Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/469/OCoKHITQ15qzycv_7vjn92iRQuU.roa
File:                     OCoKHITQ15qzycv_7vjn92iRQuU.roa (raw, json)
Hash identifier:          r2uKovk9WLyCyN03HiqwrUy/QDrPCfgxXY8Qu6nb12M=
Subject key identifier:   38:2A:0A:1C:84:D0:D7:9A:B3:C9:CB:FF:EE:F8:E7:F7:68:91:42:E5
Certificate issuer:       /CN=40610DA68E93ED538A48A46C5214024ED54D07F6
Certificate serial:       BD
Authority key identifier: 40:61:0D:A6:8E:93:ED:53:8A:48:A4:6C:52:14:02:4E:D5:4D:07:F6
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/QGENpo6T7VOKSKRsUhQCTtVNB_Y.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/469/OCoKHITQ15qzycv_7vjn92iRQuU.roa
Signing time:             Sun 01 Jan 2023 01:29:12 +0000
ROA not before:           Sun 01 Jan 2023 01:29:12 +0000
ROA not after:            Fri 15 Dec 2023 01:30:02 +0000
asID:                     10021
IP address blocks:        114.31.80.0/21 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 189 (0xbd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=40610DA68E93ED538A48A46C5214024ED54D07F6
        Validity
            Not Before: Jan  1 01:29:12 2023 GMT
            Not After : Dec 15 01:30:02 2023 GMT
        Subject: CN=382A0A1C84D0D79AB3C9CBFFEEF8E7F7689142E5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:60:ae:d5:cf:18:8b:90:25:47:9f:f7:34:9a:
                    94:ce:d3:7d:f5:0b:06:9b:32:f0:b5:ac:d9:66:8b:
                    e7:57:bd:f9:71:93:63:a0:3d:54:cf:4d:9e:8c:9c:
                    da:88:e7:05:91:92:0a:5d:66:8a:f8:aa:2d:08:d9:
                    92:e4:b2:6e:20:c5:87:16:0a:40:04:2d:47:37:b3:
                    e6:89:23:7f:73:09:0e:ae:82:15:f9:01:7d:0a:70:
                    c0:e4:e0:7b:a8:67:1e:43:1d:a1:a8:83:a6:e4:22:
                    30:8d:bf:f0:5e:99:fa:3c:43:bb:ce:d4:95:da:24:
                    62:a8:a1:ce:fd:51:8d:66:1c:ab:b7:48:5b:a8:d8:
                    13:1f:ec:5a:70:d4:58:a5:b7:15:e3:b6:cf:d5:a1:
                    be:e7:82:1e:39:93:4e:42:d1:04:cd:67:be:26:86:
                    84:89:c6:51:e9:8e:f7:57:d1:21:83:11:9f:1e:af:
                    89:cd:da:08:35:1b:65:57:ea:9f:28:c1:55:cc:ec:
                    da:8c:55:bf:6e:6e:59:08:cf:d0:61:dd:a6:c8:fa:
                    0f:1b:54:2d:70:77:cb:3b:da:3d:e1:22:e5:35:e4:
                    68:0b:c6:b3:e1:7a:d0:35:6d:3e:20:61:cb:ea:25:
                    66:ac:e0:da:af:92:12:05:97:1a:e2:58:0b:ee:1e:
                    a5:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:2A:0A:1C:84:D0:D7:9A:B3:C9:CB:FF:EE:F8:E7:F7:68:91:42:E5
            X509v3 Authority Key Identifier:
                keyid:40:61:0D:A6:8E:93:ED:53:8A:48:A4:6C:52:14:02:4E:D5:4D:07:F6

