:13:2c:1a:17:fa:91:67:12:5c:ac:10:78:6b:d9:28:fb:
         eb:89:e5:27:a0:db:46:94:25:60:8b:20:32:01:b7:38:11:39:
         84:61:34:38:bc:dc:89:9a:4b:46:61:33:a5:92:fd:01:ba:9c:
         af:db:82:82
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIBKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxNjA2
QkVCMTM3Qjg4REJCRUVCQTc4NTFBMEE4RjhEN0QxODI5NEFGMB4XDTIzMDIxMDA3
MzkwN1oXDTI0MDExNTAxMzAwMlowMzExMC8GA1UEAxMoOTA5RTE4NDFBRDVEQjZC
REExRThEQTZDNDlEMjUwNkY4MDQ3MzMwRDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKrrYYuzIOg5QZWLsc96M7IbnEmVHca5lPFB2E3BWG4QI9p6SVJb
FSB3aJ0XTbc0Tsy804njcw3Um75wAma/6r5t0OUQjm8MjO6fn2VBvWHKcx77O+cd
tU913YZYeIcmOxWlIkn/Tw6+B+7s2bG0dakiKKxjUK6tFpeOyAYF35FAfM2E7ukE
yAxHd0XMslyglKHY9I/Nw38yDYeptFF9fjaEFUg/xVCtJuJe5W1a+KejthkWO+PS
8foDbe2Ddpn8CP+gXd6y6VQ6OcpSpYtb0gsHvbiSznRZ3UUzk8lVP9HSXGoMHroq
JmzmE4MInvsDx2U7Ayw2QPH4RBTP4ZryGNMCAwEAAaOCAikwggIlMB0GA1UdDgQW
BBSQnhhBrV22vaHo2mxJ0lBvgEczDTAfBgNVHSMEGDAWgBQWBr6xN7iNu+66eFGg
qPjX0YKUrzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMjAxODMvRmdhLXNUZTRqYnZ1dW5oUm9LajQxOUdDbEs4LmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvRmdhLXNUZTRqYnZ1dW5oUm9LajQx
OUdDbEs4LmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzIwMTgzL2tKNFlRYTFkdHIyaDZOcHNTZEpRYjRCSE13MC5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0E
AgABMAcDBQDK7Fr2MA0GCSqGSIb3DQEBCwUAA4IBAQBYvtHLbqWXggDQUna9L5dI
tbONY1u4b947OuHMIgBbX/uP38f6f/PrnHyWEwKxkukZqyAhTt1Clfc+OGU74+x+
Qay7xPg0xJS+9/a2qC+kNCNB/QPW/IA7Uicq9m6p3vRpobaTIFqp/dUyHFSpKbxP
KfqS88EMVt/5q5IpgaHzTXY/TAXn+71D0X3ju45L1cYojJ3s+IRSlqlPi8Aw5Mx4
ju8DzOI0eQWBEqJWqfG6pzE9G9Sd1ZLrTyqNHe3a+7Q7BywXvmQlIRMsGhf6kWcS
XKwQeGvZKPvrieUnoNtGlCVgiyAyAbc4ETmEYTQ4vNyJmktGYTOlkv0Bupyv24KC
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:48 2024 by rpki-client on console-fra.rpki-client.org