Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/2m8B2tYiS8cNyu7IKmMKjI7QBj0.roa
File:                     2m8B2tYiS8cNyu7IKmMKjI7QBj0.roa (raw, json)
Hash identifier:          PXjN0Kflpj9ifEFAVPT0/X2+yyhrdLK8Bc9F+cY+SA0=
Subject key identifier:   DA:6F:01:DA:D6:22:4B:C7:0D:CA:EE:C8:2A:63:0A:8C:8E:D0:06:3D
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       66
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/2m8B2tYiS8cNyu7IKmMKjI7QBj0.roa
Signing time:             Tue 30 May 2023 16:06:15 +0000
ROA not before:           Tue 30 May 2023 16:06:15 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:6b:9700::/40 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 102 (0x66)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: May 30 16:06:15 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=DA6F01DAD6224BC70DCAEEC82A630A8C8ED0063D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:ab:d7:8f:0e:2f:15:02:c0:ed:71:9d:3f:cd:
                    7f:4c:a6:5d:13:d4:b0:07:b8:98:aa:f6:37:13:a1:
                    2d:80:c0:d6:bf:a6:d9:86:ac:4b:71:aa:56:06:a7:
                    44:28:43:af:80:93:96:ce:6d:d1:52:89:58:28:38:
                    38:06:1b:20:51:43:f1:ff:0b:1c:92:c4:b6:a8:cd:
                    42:12:bc:2d:37:9f:5d:8e:43:4c:d1:49:91:c4:cd:
                    c0:14:e7:4f:9b:cd:ed:06:f1:c3:98:4c:e2:9a:9d:
                    ed:1e:5b:0d:8f:4a:b5:0a:a0:d4:aa:d7:ef:04:b4:
                    1e:b8:9a:2b:1a:88:0d:28:0c:d0:84:88:73:cf:80:
                    30:30:15:42:b3:70:c0:e1:e4:7e:ca:3d:d0:65:a5:
                    a9:92:b2:08:0f:25:78:b0:d1:ec:f5:31:8c:d1:6a:
                    92:40:04:64:44:9a:d1:bb:cd:4e:82:72:2c:1f:76:
                    38:10:fa:cc:ba:5f:4a:de:db:e0:6b:13:38:38:9a:
                    e5:5f:53:97:ad:3b:f5:a2:54:95:47:53:6f:40:38:
                    35:4f:05:4c:fc:f2:5f:c2:91:f0:00:0c:10:7d:84:
                    5e:b3:6e:99:b4:db:e8:92:19:d7:ff:db:b4:8e:e2:
                    b8:db:a1:fb:8c:94:3f:8b:4e:a9:f5:ff:86:6d:d7:
                    5b:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DA:6F:01:DA:D6:22:4B:C7:0D:CA:EE:C8:2A:63:0A:8C:8E:D0:06:3D
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/2m8B2tYiS8cNyu7IKmMKjI7QBj0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:6b:9700::/40

    Signature Algorithm: sha256WithRSAEncryption
         cb:2a:04:71:89:ce:b0:c1:ad:fc:15:7e:fe:1e:c6:71:a7:99:
         e7:df:4b:0c:f5:db:24:c0:e8:dd:b4:54:6d:e6:8b:57:09:a6:
         53:38:a0:69:45:47:a9:6c:81:9e:47:d8:f6:9f:45:36:23:fc:
         5d:a6:0c:15:8a:86:5d:8a:36:02:fa:d5:d8:9b:08:41:0e:03:
         f9:e4:71:f7:af:16:c7:03:19:af:57:de:89:eb:c1:75:b1:92:
         47:ce:0c:92:9e:72:73:3c:f3:81:5c:1e:0f:cb:55:a3:bf:5b:
         46:a3:78:13:59:e4:e0:10:13:d1:91:18:25:10:fe:f2:fc:91:
         ad:52:5f:55:b6:ed:26:d0:e1:6f:46:4f:8c:ad:a1:a5:3d:2e:
         ef:8b:54:19:96:db:12:fc:69:f2:47:36:49:6d:1b:01:a0:c1:
         44:f4:d9:c1:28:a0:1f:2c:54:a5:70:3c:b2:9f:86:4e:24:f8:
         a3:e9:1b:11:46:44:52:7b:f2:af:9f:89:8e:17:b9:37:0b:49:
         c8:31:75:a4:2c:93:92:e9:9d:41:11:45:27:67:0b:1f:84:7b:
         79:6f:49:1a:01:e1:28:33:02:03:eb:9d:6d:84:b2:71:76:7a:
         78:01:79:06:2e:dd:fc:0a:ac:08:70:b0:e2:86:db:40:2e:2c:
         01:07:e0:75
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIBZjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1MTI2
MTczQjhENkIzRkYxMEUzRjAzRkIwNTYwRkU2NTUxREVBMkRCMB4XDTIzMDUzMDE2
MDYxNVoXDTI0MDUxNDAxMzAwMlowMzExMC8GA1UEAxMoREE2RjAxREFENjIyNEJD
NzBEQ0FFRUM4MkE2MzBBOEM4RUQwMDYzRDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANar148OLxUCwO1xnT/Nf0ymXRPUsAe4mKr2NxOhLYDA1r+m2Yas
S3GqVganRChDr4CTls5t0VKJWCg4OAYbIFFD8f8LHJLEtqjNQhK8LTefXY5DTNFJ
kcTNwBTnT5vN7Qbxw5hM4pqd7R5bDY9KtQqg1KrX7wS0HriaKxqIDSgM0ISIc8+A
MDAVQrNwwOHkfso90GWlqZKyCA8leLDR7PUxjNFqkkAEZESa0bvNToJyLB92OBD6
zLpfSt7b4GsTODia5V9Tl6079aJUlUdTb0A4NU8FTPzyX8KR8AAMEH2EXrNumbTb
6JIZ1//btI7iuNuh+4yUP4tOqfX/hm3XW1UCAwEAAaOCAiowggImMB0GA1UdDgQW
BBTabwHa1iJLxw3K7sgqYwqMjtAGPTAfBgNVHSMEGDAWgBRRJhc7jWs/8Q4/A/sF
YP5lUd6i2zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzAxMjkvVVNZWE80MXJQX0VPUHdQN0JXRC1aVkhlb3RzLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvVVNZWE80MXJQX0VPUHdQN0JXRC1a
Vkhlb3RzLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzMwMTI5LzJtOEIydFlpUzhjTnl1N0lLbU1Lakk3UUJqMC5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAkCgBrlzANBgkqhkiG9w0BAQsFAAOCAQEAyyoEcYnOsMGt/BV+/h7G
caeZ599LDPXbJMDo3bRUbeaLVwmmUzigaUVHqWyBnkfY9p9FNiP8XaYMFYqGXYo2
AvrV2JsIQQ4D+eRx968WxwMZr1feievBdbGSR84Mkp5yczzzgVweD8tVo79bRqN4
E1nk4BAT0ZEYJRD+8vyRrVJfVbbtJtDhb0ZPjK2hpT0u74tUGZbbEvxp8kc2SW0b
AaDBRPTZwSigHyxUpXA8sp+GTiT4o+kbEUZEUnvyr5+Jjhe5NwtJyDF1pCyTkumd
QRFFJ2cLH4R7eW9JGgHhKDMCA+udbYSycXZ6eAF5Bi7d/AqsCHCw4obbQC4sAQfg
dQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:49 2024 by rpki-client on console-fra.rpki-client.org