Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/958/IARefiF2yPX_IbZWC1wgA8zKNvQ.roa
File:                     IARefiF2yPX_IbZWC1wgA8zKNvQ.roa (raw, json)
Hash identifier:          XOcx4lWph/cSPEp8SbzMPerHTZ+nou/+GI7cR4lb/pU=
Subject key identifier:   20:04:5E:7E:21:76:C8:F5:FF:21:B6:56:0B:5C:20:03:CC:CA:36:F4
Certificate issuer:       /CN=9904ECBCD85F22A2E8AE7E1F991E8345D06A9816
Certificate serial:       7A
Authority key identifier: 99:04:EC:BC:D8:5F:22:A2:E8:AE:7E:1F:99:1E:83:45:D0:6A:98:16
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/mQTsvNhfIqLorn4fmR6DRdBqmBY.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/958/IARefiF2yPX_IbZWC1wgA8zKNvQ.roa
Signing time:             Thu 13 Apr 2023 09:53:51 +0000
ROA not before:           Thu 13 Apr 2023 09:53:51 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     38631
IP address blocks:        103.2.28.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 122 (0x7a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9904ECBCD85F22A2E8AE7E1F991E8345D06A9816
        Validity
            Not Before: Apr 13 09:53:51 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=20045E7E2176C8F5FF21B6560B5C2003CCCA36F4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:e9:3e:45:40:ad:21:7e:26:b3:00:1b:ac:fb:
                    8f:bc:03:9f:e0:49:cc:df:39:c2:39:f1:b8:7d:13:
                    2e:ee:5e:88:8c:8b:1f:ea:ee:6f:d3:43:d8:fa:28:
                    46:0c:cd:14:83:bb:cf:6c:f7:0a:8a:44:3b:7a:d9:
                    f2:4b:30:04:ba:fa:b6:38:8d:36:c9:e8:3c:92:0c:
                    2e:df:23:8d:e1:d6:96:5b:fe:07:81:5f:97:9c:0f:
                    af:2d:83:85:9f:58:f1:12:47:83:b2:9d:8f:98:85:
                    af:e3:17:58:f8:72:c3:50:ce:aa:8a:05:9d:80:63:
                    71:31:c4:19:88:56:49:a1:4d:46:a4:60:55:de:f4:
                    fc:1c:49:b3:a7:86:69:eb:8d:82:d1:82:41:f8:47:
                    d3:da:7d:82:48:3f:da:7f:61:68:94:69:e0:6e:21:
                    36:d7:83:60:46:01:2f:b2:7a:71:ff:d1:dd:d9:27:
                    74:c3:59:39:8e:3a:c5:41:9b:87:7a:c6:7c:75:7d:
                    fd:cf:ab:e0:f1:7f:34:3f:05:26:c2:e8:74:81:1d:
                    bc:ff:e0:ac:e5:ab:b9:04:94:7a:b5:88:c7:d0:e7:
                    08:72:d7:cc:19:5a:f2:b8:f4:74:de:ff:b7:37:8b:
                    6e:30:73:a3:4b:60:60:3f:1a:3a:8e:f2:67:90:93:
                    c0:4d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:04:5E:7E:21:76:C8:F5:FF:21:B6:56:0B:5C:20:03:CC:CA:36:F4
            X509v3 Authority Key Identifier:
                keyid:99:04:EC:BC:D8:5F:22:A2:E8:AE:7E:1F:99:1E:83:45:D0:6A:98:16

