Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/668/CXaNhhg9c_cTyX8vV4F59mXzBnE.roa
File:                     CXaNhhg9c_cTyX8vV4F59mXzBnE.roa (raw, json)
Hash identifier:          LafDCoHbRF0LbMBZ6U5CrORRf7m0GMEz7tsjkMq3c8Q=
Subject key identifier:   09:76:8D:86:18:3D:73:F7:13:C9:7F:2F:57:81:79:F6:65:F3:06:71
Certificate issuer:       /CN=F556EC334102047BEDBA0C0DDB4DC930E07A9058
Certificate serial:       32
Authority key identifier: F5:56:EC:33:41:02:04:7B:ED:BA:0C:0D:DB:4D:C9:30:E0:7A:90:58
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/9VbsM0ECBHvtugwN203JMOB6kFg.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/668/CXaNhhg9c_cTyX8vV4F59mXzBnE.roa
Signing time:             Mon 01 May 2023 01:29:03 +0000
ROA not before:           Mon 01 May 2023 01:29:03 +0000
ROA not after:            Sun 14 Apr 2024 01:30:02 +0000
asID:                     17948
IP address blocks:        218.219.144.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 50 (0x32)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F556EC334102047BEDBA0C0DDB4DC930E07A9058
        Validity
            Not Before: May  1 01:29:03 2023 GMT
            Not After : Apr 14 01:30:02 2024 GMT
        Subject: CN=09768D86183D73F713C97F2F578179F665F30671
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:4b:cf:a2:0c:f7:6e:38:c3:13:a4:d0:dd:ff:
                    26:56:82:9d:26:6f:40:57:8a:55:24:4d:fa:a3:7f:
                    53:be:86:7f:56:6e:72:22:c5:d0:de:97:b0:18:15:
                    cc:3d:dd:35:e8:24:0f:45:17:74:f5:4b:b9:d0:40:
                    2b:62:c8:0f:ee:05:5f:68:d9:fc:44:c8:45:c2:99:
                    a5:2a:b9:af:4d:8e:f4:66:ff:7c:43:6d:1e:59:47:
                    92:dd:95:c3:db:6c:f0:c2:b2:e7:7b:56:8a:fb:a5:
                    9f:ef:42:f9:05:26:fe:19:12:6d:2f:4c:ad:24:a1:
                    38:d0:8a:8a:0e:02:30:8a:f6:18:c6:64:cd:02:33:
                    01:66:50:0f:ba:21:c4:82:0e:50:2b:4b:c4:64:29:
                    cb:24:45:ba:de:91:b3:90:82:a6:cc:f9:e9:f3:ff:
                    cf:7f:03:77:e8:db:8c:c3:39:ec:72:06:3f:07:cb:
                    f8:da:d6:83:a4:fe:c2:17:a6:c5:33:61:91:a6:f6:
                    44:5e:00:ec:1d:1e:67:51:b1:a3:6e:64:dd:1b:f1:
                    41:ed:c8:c1:87:e0:4a:fa:4a:be:41:f8:11:ce:2d:
                    21:10:4a:9f:75:63:96:7c:e8:8f:98:8f:7d:d3:66:
                    ce:9b:c5:91:07:50:a2:b6:84:7b:b1:9e:d8:b4:31:
                    16:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:76:8D:86:18:3D:73:F7:13:C9:7F:2F:57:81:79:F6:65:F3:06:71
            X509v3 Authority Key Identifier:
                keyid:F5:56:EC:33:41:02:04:7B:ED:BA:0C:0D:DB:4D:C9:30:E0:7A:90:58

