Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/462/jUpW4jX02ehv9LS63bMXV91tMu4.roa
File:                     jUpW4jX02ehv9LS63bMXV91tMu4.roa (raw, json)
Hash identifier:          kKhZ22ZsXbIZKpvTtShUct8G8UjoO6NG4k1oyZBkLDw=
Subject key identifier:   8D:4A:56:E2:35:F4:D9:E8:6F:F4:B4:BA:DD:B3:17:57:DD:6D:32:EE
Certificate issuer:       /CN=43917B23074524E9E6EA8E40FA4A0672C9620318
Certificate serial:       3C
Authority key identifier: 43:91:7B:23:07:45:24:E9:E6:EA:8E:40:FA:4A:06:72:C9:62:03:18
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Q5F7IwdFJOnm6o5A-koGcsliAxg.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/462/jUpW4jX02ehv9LS63bMXV91tMu4.roa
Signing time:             Mon 01 May 2023 01:29:08 +0000
ROA not before:           Mon 01 May 2023 01:29:08 +0000
ROA not after:            Sun 14 Apr 2024 01:30:02 +0000
asID:                     10019
IP address blocks:        211.125.144.0/20 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 60 (0x3c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=43917B23074524E9E6EA8E40FA4A0672C9620318
        Validity
            Not Before: May  1 01:29:08 2023 GMT
            Not After : Apr 14 01:30:02 2024 GMT
        Subject: CN=8D4A56E235F4D9E86FF4B4BADDB31757DD6D32EE
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e5:75:e6:fb:dc:b2:46:61:99:7e:dc:d1:bd:a3:
                    10:41:b2:9c:a2:f2:60:96:c6:2f:dd:a5:be:ac:28:
                    8a:3c:2a:d1:d9:cf:ce:a0:60:39:a9:69:18:a0:a0:
                    7e:ca:6c:8c:a9:80:58:76:3a:0c:05:8d:b9:9d:cb:
                    41:a6:88:35:c1:9d:58:bc:9d:7f:63:e0:e7:69:4d:
                    cd:0c:0d:24:b7:8c:83:27:60:01:ed:96:b5:2f:53:
                    aa:39:44:1d:09:4a:b5:8f:69:fe:d5:19:38:74:75:
                    55:fb:e8:e7:d9:15:73:fc:24:e9:61:3e:70:7b:d2:
                    fe:08:2c:63:fd:f0:c4:9e:ea:72:0e:37:14:04:e3:
                    e2:1f:c7:93:82:f8:fe:ed:24:e0:6a:e1:fa:4d:3b:
                    27:92:4d:d6:c1:50:8e:e0:87:fc:5e:5c:4a:95:5b:
                    23:a9:65:2d:8b:51:96:c7:2a:99:a4:11:29:c2:4a:
                    f9:ab:36:d7:3b:8b:71:59:78:94:fa:62:6b:c7:89:
                    e8:25:8f:fb:07:54:b5:83:e9:ea:95:34:34:c5:61:
                    cb:08:78:c0:f9:01:1e:67:d9:c1:57:6e:6c:29:0b:
                    24:e4:26:4f:71:c9:34:f8:5d:95:68:14:9f:78:81:
                    8a:42:22:cf:19:3a:13:51:2a:80:34:2d:61:2d:86:
                    e2:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                8D:4A:56:E2:35:F4:D9:E8:6F:F4:B4:BA:DD:B3:17:57:DD:6D:32:EE
            X509v3 Authority Key Identifier:
                keyid:43:91:7B:23:07:45:24:E9:E6:EA:8E:40:FA:4A:06:72:C9:62:03:18

