Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/897/M7zYPi8eaVW9DBU6Uc_xPA_VUcY.roa
File:                     M7zYPi8eaVW9DBU6Uc_xPA_VUcY.roa (raw, json)
Hash identifier:          sLewzxr1pn2xlTy2ahNkgDqpzINrMgp8GbYSr/40E6s=
Subject key identifier:   33:BC:D8:3E:2F:1E:69:55:BD:0C:15:3A:51:CF:F1:3C:0F:D5:51:C6
Certificate issuer:       /CN=AA08097C6060710280CDAAA4E7E06C1F13CD16F2
Certificate serial:       3A
Authority key identifier: AA:08:09:7C:60:60:71:02:80:CD:AA:A4:E7:E0:6C:1F:13:CD:16:F2
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/qggJfGBgcQKAzaqk5-BsHxPNFvI.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/M7zYPi8eaVW9DBU6Uc_xPA_VUcY.roa
Signing time:             Tue 01 Feb 2022 01:31:06 +0000
ROA not before:           Tue 01 Feb 2022 01:31:06 +0000
ROA not after:            Sun 15 Jan 2023 01:30:03 +0000
asID:                     9621
IP address blocks:        202.81.8.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 58 (0x3a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AA08097C6060710280CDAAA4E7E06C1F13CD16F2
        Validity
            Not Before: Feb  1 01:31:06 2022 GMT
            Not After : Jan 15 01:30:03 2023 GMT
        Subject: CN=33BCD83E2F1E6955BD0C153A51CFF13C0FD551C6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:33:f8:b3:2f:f0:79:a7:70:e9:90:77:70:2d:
                    91:12:74:8f:b0:95:13:9a:72:aa:97:e4:90:2d:4f:
                    8a:56:76:6b:4d:26:f6:b5:fe:01:cc:7b:68:85:84:
                    07:97:77:67:f9:85:93:c1:f5:fe:8f:d1:79:11:97:
                    03:15:c4:61:14:81:8f:f4:6d:ee:a3:62:b7:ec:cc:
                    c5:17:4f:77:bb:c4:88:75:78:bd:da:0d:a8:6f:63:
                    3d:df:f9:41:9a:3a:d8:d7:1f:6c:bc:a3:5a:ee:5f:
                    f2:33:47:39:6f:bb:b1:da:bd:a1:ae:d5:03:9c:1b:
                    45:b6:c7:4e:cd:7a:07:a4:fe:12:00:f8:dd:59:a2:
                    db:e2:5c:c2:65:5b:c5:cf:ef:6c:ff:5a:c5:43:89:
                    75:aa:36:b0:c0:47:1f:65:90:6b:3d:d8:83:e9:19:
                    6b:17:4d:be:eb:69:98:0b:cf:7a:89:c3:06:75:26:
                    5f:6f:90:dd:5b:9e:79:ef:ff:fa:1c:95:46:e7:14:
                    43:ec:3b:bb:0b:26:da:98:1e:96:7e:fa:86:57:05:
                    65:44:1f:b1:c6:84:39:70:bc:49:56:c7:18:92:05:
                    1b:b6:58:87:ea:66:f3:8f:55:e2:85:71:79:f4:b2:
                    5a:0f:36:21:b0:c0:6c:4a:91:97:2f:e6:cd:01:a4:
                    00:13
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                33:BC:D8:3E:2F:1E:69:55:BD:0C:15:3A:51:CF:F1:3C:0F:D5:51:C6
            X509v3 Authority Key Identifier:
                keyid:AA:08:09:7C:60:60:71:02:80:CD:AA:A4:E7:E0:6C:1F:13:CD:16:F2

