Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/545/VGZ08LGXKlVrXG6X9iwEF7br6CM.roa
File:                     VGZ08LGXKlVrXG6X9iwEF7br6CM.roa (raw, json)
Hash identifier:          pgHtlBAXtagAYrh/0J0sl5qOX9AcLqCrb0U4yPME1Lo=
Subject key identifier:   54:66:74:F0:B1:97:2A:55:6B:5C:6E:97:F6:2C:04:17:B6:EB:E8:23
Certificate issuer:       /CN=BBDCD526B09E7897F71FE04858BE75C06EC4F13A
Certificate serial:       0407
Authority key identifier: BB:DC:D5:26:B0:9E:78:97:F7:1F:E0:48:58:BE:75:C0:6E:C4:F1:3A
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/u9zVJrCeeJf3H-BIWL51wG7E8To.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/VGZ08LGXKlVrXG6X9iwEF7br6CM.roa
Signing time:             Thu 13 Apr 2023 09:52:16 +0000
ROA not before:           Thu 13 Apr 2023 09:52:16 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     10010
IP address blocks:        220.148.0.0/18 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1031 (0x407)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BBDCD526B09E7897F71FE04858BE75C06EC4F13A
        Validity
            Not Before: Apr 13 09:52:16 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=546674F0B1972A556B5C6E97F62C0417B6EBE823
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c7:94:e8:47:02:e5:0a:5e:b4:c7:2b:2b:92:32:
                    ef:e1:dd:b1:67:4d:21:a2:e1:a5:2a:d9:dd:22:67:
                    dc:7b:f6:f9:6f:e4:0a:ab:fc:42:c0:66:81:9c:e8:
                    b1:d5:11:28:13:65:93:52:44:e6:64:c1:b3:7a:38:
                    5d:9d:cc:f6:da:d3:9d:bc:af:14:b0:19:c8:a9:b9:
                    98:bc:0c:54:3c:ef:09:1b:e2:0e:f7:f0:66:24:dc:
                    c5:2b:a6:2e:0b:7d:77:2d:6d:32:61:2e:95:52:80:
                    a7:b3:fa:36:b5:65:d2:72:8e:72:f2:e2:5d:3f:c9:
                    41:ac:03:c9:ee:6c:5f:f5:8b:71:f6:17:2c:b9:b0:
                    a2:c8:cf:df:6b:bc:f7:ca:2e:2d:76:73:5f:2e:55:
                    66:d8:b5:2c:59:b9:16:90:88:80:73:01:bb:7c:59:
                    da:87:58:b6:85:e5:41:4f:04:c4:d7:12:6d:47:a3:
                    f6:7d:70:a0:9d:b4:dc:2c:61:cf:7c:a9:5f:fb:b0:
                    27:d5:8c:78:12:99:8a:32:80:82:ec:64:a7:86:5a:
                    aa:08:90:1d:53:f3:7f:5e:ed:7d:7b:f0:06:87:8f:
                    cb:00:c5:df:3f:b9:ed:f5:a7:04:24:40:06:a2:62:
                    76:04:60:16:49:cd:9f:9b:b0:2a:b3:ed:84:79:c6:
                    7b:c7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                54:66:74:F0:B1:97:2A:55:6B:5C:6E:97:F6:2C:04:17:B6:EB:E8:23
            X509v3 Authority Key Identifier:
                keyid:BB:DC:D5:26:B0:9E:78:97:F7:1F:E0:48:58:BE:75:C0:6E:C4:F1:3A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/u9zVJrCeeJf3H-BIWL51wG7E8To.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/u9zVJrCeeJf3H-BIWL51wG7E8To.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/VGZ08LGXKlVrXG6X9iwEF7br6CM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.148.0.0/18

