Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/897/S-BZc0okpHP0P96wkT_H48LK5Y8.roa
File:                     S-BZc0okpHP0P96wkT_H48LK5Y8.roa (raw, json)
Hash identifier:          C45Bmhq2Ye6eVyJNoLjOZxP7hhaxYJRNcVWoytUaBPI=
Subject key identifier:   4B:E0:59:73:4A:24:A4:73:F4:3F:DE:B0:91:3F:C7:E3:C2:CA:E5:8F
Certificate issuer:       /CN=AA08097C6060710280CDAAA4E7E06C1F13CD16F2
Certificate serial:       4D
Authority key identifier: AA:08:09:7C:60:60:71:02:80:CD:AA:A4:E7:E0:6C:1F:13:CD:16:F2
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/qggJfGBgcQKAzaqk5-BsHxPNFvI.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/S-BZc0okpHP0P96wkT_H48LK5Y8.roa
Signing time:             Tue 01 Nov 2022 01:28:14 +0000
ROA not before:           Tue 01 Nov 2022 01:28:14 +0000
ROA not after:            Sun 15 Oct 2023 01:30:02 +0000
asID:                     9621
IP address blocks:        218.40.176.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 77 (0x4d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=AA08097C6060710280CDAAA4E7E06C1F13CD16F2
        Validity
            Not Before: Nov  1 01:28:14 2022 GMT
            Not After : Oct 15 01:30:02 2023 GMT
        Subject: CN=4BE059734A24A473F43FDEB0913FC7E3C2CAE58F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:f3:fb:c4:12:00:38:5c:fd:41:46:47:fa:a9:
                    3c:97:76:cf:f8:70:aa:6a:8e:44:d9:49:81:23:15:
                    1b:bb:03:07:81:e3:83:45:4f:58:00:b5:2c:7a:dc:
                    aa:54:63:f3:8e:cf:a3:e5:30:dd:58:55:9a:12:b2:
                    f4:e3:ee:4f:02:b7:d5:40:c7:a1:6b:38:81:25:6a:
                    8a:53:b3:15:71:01:91:f3:82:c0:8e:60:b2:b2:ca:
                    c9:d1:11:6a:ab:2e:34:1e:d6:54:b4:df:2b:b0:94:
                    aa:28:32:43:98:a1:6c:16:04:62:3a:02:4b:97:fd:
                    83:ee:fa:3b:4c:5a:dc:05:25:fa:c5:8e:94:d6:41:
                    e8:5b:ff:40:73:c4:cc:cd:9c:45:f2:fc:3a:2f:80:
                    f8:d5:2b:3b:cc:33:c3:c6:fb:de:a2:19:80:bc:b0:
                    c0:f4:ee:37:51:63:e2:d0:dd:ac:63:c5:9d:8b:ee:
                    17:01:89:bb:93:96:79:40:01:3a:9f:bb:9e:b7:52:
                    95:31:1e:0d:5f:29:2e:75:bc:9d:f0:e5:65:79:08:
                    2f:2a:9a:27:10:00:3e:9c:63:67:c9:03:a9:af:04:
                    9c:0b:41:35:80:df:fa:68:9c:49:ef:65:1d:52:7a:
                    65:24:8a:78:40:13:5c:b4:5d:c2:dc:0b:db:03:55:
                    26:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:E0:59:73:4A:24:A4:73:F4:3F:DE:B0:91:3F:C7:E3:C2:CA:E5:8F
            X509v3 Authority Key Identifier:
                keyid:AA:08:09:7C:60:60:71:02:80:CD:AA:A4:E7:E0:6C:1F:13:CD:16:F2

