Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/545/ffGCPGnNqKxJFaS8b1sPxp1WytI.roa
File:                     ffGCPGnNqKxJFaS8b1sPxp1WytI.roa (raw, json)
Hash identifier:          GQkM9+0lewViPtaZiMTIcv6DYW3A5iQnfRG3R0lJFMM=
Subject key identifier:   7D:F1:82:3C:69:CD:A8:AC:49:15:A4:BC:6F:5B:0F:C6:9D:56:CA:D2
Certificate issuer:       /CN=BBDCD526B09E7897F71FE04858BE75C06EC4F13A
Certificate serial:       041F
Authority key identifier: BB:DC:D5:26:B0:9E:78:97:F7:1F:E0:48:58:BE:75:C0:6E:C4:F1:3A
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/u9zVJrCeeJf3H-BIWL51wG7E8To.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/ffGCPGnNqKxJFaS8b1sPxp1WytI.roa
Signing time:             Thu 13 Apr 2023 09:52:27 +0000
ROA not before:           Thu 13 Apr 2023 09:52:27 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     10010
IP address blocks:        182.21.128.0/17 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1055 (0x41f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=BBDCD526B09E7897F71FE04858BE75C06EC4F13A
        Validity
            Not Before: Apr 13 09:52:27 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=7DF1823C69CDA8AC4915A4BC6F5B0FC69D56CAD2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:ab:63:3e:ef:7f:db:3a:42:33:9f:ad:4d:23:
                    b3:d3:4a:f7:15:bc:8c:be:70:75:c7:68:ec:da:c8:
                    0e:05:8c:dd:57:83:c6:6e:c7:49:94:e7:44:10:d2:
                    5e:3c:e3:a2:af:52:c5:12:50:5f:91:00:8c:05:e9:
                    2d:f4:c1:b6:b7:4b:34:d7:7e:02:29:0d:c8:8f:37:
                    33:18:6d:43:99:5c:37:f3:2c:f5:2a:ea:ec:a1:e1:
                    35:bf:52:87:97:43:4c:c8:88:d3:d9:21:c2:cc:59:
                    81:69:a2:e7:57:9d:52:d4:a4:1d:a3:55:f3:d6:5b:
                    c2:79:16:ee:a1:f2:8e:a5:3b:32:8e:c8:bc:3d:f7:
                    10:34:8a:1b:bb:22:f7:ba:81:be:44:96:02:c5:9a:
                    56:6e:36:bd:14:ae:68:4b:8c:44:11:19:f6:40:16:
                    37:53:89:b3:f9:e1:5b:c1:9a:69:78:d4:42:41:57:
                    75:ad:55:61:63:2c:92:24:b7:c3:26:5d:d7:49:2d:
                    b2:22:39:1d:99:47:9d:8f:90:c6:77:91:7f:fd:be:
                    69:60:93:e1:1a:eb:87:da:d2:46:8d:9e:7e:09:f2:
                    01:ea:84:10:82:b2:4e:e9:ea:e1:6d:b0:31:53:c3:
                    6a:0e:1a:31:b8:c1:5c:f1:90:b1:e3:dc:d5:d2:1a:
                    ae:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                7D:F1:82:3C:69:CD:A8:AC:49:15:A4:BC:6F:5B:0F:C6:9D:56:CA:D2
            X509v3 Authority Key Identifier:
                keyid:BB:DC:D5:26:B0:9E:78:97:F7:1F:E0:48:58:BE:75:C0:6E:C4:F1:3A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/u9zVJrCeeJf3H-BIWL51wG7E8To.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/u9zVJrCeeJf3H-BIWL51wG7E8To.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/545/ffGCPGnNqKxJFaS8b1sPxp1WytI.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  182.21.128.0/17

