Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/597/KyJKVLDPEt2IsSazmIyzEMHN_cA.roa
File:                     KyJKVLDPEt2IsSazmIyzEMHN_cA.roa (raw, json)
Hash identifier:          qO8+tJDeHJNtP+DTx/YP4vfx5dgXZ8c5DFk38xF1oIw=
Subject key identifier:   2B:22:4A:54:B0:CF:12:DD:88:B1:26:B3:98:8C:B3:10:C1:CD:FD:C0
Certificate issuer:       /CN=71F76FA07735F685991FC882C885E21EFBB161BC
Certificate serial:       0E
Authority key identifier: 71:F7:6F:A0:77:35:F6:85:99:1F:C8:82:C8:85:E2:1E:FB:B1:61:BC
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cfdvoHc19oWZH8iCyIXiHvuxYbw.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/597/KyJKVLDPEt2IsSazmIyzEMHN_cA.roa
Signing time:             Mon 17 Apr 2023 08:11:38 +0000
ROA not before:           Mon 17 Apr 2023 08:11:38 +0000
ROA not after:            Sun 14 Apr 2024 01:30:02 +0000
asID:                     2915
IP address blocks:        211.14.208.0/20 maxlen: 32

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 14 (0xe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=71F76FA07735F685991FC882C885E21EFBB161BC
        Validity
            Not Before: Apr 17 08:11:38 2023 GMT
            Not After : Apr 14 01:30:02 2024 GMT
        Subject: CN=2B224A54B0CF12DD88B126B3988CB310C1CDFDC0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ad:7d:3e:14:04:02:ee:08:99:bc:70:94:01:2c:
                    66:42:c3:73:44:0a:32:d8:6b:60:51:f0:4b:2b:84:
                    0b:03:44:4a:bc:17:86:35:b8:2d:76:bf:dc:ed:67:
                    e9:96:39:9d:98:a8:47:e8:ee:48:ed:91:19:9b:dc:
                    f0:e3:96:66:53:26:ac:fc:7d:66:f0:d7:f8:00:bf:
                    b5:04:6d:94:f9:59:8c:ca:db:ef:d9:fc:55:ce:3b:
                    d9:3a:b2:1b:ec:d2:11:51:0d:b4:c5:dd:0a:50:53:
                    57:f4:71:25:45:83:12:fe:0d:56:80:b4:06:3b:f1:
                    25:dc:c2:34:94:9a:a0:05:2d:76:97:c5:d2:f6:d5:
                    f2:cd:a8:ca:98:e1:21:89:7c:ab:1b:b8:70:88:ac:
                    43:4b:94:8f:ae:d7:b2:b0:8b:c5:3c:ad:0e:98:ed:
                    ed:e7:9e:ec:66:27:cb:13:1e:dc:45:b5:01:19:ba:
                    76:95:17:a2:64:62:6d:35:0c:66:e2:e3:b8:63:37:
                    cb:72:0b:1e:d9:07:2b:a4:87:96:c2:0b:3e:40:83:
                    33:a5:69:41:21:f3:0a:ef:d6:a3:fe:95:91:5b:6d:
                    16:35:82:63:45:67:60:8c:39:ad:ed:8b:49:8f:2c:
                    fd:a3:05:0a:a2:ff:15:7e:9b:30:8c:9b:45:5b:90:
                    7c:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:22:4A:54:B0:CF:12:DD:88:B1:26:B3:98:8C:B3:10:C1:CD:FD:C0
            X509v3 Authority Key Identifier:
                keyid:71:F7:6F:A0:77:35:F6:85:99:1F:C8:82:C8:85:E2:1E:FB:B1:61:BC

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/597/cfdvoHc19oWZH8iCyIXiHvuxYbw.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cfdvoHc19oWZH8iCyIXiHvuxYbw.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/597/KyJKVLDPEt2IsSazmIyzEMHN_cA.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.14.208.0/20

