Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/958/agFAvl-91nzV1WezkkJhloc7bF4.roa
File:                     agFAvl-91nzV1WezkkJhloc7bF4.roa (raw, json)
Hash identifier:          yaqklBqcg2vb0P153d6ii8DY8Eq+EQzDAPNnmmHrdGw=
Subject key identifier:   6A:01:40:BE:5F:BD:D6:7C:D5:D5:67:B3:92:42:61:96:87:3B:6C:5E
Certificate issuer:       /CN=9904ECBCD85F22A2E8AE7E1F991E8345D06A9816
Certificate serial:       5E
Authority key identifier: 99:04:EC:BC:D8:5F:22:A2:E8:AE:7E:1F:99:1E:83:45:D0:6A:98:16
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/mQTsvNhfIqLorn4fmR6DRdBqmBY.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/958/agFAvl-91nzV1WezkkJhloc7bF4.roa
Signing time:             Sun 01 May 2022 01:30:54 +0000
ROA not before:           Sun 01 May 2022 01:30:54 +0000
ROA not after:            Thu 27 Apr 2023 09:52:34 +0000
asID:                     38631
IP address blocks:        203.104.144.0/21 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 94 (0x5e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9904ECBCD85F22A2E8AE7E1F991E8345D06A9816
        Validity
            Not Before: May  1 01:30:54 2022 GMT
            Not After : Apr 27 09:52:34 2023 GMT
        Subject: CN=6A0140BE5FBDD67CD5D567B392426196873B6C5E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:aa:0f:14:69:bd:4e:c9:57:c4:d7:de:d0:f3:
                    1c:b5:e8:d6:5f:9a:c4:34:91:3e:f5:af:d2:00:4d:
                    ff:5f:fb:99:a9:9c:fc:6f:4d:de:d2:91:fc:e2:0e:
                    45:12:75:62:6f:6d:0e:b5:2d:bc:31:dd:4a:d6:cf:
                    78:28:2a:e9:49:eb:86:d5:03:08:57:16:40:8f:5a:
                    fc:2b:ab:73:55:17:d3:ba:43:f6:26:05:23:b6:51:
                    bb:6b:2b:7e:7b:d2:ba:f9:ad:74:cc:dc:42:74:31:
                    e0:24:c1:5c:c0:59:40:17:6d:d6:b6:73:d9:e8:92:
                    77:0e:d1:61:84:2f:e2:e8:cf:22:06:d1:d6:2b:65:
                    22:67:ba:c2:37:3d:bb:9f:cc:6f:2b:77:39:e9:ef:
                    9b:b5:7a:8c:81:06:03:69:53:e8:56:10:c0:ca:36:
                    0b:a9:77:46:02:21:51:fc:aa:47:c4:51:fd:78:28:
                    ae:61:98:15:69:bf:dd:d0:bb:5a:0b:c4:6e:06:f4:
                    a9:70:82:1a:d5:3c:44:ed:54:0c:94:e3:ce:57:be:
                    6b:02:63:fb:eb:3d:cd:35:28:0e:9a:39:62:01:a3:
                    b6:4f:56:2f:22:c3:04:df:fb:90:43:ad:f5:a1:c8:
                    7e:2c:7a:2c:ad:f1:6a:30:7f:e7:0b:f3:2e:ac:6f:
                    15:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6A:01:40:BE:5F:BD:D6:7C:D5:D5:67:B3:92:42:61:96:87:3B:6C:5E
            X509v3 Authority Key Identifier:
                keyid:99:04:EC:BC:D8:5F:22:A2:E8:AE:7E:1F:99:1E:83:45:D0:6A:98:16

