Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/393/KeGyibaBnBLwJxLyypjXG2P0vyM.roa
File:                     KeGyibaBnBLwJxLyypjXG2P0vyM.roa (raw, json)
Hash identifier:          OZ5H/9kkox/xLFUMeKbRRKPEs2VMABpcs2TadPZrv0M=
Subject key identifier:   29:E1:B2:89:B6:81:9C:12:F0:27:12:F2:CA:98:D7:1B:63:F4:BF:23
Certificate issuer:       /CN=5D055B2DAAC48878CC9B1127A29CF11666920A23
Certificate serial:       44
Authority key identifier: 5D:05:5B:2D:AA:C4:88:78:CC:9B:11:27:A2:9C:F1:16:66:92:0A:23
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/XQVbLarEiHjMmxEnopzxFmaSCiM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/393/KeGyibaBnBLwJxLyypjXG2P0vyM.roa
Signing time:             Sat 01 Apr 2023 01:29:51 +0000
ROA not before:           Sat 01 Apr 2023 01:29:51 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9622
IP address blocks:        202.52.16.0/20 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 68 (0x44)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5D055B2DAAC48878CC9B1127A29CF11666920A23
        Validity
            Not Before: Apr  1 01:29:51 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=29E1B289B6819C12F02712F2CA98D71B63F4BF23
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:c1:77:1f:46:18:ff:b2:bc:c7:19:c5:e0:e9:
                    c1:e5:7b:98:db:4b:2c:13:20:86:0d:1e:cb:e6:2f:
                    9f:3f:0c:03:8b:d0:34:a6:f7:d9:8f:cf:4c:95:12:
                    7f:39:98:7c:ad:7b:77:27:0c:df:24:d4:82:c4:ec:
                    4c:74:8d:67:aa:0d:e0:47:b9:b9:65:8c:45:fa:b4:
                    e1:2b:fa:37:5d:b8:86:f2:3a:82:d4:5e:c2:2f:86:
                    c1:1e:9a:3b:55:53:75:f7:f4:c3:e8:eb:5c:1d:11:
                    81:96:c6:72:f0:f5:85:d1:1d:4c:d8:77:24:be:8e:
                    d2:5e:a4:fb:09:cb:52:b9:9d:07:2c:bf:d8:28:f8:
                    92:2b:7e:51:e2:22:46:ab:fa:f7:31:8d:33:1f:f1:
                    a3:73:68:5c:13:3b:14:0b:d1:9f:d2:ff:fe:da:e7:
                    60:28:4d:80:bc:15:87:df:ed:b8:b6:e5:78:64:50:
                    84:f9:b5:85:12:af:b3:95:51:32:4f:5d:88:fd:10:
                    87:f8:ff:fe:8f:c3:8f:a1:30:09:7b:97:49:bb:52:
                    3d:24:57:11:b0:98:ee:f3:cf:9f:9e:87:6b:a6:d0:
                    33:3c:2c:26:34:a8:6f:0e:3d:52:1b:ad:0a:ba:ba:
                    cf:39:4b:db:9c:14:5f:12:e7:a1:a2:a0:4d:9d:58:
                    94:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                29:E1:B2:89:B6:81:9C:12:F0:27:12:F2:CA:98:D7:1B:63:F4:BF:23
            X509v3 Authority Key Identifier:
                keyid:5D:05:5B:2D:AA:C4:88:78:CC:9B:11:27:A2:9C:F1:16:66:92:0A:23

