Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30401/DRbZEu_pS-3Zj1UJoeR_QiW5CGo.roa
File:                     DRbZEu_pS-3Zj1UJoeR_QiW5CGo.roa (raw, json)
Hash identifier:          Re6SzMa+cnlJLVADnBAnSLW7octtwp8isDfUXqck6VU=
Subject key identifier:   0D:16:D9:12:EF:E9:4B:ED:D9:8F:55:09:A1:E4:7F:42:25:B9:08:6A
Certificate issuer:       /CN=0385E3DE4BBF017034BC7083637F05DA4F473533
Certificate serial:       02
Authority key identifier: 03:85:E3:DE:4B:BF:01:70:34:BC:70:83:63:7F:05:DA:4F:47:35:33
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/A4Xj3ku_AXA0vHCDY38F2k9HNTM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30401/DRbZEu_pS-3Zj1UJoeR_QiW5CGo.roa
Signing time:             Sat 30 Jul 2022 00:30:34 +0000
ROA not before:           Sat 30 Jul 2022 00:30:34 +0000
ROA not after:            Sun 30 Jul 2023 00:26:01 +0000
asID:                     63795
IP address blocks:        2400:7ce0::/32 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0385E3DE4BBF017034BC7083637F05DA4F473533
        Validity
            Not Before: Jul 30 00:30:34 2022 GMT
            Not After : Jul 30 00:26:01 2023 GMT
        Subject: CN=0D16D912EFE94BEDD98F5509A1E47F4225B9086A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:5d:3e:bf:43:f3:49:6e:79:45:68:c5:1f:37:
                    3c:d4:bb:ef:d0:3a:16:6f:ac:12:ae:8c:0c:d4:3f:
                    16:e9:8f:75:bf:e3:95:2c:6d:0d:28:ab:32:19:79:
                    e9:e9:55:f9:5f:fc:67:19:47:ec:15:c9:12:05:d5:
                    fb:ee:c1:17:d0:22:15:1c:b2:a7:61:55:02:b8:de:
                    50:81:09:55:e6:f8:b9:f2:89:c2:ee:5a:88:7e:e7:
                    2a:00:9f:11:d6:e1:81:35:ba:e2:d3:d0:d8:ba:66:
                    c8:a3:16:26:75:50:21:35:67:34:63:cb:62:ee:b1:
                    c6:2c:b2:95:a2:7d:d5:d6:06:0d:e8:7b:de:49:99:
                    5f:bb:a4:04:9c:ed:f6:a0:b0:3b:e1:8a:08:38:75:
                    9f:37:61:e0:9f:ca:dd:b4:23:64:c0:18:a3:1e:bc:
                    5f:4b:6b:ae:fa:f6:74:08:bc:ec:9c:4a:30:65:0c:
                    ea:1a:55:5e:c6:95:89:2c:87:15:0a:ab:75:63:c6:
                    be:47:89:dc:b5:f2:9b:35:41:11:96:59:61:2a:5e:
                    63:fc:ff:41:5c:bc:ee:8e:6a:4a:38:ac:65:f0:eb:
                    c8:6a:e0:b1:b8:92:88:83:ce:ae:a5:5c:a1:b5:da:
                    f6:c8:e1:fe:7c:63:fa:a3:4a:e3:84:06:5b:bb:20:
                    3a:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0D:16:D9:12:EF:E9:4B:ED:D9:8F:55:09:A1:E4:7F:42:25:B9:08:6A
            X509v3 Authority Key Identifier:
                keyid:03:85:E3:DE:4B:BF:01:70:34:BC:70:83:63:7F:05:DA:4F:47:35:33

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30401/A4Xj3ku_AXA0vHCDY38F2k9HNTM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/A4Xj3ku_AXA0vHCDY38F2k9HNTM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30401/DRbZEu_pS-3Zj1UJoeR_QiW5CGo.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2400:7ce0::/32

