Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/997/IAUMlst20_86JJHw9z73vS_ihhk.roa
File:                     IAUMlst20_86JJHw9z73vS_ihhk.roa (raw, json)
Hash identifier:          BmDJyb+Uxtm4WB0riagM8mQVAG/kVZc1DWOsg3184QM=
Subject key identifier:   20:05:0C:96:CB:76:D3:FF:3A:24:91:F0:F7:3E:F7:BD:2F:E2:86:19
Certificate issuer:       /CN=B7187C4D4BDDD435728B412888E0655334208E0B
Certificate serial:       2A
Authority key identifier: B7:18:7C:4D:4B:DD:D4:35:72:8B:41:28:88:E0:65:53:34:20:8E:0B
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/txh8TUvd1DVyi0EoiOBlUzQgjgs.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/997/IAUMlst20_86JJHw9z73vS_ihhk.roa
Signing time:             Sat 01 Oct 2022 01:29:50 +0000
ROA not before:           Sat 01 Oct 2022 01:29:50 +0000
ROA not after:            Fri 15 Sep 2023 01:30:03 +0000
asID:                     17707
IP address blocks:        218.223.16.0/20 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 42 (0x2a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=B7187C4D4BDDD435728B412888E0655334208E0B
        Validity
            Not Before: Oct  1 01:29:50 2022 GMT
            Not After : Sep 15 01:30:03 2023 GMT
        Subject: CN=20050C96CB76D3FF3A2491F0F73EF7BD2FE28619
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:21:a8:2e:3a:73:3f:ec:9e:20:b2:28:59:c2:
                    8e:8a:aa:de:cb:1a:5b:78:0c:e9:51:86:8c:b8:da:
                    5d:9c:8d:e8:aa:25:8f:32:65:c0:62:43:58:f4:c2:
                    55:c5:94:be:f5:c2:47:b2:e1:9f:06:05:cf:a5:f8:
                    7e:77:58:d2:29:d2:70:41:9f:96:21:d3:0a:e0:45:
                    30:c4:16:09:ec:f7:54:db:da:3a:06:62:8f:d3:fd:
                    92:92:c6:fd:b0:6d:9a:01:ee:d0:00:2f:af:e7:7e:
                    c9:18:79:81:93:31:12:3f:b6:d1:f3:54:00:37:fc:
                    b3:c1:a4:20:dc:e8:af:6d:b7:cb:7c:b1:0b:85:27:
                    d8:08:24:dc:a2:eb:d5:20:2c:b7:99:c2:b2:ff:d2:
                    c9:38:c0:3f:08:da:09:86:4e:71:80:1e:08:ff:a1:
                    bd:4b:94:c1:c9:ac:67:da:27:bb:0c:c8:eb:7f:c3:
                    e5:97:a3:cf:02:d7:46:d0:0e:90:d4:28:be:1c:3a:
                    d6:b4:eb:e1:c8:05:05:56:42:4c:82:82:4c:7d:17:
                    a6:31:75:26:45:b1:2e:1b:4a:f5:93:c6:56:f7:7c:
                    25:59:4f:66:93:74:60:3c:1e:b1:c3:06:9f:92:62:
                    be:f1:0c:4d:48:1b:91:1c:c9:1f:83:cb:e8:8f:42:
                    46:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:05:0C:96:CB:76:D3:FF:3A:24:91:F0:F7:3E:F7:BD:2F:E2:86:19
            X509v3 Authority Key Identifier:
                keyid:B7:18:7C:4D:4B:DD:D4:35:72:8B:41:28:88:E0:65:53:34:20:8E:0B

