Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30072/RRFrXREJ5vw9v_y_MGD1bx3f8g4.roa
File:                     RRFrXREJ5vw9v_y_MGD1bx3f8g4.roa (raw, json)
Hash identifier:          LP9W/JhVcJtROv7bzNWMZF/P7LA7rHcAcBKUuJEtKgA=
Subject key identifier:   45:11:6B:5D:11:09:E6:FC:3D:BF:FC:BF:30:60:F5:6F:1D:DF:F2:0E
Certificate issuer:       /CN=58AE52C1F36BFAF852F410F1CAD0D3683D541261
Certificate serial:       10
Authority key identifier: 58:AE:52:C1:F3:6B:FA:F8:52:F4:10:F1:CA:D0:D3:68:3D:54:12:61
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/WK5SwfNr-vhS9BDxytDTaD1UEmE.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30072/RRFrXREJ5vw9v_y_MGD1bx3f8g4.roa
Signing time:             Thu 01 Sep 2022 01:36:58 +0000
ROA not before:           Thu 01 Sep 2022 01:36:58 +0000
ROA not after:            Tue 15 Aug 2023 01:30:03 +0000
asID:                     9824
IP address blocks:        2001:c30:40::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 16 (0x10)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=58AE52C1F36BFAF852F410F1CAD0D3683D541261
        Validity
            Not Before: Sep  1 01:36:58 2022 GMT
            Not After : Aug 15 01:30:03 2023 GMT
        Subject: CN=45116B5D1109E6FC3DBFFCBF3060F56F1DDFF20E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:08:13:a3:d3:87:d7:bd:d1:f5:af:2a:6f:a0:
                    49:1a:7c:a0:ea:e2:e0:09:99:c6:92:1c:8d:57:4d:
                    af:10:bf:b3:a6:45:b3:04:b6:fb:21:68:86:6b:14:
                    43:26:f4:53:40:c0:01:53:50:bc:91:41:80:fd:43:
                    c1:43:69:1c:c7:09:2e:42:c7:48:16:fb:40:9d:90:
                    c3:3e:4c:3d:ab:e4:5d:17:10:25:bd:df:90:62:c3:
                    c5:9a:7b:47:d3:6f:fb:e4:2d:0d:df:6e:3f:0a:55:
                    ca:0f:ca:b0:5c:5d:6e:9c:df:f2:9c:96:61:15:48:
                    c4:6e:77:30:8a:d1:14:75:32:68:53:40:04:c5:bd:
                    c9:79:4f:c8:d3:7b:cf:03:f5:6e:38:30:62:a4:47:
                    85:9b:20:ba:31:48:c9:31:c2:16:82:1f:72:1c:75:
                    17:07:7c:14:47:38:98:74:1a:16:e9:47:38:c6:1e:
                    00:24:bc:eb:2b:28:ee:e9:b9:3e:3d:7c:22:ce:d4:
                    92:21:7e:ce:d1:45:9a:0c:48:fe:a0:4a:6b:61:88:
                    65:c5:89:e3:fc:85:62:0c:39:7f:3c:55:01:d2:84:
                    5e:db:2d:92:e3:d3:b0:e5:5a:eb:7f:99:f2:c2:c8:
                    f3:38:fc:b8:c4:ae:41:66:2c:0e:48:00:98:d3:b8:
                    02:65
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:11:6B:5D:11:09:E6:FC:3D:BF:FC:BF:30:60:F5:6F:1D:DF:F2:0E
            X509v3 Authority Key Identifier:
                keyid:58:AE:52:C1:F3:6B:FA:F8:52:F4:10:F1:CA:D0:D3:68:3D:54:12:61