    Signature Algorithm: sha256WithRSAEncryption
         4a:79:58:a2:99:db:ea:43:75:9b:02:63:bd:66:31:85:e6:46:
         62:b6:4b:13:9d:a7:a9:a8:b3:0d:a1:18:ff:5e:63:04:01:c3:
         16:4c:58:40:25:b6:6f:43:d2:00:5e:e9:56:12:e7:5a:31:ce:
         5e:a1:79:74:7a:b9:6f:1d:71:21:03:23:57:9f:5f:03:19:1f:
         f5:02:69:5a:f5:08:82:8b:fd:83:d2:14:a0:8f:b1:56:77:24:
         d3:1f:0c:67:f5:86:c3:51:06:a9:07:55:86:03:c4:bf:80:62:
         55:9f:9e:41:a8:40:10:de:18:10:ba:70:35:20:e9:6f:e4:43:
         36:ba:8b:a3:a6:12:63:32:f5:9f:3a:86:60:01:7d:f3:c0:6c:
         73:97:0d:58:d6:9f:47:31:c6:0b:4c:5d:b7:5c:c4:ca:a2:d7:
         ae:c1:0a:9d:c6:8d:c0:32:e8:a9:fc:9a:a7:28:9f:65:c3:b9:
         81:9f:c9:bc:b5:8e:8d:13:00:ad:f8:59:32:26:46:f6:82:56:
         e3:99:48:75:64:4b:41:34:c3:c9:13:09:3f:04:72:23:c2:a4:
         54:c9:4b:db:c5:65:f8:de:c2:66:ca:22:35:c3:e2:1c:1c:ec:
         bb:18:55:5f:05:8e:b7:db:1d:ec:ed:b1:45:02:47:40:31:54:
         d5:6c:cb:0e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIBAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygwMzg1
RTNERTRCQkYwMTcwMzRCQzcwODM2MzdGMDVEQTRGNDczNTMzMB4XDTIyMDczMDAw
MzAzNFoXDTIzMDczMDAwMjYwMVowMzExMC8GA1UEAxMoMEQxNkQ5MTJFRkU5NEJF
REQ5OEY1NTA5QTFFNDdGNDIyNUI5MDg2QTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKddPr9D80lueUVoxR83PNS779A6Fm+sEq6MDNQ/FumPdb/jlSxt
DSirMhl56elV+V/8ZxlH7BXJEgXV++7BF9AiFRyyp2FVArjeUIEJVeb4ufKJwu5a
iH7nKgCfEdbhgTW64tPQ2LpmyKMWJnVQITVnNGPLYu6xxiyylaJ91dYGDeh73kmZ
X7ukBJzt9qCwO+GKCDh1nzdh4J/K3bQjZMAYox68X0trrvr2dAi87JxKMGUM6hpV
XsaViSyHFQqrdWPGvkeJ3LXymzVBEZZZYSpeY/z/QVy87o5qSjisZfDryGrgsbiS
iIPOrqVcobXa9sjh/nxj+qNK44QGW7sgOjMCAwEAAaOCAikwggIlMB0GA1UdDgQW
BBQNFtkS7+lL7dmPVQmh5H9CJbkIajAfBgNVHSMEGDAWgBQDhePeS78BcDS8cINj
fwXaT0c1MzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA0MDEvQTRYajNrdV9BWEEwdkhDRFkzOEYyazlITlRNLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvQTRYajNrdV9BWEEwdkhDRFkzOEYy
azlITlRNLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzMwNDAxL0RSYlpFdV9wUy0zWmoxVUpvZVJfUWlXNUNHby5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwIAYIKwYBBQUHAQcBAf8EETAPMA0E
AgACMAcDBQAkAHzgMA0GCSqGSIb3DQEBCwUAA4IBAQBKeViimdvqQ3WbAmO9ZjGF
5kZitksTnaepqLMNoRj/XmMEAcMWTFhAJbZvQ9IAXulWEudaMc5eoXl0erlvHXEh
AyNXn18DGR/1Amla9QiCi/2D0hSgj7FWdyTTHwxn9YbDUQapB1WGA8S/gGJVn55B
qEAQ3hgQunA1IOlv5EM2uoujphJjMvWfOoZgAX3zwGxzlw1Y1p9HMcYLTF23XMTK
oteuwQqdxo3AMuip/JqnKJ9lw7mBn8m8tY6NEwCt+FkyJkb2glbjmUh1ZEtBNMPJ
Ewk/BHIjwqRUyUvbxWX43sJmyiI1w+IcHOy7GFVfBY632x3s7bFFAkdAMVTVbMsO
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:50 2024 by rpki-client on console-fra.rpki-client.org