Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/394/nOmaJqrK778ju-wQqJRjOdih2gc.roa
File:                     nOmaJqrK778ju-wQqJRjOdih2gc.roa (raw, json)
Hash identifier:          5IKoGXb9uoTk125MvAaoTFKfpqVLT9GzvNveTMm2LfQ=
Subject key identifier:   9C:E9:9A:26:AA:CA:EF:BF:23:BB:EC:10:A8:94:63:39:D8:A1:DA:07
Certificate issuer:       /CN=0D7125AE4CEAE1335FE5D429AA030CE9070DF19C
Certificate serial:       2B
Authority key identifier: 0D:71:25:AE:4C:EA:E1:33:5F:E5:D4:29:AA:03:0C:E9:07:0D:F1:9C
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/DXElrkzq4TNf5dQpqgMM6QcN8Zw.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/394/nOmaJqrK778ju-wQqJRjOdih2gc.roa
Signing time:             Fri 22 Jul 2022 00:15:56 +0000
ROA not before:           Fri 22 Jul 2022 00:15:56 +0000
ROA not after:            Fri 21 Jul 2023 04:07:13 +0000
asID:                     10013
IP address blocks:        36.52.128.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 43 (0x2b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=0D7125AE4CEAE1335FE5D429AA030CE9070DF19C
        Validity
            Not Before: Jul 22 00:15:56 2022 GMT
            Not After : Jul 21 04:07:13 2023 GMT
        Subject: CN=9CE99A26AACAEFBF23BBEC10A8946339D8A1DA07
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f3:89:1b:d0:1e:88:77:31:5d:b2:c0:88:bd:74:
                    f4:63:26:10:ee:15:74:ac:27:e6:10:7d:68:2c:1b:
                    2a:7f:64:3a:db:75:98:85:e4:06:06:5d:c6:16:49:
                    d3:80:0c:b3:6f:62:83:dc:cb:61:43:dc:7a:45:e8:
                    6b:bf:7b:7b:08:b5:5d:d6:ef:12:6b:ed:c5:82:8b:
                    d8:af:51:6e:e8:14:be:ee:d0:67:04:a5:8f:37:4c:
                    86:f9:2c:4d:a5:ae:04:64:18:2f:8a:cc:b5:29:ec:
                    07:a9:08:1f:0c:25:94:64:60:de:21:61:2c:34:31:
                    ec:0a:2b:c0:62:4f:30:7d:46:67:bf:25:9f:08:36:
                    6b:27:5f:40:50:f3:5e:22:a6:81:dd:b3:e0:2c:1f:
                    ce:a3:e0:2b:ef:23:19:6c:ab:11:db:f8:c0:dd:07:
                    de:11:a9:2c:e3:c1:4a:c3:67:f4:4c:9b:cd:b2:ff:
                    34:75:01:74:c6:ea:7f:a9:9c:3f:e0:ed:99:9f:0e:
                    75:72:b1:ad:ba:34:78:78:92:6c:b1:ec:0b:85:95:
                    25:ae:ea:fb:e5:39:33:15:c3:d5:bc:f3:e0:41:0e:
                    db:e5:3a:0d:c0:b6:17:eb:e3:49:95:5f:60:b5:81:
                    db:31:ac:ff:a9:99:5c:49:fd:77:7e:af:b3:f6:80:
                    61:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9C:E9:9A:26:AA:CA:EF:BF:23:BB:EC:10:A8:94:63:39:D8:A1:DA:07
            X509v3 Authority Key Identifier:
                keyid:0D:71:25:AE:4C:EA:E1:33:5F:E5:D4:29:AA:03:0C:E9:07:0D:F1:9C