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/469/QGENpo6T7VOKSKRsUhQCTtVNB_Y.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/QGENpo6T7VOKSKRsUhQCTtVNB_Y.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/469/OCoKHITQ15qzycv_7vjn92iRQuU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  114.31.80.0/21

    Signature Algorithm: sha256WithRSAEncryption
         ae:ba:cc:7f:87:35:51:7c:4f:40:e9:0f:46:76:fb:d8:d0:03:
         23:99:56:09:92:02:8b:e7:a4:46:4f:d6:b8:c4:69:5e:6a:66:
         b5:9d:0d:46:6e:10:ca:31:04:e4:20:d2:86:6c:02:80:9a:f7:
         ce:35:8c:80:a8:16:16:48:84:93:ae:9f:a6:3f:55:ec:6b:2e:
         4a:df:87:ff:0e:5c:df:90:7a:3d:5d:b1:46:b5:ec:2c:5f:0f:
         45:50:26:74:df:12:fa:18:e9:9d:4d:d3:ad:ee:85:ab:c0:7d:
         d0:a7:4e:a4:78:75:6a:bf:cc:bc:48:97:43:bb:80:26:86:15:
         b7:ed:11:7f:b9:71:ea:12:dd:92:8a:db:9c:53:89:47:24:2c:
         fd:c6:90:48:97:f1:75:42:d6:2e:33:cd:44:27:1e:ef:67:7b:
         ce:12:77:fd:ff:db:2a:a2:42:6c:e8:4e:8f:88:20:c4:1b:89:
         7f:9b:9b:6b:cc:3b:13:1b:1f:4d:3b:f8:51:ef:c3:2a:65:9d:
         88:cf:4b:4f:b0:17:bb:1c:5f:31:70:e6:92:a7:ec:6f:18:1c:
         3b:1b:9a:48:f9:ec:e5:6e:2f:22:bd:2d:48:12:cd:90:d2:8e:
         67:fd:2e:4a:4b:88:99:f3:45:d4:0b:76:cf:02:9b:15:df:33:
         ea:27:f9:38
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAL0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNDA2
MTBEQTY4RTkzRUQ1MzhBNDhBNDZDNTIxNDAyNEVENTREMDdGNjAeFw0yMzAxMDEw
MTI5MTJaFw0yMzEyMTUwMTMwMDJaMDMxMTAvBgNVBAMTKDM4MkEwQTFDODREMEQ3
OUFCM0M5Q0JGRkVFRjhFN0Y3Njg5MTQyRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDUYK7VzxiLkCVHn/c0mpTO0331CwabMvC1rNlmi+dXvflxk2Og
PVTPTZ6MnNqI5wWRkgpdZor4qi0I2ZLksm4gxYcWCkAELUc3s+aJI39zCQ6ughX5
AX0KcMDk4HuoZx5DHaGog6bkIjCNv/Bemfo8Q7vO1JXaJGKooc79UY1mHKu3SFuo
2BMf7Fpw1FiltxXjts/Vob7ngh45k05C0QTNZ74mhoSJxlHpjvdX0SGDEZ8er4nN
2gg1G2VX6p8owVXM7NqMVb9ublkIz9Bh3abI+g8bVC1wd8s72j3hIuU15GgLxrPh
etA1bT4gYcvqJWas4NqvkhIFlxriWAvuHqUfAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUOCoKHITQ15qzycv/7vjn92iRQuUwHwYDVR0jBBgwFoAUQGENpo6T7VOKSKRs
UhQCTtVNB/YwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzQ2OS9RR0VOcG82VDdWT0tTS1JzVWhRQ1R0Vk5CX1kuY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9RR0VOcG82VDdWT0tTS1JzVWhRQ1R0
Vk5CX1kuY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvNDY5L09Db0tISVRRMTVxenljdl83dmpuOTJpUlF1VS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBANyH1AwDQYJKoZIhvcNAQELBQADggEBAK66zH+HNVF8T0DpD0Z2+9jQAyOZ
VgmSAovnpEZP1rjEaV5qZrWdDUZuEMoxBOQg0oZsAoCa9841jICoFhZIhJOun6Y/
VexrLkrfh/8OXN+Qej1dsUa17CxfD0VQJnTfEvoY6Z1N063uhavAfdCnTqR4dWq/
zLxIl0O7gCaGFbftEX+5ceoS3ZKK25xTiUckLP3GkEiX8XVC1i4zzUQnHu9ne84S
d/3/2yqiQmzoTo+IIMQbiX+bm2vMOxMbH007+FHvwyplnYjPS0+wF7scXzFw5pKn
7G8YHDsbmkj57OVuLyK9LUgSzZDSjmf9LkpLiJnzRdQLds8CmxXfM+on+Tg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:54 2024 by rpki-client on console-fra.rpki-client.org