Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/897/0UsFfzqll5ZY0N_yJwwhPtwm1qg.roa
File:                     0UsFfzqll5ZY0N_yJwwhPtwm1qg.roa (raw, json)
Hash identifier:          1h2D4rJB6jam3qO6PuYFEkSfHnib9XdapP0plLZgfvQ=
Subject key identifier:   D1:4B:05:7F:3A:A5:97:96:58:D0:DF:F2:27:0C:21:3E:DC:26:D6:A8
Certificate issuer:       /CN=D6900F1E3126E609EF4F1A0FB855EB4DE4E3A18A
Certificate serial:       32
Authority key identifier: D6:90:0F:1E:31:26:E6:09:EF:4F:1A:0F:B8:55:EB:4D:E4:E3:A1:8A
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1pAPHjEm5gnvTxoPuFXrTeTjoYo.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/0UsFfzqll5ZY0N_yJwwhPtwm1qg.roa
Signing time:             Sun 01 Jan 2023 01:29:23 +0000
ROA not before:           Sun 01 Jan 2023 01:29:23 +0000
ROA not after:            Fri 15 Dec 2023 01:30:02 +0000
asID:                     9621
IP address blocks:        157.120.96.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 50 (0x32)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=D6900F1E3126E609EF4F1A0FB855EB4DE4E3A18A
        Validity
            Not Before: Jan  1 01:29:23 2023 GMT
            Not After : Dec 15 01:30:02 2023 GMT
        Subject: CN=D14B057F3AA5979658D0DFF2270C213EDC26D6A8
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:27:f5:36:60:e4:4d:62:4e:0f:bb:21:38:55:
                    7a:28:16:80:5c:f8:1e:43:b4:f5:f8:0e:80:13:12:
                    7d:a3:b7:8b:ce:ca:35:dd:ae:29:78:11:e8:e8:2c:
                    c2:dc:62:25:58:99:fb:b7:62:eb:64:98:c3:61:6e:
                    3b:4b:e4:5b:23:7f:78:b3:84:b2:56:e2:43:93:bf:
                    f5:07:21:07:fc:0a:48:ce:e0:ba:4f:f9:33:96:70:
                    4a:7f:4c:83:1d:02:e0:89:28:45:6a:6e:df:cc:cd:
                    e6:a4:c9:1b:0c:3d:7f:a8:20:a1:61:c6:63:a0:29:
                    5f:eb:59:2e:66:39:fc:88:2f:b3:23:68:aa:a5:4f:
                    84:f1:1d:f5:8b:ed:7d:49:3d:f0:9e:85:9d:6a:b4:
                    84:3b:5c:fa:8b:06:67:2f:1a:e9:ff:c9:36:ac:06:
                    d3:fd:36:b4:d8:59:58:9c:49:4e:dc:51:ec:51:e4:
                    37:2e:ae:b3:3f:80:3e:58:29:3e:19:00:32:89:90:
                    31:99:9b:d3:41:d5:2b:9c:2a:ca:01:b2:5d:aa:1c:
                    78:54:8d:04:7d:e2:a0:11:10:7e:32:73:19:7f:87:
                    a2:b7:0c:4c:b0:fe:2c:80:ac:80:71:72:86:83:d1:
                    28:61:2c:52:99:c6:7d:bc:39:80:16:e1:a5:69:d0:
                    da:a5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D1:4B:05:7F:3A:A5:97:96:58:D0:DF:F2:27:0C:21:3E:DC:26:D6:A8
            X509v3 Authority Key Identifier:
                keyid:D6:90:0F:1E:31:26:E6:09:EF:4F:1A:0F:B8:55:EB:4D:E4:E3:A1:8A

