Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/545/ZQY9-PqxTqibOO5ZK6CmbMIA9mA.roa
File:                     ZQY9-PqxTqibOO5ZK6CmbMIA9mA.roa (raw, json)
Hash identifier:          eY428QyUYOWUaofcA9+FKOEf8IhYjk6+Maklc+zt3No=
Subject key identifier:   65:06:3D:F8:FA:B1:4E:A8:9B:38:EE:59:2B:A0:A6:6C:C2:00:F6:60
Certificate issuer:       /CN=BBDCD526B09E7897F71FE04858BE75C06EC4F13A
Certificate serial:       0429
Authority key identifier: BB:DC:D5:26:B0:9E:78:97:F7:1F:E0:48:58:BE:75:C0:6E:C4:F1:3A
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/u9zVJrCeeJf3H-BIWL51wG7E8To.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/ZQY9-PqxTqibOO5ZK6CmbMIA9mA.roa
Signing time:             Thu 13 Apr 2023 09:55:21 +0000
ROA not before:           Thu 13 Apr 2023 09:55:21 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     10010
IP address blocks:        220.216.106.0/23 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1065 (0x429)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BBDCD526B09E7897F71FE04858BE75C06EC4F13A
        Validity
            Not Before: Apr 13 09:55:21 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=65063DF8FAB14EA89B38EE592BA0A66CC200F660
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:60:57:ba:cf:49:66:07:32:b1:d7:a3:2d:2b:
                    4e:42:aa:b1:99:cf:5d:f5:84:0a:f9:1d:89:de:4d:
                    dd:0b:12:3d:ae:c9:90:b0:64:ff:75:3e:2c:f8:bf:
                    be:62:41:fd:d0:e8:5b:d1:e5:eb:43:af:42:24:47:
                    13:d6:cd:be:3f:b2:4c:6b:1b:4f:c0:f8:5d:70:d5:
                    ee:8a:8b:13:37:79:8d:ec:73:bc:47:67:a0:11:f4:
                    c1:fe:fd:c0:fb:97:89:0e:ec:59:a4:23:8e:cd:ff:
                    3b:0c:f5:c9:63:4a:30:59:24:37:9d:e9:f4:a8:5a:
                    0f:2f:a7:fd:20:43:e3:0f:22:70:c7:38:5b:e5:20:
                    c6:11:69:7c:bd:74:4d:ae:4c:0e:60:0e:70:89:17:
                    4e:90:41:54:c4:52:1f:37:a1:e0:17:e5:34:45:88:
                    12:cd:97:81:42:c6:39:ab:e2:c2:08:96:5b:b6:e0:
                    76:32:7c:80:fa:40:a3:70:2e:17:fa:09:34:0d:19:
                    fa:7b:c2:d9:dc:2e:41:78:6d:4b:a1:0d:48:a0:ba:
                    46:df:ba:f7:dc:80:a2:28:4c:24:3b:0d:6e:3e:3e:
                    6b:19:57:44:cc:66:dd:e4:f1:90:03:a1:6a:aa:8b:
                    ec:c3:a1:45:3f:2a:51:74:41:50:67:ba:57:cc:45:
                    eb:37
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                65:06:3D:F8:FA:B1:4E:A8:9B:38:EE:59:2B:A0:A6:6C:C2:00:F6:60
            X509v3 Authority Key Identifier:
                keyid:BB:DC:D5:26:B0:9E:78:97:F7:1F:E0:48:58:BE:75:C0:6E:C4:F1:3A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/u9zVJrCeeJf3H-BIWL51wG7E8To.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/u9zVJrCeeJf3H-BIWL51wG7E8To.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/ZQY9-PqxTqibOO5ZK6CmbMIA9mA.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.216.106.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a1:a0:88:74:5d:d3:49:aa:6b:b9:d8:a1:ff:b1:71:64:fd:e1:
         36:f5:37:5a:ff:77:4a:5c:43:ae:01:18:47:dc:53:79:02:00:
         c5:cc:f5:2c:16:ca:e4:b1:de:16:2b:58:81:b2:c7:ee:f7:52:
         d6:a6:2b:57:02:05:8f:f7:50:21:f4:25:3a:40:8d:d5:31:c2:
         b7:e9:db:cf:2c:84:8e:6f:26:9d:d3:02:d1:e2:b0:aa:36:0b:
         b4:8a:67:aa:a8:2e:65:a2:91:04:39:d3:6f:87:2a:02:9e:9b:
         72:5a:6e:00:f8:27:fa:2d:1c:16:62:a6:59:8a:dd:47:17:1c:
         7c:30:b7:02:86:37:f8:d0:a1:01:1c:ba:f3:53:8e:af:2b:c8:
         07:08:09:77:e7:b0:11:dc:69:d4:1a:0b:3b:76:4f:8a:7d:3a:
         5e:46:61:98:63:5b:64:45:0e:49:29:62:95:5e:11:29:bb:45:
         9f:f0:9e:b1:d2:8d:bb:44:c8:c5:38:cf:82:49:4f:8e:51:66:
         cc:2f:38:16:d8:fe:e5:9e:81:35:29:eb:47:b6:1d:82:5c:e9:
         ad:c4:74:9b:22:13:cf:c6:e0:dd:7b:f2:2f:99:db:9b:fb:ad:
         56:6e:af:f7:cd:a2:5f:91:4c:f9:6f:ab:d9:fc:9e:4f:7b:5c:
         01:a9:5b:c3
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBCkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkJE
Q0Q1MjZCMDlFNzg5N0Y3MUZFMDQ4NThCRTc1QzA2RUM0RjEzQTAeFw0yMzA0MTMw
OTU1MjFaFw0yNDAzMTQwMTMwMDJaMDMxMTAvBgNVBAMTKDY1MDYzREY4RkFCMTRF
QTg5QjM4RUU1OTJCQTBBNjZDQzIwMEY2NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDNYFe6z0lmBzKx16MtK05CqrGZz131hAr5HYneTd0LEj2uyZCw
ZP91Piz4v75iQf3Q6FvR5etDr0IkRxPWzb4/skxrG0/A+F1w1e6KixM3eY3sc7xH
Z6AR9MH+/cD7l4kO7FmkI47N/zsM9cljSjBZJDed6fSoWg8vp/0gQ+MPInDHOFvl
IMYRaXy9dE2uTA5gDnCJF06QQVTEUh83oeAX5TRFiBLNl4FCxjmr4sIIllu24HYy
fID6QKNwLhf6CTQNGfp7wtncLkF4bUuhDUigukbfuvfcgKIoTCQ7DW4+PmsZV0TM
Zt3k8ZADoWqqi+zDoUU/KlF0QVBnulfMRes3AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUZQY9+PqxTqibOO5ZK6CmbMIA9mAwHwYDVR0jBBgwFoAUu9zVJrCeeJf3H+BI
WL51wG7E8TowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzU0NS91OXpWSnJDZWVKZjNILUJJV0w1MXdHN0U4VG8uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC91OXpWSnJDZWVKZjNILUJJV0w1MXdH
N0U4VG8uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvNTQ1L1pRWTktUHF4VHFpYk9PNVpLNkNtYk1JQTltQS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHc2GowDQYJKoZIhvcNAQELBQADggEBAKGgiHRd00mqa7nYof+xcWT94Tb1
N1r/d0pcQ64BGEfcU3kCAMXM9SwWyuSx3hYrWIGyx+73UtamK1cCBY/3UCH0JTpA
jdUxwrfp288shI5vJp3TAtHisKo2C7SKZ6qoLmWikQQ502+HKgKem3JabgD4J/ot
HBZiplmK3UcXHHwwtwKGN/jQoQEcuvNTjq8ryAcICXfnsBHcadQaCzt2T4p9Ol5G
YZhjW2RFDkkpYpVeESm7RZ/wnrHSjbtEyMU4z4JJT45RZswvOBbY/uWegTUp60e2
HYJc6a3EdJsiE8/G4N178i+Z25v7rVZur/fNol+RTPlvq9n8nk97XAGpW8M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:11 2024 by rpki-client on console-ams.rpki-client.org