Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/CE8yYGsK33Wg-6OV7_Fz6cco3lo.roa
File:                     CE8yYGsK33Wg-6OV7_Fz6cco3lo.roa (raw, json)
Hash identifier:          d/zDisDlC0y7KdTX4CMlMfwooweYSAxNcmwZB7T4j/o=
Subject key identifier:   08:4F:32:60:6B:0A:DF:75:A0:FB:A3:95:EF:F1:73:E9:C7:28:DE:5A
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       49
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/CE8yYGsK33Wg-6OV7_Fz6cco3lo.roa
Signing time:             Tue 30 May 2023 16:04:18 +0000
ROA not before:           Tue 30 May 2023 16:04:18 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:6b:cc00::/40 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 73 (0x49)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: May 30 16:04:18 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=084F32606B0ADF75A0FBA395EFF173E9C728DE5A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:dd:d9:51:8b:9d:c3:61:60:53:d7:42:56:1d:
                    78:8e:7a:16:cc:7c:58:37:69:53:d1:14:f8:be:d0:
                    cb:f3:ff:5c:ae:dd:19:da:e5:22:08:05:1b:93:fc:
                    1e:84:16:cb:f7:d8:eb:6d:8d:2b:50:92:26:c7:40:
                    51:e5:97:f5:76:5c:76:14:70:83:cc:a1:43:27:28:
                    80:b2:ae:0b:23:40:4f:6f:74:f6:37:08:60:3b:a6:
                    3d:53:2f:c2:a0:4e:dc:ca:12:3a:28:45:95:08:a5:
                    36:c6:48:81:ac:5f:d2:35:46:0d:83:5b:4f:5b:7c:
                    45:1d:e8:01:a1:88:fa:30:45:7d:63:61:b9:6d:5a:
                    37:5f:90:1f:de:7a:a0:07:b0:b9:90:89:ba:9f:a2:
                    2e:4a:5e:45:4e:07:b2:75:5d:93:40:d0:62:cb:73:
                    5e:b9:a4:b5:be:4b:cb:8b:6f:77:a0:cb:56:8e:b2:
                    a3:14:af:8a:db:2f:df:63:df:8f:0b:ff:e7:bf:69:
                    d2:ec:4d:d2:8e:0c:45:89:41:43:fb:8d:7a:a6:09:
                    df:63:7e:5c:7a:6b:c3:b9:1f:7d:84:07:2d:89:26:
                    ce:d5:63:11:64:aa:ae:e6:c1:40:55:da:30:e4:9d:
                    ff:11:64:98:cf:3d:e2:83:08:24:8a:fd:99:65:41:
                    14:f5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:4F:32:60:6B:0A:DF:75:A0:FB:A3:95:EF:F1:73:E9:C7:28:DE:5A
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/CE8yYGsK33Wg-6OV7_Fz6cco3lo.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:6b:cc00::/40

    Signature Algorithm: sha256WithRSAEncryption
         33:d0:e6:29:dd:a5:61:c5:c7:d3:9d:9f:7c:14:23:88:01:b0:
         b7:9b:a9:c1:4c:fa:fc:de:11:b5:fd:3e:e1:86:cd:59:a1:52:
         fd:36:d8:5f:69:55:76:b1:54:54:a3:5d:cb:5a:23:81:be:c3:
         cf:5e:3b:40:14:8b:34:6e:e9:24:9f:a8:5b:8a:6f:b6:42:5f:
         8c:d7:9b:76:f3:cd:dc:9a:c5:d1:15:a4:9f:b9:70:4c:3d:2c:
         e7:1b:63:3a:0d:5a:9a:7c:d8:c7:6f:b6:0a:0e:76:f2:f9:b2:
         09:cc:8e:df:56:d1:b1:90:68:38:e3:22:34:83:cc:1d:f9:f9:
         3c:28:78:8c:3f:2f:42:fa:1a:f8:30:ec:22:f4:71:3f:a7:71:
         01:17:fe:2d:8b:91:3a:ff:8f:85:40:30:8a:c4:13:b6:2a:08:
         f6:96:36:c6:56:69:4d:cd:2d:e9:e6:9c:73:8a:c5:a1:ff:93:
         13:f9:5d:5d:52:b1:cd:d6:27:e3:54:2e:b1:80:4d:3d:20:05:
         5b:17:a1:37:15:09:c2:b7:46:a0:12:92:7a:21:c6:2e:25:57:
         91:13:4d:95:5c:5c:47:09:78:5d:62:1f:5f:51:7c:79:67:9d:
         46:79:51:4c:de:44:9f:91:4f:41:c4:9e:07:df:12:91:7c:73:
         8c:91:30:34
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIBSTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1MTI2
MTczQjhENkIzRkYxMEUzRjAzRkIwNTYwRkU2NTUxREVBMkRCMB4XDTIzMDUzMDE2
MDQxOFoXDTI0MDUxNDAxMzAwMlowMzExMC8GA1UEAxMoMDg0RjMyNjA2QjBBREY3
NUEwRkJBMzk1RUZGMTczRTlDNzI4REU1QTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK7d2VGLncNhYFPXQlYdeI56Fsx8WDdpU9EU+L7Qy/P/XK7dGdrl
IggFG5P8HoQWy/fY622NK1CSJsdAUeWX9XZcdhRwg8yhQycogLKuCyNAT2909jcI
YDumPVMvwqBO3MoSOihFlQilNsZIgaxf0jVGDYNbT1t8RR3oAaGI+jBFfWNhuW1a
N1+QH956oAewuZCJup+iLkpeRU4HsnVdk0DQYstzXrmktb5Ly4tvd6DLVo6yoxSv
itsv32Pfjwv/579p0uxN0o4MRYlBQ/uNeqYJ32N+XHprw7kffYQHLYkmztVjEWSq
rubBQFXaMOSd/xFkmM894oMIJIr9mWVBFPUCAwEAAaOCAiowggImMB0GA1UdDgQW
BBQITzJgawrfdaD7o5Xv8XPpxyjeWjAfBgNVHSMEGDAWgBRRJhc7jWs/8Q4/A/sF
YP5lUd6i2zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzAxMjkvVVNZWE80MXJQX0VPUHdQN0JXRC1aVkhlb3RzLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvVVNZWE80MXJQX0VPUHdQN0JXRC1a
Vkhlb3RzLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzMwMTI5L0NFOHlZR3NLMzNXZy02T1Y3X0Z6NmNjbzNsby5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAkCgBrzDANBgkqhkiG9w0BAQsFAAOCAQEAM9DmKd2lYcXH052ffBQj
iAGwt5upwUz6/N4Rtf0+4YbNWaFS/TbYX2lVdrFUVKNdy1ojgb7Dz147QBSLNG7p
JJ+oW4pvtkJfjNebdvPN3JrF0RWkn7lwTD0s5xtjOg1amnzYx2+2Cg528vmyCcyO
31bRsZBoOOMiNIPMHfn5PCh4jD8vQvoa+DDsIvRxP6dxARf+LYuROv+PhUAwisQT
tioI9pY2xlZpTc0t6eacc4rFof+TE/ldXVKxzdYn41QusYBNPSAFWxehNxUJwrdG
oBKSeiHGLiVXkRNNlVxcRwl4XWIfX1F8eWedRnlRTN5En5FPQcSeB98SkXxzjJEw
NA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:45:57 2024 by rpki-client on console-ams.rpki-client.org