Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/354/OTAvOv4sedbxZHgoVH2ijzYyD9U.roa
File:                     OTAvOv4sedbxZHgoVH2ijzYyD9U.roa (raw, json)
Hash identifier:          fFEE761UGImrWLXgHbDgrQ+w+zR6UwInSoLZUVBsQqQ=
Subject key identifier:   39:30:2F:3A:FE:2C:79:D6:F1:64:78:28:54:7D:A2:8F:36:32:0F:D5
Certificate issuer:       /CN=0A5ACAC2990BD8F8655C0C721BACFF030A59D1FC
Certificate serial:       A0
Authority key identifier: 0A:5A:CA:C2:99:0B:D8:F8:65:5C:0C:72:1B:AC:FF:03:0A:59:D1:FC
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/OTAvOv4sedbxZHgoVH2ijzYyD9U.roa
Signing time:             Thu 01 Sep 2022 01:28:13 +0000
ROA not before:           Thu 01 Sep 2022 01:28:13 +0000
ROA not after:            Tue 15 Aug 2023 01:30:03 +0000
asID:                     23816
IP address blocks:        211.14.20.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 160 (0xa0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0A5ACAC2990BD8F8655C0C721BACFF030A59D1FC
        Validity
            Not Before: Sep  1 01:28:13 2022 GMT
            Not After : Aug 15 01:30:03 2023 GMT
        Subject: CN=39302F3AFE2C79D6F1647828547DA28F36320FD5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:67:70:99:c1:9f:06:5d:a0:c2:e7:c7:e3:7d:
                    7c:17:66:2e:b9:ad:fd:87:22:01:3a:c0:55:d2:52:
                    05:54:8f:ac:6a:49:07:30:ac:cf:d4:6c:be:4c:80:
                    7b:3a:91:46:42:4d:57:64:a0:75:c5:d9:91:a4:68:
                    b7:4d:8b:f9:af:06:d8:d4:26:28:5d:44:a5:f5:75:
                    49:ee:86:0a:c2:aa:69:3c:01:a4:73:c6:d8:a6:3c:
                    8e:bd:14:9b:cf:d0:e0:9b:f2:3b:3e:ac:42:10:d7:
                    aa:b6:00:ca:3b:a1:f4:0a:1b:cc:0c:2d:92:62:41:
                    df:2c:77:9f:39:ad:39:e8:77:46:4c:8e:93:4a:c6:
                    2a:86:c9:ba:3e:1c:f4:01:4b:51:77:32:cf:19:66:
                    3e:81:ba:36:e8:e7:db:d2:ed:d3:c5:09:b4:4c:d3:
                    03:30:aa:7c:b9:f3:f4:fc:7f:09:a1:50:21:df:31:
                    5d:4d:ce:46:79:6f:20:fe:58:35:ff:ca:ee:8c:b7:
                    ea:79:63:6c:25:e6:e8:97:97:81:e1:7b:99:7d:b2:
                    43:7a:72:c0:32:27:fb:8b:42:b2:5a:ba:6c:05:78:
                    a4:f3:24:c8:dc:91:02:07:41:9e:34:5e:70:1a:63:
                    c5:35:76:3d:87:ec:58:c9:86:64:18:2e:d8:83:3c:
                    4d:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:30:2F:3A:FE:2C:79:D6:F1:64:78:28:54:7D:A2:8F:36:32:0F:D5
            X509v3 Authority Key Identifier:
                keyid:0A:5A:CA:C2:99:0B:D8:F8:65:5C:0C:72:1B:AC:FF:03:0A:59:D1:FC

