Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/234/VGVk7Pu3g-cSvFPTImy4R0PILsg.roa
File:                     VGVk7Pu3g-cSvFPTImy4R0PILsg.roa (raw, json)
Hash identifier:          3xqmouF23gJ3dMB6F7CXYrJ75s+R1ChPS7VzB5RjQhg=
Subject key identifier:   54:65:64:EC:FB:B7:83:E7:12:BC:53:D3:22:6C:B8:47:43:C8:2E:C8
Certificate issuer:       /CN=500EF358BCBE14A358CA4EEE41B4E90DC923E9D2
Certificate serial:       4E
Authority key identifier: 50:0E:F3:58:BC:BE:14:A3:58:CA:4E:EE:41:B4:E9:0D:C9:23:E9:D2
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/UA7zWLy-FKNYyk7uQbTpDckj6dI.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/234/VGVk7Pu3g-cSvFPTImy4R0PILsg.roa
Signing time:             Wed 01 Feb 2023 01:29:56 +0000
ROA not before:           Wed 01 Feb 2023 01:29:56 +0000
ROA not after:            Mon 15 Jan 2024 01:30:02 +0000
asID:                     9351
IP address blocks:        117.18.128.0/18 maxlen: 18

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 78 (0x4e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=500EF358BCBE14A358CA4EEE41B4E90DC923E9D2
        Validity
            Not Before: Feb  1 01:29:56 2023 GMT
            Not After : Jan 15 01:30:02 2024 GMT
        Subject: CN=546564ECFBB783E712BC53D3226CB84743C82EC8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:73:53:23:30:11:00:f5:6c:14:a4:3b:81:fe:
                    1d:1b:aa:d8:88:6c:fe:a9:ba:25:f7:03:fc:e8:45:
                    52:6c:39:4f:02:4e:b3:ab:98:ec:76:fe:c7:16:cd:
                    51:31:04:61:d2:8f:90:16:11:68:49:95:f7:33:bf:
                    c4:80:4f:aa:03:ef:ff:74:8e:96:a9:83:a6:e4:0c:
                    f6:27:4f:18:6e:79:8a:95:b1:a6:3a:f4:ac:8a:24:
                    99:6c:f9:35:11:14:70:42:c0:38:11:1e:5d:ce:ae:
                    c3:c2:a4:31:c0:7b:da:99:7f:d4:ec:ed:a8:c6:4c:
                    66:9b:bd:81:f7:92:eb:c3:9b:16:1e:51:7f:90:99:
                    8f:81:92:f3:50:2f:a6:8a:25:ce:87:55:63:33:7a:
                    02:90:d9:4d:83:fa:b8:c5:a2:f8:01:10:3c:bc:13:
                    6f:86:f8:ee:d4:cf:8a:db:4f:60:fb:33:5f:b0:72:
                    74:0c:c3:53:e7:a3:03:6a:12:a1:72:40:ec:e6:60:
                    a6:06:4e:10:50:9c:f4:e2:fd:51:e3:79:c7:b2:d0:
                    82:b5:08:5c:1f:e1:7c:63:41:fb:45:7c:4b:72:9a:
                    31:40:8b:fe:51:05:e5:6e:0f:c0:e6:14:c5:ac:83:
                    f3:af:71:15:21:b8:90:ba:0f:13:fc:d6:68:b2:88:
                    58:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:65:64:EC:FB:B7:83:E7:12:BC:53:D3:22:6C:B8:47:43:C8:2E:C8
            X509v3 Authority Key Identifier:
                keyid:50:0E:F3:58:BC:BE:14:A3:58:CA:4E:EE:41:B4:E9:0D:C9:23:E9:D2

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/234/UA7zWLy-FKNYyk7uQbTpDckj6dI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/UA7zWLy-FKNYyk7uQbTpDckj6dI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/234/VGVk7Pu3g-cSvFPTImy4R0PILsg.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  117.18.128.0/18