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/qggJfGBgcQKAzaqk5-BsHxPNFvI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/qggJfGBgcQKAzaqk5-BsHxPNFvI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/M7zYPi8eaVW9DBU6Uc_xPA_VUcY.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.81.8.0/21

    Signature Algorithm: sha256WithRSAEncryption
         31:d4:89:e5:ad:78:48:36:35:bc:97:31:31:95:c2:f2:90:81:
         b1:ab:9b:a3:0f:4b:ac:bf:d0:85:de:2d:3f:e8:17:c3:c7:ba:
         3d:3e:02:89:2d:8d:0d:13:95:80:e3:bd:8e:55:a0:51:49:0a:
         07:ca:76:42:3a:a9:32:d2:d7:4c:23:60:ee:09:8a:eb:f3:d4:
         4c:1a:1e:ca:37:9b:cd:b7:94:ba:9b:75:cd:35:9f:0b:3f:2d:
         ff:ad:bb:2c:c8:97:8a:de:0a:b2:0a:c6:31:aa:e7:a0:e3:4f:
         57:ec:6b:7c:1d:77:6b:4d:5b:19:a4:6b:fc:d1:d1:1f:ab:4e:
         ab:9c:6d:aa:78:be:dd:ab:f2:d2:81:1c:82:85:f9:cb:c8:6f:
         71:7a:bd:4a:b2:2f:36:10:b1:8d:c4:49:2b:6e:ea:2c:43:65:
         4b:28:b8:7c:1c:d7:9e:fd:93:cb:6a:3e:5e:5b:3a:b2:7b:c3:
         bd:9d:02:0d:14:2c:b7:e9:a7:3f:22:86:a9:a1:47:d9:1e:1d:
         e5:2d:30:fe:e7:21:86:8e:79:4e:8f:f0:21:5a:b8:8f:b1:9e:
         48:4a:22:d6:22:39:9b:94:4c:1a:71:e9:0e:b2:71:28:78:ce:
         c5:78:39:0d:b3:2e:53:c1:61:94:e1:51:d2:c7:f4:31:c7:48:
         22:ce:c8:89
-----BEGIN CERTIFICATE-----
MIIEvDCCA6SgAwIBAgIBOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBQTA4
MDk3QzYwNjA3MTAyODBDREFBQTRFN0UwNkMxRjEzQ0QxNkYyMB4XDTIyMDIwMTAx
MzEwNloXDTIzMDExNTAxMzAwM1owMzExMC8GA1UEAxMoMzNCQ0Q4M0UyRjFFNjk1
NUJEMEMxNTNBNTFDRkYxM0MwRkQ1NTFDNjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMAz+LMv8HmncOmQd3AtkRJ0j7CVE5pyqpfkkC1PilZ2a00m9rX+
Acx7aIWEB5d3Z/mFk8H1/o/ReRGXAxXEYRSBj/Rt7qNit+zMxRdPd7vEiHV4vdoN
qG9jPd/5QZo62NcfbLyjWu5f8jNHOW+7sdq9oa7VA5wbRbbHTs16B6T+EgD43Vmi
2+JcwmVbxc/vbP9axUOJdao2sMBHH2WQaz3Yg+kZaxdNvutpmAvPeonDBnUmX2+Q
3Vueee//+hyVRucUQ+w7uwsm2pgeln76hlcFZUQfscaEOXC8SVbHGJIFG7ZYh+pm
849V4oVxefSyWg82IbDAbEqRly/mzQGkABMCAwEAAaOCAdkwggHVMB0GA1UdDgQW
BBQzvNg+Lx5pVb0MFTpRz/E8D9VRxjAfBgNVHSMEGDAWgBSqCAl8YGBxAoDNqqTn
4GwfE80W8jAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvODk3L3FnZ0pmR0JnY1FLQXphcWs1LUJzSHhQTkZ2SS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL3FnZ0pmR0JnY1FLQXphcWs1LUJzSHhQ
TkZ2SS5jZXIwDgYDVR0PAQH/BAQDAgeAMHEGCCsGAQUFBwELBGUwYzBhBggrBgEF
BQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5MUE3
MzgxMDAwMC84OTcvTTd6WVBpOGVhVlc5REJVNlVjX3hQQV9WVWNZLnJvYTAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA8pRCDANBgkqhkiG9w0BAQsFAAOCAQEA
MdSJ5a14SDY1vJcxMZXC8pCBsaubow9LrL/Qhd4tP+gXw8e6PT4CiS2NDROVgOO9
jlWgUUkKB8p2QjqpMtLXTCNg7gmK6/PUTBoeyjebzbeUupt1zTWfCz8t/627LMiX
it4KsgrGMarnoONPV+xrfB13a01bGaRr/NHRH6tOq5xtqni+3avy0oEcgoX5y8hv
cXq9SrIvNhCxjcRJK27qLENlSyi4fBzXnv2Ty2o+Xls6snvDvZ0CDRQst+mnPyKG
qaFH2R4d5S0w/uchho55To/wIVq4j7GeSEoi1iI5m5RMGnHpDrJxKHjOxXg5DbMu
U8FhlOFR0sf0McdIIs7IiQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:14 2024 by rpki-client on console-ams.rpki-client.org