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/1pAPHjEm5gnvTxoPuFXrTeTjoYo.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/1pAPHjEm5gnvTxoPuFXrTeTjoYo.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/0UsFfzqll5ZY0N_yJwwhPtwm1qg.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  157.120.96.0/20

    Signature Algorithm: sha256WithRSAEncryption
         4d:1b:b1:c8:67:41:e7:b5:db:dd:14:56:0c:e3:e5:58:e5:5f:
         82:f7:74:92:76:50:d6:b3:48:8a:98:80:b0:56:f2:35:67:6c:
         e9:92:53:d6:78:dd:71:21:b6:79:93:86:b7:e3:5d:fc:93:db:
         02:df:ac:e9:08:1d:33:ff:50:bb:f7:23:3a:f2:dd:dc:4f:aa:
         3c:f0:80:58:d9:2b:84:c3:40:3b:75:5b:29:0d:44:22:ba:57:
         a3:51:4d:76:fc:63:bd:92:1e:a5:72:db:09:00:e0:bd:71:60:
         8c:bf:c8:f5:31:26:1c:db:d3:97:30:94:5a:9b:85:11:e9:f5:
         db:c9:c4:02:18:ee:33:65:68:81:15:80:ff:52:ac:91:df:8e:
         88:1a:33:38:56:14:83:2c:8b:ce:8e:2f:97:27:91:25:10:9f:
         0d:6a:1d:4e:47:86:45:63:56:13:5c:ca:17:bc:79:dd:51:7b:
         5b:22:b8:63:c5:6e:17:04:ea:57:a8:7f:84:e9:e2:fa:c4:15:
         ca:c4:05:45:cb:c1:da:f1:8d:17:f6:d0:f5:0f:6d:0e:bf:7e:
         c2:a5:1b:eb:ad:08:e8:47:60:9b:22:96:3b:50:b1:2a:68:c4:
         3c:a6:d7:4c:e9:f3:f0:be:06:91:d9:ca:90:05:aa:e8:d9:c3:
         57:3c:e8:30
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhENjkw
MEYxRTMxMjZFNjA5RUY0RjFBMEZCODU1RUI0REU0RTNBMThBMB4XDTIzMDEwMTAx
MjkyM1oXDTIzMTIxNTAxMzAwMlowMzExMC8GA1UEAxMoRDE0QjA1N0YzQUE1OTc5
NjU4RDBERkYyMjcwQzIxM0VEQzI2RDZBODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANgn9TZg5E1iTg+7IThVeigWgFz4HkO09fgOgBMSfaO3i87KNd2u
KXgR6OgswtxiJViZ+7di62SYw2FuO0vkWyN/eLOEslbiQ5O/9QchB/wKSM7guk/5
M5ZwSn9Mgx0C4IkoRWpu38zN5qTJGww9f6ggoWHGY6ApX+tZLmY5/IgvsyNoqqVP
hPEd9YvtfUk98J6FnWq0hDtc+osGZy8a6f/JNqwG0/02tNhZWJxJTtxR7FHkNy6u
sz+APlgpPhkAMomQMZmb00HVK5wqygGyXaoceFSNBH3ioBEQfjJzGX+HorcMTLD+
LICsgHFyhoPRKGEsUpnGfbw5gBbhpWnQ2qUCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBTRSwV/OqWXlljQ3/InDCE+3CbWqDAfBgNVHSMEGDAWgBTWkA8eMSbmCe9PGg+4
VetN5OOhijAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvODk3LzFwQVBIakVtNWdudlR4b1B1RlhyVGVUam9Zby5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwLzFwQVBIakVtNWdudlR4b1B1RlhyVGVU
am9Zby5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC84OTcvMFVzRmZ6cWxsNVpZME5feUp3d2hQdHdtMXFnLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBJ14YDANBgkqhkiG9w0BAQsFAAOCAQEATRuxyGdB57Xb3RRWDOPlWOVfgvd0
knZQ1rNIipiAsFbyNWds6ZJT1njdcSG2eZOGt+Nd/JPbAt+s6QgdM/9Qu/cjOvLd
3E+qPPCAWNkrhMNAO3VbKQ1EIrpXo1FNdvxjvZIepXLbCQDgvXFgjL/I9TEmHNvT
lzCUWpuFEen128nEAhjuM2VogRWA/1Kskd+OiBozOFYUgyyLzo4vlyeRJRCfDWod
TkeGRWNWE1zKF7x53VF7WyK4Y8VuFwTqV6h/hOni+sQVysQFRcvB2vGNF/bQ9Q9t
Dr9+wqUb660I6EdgmyKWO1CxKmjEPKbXTOnz8L4GkdnKkAWq6NnDVzzoMA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:14 2024 by rpki-client on console-ams.rpki-client.org