Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/2432/lx8bXQVRzdCqT7YTjiiAllfKhr8.roa
File:                     lx8bXQVRzdCqT7YTjiiAllfKhr8.roa (raw, json)
Hash identifier:          jA2B8c9Qf57QV+4onpaq05IQ/fnLX7GD+B81NY6+W40=
Subject key identifier:   97:1F:1B:5D:05:51:CD:D0:AA:4F:B6:13:8E:28:80:96:57:CA:86:BF
Certificate issuer:       /CN=E62F69C95A098F8073F5F3C3C1A98B76CBF8502A
Certificate serial:       3E
Authority key identifier: E6:2F:69:C9:5A:09:8F:80:73:F5:F3:C3:C1:A9:8B:76:CB:F8:50:2A
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/5i9pyVoJj4Bz9fPDwamLdsv4UCo.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/2432/lx8bXQVRzdCqT7YTjiiAllfKhr8.roa
Signing time:             Thu 13 Apr 2023 09:53:04 +0000
ROA not before:           Thu 13 Apr 2023 09:53:04 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     7671
IP address blocks:        157.4.0.0/16 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 62 (0x3e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=E62F69C95A098F8073F5F3C3C1A98B76CBF8502A
        Validity
            Not Before: Apr 13 09:53:04 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=971F1B5D0551CDD0AA4FB6138E28809657CA86BF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:35:f1:4d:59:f0:98:f1:d0:81:d6:54:0d:54:
                    23:42:db:ed:80:7d:0b:05:90:e9:51:df:43:1b:f7:
                    3a:b1:a9:20:94:60:60:0e:95:f3:f8:ae:1f:e9:28:
                    41:1d:4e:4e:91:f2:5d:08:be:9a:ab:9b:5c:08:0a:
                    ec:a2:0c:7f:e5:63:e7:e0:0a:c6:65:ea:f8:84:32:
                    15:09:19:30:7b:10:d4:e9:1a:00:c7:b2:d9:d4:6f:
                    42:7c:b4:67:cc:41:1f:02:5e:2a:11:aa:b5:71:45:
                    b5:eb:9d:55:ef:11:35:b6:11:1f:9d:55:80:38:32:
                    46:1b:03:40:8d:22:8f:e1:bc:95:07:0f:e8:d2:3b:
                    1b:9a:02:e0:12:fb:e3:85:c0:c5:c6:8f:19:f2:9e:
                    74:ce:ab:bd:46:56:c9:e2:cb:12:fd:0c:88:0b:aa:
                    84:91:93:2c:ab:77:a0:3c:98:3a:d6:fc:55:e0:bf:
                    fd:53:bf:55:5d:37:bc:fe:47:4d:c6:c4:39:cd:57:
                    2f:d1:69:71:33:a9:d3:db:5f:29:02:92:bb:ee:34:
                    f6:69:8a:a3:b4:c1:51:b6:43:32:69:bc:17:76:0a:
                    c3:9a:6e:7c:69:c5:06:1f:e6:49:ab:2f:0c:37:52:
                    5d:c7:2a:e6:31:fc:93:b2:d8:d1:5e:57:4f:76:e9:
                    0d:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                97:1F:1B:5D:05:51:CD:D0:AA:4F:B6:13:8E:28:80:96:57:CA:86:BF
            X509v3 Authority Key Identifier:
                keyid:E6:2F:69:C9:5A:09:8F:80:73:F5:F3:C3:C1:A9:8B:76:CB:F8:50:2A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/2432/5i9pyVoJj4Bz9fPDwamLdsv4UCo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/5i9pyVoJj4Bz9fPDwamLdsv4UCo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/2432/lx8bXQVRzdCqT7YTjiiAllfKhr8.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.4.0.0/16

