Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/6/X1Y1b7MgktCs5SbOGIcxiYAQr6M.roa
File:                     X1Y1b7MgktCs5SbOGIcxiYAQr6M.roa (raw, json)
Hash identifier:          OLAGEwbxaiwPTjCFI6kPCAuWnK/A4HfRu2UXnhXtJhU=
Subject key identifier:   5F:56:35:6F:B3:20:92:D0:AC:E5:26:CE:18:87:31:89:80:10:AF:A3
Certificate issuer:       /CN=2983CFD5F8CAFA0068D2EBA25ED0F701244B12F9
Certificate serial:       E5
Authority key identifier: 29:83:CF:D5:F8:CA:FA:00:68:D2:EB:A2:5E:D0:F7:01:24:4B:12:F9
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/KYPP1fjK-gBo0uuiXtD3ASRLEvk.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/6/X1Y1b7MgktCs5SbOGIcxiYAQr6M.roa
Signing time:             Wed 01 Feb 2023 01:29:14 +0000
ROA not before:           Wed 01 Feb 2023 01:29:14 +0000
ROA not after:            Mon 15 Jan 2024 01:30:02 +0000
asID:                     2497
IP address blocks:        220.156.96.0/19 maxlen: 19

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 229 (0xe5)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2983CFD5F8CAFA0068D2EBA25ED0F701244B12F9
        Validity
            Not Before: Feb  1 01:29:14 2023 GMT
            Not After : Jan 15 01:30:02 2024 GMT
        Subject: CN=5F56356FB32092D0ACE526CE188731898010AFA3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d7:2a:8c:be:16:e1:31:48:e1:54:1c:d7:20:51:
                    01:61:a1:5f:b3:17:c1:9d:1d:4f:89:95:dc:c7:39:
                    13:48:7f:f3:9e:4f:91:f8:f5:85:fa:32:4e:73:d8:
                    be:17:23:fd:4c:cd:8d:9c:52:5b:76:0b:34:f0:a6:
                    82:32:30:17:c5:34:d1:3a:3f:ff:8e:d8:51:aa:41:
                    f2:68:c4:12:66:14:d3:6f:6e:56:4a:92:e3:9b:80:
                    72:f3:d1:ba:e6:d3:fa:26:18:1a:4a:9e:d9:b5:86:
                    04:4f:78:66:8e:1b:35:59:66:97:f9:e4:09:6e:71:
                    26:7f:d2:ff:e9:eb:15:42:31:a6:ad:64:67:07:f5:
                    c2:16:55:8a:c4:68:da:c4:a0:e5:45:62:20:fe:27:
                    1a:7f:f6:6a:0c:c4:00:16:4f:2d:2b:5c:6d:bb:54:
                    44:a9:af:d4:97:89:c7:7c:cb:eb:16:ae:ca:bd:b2:
                    52:9d:fe:14:be:5d:75:18:fe:32:d0:f3:45:a0:ea:
                    c9:9a:8d:74:c0:f5:77:8e:7b:b5:0d:a6:76:d7:63:
                    55:0e:72:e0:68:9f:a4:f2:f4:48:1c:ad:48:01:7f:
                    ea:2d:73:09:3c:13:5a:6c:5a:84:cb:32:3a:7c:97:
                    e4:90:27:37:28:91:d4:28:8a:f9:32:44:81:5a:3b:
                    76:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:56:35:6F:B3:20:92:D0:AC:E5:26:CE:18:87:31:89:80:10:AF:A3
            X509v3 Authority Key Identifier:
                keyid:29:83:CF:D5:F8:CA:FA:00:68:D2:EB:A2:5E:D0:F7:01:24:4B:12:F9

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/6/KYPP1fjK-gBo0uuiXtD3ASRLEvk.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/KYPP1fjK-gBo0uuiXtD3ASRLEvk.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/6/X1Y1b7MgktCs5SbOGIcxiYAQr6M.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.156.96.0/19