    Signature Algorithm: sha256WithRSAEncryption
         98:44:da:36:ac:95:86:8e:09:78:4a:ce:5c:80:64:62:71:d5:
         61:85:91:5c:a0:9b:22:cc:da:ac:e0:3d:7b:e8:2f:56:c4:64:
         ea:36:a0:0c:dc:a1:ea:f5:62:49:a7:85:84:13:d4:47:c0:38:
         d8:84:52:4b:5c:aa:45:c8:2a:85:69:9c:6b:e7:c6:25:8b:4a:
         be:2b:2c:20:ed:f1:2d:3f:93:f8:a6:56:f8:b1:61:12:64:d9:
         03:b1:e8:1c:b8:fe:d2:bb:8f:dd:59:49:53:02:66:1a:f9:ac:
         dd:fb:fd:d4:dc:47:67:98:0c:9e:51:b6:1d:93:c6:77:fb:be:
         f0:ef:83:76:cf:a4:27:d8:0f:58:81:3e:c6:53:e4:b7:24:93:
         86:aa:eb:43:7c:f8:19:8f:03:9b:3b:3c:08:de:d0:e8:84:d6:
         0e:79:05:ba:6a:ab:bb:31:e7:f2:db:1d:c7:50:06:1c:61:97:
         de:a4:1b:3b:f4:92:66:48:b3:6e:fc:3f:86:b1:17:f5:b4:4c:
         cf:42:6b:ae:6d:82:81:38:ad:6b:0d:ae:fc:ee:bf:3e:60:d8:
         33:f5:f0:6f:9d:55:97:c0:33:e2:db:eb:0e:bb:9e:ef:24:89:
         34:49:b9:e8:28:fd:9c:b5:df:ed:45:d1:79:0f:22:9f:f1:9d:
         ec:10:72:86
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1MDBF
RjM1OEJDQkUxNEEzNThDQTRFRUU0MUI0RTkwREM5MjNFOUQyMB4XDTIzMDIwMTAx
Mjk1NloXDTI0MDExNTAxMzAwMlowMzExMC8GA1UEAxMoNTQ2NTY0RUNGQkI3ODNF
NzEyQkM1M0QzMjI2Q0I4NDc0M0M4MkVDODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKFzUyMwEQD1bBSkO4H+HRuq2Ihs/qm6JfcD/OhFUmw5TwJOs6uY
7Hb+xxbNUTEEYdKPkBYRaEmV9zO/xIBPqgPv/3SOlqmDpuQM9idPGG55ipWxpjr0
rIokmWz5NREUcELAOBEeXc6uw8KkMcB72pl/1OztqMZMZpu9gfeS68ObFh5Rf5CZ
j4GS81AvpoolzodVYzN6ApDZTYP6uMWi+AEQPLwTb4b47tTPittPYPszX7BydAzD
U+ejA2oSoXJA7OZgpgZOEFCc9OL9UeN5x7LQgrUIXB/hfGNB+0V8S3KaMUCL/lEF
5W4PwOYUxayD869xFSG4kLoPE/zWaLKIWNMCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBRUZWTs+7eD5xK8U9MibLhHQ8guyDAfBgNVHSMEGDAWgBRQDvNYvL4Uo1jKTu5B
tOkNySPp0jAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMjM0L1VBN3pXTHktRktOWXlrN3VRYlRwRGNrajZkSS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1VBN3pXTHktRktOWXlrN3VRYlRwRGNr
ajZkSS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8yMzQvVkdWazdQdTNnLWNTdkZQVElteTRSMFBJTHNnLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBnUSgDANBgkqhkiG9w0BAQsFAAOCAQEAmETaNqyVho4JeErOXIBkYnHVYYWR
XKCbIszarOA9e+gvVsRk6jagDNyh6vViSaeFhBPUR8A42IRSS1yqRcgqhWmca+fG
JYtKvissIO3xLT+T+KZW+LFhEmTZA7HoHLj+0ruP3VlJUwJmGvms3fv91NxHZ5gM
nlG2HZPGd/u+8O+Dds+kJ9gPWIE+xlPktySThqrrQ3z4GY8Dmzs8CN7Q6ITWDnkF
umqruzHn8tsdx1AGHGGX3qQbO/SSZkizbvw/hrEX9bRMz0Jrrm2CgTitaw2u/O6/
PmDYM/Xwb51Vl8Az4tvrDrue7ySJNEm56Cj9nLXf7UXReQ8in/Gd7BByhg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:45:56 2024 by rpki-client on console-ams.rpki-client.org