    Signature Algorithm: sha256WithRSAEncryption
         11:ba:b2:c4:f4:0c:84:24:04:b1:d0:98:54:0f:d9:a7:25:a6:
         19:59:93:8a:66:9a:12:25:77:00:b0:ef:fa:57:32:51:43:c8:
         4d:3a:8e:1a:71:24:57:aa:04:99:75:21:f8:79:b7:89:f5:6a:
         fa:13:55:01:d5:6f:ef:0d:bd:de:31:c2:6f:58:4c:72:1e:e8:
         35:43:1d:71:a2:0a:03:f0:25:7c:b2:ab:a3:b5:fc:8f:8a:c4:
         44:5d:88:2d:eb:eb:bb:3d:97:ac:0c:8c:b9:51:72:96:9e:02:
         1b:30:90:c2:98:59:c0:89:58:d3:39:f1:48:55:0b:a3:51:2c:
         60:b5:96:bc:53:e6:48:44:56:10:fb:8f:82:68:70:7f:07:c0:
         86:58:9e:65:95:00:a5:b6:6a:cb:7e:e6:91:69:94:ce:ea:66:
         ac:6c:c5:e7:de:f5:d4:0f:21:19:9d:b8:d2:10:6b:87:dd:b5:
         20:4a:37:4a:ab:c3:85:e2:06:a3:4a:1b:5e:63:fb:75:20:91:
         37:d0:b3:b7:3c:d5:d2:ae:12:aa:b8:0e:5f:18:b3:1a:48:32:
         ad:ee:0d:e5:61:d1:e0:26:64:7d:b9:e2:c6:d9:14:5c:11:bf:
         27:0c:10:9e:11:fc:13:6f:d9:90:80:96:ef:1b:f6:f4:3a:f0:
         2b:ba:4b:5b
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBB8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkJE
Q0Q1MjZCMDlFNzg5N0Y3MUZFMDQ4NThCRTc1QzA2RUM0RjEzQTAeFw0yMzA0MTMw
OTUyMjdaFw0yNDAzMTQwMTMwMDJaMDMxMTAvBgNVBAMTKDdERjE4MjNDNjlDREE4
QUM0OTE1QTRCQzZGNUIwRkM2OUQ1NkNBRDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOq2M+73/bOkIzn61NI7PTSvcVvIy+cHXHaOzayA4FjN1Xg8Zu
x0mU50QQ0l4846KvUsUSUF+RAIwF6S30wba3SzTXfgIpDciPNzMYbUOZXDfzLPUq
6uyh4TW/UoeXQ0zIiNPZIcLMWYFpoudXnVLUpB2jVfPWW8J5Fu6h8o6lOzKOyLw9
9xA0ihu7Ive6gb5ElgLFmlZuNr0UrmhLjEQRGfZAFjdTibP54VvBmml41EJBV3Wt
VWFjLJIkt8MmXddJLbIiOR2ZR52PkMZ3kX/9vmlgk+Ea64fa0kaNnn4J8gHqhBCC
sk7p6uFtsDFTw2oOGjG4wVzxkLHj3NXSGq55AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUffGCPGnNqKxJFaS8b1sPxp1WytIwHwYDVR0jBBgwFoAUu9zVJrCeeJf3H+BI
WL51wG7E8TowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzU0NS91OXpWSnJDZWVKZjNILUJJV0w1MXdHN0U4VG8uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC91OXpWSnJDZWVKZjNILUJJV0w1MXdH
N0U4VG8uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvNTQ1L2ZmR0NQR25OcUt4SkZhUzhiMXNQeHAxV3l0SS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAe2FYAwDQYJKoZIhvcNAQELBQADggEBABG6ssT0DIQkBLHQmFQP2aclphlZ
k4pmmhIldwCw7/pXMlFDyE06jhpxJFeqBJl1Ifh5t4n1avoTVQHVb+8Nvd4xwm9Y
THIe6DVDHXGiCgPwJXyyq6O1/I+KxERdiC3r67s9l6wMjLlRcpaeAhswkMKYWcCJ
WNM58UhVC6NRLGC1lrxT5khEVhD7j4JocH8HwIZYnmWVAKW2ast+5pFplM7qZqxs
xefe9dQPIRmduNIQa4fdtSBKN0qrw4XiBqNKG15j+3UgkTfQs7c81dKuEqq4Dl8Y
sxpIMq3uDeVh0eAmZH254sbZFFwRvycMEJ4R/BNv2ZCAlu8b9vQ68Cu6S1s=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:55 2024 by rpki-client on console-fra.rpki-client.org