Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/964/HVHz-jIvd5zeFGEmuOxWempEMK0.roa
File:                     HVHz-jIvd5zeFGEmuOxWempEMK0.roa (raw, json)
Hash identifier:          21e/p7Z5x2zVxT3NRbuQBkeiv0DUjDS0vcD/4D0rT3c=
Subject key identifier:   1D:51:F3:FA:32:2F:77:9C:DE:14:61:26:B8:EC:56:7A:6A:44:30:AD
Certificate issuer:       /CN=6676F69140635CF4AD2A3A9CF5EF25BADD2DC72D
Certificate serial:       15
Authority key identifier: 66:76:F6:91:40:63:5C:F4:AD:2A:3A:9C:F5:EF:25:BA:DD:2D:C7:2D
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Znb2kUBjXPStKjqc9e8lut0txy0.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/964/HVHz-jIvd5zeFGEmuOxWempEMK0.roa
Signing time:             Sat 01 Jan 2022 01:31:43 +0000
ROA not before:           Sat 01 Jan 2022 01:31:43 +0000
ROA not after:            Thu 15 Dec 2022 01:30:02 +0000
asID:                     3491
IP address blocks:        203.170.52.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 21 (0x15)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6676F69140635CF4AD2A3A9CF5EF25BADD2DC72D
        Validity
            Not Before: Jan  1 01:31:43 2022 GMT
            Not After : Dec 15 01:30:02 2022 GMT
        Subject: CN=1D51F3FA322F779CDE146126B8EC567A6A4430AD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d8:5f:5b:56:40:26:12:f6:29:54:ff:6d:cb:e4:
                    c8:8b:98:6d:d2:73:85:d4:63:4a:77:a8:5e:b6:a1:
                    59:fa:cf:28:23:4c:3f:61:05:26:8f:a4:93:98:8c:
                    b3:cf:18:c4:9a:b6:e9:8a:31:11:f9:bf:3e:d8:2f:
                    a9:d2:f9:86:f3:2e:bc:1d:b3:2f:52:69:ef:b2:da:
                    fd:0e:59:e5:18:da:18:09:a9:8a:b0:c2:a5:5e:a8:
                    e3:a4:a6:b5:6d:f2:5d:dc:da:39:83:66:69:2f:14:
                    e6:77:a0:4d:6e:60:3d:a9:24:1b:20:4d:ec:45:69:
                    52:7e:fa:68:b9:f7:f3:77:ec:79:d3:d6:8b:35:f3:
                    23:b1:b3:71:44:8f:26:53:08:83:bf:7d:09:2f:7a:
                    0c:0a:12:aa:43:2f:3e:3c:3c:ea:20:d6:44:e7:74:
                    a7:87:2f:62:96:83:fc:3b:3a:04:9b:a4:a1:b2:68:
                    e5:33:15:7e:23:e5:ad:05:36:7a:b3:5a:cd:7a:75:
                    22:80:06:39:2e:3f:01:5c:bf:57:39:a0:20:9e:56:
                    27:73:1c:3f:51:16:b2:77:2a:70:d2:bf:19:65:a8:
                    7f:4b:73:8d:fd:e3:ce:63:e9:45:bd:31:c4:99:d4:
                    05:f7:4a:cb:57:ca:6f:f5:70:e4:29:32:8e:f8:73:
                    7d:ed
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:51:F3:FA:32:2F:77:9C:DE:14:61:26:B8:EC:56:7A:6A:44:30:AD
            X509v3 Authority Key Identifier:
                keyid:66:76:F6:91:40:63:5C:F4:AD:2A:3A:9C:F5:EF:25:BA:DD:2D:C7:2D

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/964/Znb2kUBjXPStKjqc9e8lut0txy0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/Znb2kUBjXPStKjqc9e8lut0txy0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/964/HVHz-jIvd5zeFGEmuOxWempEMK0.roa

            sbgp-ipAddrBlock: critical
                IPv4:
                  203.170.52.0/22

