Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/545/Mpkhx_YPBf66I5sEiONA0Ff0G9U.roa
File:                     Mpkhx_YPBf66I5sEiONA0Ff0G9U.roa (raw, json)
Hash identifier:          OimNpfboYmmZGK2/czkXJpdpI68g6cjpNkCAkrPdBhs=
Subject key identifier:   32:99:21:C7:F6:0F:05:FE:BA:23:9B:04:88:E3:40:D0:57:F4:1B:D5
Certificate issuer:       /CN=BBDCD526B09E7897F71FE04858BE75C06EC4F13A
Certificate serial:       0477
Authority key identifier: BB:DC:D5:26:B0:9E:78:97:F7:1F:E0:48:58:BE:75:C0:6E:C4:F1:3A
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/u9zVJrCeeJf3H-BIWL51wG7E8To.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/Mpkhx_YPBf66I5sEiONA0Ff0G9U.roa
Signing time:             Thu 13 Apr 2023 09:59:50 +0000
ROA not before:           Thu 13 Apr 2023 09:59:50 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     10010
IP address blocks:        117.104.0.0/18 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1143 (0x477)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BBDCD526B09E7897F71FE04858BE75C06EC4F13A
        Validity
            Not Before: Apr 13 09:59:50 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=329921C7F60F05FEBA239B0488E340D057F41BD5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:cb:0e:6d:e5:bf:b7:62:40:35:52:18:eb:23:
                    f9:c9:13:54:ee:3f:17:bb:53:b7:e0:98:4a:00:5e:
                    95:ee:a9:50:27:0d:76:2d:62:4d:3a:b5:7d:54:dc:
                    68:a4:ae:a6:f7:b1:4a:ab:f3:ec:0f:a2:03:09:bc:
                    c3:6a:e5:d5:a8:d8:4d:c2:6e:a8:13:ad:6f:29:43:
                    80:4f:e3:df:fa:e7:c3:c0:03:3e:70:e7:84:69:69:
                    27:43:8f:ff:f0:0c:5e:7e:99:ec:d9:f9:57:b4:8c:
                    e7:b9:70:99:2a:8b:b6:ad:7c:47:56:f9:36:13:13:
                    3e:4e:e1:c5:24:be:1f:4a:94:0e:49:cb:95:dc:e6:
                    ed:a4:6e:6e:1d:9b:96:33:82:d9:58:d3:5c:9f:e4:
                    92:98:32:e9:95:aa:ef:b8:4b:6c:bf:76:8e:12:3d:
                    fa:44:af:27:1b:b8:e5:05:ae:a3:0e:f5:61:7c:77:
                    18:ff:e2:69:57:e7:84:46:77:e9:f6:19:28:00:1b:
                    c3:a1:ab:2b:b2:8c:d4:6f:87:59:b3:4a:cb:3a:c4:
                    b5:7d:d3:fd:05:e2:d0:b9:01:9f:fc:bc:92:c2:cf:
                    24:1d:4f:48:ac:e8:b9:a2:1b:84:aa:f3:60:a7:f1:
                    21:a5:b5:23:65:6d:a1:d3:cc:f0:a2:ea:d6:57:e0:
                    ea:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                32:99:21:C7:F6:0F:05:FE:BA:23:9B:04:88:E3:40:D0:57:F4:1B:D5
            X509v3 Authority Key Identifier:
