Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/671/1Tv34GbCbXzBwaXJWn2cHOw5aXQ.roa
File:                     1Tv34GbCbXzBwaXJWn2cHOw5aXQ.roa (raw, json)
Hash identifier:          Rl6SVz4zpgEeLLXviWoBrj6YJKybmZTOaN9sp+rG6fY=
Subject key identifier:   D5:3B:F7:E0:66:C2:6D:7C:C1:C1:A5:C9:5A:7D:9C:1C:EC:39:69:74
Certificate issuer:       /CN=FB06B2E4A9D567EB7D80FF59A755FD283BFB13AB
Certificate serial:       2F
Authority key identifier: FB:06:B2:E4:A9:D5:67:EB:7D:80:FF:59:A7:55:FD:28:3B:FB:13:AB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/-way5KnVZ-t9gP9Zp1X9KDv7E6s.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/671/1Tv34GbCbXzBwaXJWn2cHOw5aXQ.roa
Signing time:             Tue 11 Oct 2022 01:52:19 +0000
ROA not before:           Tue 11 Oct 2022 01:52:19 +0000
ROA not after:            Fri 15 Sep 2023 01:30:03 +0000
asID:                     23788
IP address blocks:        103.192.68.0/22 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 47 (0x2f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=FB06B2E4A9D567EB7D80FF59A755FD283BFB13AB
        Validity
            Not Before: Oct 11 01:52:19 2022 GMT
            Not After : Sep 15 01:30:03 2023 GMT
        Subject: CN=D53BF7E066C26D7CC1C1A5C95A7D9C1CEC396974
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e0:35:67:f0:f2:b0:e3:42:fb:94:9b:6a:e4:6d:
                    1c:0e:99:5f:b8:2a:8a:b0:d5:a5:91:c9:30:f6:c2:
                    71:61:e7:de:9e:5f:6d:44:e9:2d:3c:98:49:87:07:
                    c8:8d:41:de:51:20:6f:06:ce:0c:cb:ea:bf:b9:03:
                    41:85:98:0c:31:9d:13:67:4c:dd:80:1d:46:18:cc:
                    54:d3:b3:21:f9:97:a0:c5:28:16:57:8e:21:5f:c4:
                    c0:d0:78:46:46:6b:4c:3d:7b:ee:b7:3c:a3:9a:59:
                    81:e7:6e:c4:c7:21:07:46:cb:02:a0:f5:ad:0e:2d:
                    f6:56:43:03:c7:65:eb:c9:6a:08:32:bf:f8:a2:15:
                    11:d9:39:6d:00:bb:88:ac:2c:e6:51:e9:80:ef:04:
                    e4:6b:be:ea:c4:64:de:f3:74:2e:d3:51:3e:9b:60:
                    e2:7a:89:98:6b:7a:1f:d0:b5:0f:a6:d2:f4:03:f4:
                    81:aa:b2:3b:df:54:e5:16:78:93:f6:59:3c:d6:56:
                    89:75:24:6d:e5:1f:70:b4:7c:10:fe:c1:54:e6:75:
                    bc:bb:ac:56:c4:66:8d:17:66:bd:83:5d:28:9b:00:
                    d8:31:eb:fc:5c:8f:2d:7e:5d:6f:79:ad:73:f6:c1:
                    73:21:6d:b9:d6:b7:6e:b3:86:9c:87:b2:2a:28:80:
                    9f:cb
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:3B:F7:E0:66:C2:6D:7C:C1:C1:A5:C9:5A:7D:9C:1C:EC:39:69:74
            X509v3 Authority Key Identifier:
                keyid:FB:06:B2:E4:A9:D5:67:EB:7D:80:FF:59:A7:55:FD:28:3B:FB:13:AB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/671/-way5KnVZ-t9gP9Zp1X9KDv7E6s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/-way5KnVZ-t9gP9Zp1X9KDv7E6s.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/671/1Tv34GbCbXzBwaXJWn2cHOw5aXQ.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.192.68.0/22

    Signature Algorithm: sha256WithRSAEncryption
         69:6d:37:51:16:3b:6e:ec:c9:12:ea:37:f1:a3:1d:8e:53:81:
         69:d8:02:8c:75:5b:82:14:e4:4e:ab:d3:77:c6:a3:5c:52:14:
         12:0f:92:f6:15:50:48:ef:86:b7:b7:dc:1c:21:d8:19:4e:34:
         75:a5:d2:86:c4:a4:0d:9d:c6:a8:05:c6:03:48:df:79:3a:6d:
         87:00:a0:43:14:4a:da:4f:9d:02:e7:78:5d:71:a9:79:fa:77:
         30:22:37:f9:60:0f:42:4e:33:9a:c0:e3:9d:0c:1d:67:74:c8:
         3a:67:61:31:f4:cc:2e:57:59:00:0f:59:2b:ba:67:b7:a9:1e:
         bf:03:fb:b5:e5:fc:83:b1:dd:f9:93:0c:43:b8:38:c8:57:5f:
         b5:e8:88:d8:e9:46:0c:d0:ee:b1:3d:43:31:59:24:32:35:fe:
         02:cc:f8:96:db:5f:d5:1b:65:84:5f:5f:10:32:20:8e:1c:89:
         7e:c5:b0:12:8c:90:38:e8:94:26:7f:9d:85:c2:e9:27:51:24:
         1c:49:60:57:4a:19:65:35:90:20:bb:9b:c4:4f:f8:f8:35:03:
         9a:8e:1e:de:e3:fa:f8:dd:13:d9:e4:08:f3:d6:9a:94:40:e9:
         94:9e:c3:67:51:a7:b9:d1:40:3e:22:7d:b3:61:eb:a7:b1:c6:
         4a:9a:1a:0f
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGQjA2
QjJFNEE5RDU2N0VCN0Q4MEZGNTlBNzU1RkQyODNCRkIxM0FCMB4XDTIyMTAxMTAx
NTIxOVoXDTIzMDkxNTAxMzAwM1owMzExMC8GA1UEAxMoRDUzQkY3RTA2NkMyNkQ3
Q0MxQzFBNUM5NUE3RDlDMUNFQzM5Njk3NDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOA1Z/DysONC+5SbauRtHA6ZX7gqirDVpZHJMPbCcWHn3p5fbUTp
LTyYSYcHyI1B3lEgbwbODMvqv7kDQYWYDDGdE2dM3YAdRhjMVNOzIfmXoMUoFleO
IV/EwNB4RkZrTD177rc8o5pZgeduxMchB0bLAqD1rQ4t9lZDA8dl68lqCDK/+KIV
Edk5bQC7iKws5lHpgO8E5Gu+6sRk3vN0LtNRPptg4nqJmGt6H9C1D6bS9AP0gaqy
O99U5RZ4k/ZZPNZWiXUkbeUfcLR8EP7BVOZ1vLusVsRmjRdmvYNdKJsA2DHr/FyP
LX5db3mtc/bBcyFtuda3brOGnIeyKiiAn8sCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBTVO/fgZsJtfMHBpclafZwc7DlpdDAfBgNVHSMEGDAWgBT7BrLkqdVn632A/1mn
Vf0oO/sTqzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvNjcxLy13YXk1S25WWi10OWdQOVpwMVg5S0R2N0U2cy5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwLy13YXk1S25WWi10OWdQOVpwMVg5S0R2
N0U2cy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC82NzEvMVR2MzRHYkNiWHpCd2FYSlduMmNIT3c1YVhRLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmfARDANBgkqhkiG9w0BAQsFAAOCAQEAaW03URY7buzJEuo38aMdjlOBadgC
jHVbghTkTqvTd8ajXFIUEg+S9hVQSO+Gt7fcHCHYGU40daXShsSkDZ3GqAXGA0jf
eTpthwCgQxRK2k+dAud4XXGpefp3MCI3+WAPQk4zmsDjnQwdZ3TIOmdhMfTMLldZ
AA9ZK7pnt6kevwP7teX8g7Hd+ZMMQ7g4yFdfteiI2OlGDNDusT1DMVkkMjX+Asz4
lttf1RtlhF9fEDIgjhyJfsWwEoyQOOiUJn+dhcLpJ1EkHElgV0oZZTWQILubxE/4
+DUDmo4e3uP6+N0T2eQI89aalEDplJ7DZ1GnudFAPiJ9s2Hrp7HGSpoaDw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:55 2024 by rpki-client on console-fra.rpki-client.org