    Signature Algorithm: sha256WithRSAEncryption
         96:dc:3b:c1:40:3e:e3:cf:49:f7:91:b8:79:b6:be:f3:15:7f:
         de:a6:cd:fb:55:78:08:c9:f4:36:09:3d:b0:76:ad:71:c4:91:
         94:24:43:82:aa:08:d2:ea:b7:5b:07:eb:af:1a:b0:a5:05:5f:
         4f:c1:ce:b2:55:39:36:72:41:7b:a1:24:f4:10:d5:e5:cb:d9:
         68:57:65:9c:fd:33:5d:9b:48:93:de:06:2c:74:a5:ab:8a:39:
         9c:8a:46:48:c2:a4:a1:40:10:03:1e:b9:8f:89:24:fe:ac:30:
         87:41:1b:f0:5e:28:cf:2d:be:cc:27:2b:82:20:05:0d:66:f0:
         0a:44:8a:6f:04:9d:ff:22:e6:f5:2d:f0:07:f1:e8:48:1d:64:
         7c:96:67:1a:94:9e:19:c9:a6:87:f1:a3:4b:f3:47:1c:ab:f8:
         40:78:0b:62:96:20:a8:cd:d8:9c:e4:87:b9:c2:ae:c8:a3:1c:
         2b:6c:a9:d0:e0:23:41:14:30:b0:bd:fa:3c:f4:ee:aa:6f:21:
         fd:5c:ce:a2:94:99:46:9d:c9:58:52:de:a5:39:ac:f8:c1:67:
         a2:b9:7d:a4:75:09:9e:cf:37:3a:55:f4:11:b8:31:fb:bc:00:
         8c:7c:00:b2:65:dd:1e:3b:6a:a9:94:c1:8e:77:03:d4:9a:98:
         fa:30:54:65
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIBPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhFNjJG
NjlDOTVBMDk4RjgwNzNGNUYzQzNDMUE5OEI3NkNCRjg1MDJBMB4XDTIzMDQxMzA5
NTMwNFoXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoOTcxRjFCNUQwNTUxQ0RE
MEFBNEZCNjEzOEUyODgwOTY1N0NBODZCRjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANQ18U1Z8Jjx0IHWVA1UI0Lb7YB9CwWQ6VHfQxv3OrGpIJRgYA6V
8/iuH+koQR1OTpHyXQi+mqubXAgK7KIMf+Vj5+AKxmXq+IQyFQkZMHsQ1OkaAMey
2dRvQny0Z8xBHwJeKhGqtXFFteudVe8RNbYRH51VgDgyRhsDQI0ij+G8lQcP6NI7
G5oC4BL744XAxcaPGfKedM6rvUZWyeLLEv0MiAuqhJGTLKt3oDyYOtb8VeC//VO/
VV03vP5HTcbEOc1XL9FpcTOp09tfKQKSu+409mmKo7TBUbZDMmm8F3YKw5pufGnF
Bh/mSasvDDdSXccq5jH8k7LY0V5XT3bpDZsCAwEAAaOCAiUwggIhMB0GA1UdDgQW
BBSXHxtdBVHN0KpPthOOKICWV8qGvzAfBgNVHSMEGDAWgBTmL2nJWgmPgHP188PB
qYt2y/hQKjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGcGA1UdHwRgMF4wXKBa
oFiGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMjQzMi81aTlweVZvSmo0Qno5ZlBEd2FtTGRzdjRVQ28uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC81aTlweVZvSmo0Qno5ZlBEd2FtTGRz
djRVQ28uY2VyMA4GA1UdDwEB/wQEAwIHgDCBvAYIKwYBBQUHAQsEga8wgawwYgYI
KwYBBQUHMAuGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMjQzMi9seDhiWFFWUnpkQ3FUN1lUamlpQWxsZktocjgucm9h
MEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAv
cnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIA
ATAFAwMAnQQwDQYJKoZIhvcNAQELBQADggEBAJbcO8FAPuPPSfeRuHm2vvMVf96m
zftVeAjJ9DYJPbB2rXHEkZQkQ4KqCNLqt1sH668asKUFX0/BzrJVOTZyQXuhJPQQ
1eXL2WhXZZz9M12bSJPeBix0pauKOZyKRkjCpKFAEAMeuY+JJP6sMIdBG/BeKM8t
vswnK4IgBQ1m8ApEim8Enf8i5vUt8Afx6EgdZHyWZxqUnhnJpofxo0vzRxyr+EB4
C2KWIKjN2Jzkh7nCrsijHCtsqdDgI0EUMLC9+jz07qpvIf1czqKUmUadyVhS3qU5
rPjBZ6K5faR1CZ7PNzpV9BG4Mfu8AIx8ALJl3R47aqmUwY53A9SamPowVGU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:49 2024 by rpki-client on console-fra.rpki-client.org