    Signature Algorithm: sha256WithRSAEncryption
         1e:35:3d:27:cd:7c:45:83:77:b6:98:04:3b:6b:1b:31:c4:4e:
         0e:64:f2:2d:1e:1d:1e:62:f7:fd:99:fd:ab:4d:79:73:37:92:
         b1:13:b1:11:e7:58:bc:ed:0e:38:6e:ea:47:0e:7e:45:c6:a8:
         92:2b:0a:56:77:e2:f1:5c:d3:dc:d6:a0:4d:8d:79:0f:fd:f0:
         ce:74:6f:57:35:7d:91:bd:1e:bf:70:a3:13:63:00:4d:33:a5:
         e3:b6:bf:2c:9d:4f:4b:ee:10:c8:9c:14:47:c5:7d:4a:ea:97:
         4c:5e:c0:cc:5d:d6:4a:d3:54:49:c7:a6:5f:15:90:18:be:68:
         5f:64:ea:c4:ac:53:aa:88:e2:6d:ac:b7:0f:9b:7a:82:0c:06:
         24:c1:ed:31:3f:2f:b5:89:be:6c:8d:7e:71:f8:f1:09:27:5c:
         29:0e:2d:0d:b4:30:c2:0f:7a:d6:94:09:b6:42:f5:7f:73:a2:
         78:86:6d:81:bc:62:04:3b:5d:77:53:cb:f9:1f:4a:5a:c3:ef:
         95:1e:e8:1a:0b:5a:83:57:ec:0b:31:83:1f:94:72:f9:fa:c2:
         9c:e1:a9:85:d8:40:80:09:0b:eb:02:d0:70:14:9f:83:82:19:
         a5:76:49:79:76:92:20:96:65:aa:14:b4:46:07:1c:c4:99:bc:
         0d:97:e6:d1
-----BEGIN CERTIFICATE-----
MIIEvDCCA6SgAwIBAgIBFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2Njc2
RjY5MTQwNjM1Q0Y0QUQyQTNBOUNGNUVGMjVCQUREMkRDNzJEMB4XDTIyMDEwMTAx
MzE0M1oXDTIyMTIxNTAxMzAwMlowMzExMC8GA1UEAxMoMUQ1MUYzRkEzMjJGNzc5
Q0RFMTQ2MTI2QjhFQzU2N0E2QTQ0MzBBRDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANhfW1ZAJhL2KVT/bcvkyIuYbdJzhdRjSneoXrahWfrPKCNMP2EF
Jo+kk5iMs88YxJq26YoxEfm/PtgvqdL5hvMuvB2zL1Jp77La/Q5Z5RjaGAmpirDC
pV6o46SmtW3yXdzaOYNmaS8U5negTW5gPakkGyBN7EVpUn76aLn383fsedPWizXz
I7GzcUSPJlMIg799CS96DAoSqkMvPjw86iDWROd0p4cvYpaD/Ds6BJukobJo5TMV
fiPlrQU2erNazXp1IoAGOS4/AVy/VzmgIJ5WJ3McP1EWsncqcNK/GWWof0tzjf3j
zmPpRb0xxJnUBfdKy1fKb/Vw5Ckyjvhzfe0CAwEAAaOCAdkwggHVMB0GA1UdDgQW
BBQdUfP6Mi93nN4UYSa47FZ6akQwrTAfBgNVHSMEGDAWgBRmdvaRQGNc9K0qOpz1
7yW63S3HLTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvOTY0L1puYjJrVUJqWFBTdEtqcWM5ZThsdXQwdHh5MC5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1puYjJrVUJqWFBTdEtqcWM5ZThsdXQw
dHh5MC5jZXIwDgYDVR0PAQH/BAQDAgeAMHEGCCsGAQUFBwELBGUwYzBhBggrBgEF
BQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5MUE3
MzgxMDAwMC85NjQvSFZIei1qSXZkNXplRkdFbXVPeFdlbXBFTUswLnJvYTAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsuqNDANBgkqhkiG9w0BAQsFAAOCAQEA
HjU9J818RYN3tpgEO2sbMcRODmTyLR4dHmL3/Zn9q015czeSsROxEedYvO0OOG7q
Rw5+RcaokisKVnfi8VzT3NagTY15D/3wznRvVzV9kb0ev3CjE2MATTOl47a/LJ1P
S+4QyJwUR8V9SuqXTF7AzF3WStNUScemXxWQGL5oX2TqxKxTqojibay3D5t6ggwG
JMHtMT8vtYm+bI1+cfjxCSdcKQ4tDbQwwg961pQJtkL1f3OieIZtgbxiBDtdd1PL
+R9KWsPvlR7oGgtag1fsCzGDH5Ry+frCnOGphdhAgAkL6wLQcBSfg4IZpXZJeXaS
IJZlqhS0RgccxJm8DZfm0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:02 2024 by rpki-client on console-fra.rpki-client.org