Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/373/cfCkKUJauqOKw8YXCgJbnT3irfM.roa
File:                     cfCkKUJauqOKw8YXCgJbnT3irfM.roa (raw, json)
Hash identifier:          zzIEQlxxv9D/erOPEeTfkVl8EQxmtJIgcz69yY9CL3o=
Subject key identifier:   71:F0:A4:29:42:5A:BA:A3:8A:C3:C6:17:0A:02:5B:9D:3D:E2:AD:F3
Certificate issuer:       /CN=89CF5C2AFA5B576577351C4199018D44CDC2D6DA
Certificate serial:       03
Authority key identifier: 89:CF:5C:2A:FA:5B:57:65:77:35:1C:41:99:01:8D:44:CD:C2:D6:DA
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ic9cKvpbV2V3NRxBmQGNRM3C1to.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/373/cfCkKUJauqOKw8YXCgJbnT3irfM.roa
Signing time:             Thu 25 Aug 2022 08:26:34 +0000
ROA not before:           Thu 25 Aug 2022 08:26:34 +0000
ROA not after:            Fri 25 Aug 2023 07:39:18 +0000
asID:                     9615
IP address blocks:        153.125.0.0/17 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 3 (0x3)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=89CF5C2AFA5B576577351C4199018D44CDC2D6DA
        Validity
            Not Before: Aug 25 08:26:34 2022 GMT
            Not After : Aug 25 07:39:18 2023 GMT
        Subject: CN=71F0A429425ABAA38AC3C6170A025B9D3DE2ADF3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:30:64:2a:86:24:d7:5f:67:a9:5c:00:1b:e9:
                    c8:95:50:ad:a0:ec:52:0f:13:69:76:64:5a:9f:17:
                    cc:65:07:f1:30:30:31:64:f9:af:b9:e3:16:5e:32:
                    31:41:cb:08:24:08:73:8e:b9:2b:4e:27:24:59:81:
                    40:9a:86:da:62:29:27:be:f3:5c:d5:95:1d:16:2e:
                    8b:cf:04:e7:21:b6:6d:20:0c:3d:82:b4:07:4c:0d:
                    32:d7:ce:75:f6:6f:df:0d:ea:6f:8f:11:a2:bc:71:
                    98:9e:8a:b0:a6:3e:fc:9f:a9:4f:b6:fd:64:8b:7d:
                    5f:0e:be:e3:a0:4a:a3:47:26:12:d8:38:4e:c5:ce:
                    40:cb:b1:b3:60:b7:60:ef:3b:78:e7:6c:50:ef:5f:
                    5f:5d:13:1b:7d:85:bf:71:4a:54:eb:7c:31:e3:6d:
                    5e:77:bf:8e:7b:ad:d9:83:e2:f5:6e:6d:11:e3:e4:
                    7e:3d:c1:f1:ad:f2:7f:e9:06:cb:ca:e8:fb:d4:b4:
                    4f:2a:db:1f:8c:4c:fa:3a:3b:c8:d8:2d:59:54:e3:
                    c5:1e:4c:7a:c9:da:30:08:93:bf:23:86:f7:13:ad:
                    1c:3c:22:9a:93:e0:ad:40:d5:2b:36:19:e0:2b:48:
                    42:04:15:4f:f5:4f:94:8a:3b:35:58:c8:22:d6:11:
                    e8:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                71:F0:A4:29:42:5A:BA:A3:8A:C3:C6:17:0A:02:5B:9D:3D:E2:AD:F3
            X509v3 Authority Key Identifier:
                keyid:89:CF:5C:2A:FA:5B:57:65:77:35:1C:41:99:01:8D:44:CD:C2:D6:DA