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/958/mQTsvNhfIqLorn4fmR6DRdBqmBY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/mQTsvNhfIqLorn4fmR6DRdBqmBY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/958/IARefiF2yPX_IbZWC1wgA8zKNvQ.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  103.2.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:7d:df:32:aa:2f:0a:a6:06:3d:21:6c:f3:3a:76:95:96:30:
         e2:67:d2:f2:f7:9b:5a:cd:a6:5a:8a:66:48:2c:8d:28:a4:e5:
         78:85:03:92:b4:bb:e6:05:2b:09:02:84:51:82:8f:7c:e1:60:
         0e:8c:7b:18:2f:ce:48:43:13:d7:35:0c:a1:e1:d0:f4:fd:9e:
         7f:ab:5f:d8:ef:91:17:65:db:97:cb:b9:ee:36:db:7e:1b:c6:
         3c:ef:20:24:b5:14:25:7e:a6:b5:db:cf:d9:dc:2e:9c:e7:f6:
         97:96:5f:a5:bd:10:e5:48:0b:bb:2f:31:1a:bb:45:77:3d:5d:
         c6:49:a7:9d:af:47:50:ba:c7:8e:db:0d:0d:51:56:c0:e4:eb:
         7f:9c:4d:a4:60:09:ee:5a:a3:f1:ef:43:75:c5:17:b1:8e:83:
         28:5a:65:1c:49:24:2c:03:1f:6e:9e:56:21:dd:0f:fa:74:fc:
         00:77:bd:b7:b4:fa:9f:9f:eb:99:15:18:63:9b:79:00:11:d8:
         fc:49:0b:d9:65:13:10:39:cc:de:3e:2a:7a:fc:2f:8f:a2:38:
         96:9e:bc:54:55:37:a6:5e:64:0b:83:5c:0e:b0:74:b8:85:2f:
         0d:32:8c:9f:74:bb:b9:ce:28:28:65:23:75:04:ae:16:5e:e4:
         f9:f4:6a:4b
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBejANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5OTA0
RUNCQ0Q4NUYyMkEyRThBRTdFMUY5OTFFODM0NUQwNkE5ODE2MB4XDTIzMDQxMzA5
NTM1MVoXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoMjAwNDVFN0UyMTc2QzhG
NUZGMjFCNjU2MEI1QzIwMDNDQ0NBMzZGNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALrpPkVArSF+JrMAG6z7j7wDn+BJzN85wjnxuH0TLu5eiIyLH+ru
b9ND2PooRgzNFIO7z2z3CopEO3rZ8kswBLr6tjiNNsnoPJIMLt8jjeHWllv+B4Ff
l5wPry2DhZ9Y8RJHg7Kdj5iFr+MXWPhyw1DOqooFnYBjcTHEGYhWSaFNRqRgVd70
/BxJs6eGaeuNgtGCQfhH09p9gkg/2n9haJRp4G4hNteDYEYBL7J6cf/R3dkndMNZ
OY46xUGbh3rGfHV9/c+r4PF/ND8FJsLodIEdvP/grOWruQSUerWIx9DnCHLXzBla
8rj0dN7/tzeLbjBzo0tgYD8aOo7yZ5CTwE0CAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBQgBF5+IXbI9f8htlYLXCADzMo29DAfBgNVHSMEGDAWgBSZBOy82F8iouiufh+Z
HoNF0GqYFjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvOTU4L21RVHN2TmhmSXFMb3JuNGZtUjZEUmRCcW1CWS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL21RVHN2TmhmSXFMb3JuNGZtUjZEUmRC
cW1CWS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC85NTgvSUFSZWZpRjJ5UFhfSWJaV0Mxd2dBOHpLTnZRLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAGcCHDANBgkqhkiG9w0BAQsFAAOCAQEAUX3fMqovCqYGPSFs8zp2lZYw4mfS
8vebWs2mWopmSCyNKKTleIUDkrS75gUrCQKEUYKPfOFgDox7GC/OSEMT1zUMoeHQ
9P2ef6tf2O+RF2Xbl8u57jbbfhvGPO8gJLUUJX6mtdvP2dwunOf2l5Zfpb0Q5UgL
uy8xGrtFdz1dxkmnna9HULrHjtsNDVFWwOTrf5xNpGAJ7lqj8e9DdcUXsY6DKFpl
HEkkLAMfbp5WId0P+nT8AHe9t7T6n5/rmRUYY5t5ABHY/EkL2WUTEDnM3j4qevwv
j6I4lp68VFU3pl5kC4NcDrB0uIUvDTKMn3S7uc4oKGUjdQSuFl7k+fRqSw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:02 2024 by rpki-client on console-fra.rpki-client.org