Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/545/aYuemz7ixTkd6CDkIn3Vec9c4hE.roa
File:                     aYuemz7ixTkd6CDkIn3Vec9c4hE.roa (raw, json)
Hash identifier:          jYXDhTmd1i/PPmCb59a7+PcIawNPhfWUA1gWI9lH4eM=
Subject key identifier:   69:8B:9E:9B:3E:E2:C5:39:1D:E8:20:E4:22:7D:D5:79:CF:5C:E2:11
Certificate issuer:       /CN=BBDCD526B09E7897F71FE04858BE75C06EC4F13A
Certificate serial:       0392
Authority key identifier: BB:DC:D5:26:B0:9E:78:97:F7:1F:E0:48:58:BE:75:C0:6E:C4:F1:3A
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/u9zVJrCeeJf3H-BIWL51wG7E8To.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/aYuemz7ixTkd6CDkIn3Vec9c4hE.roa
Signing time:             Sun 01 May 2022 01:29:47 +0000
ROA not before:           Sun 01 May 2022 01:29:47 +0000
ROA not after:            Thu 27 Apr 2023 09:52:34 +0000
asID:                     10010
IP address blocks:        111.67.124.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 914 (0x392)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BBDCD526B09E7897F71FE04858BE75C06EC4F13A
        Validity
            Not Before: May  1 01:29:47 2022 GMT
            Not After : Apr 27 09:52:34 2023 GMT
        Subject: CN=698B9E9B3EE2C5391DE820E4227DD579CF5CE211
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:fd:03:0a:cf:08:f7:9b:46:fe:13:65:a2:fc:
                    86:44:87:1b:9e:89:48:cb:25:4e:43:09:5c:34:33:
                    c2:17:ca:38:22:e3:f5:34:fa:17:d8:b6:50:a2:8d:
                    55:83:44:9a:74:3b:4d:01:31:13:71:82:70:4b:ef:
                    5d:cc:0e:09:12:09:93:7f:04:83:34:50:08:d4:d3:
                    01:8a:86:50:4d:0e:52:1c:b1:c3:53:48:5b:39:4a:
                    5a:3b:04:ff:13:ef:10:a3:76:27:05:e7:f2:ec:e2:
                    28:f4:29:8f:b6:b1:7b:d9:7b:a0:7f:04:eb:df:b6:
                    e7:4e:94:77:3d:71:67:7e:46:21:02:12:f4:03:31:
                    2f:b0:9d:2d:60:f1:4b:10:79:8b:56:93:9c:72:d9:
                    99:c1:7d:a8:0a:d5:32:01:c9:d5:a0:e6:99:06:3e:
                    c5:fa:be:34:5b:f7:98:4d:0f:a8:e3:c2:42:cc:1d:
                    a2:71:ef:cf:05:fd:8f:74:ef:1f:4a:fa:02:b4:e9:
                    36:fc:08:b0:53:08:93:88:d6:f5:3a:f5:d1:8c:df:
                    90:f8:2e:8d:4f:ca:1c:57:e3:0b:1e:be:90:dc:de:
                    1f:43:fd:30:7a:83:c1:00:4a:9e:25:dd:58:fc:f7:
                    ef:b3:fb:92:1d:f5:2f:d5:e3:85:74:02:fa:9e:88:
                    0f:bb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                69:8B:9E:9B:3E:E2:C5:39:1D:E8:20:E4:22:7D:D5:79:CF:5C:E2:11
            X509v3 Authority Key Identifier:
                keyid:BB:DC:D5:26:B0:9E:78:97:F7:1F:E0:48:58:BE:75:C0:6E:C4:F1:3A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/u9zVJrCeeJf3H-BIWL51wG7E8To.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/u9zVJrCeeJf3H-BIWL51wG7E8To.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/aYuemz7ixTkd6CDkIn3Vec9c4hE.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  111.67.124.0/22

    Signature Algorithm: sha256WithRSAEncryption
         ac:b4:86:db:fa:c7:17:72:da:c8:ce:2d:4a:0d:fa:f4:71:f5:
         56:b7:21:17:ca:fb:23:b5:4f:47:6f:8a:13:f1:96:f5:88:9e:
         9c:a0:d0:79:4b:6f:cb:19:3e:d7:c8:04:a2:df:f9:42:e9:ca:
         d1:c1:5e:47:18:c1:90:fa:be:37:ab:a8:1c:44:47:09:35:5f:
         6f:b9:e1:f1:f6:c9:68:dd:03:41:6f:13:41:20:5a:55:34:bb:
         d3:25:dc:cc:44:e7:02:9f:7b:e9:29:26:f1:fa:b6:a7:cf:29:
         67:69:c3:ff:11:57:5b:27:f9:51:82:53:0c:dc:71:2c:6e:55:
         5c:3d:82:2d:87:98:58:77:b0:59:50:9d:71:f8:d5:87:74:20:
         36:1d:5e:47:da:de:1b:eb:9e:12:82:d2:09:d8:e8:72:66:15:
         88:b9:15:71:16:69:c9:93:fa:2d:44:7a:e2:f5:1b:de:39:01:
         2e:9e:a2:a3:12:43:dd:b5:ce:e8:82:74:94:21:de:d6:b0:41:
         59:4c:fb:cd:5f:cf:3d:37:27:fb:07:c5:fb:bf:4f:b2:67:7c:
         d8:a1:77:66:84:55:18:f3:73:be:d4:24:62:92:c9:a9:bb:f5:
         20:3e:52:9b:e7:ef:7c:35:d1:de:f4:44:25:49:e3:92:38:8e:
         d3:70:a7:47
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICA5IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkJE
Q0Q1MjZCMDlFNzg5N0Y3MUZFMDQ4NThCRTc1QzA2RUM0RjEzQTAeFw0yMjA1MDEw
MTI5NDdaFw0yMzA0MjcwOTUyMzRaMDMxMTAvBgNVBAMTKDY5OEI5RTlCM0VFMkM1
MzkxREU4MjBFNDIyN0RENTc5Q0Y1Q0UyMTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCr/QMKzwj3m0b+E2Wi/IZEhxueiUjLJU5DCVw0M8IXyjgi4/U0
+hfYtlCijVWDRJp0O00BMRNxgnBL713MDgkSCZN/BIM0UAjU0wGKhlBNDlIcscNT
SFs5Slo7BP8T7xCjdicF5/Ls4ij0KY+2sXvZe6B/BOvftudOlHc9cWd+RiECEvQD
MS+wnS1g8UsQeYtWk5xy2ZnBfagK1TIBydWg5pkGPsX6vjRb95hND6jjwkLMHaJx
788F/Y907x9K+gK06Tb8CLBTCJOI1vU69dGM35D4Lo1PyhxX4wsevpDc3h9D/TB6
g8EASp4l3Vj89++z+5Id9S/V44V0AvqeiA+7AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUaYuemz7ixTkd6CDkIn3Vec9c4hEwHwYDVR0jBBgwFoAUu9zVJrCeeJf3H+BI
WL51wG7E8TowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzU0NS91OXpWSnJDZWVKZjNILUJJV0w1MXdHN0U4VG8uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC91OXpWSnJDZWVKZjNILUJJV0w1MXdH
N0U4VG8uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvNTQ1L2FZdWVtejdpeFRrZDZDRGtJbjNWZWM5YzRoRS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAJvQ3wwDQYJKoZIhvcNAQELBQADggEBAKy0htv6xxdy2sjOLUoN+vRx9Va3
IRfK+yO1T0dvihPxlvWInpyg0HlLb8sZPtfIBKLf+ULpytHBXkcYwZD6vjerqBxE
Rwk1X2+54fH2yWjdA0FvE0EgWlU0u9Ml3MxE5wKfe+kpJvH6tqfPKWdpw/8RV1sn
+VGCUwzccSxuVVw9gi2HmFh3sFlQnXH41Yd0IDYdXkfa3hvrnhKC0gnY6HJmFYi5
FXEWacmT+i1EeuL1G945AS6eoqMSQ921zuiCdJQh3tawQVlM+81fzz03J/sHxfu/
T7JnfNihd2aEVRjzc77UJGKSyam79SA+Upvn73w10d70RCVJ45I4jtNwp0c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:55 2024 by rpki-client on console-fra.rpki-client.org