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/462/Q5F7IwdFJOnm6o5A-koGcsliAxg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Q5F7IwdFJOnm6o5A-koGcsliAxg.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/462/jUpW4jX02ehv9LS63bMXV91tMu4.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.125.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         a1:8a:c5:e8:90:a1:9e:a0:c0:d1:98:d9:af:72:5a:d3:a9:2c:
         1c:d2:f7:1d:1e:53:c2:c0:03:c0:e3:90:58:2a:0b:be:11:92:
         f1:ba:5f:8e:a2:3f:d0:62:7a:a8:74:52:05:69:8e:9d:17:8e:
         29:a2:9d:12:4d:1a:ac:df:a5:44:45:3e:6f:e3:7f:f4:94:27:
         54:f9:89:39:03:c6:83:2e:67:79:ce:87:f2:d6:31:58:ea:05:
         10:29:45:b5:e0:51:3b:e5:b4:e3:f5:39:e4:66:bf:72:43:d0:
         c4:ed:60:fb:21:df:e9:d2:8f:b8:c6:78:49:cd:ed:d1:80:99:
         71:49:df:fd:1d:d0:f7:66:9a:fe:e2:04:d0:ba:76:dc:81:a9:
         c9:9e:3d:67:85:4d:c4:4a:1f:d2:97:14:fd:e1:0a:b8:d6:d0:
         f8:96:ef:e5:67:c1:90:3c:93:a1:81:eb:df:c2:ee:e1:e7:c0:
         f2:98:a4:81:35:0a:c2:96:5f:f4:9e:38:de:c9:08:85:b4:cc:
         44:bc:c2:de:e2:af:2f:09:8e:28:98:2c:46:7a:5c:e5:f7:20:
         81:8e:19:a8:25:ce:dd:8d:4a:cb:fa:9b:af:18:96:80:73:10:
         93:fb:e6:f0:fb:94:3b:b0:76:0a:a5:00:f8:bb:df:96:36:cd:
         e8:89:de:3f
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0Mzkx
N0IyMzA3NDUyNEU5RTZFQThFNDBGQTRBMDY3MkM5NjIwMzE4MB4XDTIzMDUwMTAx
MjkwOFoXDTI0MDQxNDAxMzAwMlowMzExMC8GA1UEAxMoOEQ0QTU2RTIzNUY0RDlF
ODZGRjRCNEJBRERCMzE3NTdERDZEMzJFRTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOV15vvcskZhmX7c0b2jEEGynKLyYJbGL92lvqwoijwq0dnPzqBg
OalpGKCgfspsjKmAWHY6DAWNuZ3LQaaINcGdWLydf2Pg52lNzQwNJLeMgydgAe2W
tS9TqjlEHQlKtY9p/tUZOHR1Vfvo59kVc/wk6WE+cHvS/ggsY/3wxJ7qcg43FATj
4h/Hk4L4/u0k4Grh+k07J5JN1sFQjuCH/F5cSpVbI6llLYtRlscqmaQRKcJK+as2
1zuLcVl4lPpia8eJ6CWP+wdUtYPp6pU0NMVhywh4wPkBHmfZwVdubCkLJOQmT3HJ
NPhdlWgUn3iBikIizxk6E1EqgDQtYS2G4pMCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBSNSlbiNfTZ6G/0tLrdsxdX3W0y7jAfBgNVHSMEGDAWgBRDkXsjB0Uk6ebqjkD6
SgZyyWIDGDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvNDYyL1E1RjdJd2RGSk9ubTZvNUEta29HY3NsaUF4Zy5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1E1RjdJd2RGSk9ubTZvNUEta29HY3Ns
aUF4Zy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC80NjIvalVwVzRqWDAyZWh2OUxTNjNiTVhWOTF0TXU0LnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBNN9kDANBgkqhkiG9w0BAQsFAAOCAQEAoYrF6JChnqDA0ZjZr3Ja06ksHNL3
HR5TwsADwOOQWCoLvhGS8bpfjqI/0GJ6qHRSBWmOnReOKaKdEk0arN+lREU+b+N/
9JQnVPmJOQPGgy5nec6H8tYxWOoFEClFteBRO+W04/U55Ga/ckPQxO1g+yHf6dKP
uMZ4Sc3t0YCZcUnf/R3Q92aa/uIE0Lp23IGpyZ49Z4VNxEof0pcU/eEKuNbQ+Jbv
5WfBkDyToYHr38Lu4efA8pikgTUKwpZf9J443skIhbTMRLzC3uKvLwmOKJgsRnpc
5fcggY4ZqCXO3Y1Ky/qbrxiWgHMQk/vm8PuUO7B2CqUA+LvfljbN6InePw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:10 2024 by rpki-client on console-ams.rpki-client.org