Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/826/ifCmnWwHlEWo7lBSoBGN7ftAV_Y.roa
File:                     ifCmnWwHlEWo7lBSoBGN7ftAV_Y.roa (raw, json)
Hash identifier:          o+cJXMK2GPYdeClet7hkdpW3O5M1e0n8oArBJSO5J0M=
Subject key identifier:   89:F0:A6:9D:6C:07:94:45:A8:EE:50:52:A0:11:8D:ED:FB:40:57:F6
Certificate issuer:       /CN=5E708E85B10AC603C06D785B42153DCFE1663AEA
Certificate serial:       19
Authority key identifier: 5E:70:8E:85:B1:0A:C6:03:C0:6D:78:5B:42:15:3D:CF:E1:66:3A:EA
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/XnCOhbEKxgPAbXhbQhU9z-FmOuo.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/826/ifCmnWwHlEWo7lBSoBGN7ftAV_Y.roa
Signing time:             Thu 06 Apr 2023 03:02:53 +0000
ROA not before:           Thu 06 Apr 2023 03:02:53 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     23618
IP address blocks:        117.18.24.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 25 (0x19)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5E708E85B10AC603C06D785B42153DCFE1663AEA
        Validity
            Not Before: Apr  6 03:02:53 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=89F0A69D6C079445A8EE5052A0118DEDFB4057F6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:58:af:8d:9a:bf:25:48:33:69:8b:2c:fd:33:
                    92:a0:39:cb:a1:08:d9:b0:ef:5f:a4:0a:95:12:1e:
                    8a:a5:ee:c3:24:41:ef:9c:01:74:b9:f4:9d:54:e7:
                    2c:ed:b1:67:c4:16:4a:1f:fc:b9:52:4e:20:43:c1:
                    f9:94:4d:be:2e:3d:4c:0c:94:9b:c2:28:83:28:13:
                    95:6c:79:42:2d:13:9e:ad:80:24:86:fc:59:fa:6b:
                    c8:87:1b:fa:f1:ff:71:38:83:c3:87:ba:b5:4c:f1:
                    23:e5:c5:9a:c2:15:0a:cf:ef:2f:af:ae:7e:6a:59:
                    3d:01:18:64:ac:e6:d5:35:5d:1a:bc:eb:ea:b3:ed:
                    91:53:80:f9:f0:67:06:62:b5:1e:b8:f7:c5:c5:9a:
                    f1:1c:34:16:d7:29:7e:d7:3c:01:ff:19:75:7d:2c:
                    7b:dd:24:5a:ed:f4:bf:39:f3:7f:26:11:06:28:ac:
                    c7:da:5b:d3:d5:d4:9a:cf:e4:eb:2f:a2:e4:c7:65:
                    3e:c0:a3:1f:f4:19:ac:2d:44:a5:03:1c:8b:7d:61:
                    3b:ce:0b:c6:e6:74:77:bb:1f:b2:cd:5b:f7:34:3a:
                    ac:1a:ad:6b:1b:89:9d:88:a9:ed:39:cf:56:04:fc:
                    db:45:97:2a:e4:d4:8b:de:18:41:de:82:f6:13:96:
                    49:dd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:F0:A6:9D:6C:07:94:45:A8:EE:50:52:A0:11:8D:ED:FB:40:57:F6
            X509v3 Authority Key Identifier:
                keyid:5E:70:8E:85:B1:0A:C6:03:C0:6D:78:5B:42:15:3D:CF:E1:66:3A:EA

