Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/934/X_P9k1aTC-nyPPxGz02eiALd7j0.roa
File:                     X_P9k1aTC-nyPPxGz02eiALd7j0.roa (raw, json)
Hash identifier:          +2W9Gif0hTfdYsC1DLWyS9PmRrYhwE1zNNP5lb3QYgM=
Subject key identifier:   5F:F3:FD:93:56:93:0B:E9:F2:3C:FC:46:CF:4D:9E:88:02:DD:EE:3D
Certificate issuer:       /CN=2A4CFE909CA58307E7CA8735AF245D718D99F7FB
Certificate serial:       4A
Authority key identifier: 2A:4C:FE:90:9C:A5:83:07:E7:CA:87:35:AF:24:5D:71:8D:99:F7:FB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Kkz-kJylgwfnyoc1ryRdcY2Z9_s.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/934/X_P9k1aTC-nyPPxGz02eiALd7j0.roa
Signing time:             Thu 13 Apr 2023 09:54:17 +0000
ROA not before:           Thu 13 Apr 2023 09:54:17 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     37892
IP address blocks:        202.145.20.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 74 (0x4a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=2A4CFE909CA58307E7CA8735AF245D718D99F7FB
        Validity
            Not Before: Apr 13 09:54:17 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=5FF3FD9356930BE9F23CFC46CF4D9E8802DDEE3D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c3:2c:94:47:5e:6e:7c:71:0d:59:b4:c9:a0:e5:
                    d1:cb:fe:6c:ba:93:82:60:33:fe:0d:fd:b6:f2:3a:
                    9e:92:a1:13:a6:05:24:ab:50:5a:98:ea:8d:7a:23:
                    b1:3e:0d:e3:e3:80:16:69:b7:ae:eb:bc:31:2e:05:
                    c5:86:74:d5:5f:fa:99:be:25:2f:7e:4b:d7:6e:f7:
                    ea:65:a5:00:31:23:f1:bd:74:72:01:ef:c9:c0:82:
                    4f:df:09:e5:40:e3:a8:68:a6:a4:40:b9:b2:4f:4f:
                    65:2a:fa:02:70:3d:2f:69:c0:42:cc:37:86:12:52:
                    01:d7:98:2e:c3:47:55:bb:80:62:5f:00:dc:8d:ed:
                    6f:4e:6d:03:74:90:61:25:af:21:74:b9:1c:01:b1:
                    ad:f3:9f:49:e3:85:1c:b8:db:c7:4f:88:cf:d1:f7:
                    b4:04:00:0e:bc:29:db:11:7e:5c:83:75:b5:91:f6:
                    70:64:56:35:59:ad:28:09:fd:d5:db:b9:9a:b6:bd:
                    63:22:12:4c:74:33:4a:55:ae:8f:4a:8a:14:71:ac:
                    a6:c5:dc:be:98:e2:07:c2:16:5e:b4:9a:a6:10:ac:
                    d6:eb:2a:48:93:75:59:78:3f:89:10:1c:1d:3f:f7:
                    c0:ec:ab:d9:1b:13:f2:85:06:a5:cb:93:de:48:d8:
                    68:41
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:F3:FD:93:56:93:0B:E9:F2:3C:FC:46:CF:4D:9E:88:02:DD:EE:3D
            X509v3 Authority Key Identifier:
                keyid:2A:4C:FE:90:9C:A5:83:07:E7:CA:87:35:AF:24:5D:71:8D:99:F7:FB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/934/Kkz-kJylgwfnyoc1ryRdcY2Z9_s.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Kkz-kJylgwfnyoc1ryRdcY2Z9_s.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/934/X_P9k1aTC-nyPPxGz02eiALd7j0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  202.145.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         bf:19:4d:b1:b2:20:27:57:a1:52:bf:3e:de:e2:b8:7c:54:9d:
         bd:7f:d7:2c:3d:b7:4b:f9:f3:2c:1a:dc:26:16:3b:65:e4:da:
         56:b4:58:76:c3:1d:6f:27:60:79:38:24:56:4a:4f:47:1d:b0:
         46:4a:97:9f:ba:06:f2:3e:45:60:9b:df:a5:41:27:14:37:e1:
         29:f5:7b:df:e6:6c:71:4b:58:3c:d5:0e:55:2c:91:ee:9b:1e:
         4a:32:28:fc:23:6a:5d:ad:44:81:a1:7e:3f:90:0e:ad:96:59:
         86:9e:40:6b:c9:7a:91:fd:6d:9e:fd:0e:9c:a3:d4:43:68:6b:
         30:e5:2d:30:a0:f8:6f:a4:d0:78:9a:1e:31:4e:23:b0:a7:47:
         5e:21:74:75:45:57:ae:67:e5:64:87:d5:1f:a1:22:e3:22:ff:
         cb:05:7d:98:2a:3b:d5:78:6a:cf:d3:8e:45:3f:b0:c2:6b:21:
         98:55:1f:9f:f5:31:05:28:7f:13:2e:eb:ba:c6:a8:07:4d:bd:
         5a:09:f5:d3:f1:03:c8:21:42:ab:e4:f7:c4:ca:24:c2:23:a4:
         17:5a:df:69:b4:1b:16:2b:a1:06:49:6c:3c:56:3a:57:4e:78:
         20:4d:12:c1:2b:72:51:a3:50:87:ca:1f:59:a8:a5:7b:dd:13:
         ef:6e:96:f7
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygyQTRD
RkU5MDlDQTU4MzA3RTdDQTg3MzVBRjI0NUQ3MThEOTlGN0ZCMB4XDTIzMDQxMzA5
NTQxN1oXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoNUZGM0ZEOTM1NjkzMEJF
OUYyM0NGQzQ2Q0Y0RDlFODgwMkRERUUzRDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMMslEdebnxxDVm0yaDl0cv+bLqTgmAz/g39tvI6npKhE6YFJKtQ
WpjqjXojsT4N4+OAFmm3ruu8MS4FxYZ01V/6mb4lL35L12736mWlADEj8b10cgHv
ycCCT98J5UDjqGimpEC5sk9PZSr6AnA9L2nAQsw3hhJSAdeYLsNHVbuAYl8A3I3t
b05tA3SQYSWvIXS5HAGxrfOfSeOFHLjbx0+Iz9H3tAQADrwp2xF+XIN1tZH2cGRW
NVmtKAn91du5mra9YyISTHQzSlWuj0qKFHGspsXcvpjiB8IWXrSaphCs1usqSJN1
WXg/iRAcHT/3wOyr2RsT8oUGpcuT3kjYaEECAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBRf8/2TVpML6fI8/EbPTZ6IAt3uPTAfBgNVHSMEGDAWgBQqTP6QnKWDB+fKhzWv
JF1xjZn3+zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvOTM0L0trei1rSnlsZ3dmbnlvYzFyeVJkY1kyWjlfcy5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL0trei1rSnlsZ3dmbnlvYzFyeVJkY1ky
Wjlfcy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC85MzQvWF9QOWsxYVRDLW55UFB4R3owMmVpQUxkN2owLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAsqRFDANBgkqhkiG9w0BAQsFAAOCAQEAvxlNsbIgJ1ehUr8+3uK4fFSdvX/X
LD23S/nzLBrcJhY7ZeTaVrRYdsMdbydgeTgkVkpPRx2wRkqXn7oG8j5FYJvfpUEn
FDfhKfV73+ZscUtYPNUOVSyR7pseSjIo/CNqXa1EgaF+P5AOrZZZhp5Aa8l6kf1t
nv0OnKPUQ2hrMOUtMKD4b6TQeJoeMU4jsKdHXiF0dUVXrmflZIfVH6Ei4yL/ywV9
mCo71Xhqz9OORT+wwmshmFUfn/UxBSh/Ey7rusaoB029Wgn10/EDyCFCq+T3xMok
wiOkF1rfabQbFiuhBklsPFY6V054IE0SwStyUaNQh8ofWaile90T726W9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:14 2024 by rpki-client on console-ams.rpki-client.org