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/394/DXElrkzq4TNf5dQpqgMM6QcN8Zw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/DXElrkzq4TNf5dQpqgMM6QcN8Zw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/394/nOmaJqrK778ju-wQqJRjOdih2gc.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  36.52.128.0/21

    Signature Algorithm: sha256WithRSAEncryption
         6e:36:d0:34:72:0e:23:60:3b:8a:8e:45:b6:83:97:cd:cf:30:
         e7:48:9e:76:85:8c:d9:2c:9d:6b:b5:05:1a:99:c4:db:2c:60:
         28:27:c4:03:4d:52:6d:5c:c7:34:eb:09:f5:d0:c0:0b:bf:d8:
         d7:03:21:f1:c3:6d:cc:78:c7:38:d3:a1:ff:60:5c:d3:5b:ab:
         f3:ec:4d:57:53:61:0e:21:3b:cf:fb:fb:6c:85:47:bd:97:7c:
         b9:6a:cd:1b:8a:b3:bf:0f:8d:30:24:b3:d0:0a:86:ff:4b:e3:
         00:d6:03:57:b4:7f:14:43:f5:e3:d5:8a:47:7d:ec:c2:c8:3f:
         58:bf:2f:a0:34:e5:5c:44:bb:17:52:8b:21:93:c1:37:16:fa:
         ed:d8:ac:e2:97:b6:54:93:6a:8d:f4:de:77:a6:2a:f0:8e:35:
         ec:41:f2:45:36:c0:3e:5e:9a:d2:30:83:a5:ba:da:30:01:8c:
         da:ab:b7:76:f4:c8:1c:9f:7f:12:5c:63:62:d9:58:86:da:69:
         cc:44:ee:37:2b:0c:47:2a:1e:92:ec:63:e6:f8:89:35:b8:e8:
         58:ff:04:18:5a:9b:63:c1:3b:dd:9e:fe:23:a3:97:df:50:5b:
         8c:98:99:bb:d8:85:c7:f2:7d:1a:30:29:31:bd:4f:fb:9d:97:
         7d:c3:5f:6c
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygwRDcx
MjVBRTRDRUFFMTMzNUZFNUQ0MjlBQTAzMENFOTA3MERGMTlDMB4XDTIyMDcyMjAw
MTU1NloXDTIzMDcyMTA0MDcxM1owMzExMC8GA1UEAxMoOUNFOTlBMjZBQUNBRUZC
RjIzQkJFQzEwQTg5NDYzMzlEOEExREEwNzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAPOJG9AeiHcxXbLAiL109GMmEO4VdKwn5hB9aCwbKn9kOtt1mIXk
BgZdxhZJ04AMs29ig9zLYUPcekXoa797ewi1XdbvEmvtxYKL2K9RbugUvu7QZwSl
jzdMhvksTaWuBGQYL4rMtSnsB6kIHwwllGRg3iFhLDQx7AorwGJPMH1GZ78lnwg2
aydfQFDzXiKmgd2z4CwfzqPgK+8jGWyrEdv4wN0H3hGpLOPBSsNn9EybzbL/NHUB
dMbqf6mcP+DtmZ8OdXKxrbo0eHiSbLHsC4WVJa7q++U5MxXD1bzz4EEO2+U6DcC2
F+vjSZVfYLWB2zGs/6mZXEn9d36vs/aAYekCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBSc6ZomqsrvvyO77BColGM52KHaBzAfBgNVHSMEGDAWgBQNcSWuTOrhM1/l1Cmq
AwzpBw3xnDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzk0L0RYRWxya3pxNFROZjVkUXBxZ01NNlFjTjhady5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL0RYRWxya3pxNFROZjVkUXBxZ01NNlFj
Tjhady5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zOTQvbk9tYUpxcks3NzhqdS13UXFKUmpPZGloMmdjLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAyQ0gDANBgkqhkiG9w0BAQsFAAOCAQEAbjbQNHIOI2A7io5FtoOXzc8w50ie
doWM2Syda7UFGpnE2yxgKCfEA01SbVzHNOsJ9dDAC7/Y1wMh8cNtzHjHONOh/2Bc
01ur8+xNV1NhDiE7z/v7bIVHvZd8uWrNG4qzvw+NMCSz0AqG/0vjANYDV7R/FEP1
49WKR33swsg/WL8voDTlXES7F1KLIZPBNxb67dis4pe2VJNqjfTed6Yq8I417EHy
RTbAPl6a0jCDpbraMAGM2qu3dvTIHJ9/ElxjYtlYhtppzETuNysMRyoekuxj5viJ
NbjoWP8EGFqbY8E73Z7+I6OX31BbjJiZu9iFx/J9GjApMb1P+52XfcNfbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:09 2024 by rpki-client on console-ams.rpki-client.org