Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/3818/2FfZ50t5Q6Q2DjxE6bNdoNEWm2w.roa
File:                     2FfZ50t5Q6Q2DjxE6bNdoNEWm2w.roa (raw, json)
Hash identifier:          GMgcqRNci395oZ25gJAKy2F9ro+rp81qTmkjSQbEIyU=
Subject key identifier:   D8:57:D9:E7:4B:79:43:A4:36:0E:3C:44:E9:B3:5D:A0:D1:16:9B:6C
Certificate issuer:       /CN=185B557EF3BE81985C5E6CD9624761CAA4F936CE
Certificate serial:       20
Authority key identifier: 18:5B:55:7E:F3:BE:81:98:5C:5E:6C:D9:62:47:61:CA:A4:F9:36:CE
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/GFtVfvO-gZhcXmzZYkdhyqT5Ns4.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/3818/2FfZ50t5Q6Q2DjxE6bNdoNEWm2w.roa
Signing time:             Thu 13 Apr 2023 09:51:06 +0000
ROA not before:           Thu 13 Apr 2023 09:51:06 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     16509
IP address blocks:        202.244.140.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32 (0x20)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=185B557EF3BE81985C5E6CD9624761CAA4F936CE
        Validity
            Not Before: Apr 13 09:51:06 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=D857D9E74B7943A4360E3C44E9B35DA0D1169B6C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:92:94:86:41:69:cb:85:e0:e1:67:bf:79:e5:
                    d6:f2:3f:2c:6f:15:dd:9c:1c:8c:48:68:e1:b7:3c:
                    1d:f3:4a:6d:67:28:ba:ad:59:13:96:7b:73:11:cb:
                    bf:d3:e7:c4:3f:10:a6:57:c0:d9:95:f1:97:be:16:
                    a4:cb:b6:fb:0d:e5:00:9f:cd:f3:08:62:50:6f:43:
                    1b:dd:95:3f:05:cc:95:b6:1d:43:78:7a:dc:a4:5c:
                    10:ef:d2:47:62:8e:42:d4:75:f4:cb:11:90:78:df:
                    22:b0:91:7f:1f:f0:cd:5f:c3:25:1e:65:2a:62:b9:
                    73:07:5d:28:44:db:7d:d4:51:cb:98:98:bf:0e:4a:
                    21:0d:09:82:83:2c:0f:c5:e6:a2:28:8f:ec:7e:61:
                    b2:7c:bb:6b:e5:83:38:bc:41:13:2d:3c:c4:3f:8f:
                    f2:cc:40:40:76:33:4b:a1:5b:79:50:eb:b1:ab:7c:
                    c2:75:c1:4b:bc:10:8f:28:43:9a:0c:9f:47:bf:b6:
                    cc:55:74:07:be:44:fc:50:ec:13:48:ae:11:01:d7:
                    8c:72:39:8f:eb:c5:3d:d7:28:cc:cd:6a:dd:0c:d9:
                    b5:79:57:02:6d:e3:89:c6:96:28:66:e8:80:94:25:
                    d2:6f:f1:b0:8c:d5:dc:fe:f4:f9:e0:26:c6:f0:05:
                    33:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:57:D9:E7:4B:79:43:A4:36:0E:3C:44:E9:B3:5D:A0:D1:16:9B:6C
            X509v3 Authority Key Identifier:
                keyid:18:5B:55:7E:F3:BE:81:98:5C:5E:6C:D9:62:47:61:CA:A4:F9:36:CE

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/3818/GFtVfvO-gZhcXmzZYkdhyqT5Ns4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/GFtVfvO-gZhcXmzZYkdhyqT5Ns4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/3818/2FfZ50t5Q6Q2DjxE6bNdoNEWm2w.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.244.140.0/22