    Signature Algorithm: sha256WithRSAEncryption
         bd:ce:79:53:d0:80:33:8e:28:81:5c:19:6c:c5:a0:15:fe:fa:
         97:43:c7:cb:e4:93:87:c0:95:f5:8e:ab:68:ef:c6:51:fd:7e:
         66:02:34:fd:dd:40:1a:cd:31:49:d9:56:e8:e7:63:de:78:c6:
         be:d4:d5:0b:a4:fe:44:82:a4:37:37:df:53:c9:b9:c5:cd:45:
         95:45:b6:d7:58:3e:f8:90:b5:bb:df:71:f2:5c:82:24:fd:83:
         c8:6a:2a:c8:01:26:c4:27:f8:8e:38:f1:b3:50:e4:f4:35:ea:
         01:2b:dc:13:13:9a:05:85:92:92:84:21:ad:12:f9:89:01:72:
         66:bd:9c:3d:b7:89:95:fd:35:0d:5a:d3:b2:19:7e:07:10:de:
         9c:c7:ac:df:c1:7d:76:60:2d:04:bd:8d:75:f8:46:9c:29:85:
         b9:28:9b:f4:35:73:5d:ba:97:f3:92:c7:dd:a5:df:b1:cd:ae:
         93:60:48:9a:3f:88:6b:16:3e:ec:23:da:dc:3e:10:79:d7:6b:
         7b:cf:20:8f:d0:ca:2c:2a:cd:ee:f3:1b:8e:c6:5c:94:69:25:
         7a:0e:86:12:64:8a:a1:f4:bc:f1:4f:37:e1:42:c4:b2:89:99:
         9c:1b:92:f3:9c:fd:81:e5:77:87:d6:85:e9:87:aa:ac:2e:a9:
         e6:c2:cb:98
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MUY3
NkZBMDc3MzVGNjg1OTkxRkM4ODJDODg1RTIxRUZCQjE2MUJDMB4XDTIzMDQxNzA4
MTEzOFoXDTI0MDQxNDAxMzAwMlowMzExMC8GA1UEAxMoMkIyMjRBNTRCMENGMTJE
RDg4QjEyNkIzOTg4Q0IzMTBDMUNERkRDMDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK19PhQEAu4ImbxwlAEsZkLDc0QKMthrYFHwSyuECwNESrwXhjW4
LXa/3O1n6ZY5nZioR+juSO2RGZvc8OOWZlMmrPx9ZvDX+AC/tQRtlPlZjMrb79n8
Vc472TqyG+zSEVENtMXdClBTV/RxJUWDEv4NVoC0BjvxJdzCNJSaoAUtdpfF0vbV
8s2oypjhIYl8qxu4cIisQ0uUj67XsrCLxTytDpjt7eee7GYnyxMe3EW1ARm6dpUX
omRibTUMZuLjuGM3y3ILHtkHK6SHlsILPkCDM6VpQSHzCu/Wo/6VkVttFjWCY0Vn
YIw5re2LSY8s/aMFCqL/FX6bMIybRVuQfA0CAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBQrIkpUsM8S3YixJrOYjLMQwc39wDAfBgNVHSMEGDAWgBRx92+gdzX2hZkfyILI
heIe+7FhvDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvNTk3L2NmZHZvSGMxOW9XWkg4aUN5SVhpSHZ1eFlidy5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2NmZHZvSGMxOW9XWkg4aUN5SVhpSHZ1
eFlidy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC81OTcvS3lKS1ZMRFBFdDJJc1Nhem1JeXpFTUhOX2NBLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBNMO0DANBgkqhkiG9w0BAQsFAAOCAQEAvc55U9CAM44ogVwZbMWgFf76l0PH
y+STh8CV9Y6raO/GUf1+ZgI0/d1AGs0xSdlW6Odj3njGvtTVC6T+RIKkNzffU8m5
xc1FlUW211g++JC1u99x8lyCJP2DyGoqyAEmxCf4jjjxs1Dk9DXqASvcExOaBYWS
koQhrRL5iQFyZr2cPbeJlf01DVrTshl+BxDenMes38F9dmAtBL2NdfhGnCmFuSib
9DVzXbqX85LH3aXfsc2uk2BImj+IaxY+7CPa3D4Qeddre88gj9DKLCrN7vMbjsZc
lGkleg6GEmSKofS88U834ULEsomZnBuS85z9geV3h9aF6YeqrC6p5sLLmA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:12 2024 by rpki-client on console-ams.rpki-client.org