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ClrKwpkL2PhlXAxyG6z_AwpZ0fw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/354/OTAvOv4sedbxZHgoVH2ijzYyD9U.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.14.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         30:97:92:ab:71:d8:a1:04:9e:07:d2:f6:63:f4:fd:38:f1:8c:
         3a:05:c8:39:cf:09:92:62:38:e0:98:d5:1c:04:60:47:2e:ad:
         05:00:98:93:30:79:69:ee:af:8e:12:b5:04:27:db:94:c6:43:
         2f:86:7a:fe:85:7e:d8:37:1f:f1:69:bf:f7:d9:bf:ba:16:9d:
         2f:30:6d:2c:81:0c:98:72:b6:76:42:0c:5d:d5:63:3c:06:69:
         f7:e2:ee:19:9a:34:b1:ec:eb:9e:95:86:46:6f:61:ed:18:d0:
         75:7b:fc:57:15:8e:69:a3:23:f3:f5:b0:2e:a5:4f:40:5e:fc:
         4e:b2:d9:17:14:c7:96:48:f8:f3:ec:2a:25:9d:18:ef:c6:1d:
         a6:2a:2e:c2:c7:47:04:47:4e:b3:47:01:70:2d:d9:ac:b9:4b:
         cd:f3:92:5c:5e:08:6c:83:db:c0:45:58:3f:19:f0:39:37:51:
         67:62:a9:78:7f:88:91:f4:76:5a:ee:58:ca:d1:0e:8e:56:e9:
         89:19:a6:05:aa:e8:26:a1:50:2c:93:6f:58:c1:a1:f3:4b:b6:
         cd:ff:51:94:ef:79:07:97:5d:b2:1d:03:c9:2c:c5:6c:87:27:
         16:fe:f8:bd:8d:94:8d:65:01:1d:52:a0:9d:a6:55:ec:1d:31:
         ff:a3:a8:34
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAKAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMEE1
QUNBQzI5OTBCRDhGODY1NUMwQzcyMUJBQ0ZGMDMwQTU5RDFGQzAeFw0yMjA5MDEw
MTI4MTNaFw0yMzA4MTUwMTMwMDNaMDMxMTAvBgNVBAMTKDM5MzAyRjNBRkUyQzc5
RDZGMTY0NzgyODU0N0RBMjhGMzYzMjBGRDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7Z3CZwZ8GXaDC58fjfXwXZi65rf2HIgE6wFXSUgVUj6xqSQcw
rM/UbL5MgHs6kUZCTVdkoHXF2ZGkaLdNi/mvBtjUJihdRKX1dUnuhgrCqmk8AaRz
xtimPI69FJvP0OCb8js+rEIQ16q2AMo7ofQKG8wMLZJiQd8sd585rTnod0ZMjpNK
xiqGybo+HPQBS1F3Ms8ZZj6Bujbo59vS7dPFCbRM0wMwqny58/T8fwmhUCHfMV1N
zkZ5byD+WDX/yu6Mt+p5Y2wl5uiXl4Hhe5l9skN6csAyJ/uLQrJaumwFeKTzJMjc
kQIHQZ40XnAaY8U1dj2H7FjJhmQYLtiDPE0PAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUOTAvOv4sedbxZHgoVH2ijzYyD9UwHwYDVR0jBBgwFoAUClrKwpkL2PhlXAxy
G6z/AwpZ0fwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzM1NC9DbHJLd3BrTDJQaGxYQXh5RzZ6X0F3cFowZncuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9DbHJLd3BrTDJQaGxYQXh5RzZ6X0F3
cFowZncuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzU0L09UQXZPdjRzZWRieFpIZ29WSDJpanpZeUQ5VS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALTDhQwDQYJKoZIhvcNAQELBQADggEBADCXkqtx2KEEngfS9mP0/TjxjDoF
yDnPCZJiOOCY1RwEYEcurQUAmJMweWnur44StQQn25TGQy+Gev6Fftg3H/Fpv/fZ
v7oWnS8wbSyBDJhytnZCDF3VYzwGaffi7hmaNLHs656VhkZvYe0Y0HV7/FcVjmmj
I/P1sC6lT0Be/E6y2RcUx5ZI+PPsKiWdGO/GHaYqLsLHRwRHTrNHAXAt2ay5S83z
klxeCGyD28BFWD8Z8Dk3UWdiqXh/iJH0dlruWMrRDo5W6YkZpgWq6CahUCyTb1jB
ofNLts3/UZTveQeXXbIdA8ksxWyHJxb++L2NlI1lAR1SoJ2mVewdMf+jqDQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:52 2024 by rpki-client on console-fra.rpki-client.org