Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/39002/I5kiHzfKis8V1YMOLVMeDQj-mn8.roa
File:                     I5kiHzfKis8V1YMOLVMeDQj-mn8.roa (raw, json)
Hash identifier:          nzV2bj/tCUZvXuPIG0bGjT6ZQWY1HVwjKd6A4A7YiaY=
Subject key identifier:   23:99:22:1F:37:CA:8A:CF:15:D5:83:0E:2D:53:1E:0D:08:FE:9A:7F
Certificate issuer:       /CN=F974F9EB3E6B6AD8B1EAEA0A461D248D3ACDCDE2
Certificate serial:       04
Authority key identifier: F9:74:F9:EB:3E:6B:6A:D8:B1:EA:EA:0A:46:1D:24:8D:3A:CD:CD:E2
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/-XT56z5ratix6uoKRh0kjTrNzeI.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/39002/I5kiHzfKis8V1YMOLVMeDQj-mn8.roa
Signing time:             Wed 09 Nov 2022 00:42:27 +0000
ROA not before:           Wed 09 Nov 2022 00:42:27 +0000
ROA not after:            Sun 15 Oct 2023 01:30:02 +0000
asID:                     0
IP address blocks:        2001:de8:8:6::/64 maxlen: 128

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 4 (0x4)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F974F9EB3E6B6AD8B1EAEA0A461D248D3ACDCDE2
        Validity
            Not Before: Nov  9 00:42:27 2022 GMT
            Not After : Oct 15 01:30:02 2023 GMT
        Subject: CN=2399221F37CA8ACF15D5830E2D531E0D08FE9A7F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:f7:f8:2f:ac:3f:a2:b8:fb:b0:6b:17:83:0c:
                    8b:07:96:f9:4e:14:2e:38:87:01:69:63:68:83:de:
                    80:af:a6:d0:f2:c0:23:f3:28:e4:b8:15:30:e6:d0:
                    64:5e:28:19:ac:f8:03:2d:f6:0c:02:f1:ea:87:95:
                    2c:ea:b7:55:a3:b6:2d:e0:7e:08:58:0c:e5:ac:45:
                    a9:92:1c:86:a3:96:46:73:6c:2c:36:a4:06:3a:9f:
                    86:1f:cd:d3:8c:fa:90:41:fb:58:40:5c:fb:90:70:
                    fd:18:22:a8:1c:85:e8:3e:a7:87:9c:f9:70:0d:34:
                    16:6b:c1:dd:6e:95:69:55:33:44:17:c7:8a:19:e1:
                    73:0b:0f:5e:87:eb:31:ee:9a:6d:6e:d6:bd:b2:51:
                    18:93:16:85:e0:d6:0d:4e:aa:54:ba:d5:d5:31:bf:
                    07:a3:71:f8:79:a4:a8:93:f0:00:53:6b:b6:b1:7e:
                    7e:d6:fb:fb:4f:8a:57:d0:f6:3e:90:62:9c:33:94:
                    d6:dd:66:fe:e7:4a:e7:b0:8b:b5:cc:84:84:dc:f9:
                    8e:3a:a6:fd:05:59:10:66:20:d3:b5:0a:65:0d:ec:
                    41:bc:54:12:d6:91:91:83:31:56:f0:4d:a1:5b:da:
                    bb:51:00:6b:fb:aa:ef:38:28:f8:37:fa:4b:d2:22:
                    80:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:99:22:1F:37:CA:8A:CF:15:D5:83:0E:2D:53:1E:0D:08:FE:9A:7F
            X509v3 Authority Key Identifier:
                keyid:F9:74:F9:EB:3E:6B:6A:D8:B1:EA:EA:0A:46:1D:24:8D:3A:CD:CD:E2

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/39002/-XT56z5ratix6uoKRh0kjTrNzeI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/-XT56z5ratix6uoKRh0kjTrNzeI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/39002/I5kiHzfKis8V1YMOLVMeDQj-mn8.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2001:de8:8:6::/64