    Signature Algorithm: sha256WithRSAEncryption
         54:5f:e5:4b:f7:cb:9d:05:7b:23:44:6b:4c:78:0f:69:23:fe:
         ac:47:81:32:b2:bf:30:94:4b:3f:ca:24:84:32:99:16:c3:e0:
         2c:fc:12:df:83:d8:b9:90:e2:c7:2c:46:c2:5c:26:49:f3:cc:
         06:65:73:cc:1e:5c:2c:46:51:ab:8d:23:b6:ad:ac:66:4f:b7:
         86:a0:c9:94:19:20:9b:15:35:8a:76:c3:cb:cc:33:dd:fc:d9:
         2f:68:4b:34:40:2c:35:ad:b4:07:7c:e1:57:93:91:0b:8c:ac:
         d6:ef:de:6c:b5:b4:f0:4e:b3:1a:37:de:ff:ef:78:37:0e:cb:
         2f:ff:6e:67:15:23:30:8f:f9:39:e7:64:29:6c:0a:20:e9:d7:
         47:02:a5:60:f8:60:ae:70:b0:b8:c9:63:c3:53:41:13:40:e8:
         e2:25:5e:c7:4c:32:8d:c2:e9:bf:73:7b:cb:47:57:a5:b2:61:
         48:0e:f8:83:b9:6f:27:08:a2:23:a3:78:c9:4b:c6:d6:a6:44:
         6c:f9:ea:c2:78:7f:62:04:a8:0f:ec:5a:cd:18:29:1d:e6:da:
         56:c7:b3:6a:47:cc:5c:5b:bf:d3:cb:0e:5a:02:27:b9:8f:58:
         e4:d7:bb:3c:a9:23:58:d7:40:72:59:e1:e8:f2:3a:52:aa:87:
         6d:bf:6c:d6
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgICAOUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoMjk4
M0NGRDVGOENBRkEwMDY4RDJFQkEyNUVEMEY3MDEyNDRCMTJGOTAeFw0yMzAyMDEw
MTI5MTRaFw0yNDAxMTUwMTMwMDJaMDMxMTAvBgNVBAMTKDVGNTYzNTZGQjMyMDky
RDBBQ0U1MjZDRTE4ODczMTg5ODAxMEFGQTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDXKoy+FuExSOFUHNcgUQFhoV+zF8GdHU+JldzHORNIf/OeT5H4
9YX6Mk5z2L4XI/1MzY2cUlt2CzTwpoIyMBfFNNE6P/+O2FGqQfJoxBJmFNNvblZK
kuObgHLz0brm0/omGBpKntm1hgRPeGaOGzVZZpf55AlucSZ/0v/p6xVCMaatZGcH
9cIWVYrEaNrEoOVFYiD+Jxp/9moMxAAWTy0rXG27VESpr9SXicd8y+sWrsq9slKd
/hS+XXUY/jLQ80Wg6smajXTA9XeOe7UNpnbXY1UOcuBon6Ty9EgcrUgBf+otcwk8
E1psWoTLMjp8l+SQJzcokdQoivkyRIFaO3bhAgMBAAGjggIgMIICHDAdBgNVHQ4E
FgQUX1Y1b7MgktCs5SbOGIcxiYAQr6MwHwYDVR0jBBgwFoAUKYPP1fjK+gBo0uui
XtD3ASRLEvkwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBkBgNVHR8EXTBbMFmg
V6BVhlNyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzYvS1lQUDFmakstZ0JvMHV1aVh0RDNBU1JMRXZrLmNybDBtBggrBgEF
BQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5p
Yy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvS1lQUDFmakstZ0JvMHV1aVh0RDNBU1JM
RXZrLmNlcjAOBgNVHQ8BAf8EBAMCB4AwgbkGCCsGAQUFBwELBIGsMIGpMF8GCCsG
AQUFBzALhlNyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkx
QTczODEwMDAwLzYvWDFZMWI3TWdrdENzNVNiT0dJY3hpWUFRcjZNLnJvYTBGBggr
BgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3JyZHAv
YXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgME
BdycYDANBgkqhkiG9w0BAQsFAAOCAQEAVF/lS/fLnQV7I0RrTHgPaSP+rEeBMrK/
MJRLP8okhDKZFsPgLPwS34PYuZDixyxGwlwmSfPMBmVzzB5cLEZRq40jtq2sZk+3
hqDJlBkgmxU1inbDy8wz3fzZL2hLNEAsNa20B3zhV5ORC4ys1u/ebLW08E6zGjfe
/+94Nw7LL/9uZxUjMI/5OedkKWwKIOnXRwKlYPhgrnCwuMljw1NBE0Do4iVex0wy
jcLpv3N7y0dXpbJhSA74g7lvJwiiI6N4yUvG1qZEbPnqwnh/YgSoD+xazRgpHeba
VsezakfMXFu/08sOWgInuY9Y5Ne7PKkjWNdAclnh6PI6UqqHbb9s1g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:55 2024 by rpki-client on console-fra.rpki-client.org