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/373/ic9cKvpbV2V3NRxBmQGNRM3C1to.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/ic9cKvpbV2V3NRxBmQGNRM3C1to.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/373/cfCkKUJauqOKw8YXCgJbnT3irfM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  153.125.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         90:cb:38:dd:a0:05:0e:2e:5a:c7:f0:e6:39:fe:03:b6:9d:2c:
         6e:ce:fa:18:c3:c3:d9:81:0b:28:2b:dc:48:6c:7e:50:72:e5:
         d2:83:f6:c8:43:86:36:54:2d:89:b9:41:42:6e:11:fe:f4:b7:
         3b:a3:fa:3b:6f:01:cd:74:07:42:b6:22:fe:00:08:2f:71:57:
         3a:d1:08:47:4c:c8:28:30:ee:84:a9:d1:b2:88:95:c1:39:71:
         d8:b7:29:91:95:b2:fd:c7:8d:f7:3a:5e:29:8f:f2:04:d1:c1:
         57:9a:56:a1:9a:84:5f:ee:11:18:4a:c4:79:36:4f:58:2f:3b:
         24:22:03:4f:a2:be:4e:ab:04:a1:dc:54:7e:0c:de:90:49:ef:
         d6:4d:16:6b:3d:dd:98:43:f2:69:7f:7e:07:73:f3:58:94:99:
         f3:aa:2a:6d:d3:5d:da:b6:30:4a:56:1d:d6:93:27:4f:61:bb:
         5c:b0:c3:80:0a:2b:db:52:03:8d:6b:e2:7d:07:a3:e9:45:28:
         77:30:a0:4f:59:8b:76:87:eb:bb:3b:ff:83:27:91:2a:da:bb:
         d9:9b:a4:7a:cf:ba:3c:ad:00:68:ac:7a:7f:c8:7c:2e:eb:9a:
         da:9a:44:7a:1e:d3:f6:8a:f1:19:42:33:db:09:77:b7:b5:06:
         25:a3:b5:39
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4OUNG
NUMyQUZBNUI1NzY1NzczNTFDNDE5OTAxOEQ0NENEQzJENkRBMB4XDTIyMDgyNTA4
MjYzNFoXDTIzMDgyNTA3MzkxOFowMzExMC8GA1UEAxMoNzFGMEE0Mjk0MjVBQkFB
MzhBQzNDNjE3MEEwMjVCOUQzREUyQURGMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANYwZCqGJNdfZ6lcABvpyJVQraDsUg8TaXZkWp8XzGUH8TAwMWT5
r7njFl4yMUHLCCQIc465K04nJFmBQJqG2mIpJ77zXNWVHRYui88E5yG2bSAMPYK0
B0wNMtfOdfZv3w3qb48RorxxmJ6KsKY+/J+pT7b9ZIt9Xw6+46BKo0cmEtg4TsXO
QMuxs2C3YO87eOdsUO9fX10TG32Fv3FKVOt8MeNtXne/jnut2YPi9W5tEePkfj3B
8a3yf+kGy8ro+9S0TyrbH4xM+jo7yNgtWVTjxR5MesnaMAiTvyOG9xOtHDwimpPg
rUDVKzYZ4CtIQgQVT/VPlIo7NVjIItYR6FUCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBRx8KQpQlq6o4rDxhcKAludPeKt8zAfBgNVHSMEGDAWgBSJz1wq+ltXZXc1HEGZ
AY1EzcLW2jAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzczL2ljOWNLdnBiVjJWM05SeEJtUUdOUk0zQzF0by5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2ljOWNLdnBiVjJWM05SeEJtUUdOUk0z
QzF0by5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zNzMvY2ZDa0tVSmF1cU9LdzhZWENnSmJuVDNpcmZNLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEB5l9ADANBgkqhkiG9w0BAQsFAAOCAQEAkMs43aAFDi5ax/DmOf4Dtp0sbs76
GMPD2YELKCvcSGx+UHLl0oP2yEOGNlQtiblBQm4R/vS3O6P6O28BzXQHQrYi/gAI
L3FXOtEIR0zIKDDuhKnRsoiVwTlx2LcpkZWy/ceN9zpeKY/yBNHBV5pWoZqEX+4R
GErEeTZPWC87JCIDT6K+TqsEodxUfgzekEnv1k0Waz3dmEPyaX9+B3PzWJSZ86oq
bdNd2rYwSlYd1pMnT2G7XLDDgAor21IDjWvifQej6UUodzCgT1mLdofruzv/gyeR
Ktq72Zukes+6PK0AaKx6f8h8Luua2ppEeh7T9orxGUIz2wl3t7UGJaO1OQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:03 2024 by rpki-client on console-ams.rpki-client.org