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/826/XnCOhbEKxgPAbXhbQhU9z-FmOuo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/XnCOhbEKxgPAbXhbQhU9z-FmOuo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/826/ifCmnWwHlEWo7lBSoBGN7ftAV_Y.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  117.18.24.0/21

    Signature Algorithm: sha256WithRSAEncryption
         6a:de:48:3d:f5:4c:56:4f:80:4d:18:f4:fd:e7:f7:92:89:f7:
         fe:a9:ff:2a:77:0d:e0:6c:a7:22:0b:4a:f4:d6:40:a4:de:3c:
         91:b9:79:d6:a8:ae:f5:ff:8d:4a:26:b0:aa:b7:9f:0e:3c:21:
         93:fc:9e:44:f8:6d:de:22:8c:54:74:3f:cf:9d:e0:4a:da:c4:
         46:f5:12:02:a6:35:d5:ab:af:3d:b2:e2:a0:95:f5:11:8b:0e:
         69:8d:48:cb:9e:4d:b5:b9:2b:b7:ac:c9:ba:86:fb:49:8f:6e:
         ed:bc:f7:53:f6:a2:14:ba:40:57:7f:1b:1e:34:87:ab:9f:4e:
         45:36:74:a5:65:c8:13:9c:cb:95:f9:20:99:b2:b7:c4:31:d0:
         ec:f5:a3:0c:94:72:e4:e9:f5:b1:b8:13:ce:f7:64:9a:9c:5d:
         be:a5:ef:df:76:55:72:17:d1:c3:5a:57:f3:3e:76:9a:a8:c7:
         1c:09:31:b7:a1:9e:09:2b:10:ed:9a:cf:f4:e0:86:70:f7:28:
         48:d5:c5:f6:6a:15:79:64:65:2a:ca:1c:60:ca:5a:0a:5b:78:
         4c:4d:8f:6e:0b:6f:e5:3b:a3:c7:8b:17:1a:60:56:93:d9:a6:
         81:49:8a:e4:32:34:2d:55:01:65:1a:79:f0:37:3e:4f:38:30:
         c0:12:b2:16
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1RTcw
OEU4NUIxMEFDNjAzQzA2RDc4NUI0MjE1M0RDRkUxNjYzQUVBMB4XDTIzMDQwNjAz
MDI1M1oXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoODlGMEE2OUQ2QzA3OTQ0
NUE4RUU1MDUyQTAxMThERURGQjQwNTdGNjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALtYr42avyVIM2mLLP0zkqA5y6EI2bDvX6QKlRIeiqXuwyRB75wB
dLn0nVTnLO2xZ8QWSh/8uVJOIEPB+ZRNvi49TAyUm8IogygTlWx5Qi0Tnq2AJIb8
WfpryIcb+vH/cTiDw4e6tUzxI+XFmsIVCs/vL6+ufmpZPQEYZKzm1TVdGrzr6rPt
kVOA+fBnBmK1Hrj3xcWa8Rw0Ftcpftc8Af8ZdX0se90kWu30vznzfyYRBiisx9pb
09XUms/k6y+i5MdlPsCjH/QZrC1EpQMci31hO84LxuZ0d7sfss1b9zQ6rBqtaxuJ
nYip7TnPVgT820WXKuTUi94YQd6C9hOWSd0CAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBSJ8KadbAeURajuUFKgEY3t+0BX9jAfBgNVHSMEGDAWgBRecI6FsQrGA8BteFtC
FT3P4WY66jAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvODI2L1huQ09oYkVLeGdQQWJYaGJRaFU5ei1GbU91by5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1huQ09oYkVLeGdQQWJYaGJRaFU5ei1G
bU91by5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC84MjYvaWZDbW5Xd0hsRVdvN2xCU29CR043ZnRBVl9ZLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA3USGDANBgkqhkiG9w0BAQsFAAOCAQEAat5IPfVMVk+ATRj0/ef3kon3/qn/
KncN4GynIgtK9NZApN48kbl51qiu9f+NSiawqrefDjwhk/yeRPht3iKMVHQ/z53g
StrERvUSAqY11auvPbLioJX1EYsOaY1Iy55Ntbkrt6zJuob7SY9u7bz3U/aiFLpA
V38bHjSHq59ORTZ0pWXIE5zLlfkgmbK3xDHQ7PWjDJRy5On1sbgTzvdkmpxdvqXv
33ZVchfRw1pX8z52mqjHHAkxt6GeCSsQ7ZrP9OCGcPcoSNXF9moVeWRlKsocYMpa
Clt4TE2Pbgtv5Tujx4sXGmBWk9mmgUmK5DI0LVUBZRp58Dc+TzgwwBKyFg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:56 2024 by rpki-client on console-fra.rpki-client.org