Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/3vfDbpPuDwCzm-ctbpNgCrZN-E0.roa
File:                     3vfDbpPuDwCzm-ctbpNgCrZN-E0.roa (raw, json)
Hash identifier:          cQ0kz3goB7KAYLw7sI+vcJ1ZPARKjkjvFQaNzs3otUs=
Subject key identifier:   DE:F7:C3:6E:93:EE:0F:00:B3:9B:E7:2D:6E:93:60:0A:B6:4D:F8:4D
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       015A
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/3vfDbpPuDwCzm-ctbpNgCrZN-E0.roa
Signing time:             Tue 30 May 2023 17:32:29 +0000
ROA not before:           Tue 30 May 2023 17:32:29 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:6b:6a00::/40 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 346 (0x15a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: May 30 17:32:29 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=DEF7C36E93EE0F00B39BE72D6E93600AB64DF84D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e4:03:d2:30:74:a2:be:fc:f0:fd:c8:5d:d2:92:
                    a6:e5:3d:73:dd:8a:64:9b:4b:80:53:a7:6b:4a:7c:
                    00:39:60:e3:7c:f9:5c:31:b6:a1:14:54:2d:45:82:
                    14:aa:eb:21:5b:ef:82:ec:b7:0f:af:c9:79:f7:f0:
                    e8:2e:f5:f9:4d:77:6f:aa:25:b0:0c:0d:5d:df:10:
                    81:ca:de:d2:4b:b3:1e:a5:55:7e:bd:89:fc:c7:32:
                    57:cc:41:21:2a:66:a9:fd:ec:ec:8e:eb:ec:44:e8:
                    29:fb:29:4d:c7:9a:92:63:bb:bd:fb:29:0c:9b:f0:
                    0e:95:9d:69:6d:4d:c0:06:64:6c:b3:30:cb:36:75:
                    2c:62:57:52:13:bc:19:af:cf:b1:4e:09:4d:6a:85:
                    8b:24:5c:08:b9:d6:7b:ee:92:01:c8:da:19:a7:b4:
                    e4:9d:6a:36:25:3d:31:8f:d9:aa:ca:2b:7d:4d:d5:
                    1c:3a:c0:80:a3:c8:32:6a:c9:80:6c:4b:ce:da:86:
                    d9:96:15:9b:bc:8d:51:b9:e1:c0:8c:67:37:ed:3a:
                    9d:f9:ea:f1:47:f5:68:25:18:7e:3b:01:05:a7:b4:
                    20:07:28:9a:54:31:77:86:84:68:c6:74:01:a1:9a:
                    37:b7:4f:71:aa:33:29:b9:9d:ac:dd:68:7e:f1:5e:
                    ec:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DE:F7:C3:6E:93:EE:0F:00:B3:9B:E7:2D:6E:93:60:0A:B6:4D:F8:4D
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/3vfDbpPuDwCzm-ctbpNgCrZN-E0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:6b:6a00::/40

    Signature Algorithm: sha256WithRSAEncryption
         a2:2e:10:39:b8:53:a3:fb:55:bc:44:84:b8:73:bd:89:81:13:
         52:8d:b5:f7:0e:99:8c:45:02:60:64:2e:6e:69:0d:e7:44:2d:
         22:8b:a5:11:dc:e6:0d:22:73:73:e7:99:ce:c7:e0:91:66:e2:
         52:57:5c:a7:9b:d0:92:cc:f1:d0:64:b3:76:53:49:c4:f4:a5:
         56:a9:18:ab:58:5e:9e:9f:6e:c6:dd:1d:ec:fa:37:cc:03:e9:
         4e:81:73:d8:b4:e9:06:0d:68:60:a1:63:ea:a0:fe:f5:c6:9c:
         2d:cc:4e:09:99:ba:1a:27:20:92:55:3e:c1:23:7e:4f:9b:b0:
         e4:6c:be:31:b6:f4:28:90:7e:ee:a7:c2:cd:e0:c8:86:5c:6a:
         06:62:e8:ea:40:87:bd:89:25:81:c6:75:cc:8e:fd:f8:50:92:
         de:77:7f:a3:4c:f6:c6:61:a5:05:c2:01:c1:ff:ff:7a:03:80:
         c2:ef:d3:3c:be:91:1b:43:f1:49:1a:e8:4a:ff:a9:a4:49:8d:
         7e:ee:c1:1c:3a:7d:36:8e:53:ab:c5:31:c5:6c:01:db:c7:8a:
         24:4d:69:51:3a:15:4b:c5:17:43:4d:64:39:33:20:13:a9:e0:
         e0:aa:77:58:00:d7:ab:dc:c9:aa:aa:77:9d:20:bf:71:78:09:
         0d:96:f0:8e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgICAVowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTEy
NjE3M0I4RDZCM0ZGMTBFM0YwM0ZCMDU2MEZFNjU1MURFQTJEQjAeFw0yMzA1MzAx
NzMyMjlaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKERFRjdDMzZFOTNFRTBG
MDBCMzlCRTcyRDZFOTM2MDBBQjY0REY4NEQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDkA9IwdKK+/PD9yF3SkqblPXPdimSbS4BTp2tKfAA5YON8+Vwx
tqEUVC1FghSq6yFb74Lstw+vyXn38Ogu9flNd2+qJbAMDV3fEIHK3tJLsx6lVX69
ifzHMlfMQSEqZqn97OyO6+xE6Cn7KU3HmpJju737KQyb8A6VnWltTcAGZGyzMMs2
dSxiV1ITvBmvz7FOCU1qhYskXAi51nvukgHI2hmntOSdajYlPTGP2arKK31N1Rw6
wICjyDJqyYBsS87ahtmWFZu8jVG54cCMZzftOp356vFH9WglGH47AQWntCAHKJpU
MXeGhGjGdAGhmje3T3GqMym5nazdaH7xXuy/AgMBAAGjggIqMIICJjAdBgNVHQ4E
FgQU3vfDbpPuDwCzm+ctbpNgCrZN+E0wHwYDVR0jBBgwFoAUUSYXO41rP/EOPwP7
BWD+ZVHeotswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwMTI5L1VTWVhPNDFyUF9FT1B3UDdCV0QtWlZIZW90cy5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1VTWVhPNDFyUF9FT1B3UDdCV0Qt
WlZIZW90cy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8zMDEyOS8zdmZEYnBQdUR3Q3ptLWN0YnBOZ0NyWk4tRTAu
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAoAa2owDQYJKoZIhvcNAQELBQADggEBAKIuEDm4U6P7VbxEhLhz
vYmBE1KNtfcOmYxFAmBkLm5pDedELSKLpRHc5g0ic3Pnmc7H4JFm4lJXXKeb0JLM
8dBks3ZTScT0pVapGKtYXp6fbsbdHez6N8wD6U6Bc9i06QYNaGChY+qg/vXGnC3M
TgmZuhonIJJVPsEjfk+bsORsvjG29CiQfu6nws3gyIZcagZi6OpAh72JJYHGdcyO
/fhQkt53f6NM9sZhpQXCAcH//3oDgMLv0zy+kRtD8Uka6Er/qaRJjX7uwRw6fTaO
U6vFMcVsAdvHiiRNaVE6FUvFF0NNZDkzIBOp4OCqd1gA16vcyaqqd50gv3F4CQ2W
8I4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:49 2024 by rpki-client on console-fra.rpki-client.org