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/qggJfGBgcQKAzaqk5-BsHxPNFvI.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/qggJfGBgcQKAzaqk5-BsHxPNFvI.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/897/S-BZc0okpHP0P96wkT_H48LK5Y8.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  218.40.176.0/20

    Signature Algorithm: sha256WithRSAEncryption
         25:6b:70:3c:05:61:bd:f5:ae:10:fa:a1:e2:20:30:a1:ce:db:
         e2:16:39:42:27:60:19:5d:dc:60:19:79:29:e5:c4:ef:5d:a4:
         3a:62:63:78:97:68:81:46:31:a6:60:65:2d:33:f5:d9:06:63:
         ba:d4:e1:e6:c5:df:07:3e:d7:c5:a4:ad:3f:69:b3:24:ca:72:
         8b:7f:15:72:d3:2a:71:73:fd:08:db:2d:4b:27:43:a6:70:a0:
         a5:a4:56:b0:cb:68:54:97:b8:c1:6b:02:84:86:72:a4:59:3e:
         39:8e:55:87:3c:4f:b3:da:1e:1e:36:4a:b1:6d:4d:44:14:21:
         0f:23:7f:91:14:69:6d:5f:b9:95:83:f4:d6:68:84:b6:c9:af:
         51:c2:55:65:74:56:7c:07:2b:cd:d9:34:60:07:ff:4d:55:10:
         22:30:e6:6a:2d:6b:e1:47:2d:4c:91:59:10:d4:19:2d:9a:c4:
         7a:8c:30:08:f1:56:12:ee:85:dd:70:24:6e:1b:b2:8e:cb:9e:
         26:28:e7:d8:57:08:95:e1:53:1f:d7:1e:5b:91:9b:37:c4:78:
         57:fb:7f:52:bd:3d:68:71:b5:49:f6:08:dd:83:0f:7a:ff:d3:
         4c:a3:e8:7f:2b:e7:be:b2:7b:6b:0c:ea:c8:a7:3a:2b:e1:0e:
         8a:da:f6:7a
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhBQTA4
MDk3QzYwNjA3MTAyODBDREFBQTRFN0UwNkMxRjEzQ0QxNkYyMB4XDTIyMTEwMTAx
MjgxNFoXDTIzMTAxNTAxMzAwMlowMzExMC8GA1UEAxMoNEJFMDU5NzM0QTI0QTQ3
M0Y0M0ZERUIwOTEzRkM3RTNDMkNBRTU4RjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKDz+8QSADhc/UFGR/qpPJd2z/hwqmqORNlJgSMVG7sDB4Hjg0VP
WAC1LHrcqlRj847Po+Uw3VhVmhKy9OPuTwK31UDHoWs4gSVqilOzFXEBkfOCwI5g
srLKydERaqsuNB7WVLTfK7CUqigyQ5ihbBYEYjoCS5f9g+76O0xa3AUl+sWOlNZB
6Fv/QHPEzM2cRfL8Oi+A+NUrO8wzw8b73qIZgLywwPTuN1Fj4tDdrGPFnYvuFwGJ
u5OWeUABOp+7nrdSlTEeDV8pLnW8nfDlZXkILyqaJxAAPpxjZ8kDqa8EnAtBNYDf
+micSe9lHVJ6ZSSKeEATXLRdwtwL2wNVJkkCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBRL4FlzSiSkc/Q/3rCRP8fjwsrljzAfBgNVHSMEGDAWgBSqCAl8YGBxAoDNqqTn
4GwfE80W8jAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvODk3L3FnZ0pmR0JnY1FLQXphcWs1LUJzSHhQTkZ2SS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL3FnZ0pmR0JnY1FLQXphcWs1LUJzSHhQ
TkZ2SS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC84OTcvUy1CWmMwb2twSFAwUDk2d2tUX0g0OExLNVk4LnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBNoosDANBgkqhkiG9w0BAQsFAAOCAQEAJWtwPAVhvfWuEPqh4iAwoc7b4hY5
QidgGV3cYBl5KeXE712kOmJjeJdogUYxpmBlLTP12QZjutTh5sXfBz7XxaStP2mz
JMpyi38VctMqcXP9CNstSydDpnCgpaRWsMtoVJe4wWsChIZypFk+OY5VhzxPs9oe
HjZKsW1NRBQhDyN/kRRpbV+5lYP01miEtsmvUcJVZXRWfAcrzdk0YAf/TVUQIjDm
ai1r4UctTJFZENQZLZrEeowwCPFWEu6F3XAkbhuyjsueJijn2FcIleFTH9ceW5Gb
N8R4V/t/Ur09aHG1SfYI3YMPev/TTKPofyvnvrJ7awzqyKc6K+EOitr2eg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:56 2024 by rpki-client on console-fra.rpki-client.org