    Signature Algorithm: sha256WithRSAEncryption
         b8:26:00:35:54:4b:d6:13:da:6f:15:15:a9:c9:24:23:30:5c:
         17:af:3b:28:76:7a:17:f5:f5:ec:63:0e:45:40:50:cf:1d:41:
         93:8b:7c:44:d9:25:71:2f:3c:6d:4e:d0:38:64:a2:0d:6e:98:
         d0:2c:69:33:70:b6:cb:1b:b7:e6:96:b3:18:89:82:8c:44:2e:
         a0:7d:e1:fe:94:a4:b9:36:1e:db:24:11:82:6d:45:f2:47:02:
         1a:c9:80:f3:32:0a:1e:fd:1f:a3:d1:14:02:03:45:0d:3f:50:
         47:d1:03:74:3a:6e:7d:ca:58:e7:fa:be:a1:ee:7b:3a:c1:04:
         5b:c8:2b:76:48:27:c9:b5:91:a0:0d:4a:cf:5e:24:94:d6:d1:
         f7:bd:76:7f:aa:d9:95:b8:f8:f0:16:c9:cf:c6:d9:f1:37:b0:
         25:49:cd:ec:d2:d0:83:e2:5d:7b:99:94:2b:a4:ff:f9:a8:44:
         3f:77:f8:07:7d:0d:8e:66:35:81:79:80:5d:de:25:2e:40:fb:
         74:c0:cc:43:86:2a:29:a7:4e:b5:b0:0f:22:db:a2:51:bf:30:
         5a:45:2b:1b:18:90:be:30:54:49:24:d7:84:e9:f4:f9:ab:a4:
         68:1b:de:9d:3a:67:08:58:20:7f:b1:56:39:cf:fb:d5:32:f7:
         2d:26:ff:7c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIBIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygxODVC
NTU3RUYzQkU4MTk4NUM1RTZDRDk2MjQ3NjFDQUE0RjkzNkNFMB4XDTIzMDQxMzA5
NTEwNloXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoRDg1N0Q5RTc0Qjc5NDNB
NDM2MEUzQzQ0RTlCMzVEQTBEMTE2OUI2QzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKeSlIZBacuF4OFnv3nl1vI/LG8V3ZwcjEho4bc8HfNKbWcouq1Z
E5Z7cxHLv9PnxD8QplfA2ZXxl74WpMu2+w3lAJ/N8whiUG9DG92VPwXMlbYdQ3h6
3KRcEO/SR2KOQtR19MsRkHjfIrCRfx/wzV/DJR5lKmK5cwddKETbfdRRy5iYvw5K
IQ0JgoMsD8XmoiiP7H5hsny7a+WDOLxBEy08xD+P8sxAQHYzS6FbeVDrsat8wnXB
S7wQjyhDmgyfR7+2zFV0B75E/FDsE0iuEQHXjHI5j+vFPdcozM1q3QzZtXlXAm3j
icaWKGbogJQl0m/xsIzV3P70+eAmxvAFM80CAwEAAaOCAiYwggIiMB0GA1UdDgQW
BBTYV9nnS3lDpDYOPETps12g0RabbDAfBgNVHSMEGDAWgBQYW1V+876BmFxebNli
R2HKpPk2zjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGcGA1UdHwRgMF4wXKBa
oFiGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzgxOC9HRnRWZnZPLWdaaGNYbXpaWWtkaHlxVDVOczQuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9HRnRWZnZPLWdaaGNYbXpaWWtkaHlx
VDVOczQuY2VyMA4GA1UdDwEB/wQEAwIHgDCBvAYIKwYBBQUHAQsEga8wgawwYgYI
KwYBBQUHMAuGVnJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzgxOC8yRmZaNTB0NVE2UTJEanhFNmJOZG9ORVdtMncucm9h
MEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAv
cnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIA
ATAGAwQCyvSMMA0GCSqGSIb3DQEBCwUAA4IBAQC4JgA1VEvWE9pvFRWpySQjMFwX
rzsodnoX9fXsYw5FQFDPHUGTi3xE2SVxLzxtTtA4ZKINbpjQLGkzcLbLG7fmlrMY
iYKMRC6gfeH+lKS5Nh7bJBGCbUXyRwIayYDzMgoe/R+j0RQCA0UNP1BH0QN0Om59
yljn+r6h7ns6wQRbyCt2SCfJtZGgDUrPXiSU1tH3vXZ/qtmVuPjwFsnPxtnxN7Al
Sc3s0tCD4l17mZQrpP/5qEQ/d/gHfQ2OZjWBeYBd3iUuQPt0wMxDhiopp061sA8i
26JRvzBaRSsbGJC+MFRJJNeE6fT5q6RoG96dOmcIWCB/sVY5z/vVMvctJv98
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:03 2024 by rpki-client on console-ams.rpki-client.org