    Signature Algorithm: sha256WithRSAEncryption
         b6:57:95:a4:37:22:a9:f6:0d:38:35:b1:c0:47:ad:95:6c:5b:
         4f:90:03:b5:35:0e:4b:7b:dc:85:a7:88:c3:24:ce:e4:da:97:
         5f:e8:b6:7c:64:fd:e9:db:59:40:91:1f:2c:8a:8a:11:92:e6:
         6f:29:45:d5:87:3c:f3:a7:71:31:30:39:b1:f2:6d:2c:13:15:
         89:8b:0e:b8:04:30:b2:5f:c1:41:56:57:58:04:c5:ad:13:66:
         79:c5:c7:41:f8:01:e5:fd:00:23:c1:65:3d:72:8a:d1:b0:10:
         c8:9e:1d:5f:d2:33:37:db:eb:5a:29:af:57:77:f5:95:2d:c5:
         87:d1:f0:26:f3:d9:d2:65:f7:b9:20:25:18:e4:02:03:79:c3:
         7d:52:e0:65:2c:dd:75:d2:4e:02:e7:cc:7b:12:41:31:4b:32:
         f3:57:76:2c:02:75:0c:8e:07:08:81:ae:f8:1c:41:84:8f:af:
         b2:73:6f:25:45:fe:21:40:de:35:db:2b:c5:eb:e4:b6:e2:8b:
         7c:d5:3a:1f:34:ac:e4:42:d0:b4:59:52:ba:2d:ea:2e:bc:1d:
         27:d8:ef:b4:4e:aa:6b:46:dd:20:d3:4d:8d:11:74:d1:25:3d:
         b0:a8:a2:38:c8:f8:a0:af:37:fc:b8:07:e1:f7:01:08:a6:1e:
         a2:20:63:e4
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBAcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkJE
Q0Q1MjZCMDlFNzg5N0Y3MUZFMDQ4NThCRTc1QzA2RUM0RjEzQTAeFw0yMzA0MTMw
OTUyMTZaFw0yNDAzMTQwMTMwMDJaMDMxMTAvBgNVBAMTKDU0NjY3NEYwQjE5NzJB
NTU2QjVDNkU5N0Y2MkMwNDE3QjZFQkU4MjMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDHlOhHAuUKXrTHKyuSMu/h3bFnTSGi4aUq2d0iZ9x79vlv5Aqr
/ELAZoGc6LHVESgTZZNSROZkwbN6OF2dzPba0528rxSwGcipuZi8DFQ87wkb4g73
8GYk3MUrpi4LfXctbTJhLpVSgKez+ja1ZdJyjnLy4l0/yUGsA8nubF/1i3H2Fyy5
sKLIz99rvPfKLi12c18uVWbYtSxZuRaQiIBzAbt8WdqHWLaF5UFPBMTXEm1Ho/Z9
cKCdtNwsYc98qV/7sCfVjHgSmYoygILsZKeGWqoIkB1T839e7X178AaHj8sAxd8/
ue31pwQkQAaiYnYEYBZJzZ+bsCqz7YR5xnvHAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUVGZ08LGXKlVrXG6X9iwEF7br6CMwHwYDVR0jBBgwFoAUu9zVJrCeeJf3H+BI
WL51wG7E8TowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzU0NS91OXpWSnJDZWVKZjNILUJJV0w1MXdHN0U4VG8uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC91OXpWSnJDZWVKZjNILUJJV0w1MXdH
N0U4VG8uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvNTQ1L1ZHWjA4TEdYS2xWclhHNlg5aXdFRjdicjZDTS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAbclAAwDQYJKoZIhvcNAQELBQADggEBALZXlaQ3Iqn2DTg1scBHrZVsW0+Q
A7U1Dkt73IWniMMkzuTal1/otnxk/enbWUCRHyyKihGS5m8pRdWHPPOncTEwObHy
bSwTFYmLDrgEMLJfwUFWV1gExa0TZnnFx0H4AeX9ACPBZT1yitGwEMieHV/SMzfb
61opr1d39ZUtxYfR8Cbz2dJl97kgJRjkAgN5w31S4GUs3XXSTgLnzHsSQTFLMvNX
diwCdQyOBwiBrvgcQYSPr7JzbyVF/iFA3jXbK8Xr5Lbii3zVOh80rORC0LRZUrot
6i68HSfY77ROqmtG3SDTTY0RdNElPbCoojjI+KCvN/y4B+H3AQimHqIgY+Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:11 2024 by rpki-client on console-ams.rpki-client.org