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/668/9VbsM0ECBHvtugwN203JMOB6kFg.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/9VbsM0ECBHvtugwN203JMOB6kFg.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/668/CXaNhhg9c_cTyX8vV4F59mXzBnE.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  218.219.144.0/20

    Signature Algorithm: sha256WithRSAEncryption
         a1:10:5b:0e:01:85:13:f7:a8:8d:82:b9:ab:68:ac:df:66:dc:
         de:fd:04:a2:44:f4:cc:dc:dd:50:59:ab:0c:b0:26:ca:12:9c:
         fa:ba:f1:0b:9b:c5:86:19:11:6b:4a:f6:1b:ef:76:5e:43:9c:
         5e:aa:24:f9:2a:31:03:45:a0:60:4f:9a:82:82:d1:f3:02:4f:
         cc:43:b7:df:90:c5:d6:8b:ba:3d:3e:4b:eb:8c:b5:12:80:51:
         da:d0:d9:3c:04:2c:3d:c9:b0:07:92:ad:86:59:25:58:80:6f:
         f2:4b:9e:bd:e9:1e:ab:c4:ff:f3:a7:b7:f6:c9:0d:b9:66:2f:
         b4:87:be:2f:14:ce:ab:6a:14:fd:70:3b:3f:38:00:2d:bf:c4:
         5c:f2:1f:31:78:8e:9f:e0:77:7b:94:a0:16:bf:dc:67:cd:0f:
         bc:9f:5e:5c:97:45:46:e0:42:06:da:7a:ca:bc:3e:26:9d:67:
         43:17:38:78:35:67:18:1d:ed:a0:ca:91:68:10:5e:2f:d4:92:
         64:b6:a1:95:59:8b:3c:b5:ea:f8:46:15:37:a9:ad:ed:67:40:
         49:90:89:08:28:cd:3e:c8:92:f8:46:bf:c2:26:f1:ec:c3:73:
         bb:df:fc:8a:4c:e4:7a:a2:d8:45:3d:0f:56:45:7b:3e:a6:a0:
         98:c1:77:a9
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGNTU2
RUMzMzQxMDIwNDdCRURCQTBDMEREQjREQzkzMEUwN0E5MDU4MB4XDTIzMDUwMTAx
MjkwM1oXDTI0MDQxNDAxMzAwMlowMzExMC8GA1UEAxMoMDk3NjhEODYxODNENzNG
NzEzQzk3RjJGNTc4MTc5RjY2NUYzMDY3MTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAM9Lz6IM9244wxOk0N3/JlaCnSZvQFeKVSRN+qN/U76Gf1ZuciLF
0N6XsBgVzD3dNegkD0UXdPVLudBAK2LID+4FX2jZ/ETIRcKZpSq5r02O9Gb/fENt
HllHkt2Vw9ts8MKy53tWivuln+9C+QUm/hkSbS9MrSShONCKig4CMIr2GMZkzQIz
AWZQD7ohxIIOUCtLxGQpyyRFut6Rs5CCpsz56fP/z38Dd+jbjMM57HIGPwfL+NrW
g6T+whemxTNhkab2RF4A7B0eZ1Gxo25k3RvxQe3IwYfgSvpKvkH4Ec4tIRBKn3Vj
lnzoj5iPfdNmzpvFkQdQoraEe7Ge2LQxFvUCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBQJdo2GGD1z9xPJfy9XgXn2ZfMGcTAfBgNVHSMEGDAWgBT1VuwzQQIEe+26DA3b
Tckw4HqQWDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvNjY4LzlWYnNNMEVDQkh2dHVnd04yMDNKTU9CNmtGZy5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwLzlWYnNNMEVDQkh2dHVnd04yMDNKTU9C
NmtGZy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC82NjgvQ1hhTmhoZzljX2NUeVg4dlY0RjU5bVh6Qm5FLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBNrbkDANBgkqhkiG9w0BAQsFAAOCAQEAoRBbDgGFE/eojYK5q2is32bc3v0E
okT0zNzdUFmrDLAmyhKc+rrxC5vFhhkRa0r2G+92XkOcXqok+SoxA0WgYE+agoLR
8wJPzEO335DF1ou6PT5L64y1EoBR2tDZPAQsPcmwB5KthlklWIBv8kuevekeq8T/
86e39skNuWYvtIe+LxTOq2oU/XA7PzgALb/EXPIfMXiOn+B3e5SgFr/cZ80PvJ9e
XJdFRuBCBtp6yrw+Jp1nQxc4eDVnGB3toMqRaBBeL9SSZLahlVmLPLXq+EYVN6mt
7WdASZCJCCjNPsiS+Ea/wibx7MNzu9/8ikzkeqLYRT0PVkV7PqagmMF3qQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:55 2024 by rpki-client on console-fra.rpki-client.org