Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/718/z1TzYB9O2Z5Rq7DwbjOOSw8lHDI.roa
File:                     z1TzYB9O2Z5Rq7DwbjOOSw8lHDI.roa (raw, json)
Hash identifier:          8W0ejE7BHz2Fr1IWy0yIKlHwq1vxHm0Uk4X2jF3QM24=
Subject key identifier:   CF:54:F3:60:1F:4E:D9:9E:51:AB:B0:F0:6E:33:8E:4B:0F:25:1C:32
Certificate issuer:       /CN=70124EAB896039E137736AA7022F934D797F5684
Certificate serial:       16
Authority key identifier: 70:12:4E:AB:89:60:39:E1:37:73:6A:A7:02:2F:93:4D:79:7F:56:84
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cBJOq4lgOeE3c2qnAi-TTXl_VoQ.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/718/z1TzYB9O2Z5Rq7DwbjOOSw8lHDI.roa
Signing time:             Fri 31 Mar 2023 08:15:58 +0000
ROA not before:           Fri 31 Mar 2023 08:15:58 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     18094
IP address blocks:        175.111.92.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 22 (0x16)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=70124EAB896039E137736AA7022F934D797F5684
        Validity
            Not Before: Mar 31 08:15:58 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=CF54F3601F4ED99E51ABB0F06E338E4B0F251C32
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cf:53:98:c4:1a:3f:72:f2:e9:a7:29:6f:0d:48:
                    2e:46:23:47:3e:b9:2b:f4:ca:6e:65:7e:e8:cb:0a:
                    93:b1:ba:00:b8:bc:57:b2:dc:37:07:4d:bc:91:50:
                    9a:bf:76:77:f4:c0:1a:96:73:ec:73:51:21:c8:54:
                    1b:ca:32:3f:7e:b1:4b:f9:93:41:9c:cf:c9:2c:90:
                    d1:fc:36:f7:af:4f:0f:d8:f5:ab:b5:e4:03:4d:a4:
                    15:7d:0a:33:ae:3d:95:1f:fe:33:45:8a:ab:bb:20:
                    87:63:55:12:d0:48:02:61:dc:08:a3:83:6e:40:df:
                    f1:12:00:2b:16:1a:3c:11:ef:f7:60:04:22:13:82:
                    a2:5f:96:61:11:94:98:77:bd:e8:f2:98:36:8a:44:
                    8b:fe:15:b5:42:79:3b:3f:e5:93:11:0c:5d:ce:59:
                    59:2e:db:4a:dd:e4:9f:17:69:51:f3:2b:ef:98:17:
                    7f:00:d4:fa:80:96:b5:a2:a2:2c:eb:6e:a4:54:22:
                    e7:95:15:0b:be:a5:32:c8:1a:b9:e6:99:2a:ee:a3:
                    1a:da:12:6e:74:d2:ed:34:c5:0f:1c:d0:fe:c3:23:
                    6f:bc:1b:55:1a:c5:0f:47:69:50:99:fc:26:d0:85:
                    d8:91:cc:37:34:f6:86:ac:b3:e3:aa:5c:d1:82:a9:
                    4f:0f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CF:54:F3:60:1F:4E:D9:9E:51:AB:B0:F0:6E:33:8E:4B:0F:25:1C:32
            X509v3 Authority Key Identifier:
                keyid:70:12:4E:AB:89:60:39:E1:37:73:6A:A7:02:2F:93:4D:79:7F:56:84