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/997/txh8TUvd1DVyi0EoiOBlUzQgjgs.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/txh8TUvd1DVyi0EoiOBlUzQgjgs.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/997/IAUMlst20_86JJHw9z73vS_ihhk.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  218.223.16.0/20

    Signature Algorithm: sha256WithRSAEncryption
         38:7f:79:19:96:2a:64:3f:84:79:95:28:0c:f5:53:a5:51:3d:
         7b:d4:62:41:c9:4a:7b:e1:c0:80:cf:75:91:6d:94:0c:7e:26:
         6b:85:9c:d5:46:f3:a0:b3:24:76:c4:a2:f8:b6:eb:5a:28:ce:
         eb:eb:13:8a:a7:e9:d5:7e:68:26:bc:13:46:59:1a:71:5c:6a:
         bd:14:d3:fd:8b:29:62:27:68:e8:5d:dd:c9:e4:dc:71:46:8d:
         f8:11:bf:58:4f:30:53:4b:1b:a2:8e:13:06:cf:56:08:a9:b7:
         2d:ee:9a:46:40:6d:47:44:84:ff:f3:0c:3d:b2:63:5d:12:a8:
         69:58:a0:23:71:21:69:9e:35:34:2c:1e:82:d8:dd:20:b4:ae:
         98:4b:2a:81:86:5b:37:cc:03:ef:f7:5f:00:85:d1:68:51:69:
         aa:86:75:6b:26:ec:91:db:da:c1:28:6a:5e:44:e2:af:ac:00:
         e0:f4:15:bf:9a:d8:7e:be:98:03:ef:90:1f:5b:30:60:ad:ff:
         9b:f4:a8:a1:16:bf:a5:3d:22:9d:d3:36:ed:b6:22:6a:0e:27:
         ea:9d:71:46:48:d3:9d:6a:ca:14:bf:ea:7c:fa:da:c3:d2:ee:
         1e:9e:73:86:5e:09:a6:f7:3f:c2:e1:3f:43:9f:4c:0f:d0:d7:
         a0:ea:5b:ab
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhCNzE4
N0M0RDRCRERENDM1NzI4QjQxMjg4OEUwNjU1MzM0MjA4RTBCMB4XDTIyMTAwMTAx
Mjk1MFoXDTIzMDkxNTAxMzAwM1owMzExMC8GA1UEAxMoMjAwNTBDOTZDQjc2RDNG
RjNBMjQ5MUYwRjczRUY3QkQyRkUyODYxOTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALchqC46cz/sniCyKFnCjoqq3ssaW3gM6VGGjLjaXZyN6KoljzJl
wGJDWPTCVcWUvvXCR7LhnwYFz6X4fndY0inScEGfliHTCuBFMMQWCez3VNvaOgZi
j9P9kpLG/bBtmgHu0AAvr+d+yRh5gZMxEj+20fNUADf8s8GkINzor223y3yxC4Un
2Agk3KLr1SAst5nCsv/SyTjAPwjaCYZOcYAeCP+hvUuUwcmsZ9onuwzI63/D5Zej
zwLXRtAOkNQovhw61rTr4cgFBVZCTIKCTH0XpjF1JkWxLhtK9ZPGVvd8JVlPZpN0
YDwescMGn5JivvEMTUgbkRzJH4PL6I9CRtUCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBQgBQyWy3bT/zokkfD3Pve9L+KGGTAfBgNVHSMEGDAWgBS3GHxNS93UNXKLQSiI
4GVTNCCOCzAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvOTk3L3R4aDhUVXZkMURWeWkwRW9pT0JsVXpRZ2pncy5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL3R4aDhUVXZkMURWeWkwRW9pT0JsVXpR
Z2pncy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC85OTcvSUFVTWxzdDIwXzg2SkpIdzl6NzN2U19paGhrLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBNrfEDANBgkqhkiG9w0BAQsFAAOCAQEAOH95GZYqZD+EeZUoDPVTpVE9e9Ri
QclKe+HAgM91kW2UDH4ma4Wc1UbzoLMkdsSi+LbrWijO6+sTiqfp1X5oJrwTRlka
cVxqvRTT/YspYido6F3dyeTccUaN+BG/WE8wU0sboo4TBs9WCKm3Le6aRkBtR0SE
//MMPbJjXRKoaVigI3EhaZ41NCwegtjdILSumEsqgYZbN8wD7/dfAIXRaFFpqoZ1
aybskdvawShqXkTir6wA4PQVv5rYfr6YA++QH1swYK3/m/SooRa/pT0indM27bYi
ag4n6p1xRkjTnWrKFL/qfPraw9LuHp5zhl4Jpvc/wuE/Q59MD9DXoOpbqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:02 2024 by rpki-client on console-fra.rpki-client.org