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/393/XQVbLarEiHjMmxEnopzxFmaSCiM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/XQVbLarEiHjMmxEnopzxFmaSCiM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/393/KeGyibaBnBLwJxLyypjXG2P0vyM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.52.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         94:a5:34:4b:b4:e1:3a:56:02:8b:43:e5:f0:9d:4c:68:41:cc:
         76:b2:96:36:30:bb:4c:46:14:e1:92:05:c7:4f:28:80:83:fd:
         e7:37:55:8e:2b:33:8a:2e:47:9b:7b:f3:3d:df:13:30:85:50:
         ef:65:cd:00:20:88:81:80:8d:0e:71:61:6a:bd:78:d4:4d:f7:
         53:e0:ce:92:f5:4d:0c:6c:c7:64:96:24:d9:c2:90:84:84:a4:
         b5:3d:02:41:fd:0c:9f:7f:a9:e1:8f:ba:20:ae:ab:7d:f8:60:
         e7:d9:bf:08:1b:27:81:5a:e6:f3:4a:6e:18:7c:8a:f4:cb:b2:
         80:be:9f:66:27:7f:b3:40:a5:4e:e8:f4:dc:73:e0:0f:00:e7:
         63:34:eb:51:74:6c:fb:8f:82:bc:d2:e2:19:d5:85:5b:3d:e5:
         2c:14:e9:de:40:df:01:42:9e:02:d5:f9:45:63:ba:97:2a:10:
         ec:0d:9b:0b:87:64:21:e8:43:46:89:aa:a5:42:3f:76:4b:2b:
         b9:34:fa:34:63:50:92:a6:9b:d9:5e:89:c3:65:15:fc:96:66:
         90:6d:58:76:b1:98:93:9a:60:cd:0c:f8:ba:6c:70:15:f9:de:
         8c:2b:8c:a4:47:95:1e:ab:2c:08:17:49:0a:bc:1a:fb:5b:7f:
         d1:fc:b9:dc
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBRDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1RDA1
NUIyREFBQzQ4ODc4Q0M5QjExMjdBMjlDRjExNjY2OTIwQTIzMB4XDTIzMDQwMTAx
Mjk1MVoXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoMjlFMUIyODlCNjgxOUMx
MkYwMjcxMkYyQ0E5OEQ3MUI2M0Y0QkYyMzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK7Bdx9GGP+yvMcZxeDpweV7mNtLLBMghg0ey+Yvnz8MA4vQNKb3
2Y/PTJUSfzmYfK17dycM3yTUgsTsTHSNZ6oN4Ee5uWWMRfq04Sv6N124hvI6gtRe
wi+GwR6aO1VTdff0w+jrXB0RgZbGcvD1hdEdTNh3JL6O0l6k+wnLUrmdByy/2Cj4
kit+UeIiRqv69zGNMx/xo3NoXBM7FAvRn9L//trnYChNgLwVh9/tuLbleGRQhPm1
hRKvs5VRMk9diP0Qh/j//o/Dj6EwCXuXSbtSPSRXEbCY7vPPn56Ha6bQMzwsJjSo
bw49UhutCrq6zzlL25wUXxLnoaKgTZ1YlMsCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBQp4bKJtoGcEvAnEvLKmNcbY/S/IzAfBgNVHSMEGDAWgBRdBVstqsSIeMybESei
nPEWZpIKIzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzkzL1hRVmJMYXJFaUhqTW14RW5vcHp4Rm1hU0NpTS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1hRVmJMYXJFaUhqTW14RW5vcHp4Rm1h
U0NpTS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zOTMvS2VHeWliYUJuQkx3SnhMeXlwalhHMlAwdnlNLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBMo0EDANBgkqhkiG9w0BAQsFAAOCAQEAlKU0S7ThOlYCi0Pl8J1MaEHMdrKW
NjC7TEYU4ZIFx08ogIP95zdVjiszii5Hm3vzPd8TMIVQ72XNACCIgYCNDnFhar14
1E33U+DOkvVNDGzHZJYk2cKQhISktT0CQf0Mn3+p4Y+6IK6rffhg59m/CBsngVrm
80puGHyK9MuygL6fZid/s0ClTuj03HPgDwDnYzTrUXRs+4+CvNLiGdWFWz3lLBTp
3kDfAUKeAtX5RWO6lyoQ7A2bC4dkIehDRomqpUI/dksruTT6NGNQkqab2V6Jw2UV
/JZmkG1YdrGYk5pgzQz4umxwFfnejCuMpEeVHqssCBdJCrwa+1t/0fy53A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:03 2024 by rpki-client on console-ams.rpki-client.org