    Signature Algorithm: sha256WithRSAEncryption
         6b:e7:c6:8e:31:31:40:c4:81:94:c7:7d:5b:df:19:9f:41:0a:
         11:69:e9:92:95:fb:e6:9b:5d:8e:9b:f9:4b:27:07:0e:bb:28:
         b4:5f:9a:df:1a:1a:03:82:df:dc:cb:ed:1d:b9:b8:ea:09:59:
         9e:46:4b:77:48:35:96:0d:45:16:95:42:d8:36:fd:73:5f:e7:
         75:13:ed:92:82:77:a0:44:d0:42:6d:de:a1:2f:67:1a:74:84:
         9c:0f:6f:8f:b1:59:10:7d:82:18:9c:41:b6:e4:cc:22:5b:74:
         30:7e:17:54:47:4e:dd:51:08:f9:ee:77:c3:0a:65:6a:8b:58:
         63:5f:5c:f9:84:13:22:ee:aa:1b:1b:fc:50:20:6e:d3:34:3c:
         7b:c6:da:f1:ae:12:95:22:fb:2d:7d:f9:86:23:ef:2c:64:cd:
         a0:2a:53:6f:1c:dc:72:4a:e4:46:81:77:c4:6f:72:f9:e5:c1:
         77:62:2a:97:4d:54:66:7c:48:5e:4e:93:92:dc:fe:ba:f4:44:
         52:06:32:38:da:f2:41:9d:47:ff:b5:7c:6e:1f:37:de:07:17:
         18:ce:c5:c3:a7:1f:08:ee:b0:ee:38:20:be:d0:c7:de:93:2a:
         db:32:55:9f:fb:7d:5d:da:83:25:c4:d6:37:63:68:2c:bb:d7:
         16:cf:14:6b
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIBBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGOTc0
RjlFQjNFNkI2QUQ4QjFFQUVBMEE0NjFEMjQ4RDNBQ0RDREUyMB4XDTIyMTEwOTAw
NDIyN1oXDTIzMTAxNTAxMzAwMlowMzExMC8GA1UEAxMoMjM5OTIyMUYzN0NBOEFD
RjE1RDU4MzBFMkQ1MzFFMEQwOEZFOUE3RjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALv3+C+sP6K4+7BrF4MMiweW+U4ULjiHAWljaIPegK+m0PLAI/Mo
5LgVMObQZF4oGaz4Ay32DALx6oeVLOq3VaO2LeB+CFgM5axFqZIchqOWRnNsLDak
Bjqfhh/N04z6kEH7WEBc+5Bw/RgiqByF6D6nh5z5cA00FmvB3W6VaVUzRBfHihnh
cwsPXofrMe6abW7WvbJRGJMWheDWDU6qVLrV1TG/B6Nx+HmkqJPwAFNrtrF+ftb7
+0+KV9D2PpBinDOU1t1m/udK57CLtcyEhNz5jjqm/QVZEGYg07UKZQ3sQbxUEtaR
kYMxVvBNoVvau1EAa/uq7zgo+Df6S9IigCkCAwEAAaOCAi0wggIpMB0GA1UdDgQW
BBQjmSIfN8qKzxXVgw4tUx4NCP6afzAfBgNVHSMEGDAWgBT5dPnrPmtq2LHq6gpG
HSSNOs3N4jAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzkwMDIvLVhUNTZ6NXJhdGl4NnVvS1JoMGtqVHJOemVJLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvLVhUNTZ6NXJhdGl4NnVvS1JoMGtq
VHJOemVJLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzM5MDAyL0k1a2lIemZLaXM4VjFZTU9MVk1lRFFqLW1uOC5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwJAYIKwYBBQUHAQcBAf8EFTATMBEE
AgACMAsDCQAgAQ3oAAgABjANBgkqhkiG9w0BAQsFAAOCAQEAa+fGjjExQMSBlMd9
W98Zn0EKEWnpkpX75ptdjpv5SycHDrsotF+a3xoaA4Lf3MvtHbm46glZnkZLd0g1
lg1FFpVC2Db9c1/ndRPtkoJ3oETQQm3eoS9nGnSEnA9vj7FZEH2CGJxBtuTMIlt0
MH4XVEdO3VEI+e53wwplaotYY19c+YQTIu6qGxv8UCBu0zQ8e8ba8a4SlSL7LX35
hiPvLGTNoCpTbxzcckrkRoF3xG9y+eXBd2Iql01UZnxIXk6Tktz+uvREUgYyONry
QZ1H/7V8bh833gcXGM7Fw6cfCO6w7jggvtDH3pMq2zJVn/t9XdqDJcTWN2NoLLvX
Fs8Uaw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:52 2024 by rpki-client on console-fra.rpki-client.org