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/718/cBJOq4lgOeE3c2qnAi-TTXl_VoQ.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/cBJOq4lgOeE3c2qnAi-TTXl_VoQ.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/718/z1TzYB9O2Z5Rq7DwbjOOSw8lHDI.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  175.111.92.0/22

    Signature Algorithm: sha256WithRSAEncryption
         02:5a:a4:ba:06:aa:7e:67:7b:91:ac:13:b4:9c:16:58:bb:4f:
         e9:1d:6b:f2:86:24:68:04:8a:d3:10:2e:3f:1c:1c:06:e2:42:
         2d:2f:66:43:18:64:f7:d8:dd:d5:b4:15:57:c7:01:27:1a:7e:
         83:8e:f6:d4:37:29:3d:b3:d4:d7:4e:1a:77:53:f2:30:32:8f:
         f8:72:85:d3:08:5a:1e:bf:43:14:d1:c9:32:1b:30:63:f3:c3:
         72:b8:c0:c3:fd:b8:af:4d:98:68:6e:53:6d:f9:9e:99:fa:78:
         23:20:a6:20:48:e8:97:5d:c0:e2:3a:c8:e6:0b:de:1c:70:ec:
         33:b2:d7:b1:06:1f:3a:22:cd:cc:1b:8d:da:e8:a4:29:77:e3:
         13:ef:ac:f9:e8:79:15:f7:64:7b:80:70:72:0f:10:1e:35:0a:
         8f:c8:36:e9:7c:69:03:3f:44:d6:ae:8b:1a:2e:15:00:4d:3e:
         53:1c:be:f4:49:ce:12:86:45:97:64:eb:c8:8b:df:5a:ad:d6:
         bf:6a:e9:8c:1e:52:15:f1:fa:c0:2c:c5:08:99:a4:d4:e2:6a:
         5f:80:f1:76:88:28:33:cd:c4:ac:55:25:50:5e:31:da:5a:d2:
         d8:e0:0f:88:90:b7:1a:1a:47:0b:24:cb:e9:12:e6:64:ef:6d:
         6e:f9:2f:bb
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3MDEy
NEVBQjg5NjAzOUUxMzc3MzZBQTcwMjJGOTM0RDc5N0Y1Njg0MB4XDTIzMDMzMTA4
MTU1OFoXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoQ0Y1NEYzNjAxRjRFRDk5
RTUxQUJCMEYwNkUzMzhFNEIwRjI1MUMzMjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAM9TmMQaP3Ly6acpbw1ILkYjRz65K/TKbmV+6MsKk7G6ALi8V7Lc
NwdNvJFQmr92d/TAGpZz7HNRIchUG8oyP36xS/mTQZzPySyQ0fw2969PD9j1q7Xk
A02kFX0KM649lR/+M0WKq7sgh2NVEtBIAmHcCKODbkDf8RIAKxYaPBHv92AEIhOC
ol+WYRGUmHe96PKYNopEi/4VtUJ5Oz/lkxEMXc5ZWS7bSt3knxdpUfMr75gXfwDU
+oCWtaKiLOtupFQi55UVC76lMsgaueaZKu6jGtoSbnTS7TTFDxzQ/sMjb7wbVRrF
D0dpUJn8JtCF2JHMNzT2hqyz46pc0YKpTw8CAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBTPVPNgH07ZnlGrsPBuM45LDyUcMjAfBgNVHSMEGDAWgBRwEk6riWA54TdzaqcC
L5NNeX9WhDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvNzE4L2NCSk9xNGxnT2VFM2MycW5BaS1UVFhsX1ZvUS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2NCSk9xNGxnT2VFM2MycW5BaS1UVFhs
X1ZvUS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC83MTgvejFUellCOU8yWjVScTdEd2JqT09TdzhsSERJLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAq9vXDANBgkqhkiG9w0BAQsFAAOCAQEAAlqkugaqfmd7kawTtJwWWLtP6R1r
8oYkaASK0xAuPxwcBuJCLS9mQxhk99jd1bQVV8cBJxp+g4721DcpPbPU104ad1Py
MDKP+HKF0whaHr9DFNHJMhswY/PDcrjAw/24r02YaG5Tbfmemfp4IyCmIEjol13A
4jrI5gveHHDsM7LXsQYfOiLNzBuN2uikKXfjE++s+eh5Ffdke4Bwcg8QHjUKj8g2
6XxpAz9E1q6LGi4VAE0+Uxy+9EnOEoZFl2TryIvfWq3Wv2rpjB5SFfH6wCzFCJmk
1OJqX4DxdogoM83ErFUlUF4x2lrS2OAPiJC3GhpHCyTL6RLmZO9tbvkvuw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:56 2024 by rpki-client on console-fra.rpki-client.org