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/958/mQTsvNhfIqLorn4fmR6DRdBqmBY.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/mQTsvNhfIqLorn4fmR6DRdBqmBY.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/958/agFAvl-91nzV1WezkkJhloc7bF4.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.104.144.0/21

    Signature Algorithm: sha256WithRSAEncryption
         05:33:d2:2a:07:d8:f7:d8:35:ec:de:1f:d8:30:1f:39:66:13:
         f3:29:c8:c2:96:cd:f9:97:1c:e8:91:06:5a:e8:17:23:ed:0f:
         72:d1:9a:ab:f4:ea:73:40:93:45:35:c5:31:8b:a8:8e:f0:b3:
         92:e5:60:27:e6:56:86:20:f4:8e:ab:a8:e9:13:da:e0:be:bd:
         55:d6:a9:66:fe:bb:cc:b9:93:79:69:b5:8c:a7:c2:bb:dc:bf:
         b4:9e:38:0e:92:71:6e:a2:ac:1f:38:9b:11:65:9a:d6:6e:18:
         b7:21:7f:0e:c1:e5:ee:a9:56:69:5a:36:7d:6b:99:bc:c1:64:
         57:d7:b2:a3:2a:88:78:88:ef:c2:b8:b2:cd:05:ec:ff:01:5e:
         23:a3:a4:82:da:a4:b5:9d:1f:48:14:f9:76:d3:3c:50:df:a6:
         4b:e7:84:4f:1e:97:d7:9e:66:2c:bd:0d:31:8a:a4:75:29:a5:
         14:0c:7d:70:8c:d4:ea:0c:a7:90:de:ef:82:35:d7:ab:a6:5e:
         a2:9c:be:8d:29:35:1b:b6:12:bd:f7:09:86:41:50:60:dc:9e:
         8e:34:87:8e:7f:64:1f:aa:28:cc:14:92:22:a7:5f:3b:96:c0:
         55:62:ba:a3:a0:06:37:88:c7:3b:97:6e:10:ca:41:32:8e:d0:
         9b:31:1c:fe
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5OTA0
RUNCQ0Q4NUYyMkEyRThBRTdFMUY5OTFFODM0NUQwNkE5ODE2MB4XDTIyMDUwMTAx
MzA1NFoXDTIzMDQyNzA5NTIzNFowMzExMC8GA1UEAxMoNkEwMTQwQkU1RkJERDY3
Q0Q1RDU2N0IzOTI0MjYxOTY4NzNCNkM1RTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAM2qDxRpvU7JV8TX3tDzHLXo1l+axDSRPvWv0gBN/1/7mamc/G9N
3tKR/OIORRJ1Ym9tDrUtvDHdStbPeCgq6UnrhtUDCFcWQI9a/Curc1UX07pD9iYF
I7ZRu2srfnvSuvmtdMzcQnQx4CTBXMBZQBdt1rZz2eiSdw7RYYQv4ujPIgbR1itl
Ime6wjc9u5/Mbyt3Oenvm7V6jIEGA2lT6FYQwMo2C6l3RgIhUfyqR8RR/XgormGY
FWm/3dC7WgvEbgb0qXCCGtU8RO1UDJTjzle+awJj++s9zTUoDpo5YgGjtk9WLyLD
BN/7kEOt9aHIfix6LK3xajB/5wvzLqxvFa0CAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBRqAUC+X73WfNXVZ7OSQmGWhztsXjAfBgNVHSMEGDAWgBSZBOy82F8iouiufh+Z
HoNF0GqYFjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvOTU4L21RVHN2TmhmSXFMb3JuNGZtUjZEUmRCcW1CWS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL21RVHN2TmhmSXFMb3JuNGZtUjZEUmRC
cW1CWS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC85NTgvYWdGQXZsLTkxbnpWMVdlemtrSmhsb2M3YkY0LnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEA8tokDANBgkqhkiG9w0BAQsFAAOCAQEABTPSKgfY99g17N4f2DAfOWYT8ynI
wpbN+Zcc6JEGWugXI+0PctGaq/Tqc0CTRTXFMYuojvCzkuVgJ+ZWhiD0jquo6RPa
4L69VdapZv67zLmTeWm1jKfCu9y/tJ44DpJxbqKsHzibEWWa1m4YtyF/DsHl7qlW
aVo2fWuZvMFkV9eyoyqIeIjvwriyzQXs/wFeI6OkgtqktZ0fSBT5dtM8UN+mS+eE
Tx6X155mLL0NMYqkdSmlFAx9cIzU6gynkN7vgjXXq6Zeopy+jSk1G7YSvfcJhkFQ
YNyejjSHjn9kH6oozBSSIqdfO5bAVWK6o6AGN4jHO5duEMpBMo7QmzEc/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:15 2024 by rpki-client on console-ams.rpki-client.org