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30072/WK5SwfNr-vhS9BDxytDTaD1UEmE.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/WK5SwfNr-vhS9BDxytDTaD1UEmE.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30072/RRFrXREJ5vw9v_y_MGD1bx3f8g4.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:c30:40::/48

    Signature Algorithm: sha256WithRSAEncryption
         a2:ec:0b:cd:d8:45:cf:dd:73:23:7d:6e:bd:d0:f2:6e:12:f0:
         37:22:f3:5a:4e:92:2c:c0:65:50:f6:2b:04:a3:0c:38:24:8c:
         9f:74:1e:0e:6e:4a:8d:bd:0e:0d:03:b8:2b:ae:23:bd:af:a0:
         a8:ba:23:79:9c:21:cc:de:ae:88:01:2c:63:18:9e:5a:ea:12:
         70:dd:27:22:e6:f0:f3:d3:ad:c9:a7:44:7f:57:55:8a:88:d8:
         69:9f:51:e8:53:2e:7a:14:08:97:ad:20:f9:6e:28:f5:f6:b6:
         82:dd:c9:aa:fd:30:6b:ab:78:dd:aa:37:16:83:59:fd:40:b2:
         70:39:4c:2d:de:a8:24:9c:14:6a:90:d3:cd:50:76:7f:9e:3d:
         b0:d0:f8:f3:0a:51:cd:c9:b8:70:31:53:0c:c8:f7:fc:3a:4a:
         49:7d:6c:96:19:78:bf:95:e9:f6:c5:86:75:88:f0:35:8d:93:
         05:4d:07:c8:91:c4:ef:28:39:0e:a8:f5:69:f7:cd:21:20:8a:
         c4:11:32:c6:c6:a8:20:80:71:28:a0:81:7f:45:5c:4a:71:5f:
         26:54:04:da:59:d8:61:0c:fe:7c:3a:c0:bd:84:ec:0a:49:55:
         da:0b:84:10:4b:7f:92:0c:33:eb:fa:44:6b:ca:4c:d3:02:de:
         5d:e6:e0:d2
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIBEDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1OEFF
NTJDMUYzNkJGQUY4NTJGNDEwRjFDQUQwRDM2ODNENTQxMjYxMB4XDTIyMDkwMTAx
MzY1OFoXDTIzMDgxNTAxMzAwM1owMzExMC8GA1UEAxMoNDUxMTZCNUQxMTA5RTZG
QzNEQkZGQ0JGMzA2MEY1NkYxRERGRjIwRTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANMIE6PTh9e90fWvKm+gSRp8oOri4AmZxpIcjVdNrxC/s6ZFswS2
+yFohmsUQyb0U0DAAVNQvJFBgP1DwUNpHMcJLkLHSBb7QJ2Qwz5MPavkXRcQJb3f
kGLDxZp7R9Nv++QtDd9uPwpVyg/KsFxdbpzf8pyWYRVIxG53MIrRFHUyaFNABMW9
yXlPyNN7zwP1bjgwYqRHhZsgujFIyTHCFoIfchx1Fwd8FEc4mHQaFulHOMYeACS8
6yso7um5Pj18Is7UkiF+ztFFmgxI/qBKa2GIZcWJ4/yFYgw5fzxVAdKEXtstkuPT
sOVa63+Z8sLI8zj8uMSuQWYsDkgAmNO4AmUCAwEAAaOCAiswggInMB0GA1UdDgQW
BBRFEWtdEQnm/D2//L8wYPVvHd/yDjAfBgNVHSMEGDAWgBRYrlLB82v6+FL0EPHK
0NNoPVQSYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzAwNzIvV0s1U3dmTnItdmhTOUJEeHl0RFRhRDFVRW1FLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvV0s1U3dmTnItdmhTOUJEeHl0RFRh
RDFVRW1FLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzMwMDcyL1JSRnJYUkVKNXZ3OXZfeV9NR0QxYngzZjhnNC5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAgAQwwAEAwDQYJKoZIhvcNAQELBQADggEBAKLsC83YRc/dcyN9br3Q
8m4S8Dci81pOkizAZVD2KwSjDDgkjJ90Hg5uSo29Dg0DuCuuI72voKi6I3mcIcze
rogBLGMYnlrqEnDdJyLm8PPTrcmnRH9XVYqI2GmfUehTLnoUCJetIPluKPX2toLd
yar9MGureN2qNxaDWf1AsnA5TC3eqCScFGqQ081Qdn+ePbDQ+PMKUc3JuHAxUwzI
9/w6Skl9bJYZeL+V6fbFhnWI8DWNkwVNB8iRxO8oOQ6o9Wn3zSEgisQRMsbGqCCA
cSiggX9FXEpxXyZUBNpZ2GEM/nw6wL2E7ApJVdoLhBBLf5IMM+v6RGvKTNMC3l3m
4NI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:49 2024 by rpki-client on console-fra.rpki-client.org