                keyid:BB:DC:D5:26:B0:9E:78:97:F7:1F:E0:48:58:BE:75:C0:6E:C4:F1:3A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/u9zVJrCeeJf3H-BIWL51wG7E8To.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/u9zVJrCeeJf3H-BIWL51wG7E8To.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/Mpkhx_YPBf66I5sEiONA0Ff0G9U.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  117.104.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         0a:6b:68:21:61:9f:77:6d:e5:3f:41:a0:56:b9:35:a5:86:9a:
         cf:b9:c4:96:b7:50:ee:f3:1e:86:c4:9f:65:4c:d4:01:40:4f:
         56:ae:a1:40:92:75:f1:17:49:6e:1b:46:fe:57:6f:8f:38:bf:
         6f:ef:b9:ae:35:49:c6:e5:14:a1:19:4d:52:f4:c3:72:5f:ee:
         4f:2e:1c:72:73:39:03:9e:38:b3:65:81:4c:ad:a4:7c:93:73:
         67:d6:f3:d0:b9:67:cc:63:52:bd:5e:ad:96:fc:b5:fd:60:e0:
         08:c8:56:1e:d0:c4:8e:ac:8b:f2:67:88:69:83:6b:ae:b0:22:
         de:a5:c1:97:3b:d7:ee:0d:25:c0:4b:fe:76:e6:9d:09:da:0a:
         0a:c8:8b:cd:57:ec:34:62:a1:60:6c:49:3f:b8:39:0e:3e:dc:
         76:4a:7a:e7:83:37:98:5e:5a:7e:72:cf:fc:d3:17:e2:df:01:
         f5:f5:bd:b3:65:ea:e6:2c:e2:a1:e1:de:97:ff:24:60:e3:10:
         96:46:ee:b3:e1:2e:3e:67:c0:4c:64:2a:7b:b6:d0:35:7d:98:
         dd:90:16:a2:d4:b0:d1:c6:83:47:c9:be:16:89:60:9c:53:65:
         90:bc:66:c7:82:1f:e9:f1:be:d5:1a:48:e3:c3:22:c3:72:59:
         46:6b:f2:5d
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBHcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkJE
Q0Q1MjZCMDlFNzg5N0Y3MUZFMDQ4NThCRTc1QzA2RUM0RjEzQTAeFw0yMzA0MTMw
OTU5NTBaFw0yNDAzMTQwMTMwMDJaMDMxMTAvBgNVBAMTKDMyOTkyMUM3RjYwRjA1
RkVCQTIzOUIwNDg4RTM0MEQwNTdGNDFCRDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCyw5t5b+3YkA1UhjrI/nJE1TuPxe7U7fgmEoAXpXuqVAnDXYt
Yk06tX1U3Gikrqb3sUqr8+wPogMJvMNq5dWo2E3CbqgTrW8pQ4BP49/658PAAz5w
54RpaSdDj//wDF5+mezZ+Ve0jOe5cJkqi7atfEdW+TYTEz5O4cUkvh9KlA5Jy5Xc
5u2kbm4dm5YzgtlY01yf5JKYMumVqu+4S2y/do4SPfpErycbuOUFrqMO9WF8dxj/
4mlX54RGd+n2GSgAG8OhqyuyjNRvh1mzSss6xLV90/0F4tC5AZ/8vJLCzyQdT0is
6LmiG4Sq82Cn8SGltSNlbaHTzPCi6tZX4OrJAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUMpkhx/YPBf66I5sEiONA0Ff0G9UwHwYDVR0jBBgwFoAUu9zVJrCeeJf3H+BI
WL51wG7E8TowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzU0NS91OXpWSnJDZWVKZjNILUJJV0w1MXdHN0U4VG8uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC91OXpWSnJDZWVKZjNILUJJV0w1MXdH
N0U4VG8uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvNTQ1L01wa2h4X1lQQmY2Nkk1c0VpT05BMEZmMEc5VS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAZ1aAAwDQYJKoZIhvcNAQELBQADggEBAApraCFhn3dt5T9BoFa5NaWGms+5
xJa3UO7zHobEn2VM1AFAT1auoUCSdfEXSW4bRv5Xb484v2/vua41ScblFKEZTVL0
w3Jf7k8uHHJzOQOeOLNlgUytpHyTc2fW89C5Z8xjUr1erZb8tf1g4AjIVh7QxI6s
i/JniGmDa66wIt6lwZc71+4NJcBL/nbmnQnaCgrIi81X7DRioWBsST+4OQ4+3HZK
eueDN5heWn5yz/zTF+LfAfX1vbNl6uYs4qHh3pf/JGDjEJZG7rPhLj5nwExkKnu2
0DV9mN2QFqLUsNHGg0fJvhaJYJxTZZC8ZseCH+nxvtUaSOPDIsNyWUZr8l0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:11 2024 by rpki-client on console-ams.rpki-client.org