Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/U2M5WiZgUMV7-5-GhuWeIcYJtNY.roa
File:                     U2M5WiZgUMV7-5-GhuWeIcYJtNY.roa (raw, json)
Hash identifier:          jQohX1UoSz8rP7/cEEmRxOB6xGDKuTvyZkfVUtFZT0Q=
Subject key identifier:   53:63:39:5A:26:60:50:C5:7B:FB:9F:86:86:E5:9E:21:C6:09:B4:D6
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       0B
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/U2M5WiZgUMV7-5-GhuWeIcYJtNY.roa
Signing time:             Wed 15 Mar 2023 03:20:20 +0000
ROA not before:           Wed 15 Mar 2023 03:20:20 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:70::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 11 (0xb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: Mar 15 03:20:20 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=5363395A266050C57BFB9F8686E59E21C609B4D6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:87:c4:7c:78:98:c8:19:90:d5:23:aa:9b:10:
                    b3:00:4d:45:c1:e9:29:cf:dd:0c:c9:d9:dd:82:0f:
                    97:12:6a:2a:22:fa:9a:ee:c6:37:58:b4:a5:a1:d2:
                    2e:0a:77:0a:44:bd:86:44:90:86:2d:45:75:56:44:
                    17:c4:89:c8:b1:ee:77:4c:5c:ae:3e:2c:82:ba:03:
                    97:b4:8a:13:27:1d:70:b4:51:ec:fd:23:d6:d2:d5:
                    06:cb:6c:83:22:a4:2d:e7:17:74:6c:98:92:9e:07:
                    46:f7:d0:01:76:48:4e:5e:f5:71:1b:1b:de:1a:89:
                    d3:4d:37:88:e8:e7:3f:b2:bf:29:1b:0a:5f:a2:ad:
                    83:02:37:7b:50:ad:9c:a6:95:96:d3:8f:de:ac:0a:
                    37:4d:17:2b:ba:52:00:b4:f9:ca:34:9b:4a:73:4c:
                    80:05:7a:8a:3f:2e:14:dc:22:66:e7:c5:a4:66:8a:
                    f7:a8:2b:28:15:91:15:7e:18:6a:22:d4:be:25:89:
                    ee:f1:2b:87:3b:a2:7a:f0:23:03:76:5c:2a:47:b5:
                    09:8c:04:51:fa:b5:c7:5f:51:d2:b5:fc:21:90:22:
                    66:aa:63:9f:93:b7:89:9b:60:d3:b6:5e:f0:79:df:
                    58:0a:a8:a5:29:e0:1a:89:9e:a9:36:d7:9f:9f:f2:
                    25:5d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:63:39:5A:26:60:50:C5:7B:FB:9F:86:86:E5:9E:21:C6:09:B4:D6
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/U2M5WiZgUMV7-5-GhuWeIcYJtNY.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:70::/48

    Signature Algorithm: sha256WithRSAEncryption
         27:e5:aa:6d:68:0b:0e:5e:2d:c8:bb:78:1b:c6:f6:c2:bb:b5:
         ed:41:23:4a:de:ac:ef:86:86:90:b1:2b:c4:7b:fb:e0:df:0e:
         38:48:a7:2e:13:28:db:fd:78:75:13:f0:c8:cd:19:cf:b5:8c:
         1c:e3:f6:4f:f8:c1:ea:b1:40:bd:83:8a:14:38:02:99:86:96:
         ba:ad:b0:9c:77:8e:ff:e3:12:b5:d3:f6:fc:58:62:0a:bb:3f:
         60:f1:33:b2:dd:5d:d6:0b:60:40:d6:54:4c:5b:e6:d6:66:dd:
         c8:38:67:ab:ac:84:f5:af:aa:73:19:ba:79:e4:c4:3c:9f:cd:
         23:36:f3:37:5d:ca:e2:51:c4:ba:a0:9f:20:a0:d4:e6:20:96:
         06:a7:87:4a:7c:af:7d:c2:e7:22:9c:71:fb:91:19:4a:e5:da:
         f0:5b:a2:a3:df:d3:fe:c5:bb:6a:49:24:32:19:24:ce:e5:13:
         69:6e:39:9a:5e:f1:9b:48:60:54:1b:9a:a6:01:8c:79:c9:44:
         e1:69:1e:8c:6e:39:68:09:39:45:bd:83:da:fe:9d:05:37:db:
         6c:83:fc:79:dc:cd:55:7b:e2:32:20:46:e7:66:7d:3e:00:8a:
         a7:bf:7f:d0:56:93:2a:17:44:d4:ef:1f:23:41:df:07:a7:21:
         96:f1:e4:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIBCzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1MTI2
MTczQjhENkIzRkYxMEUzRjAzRkIwNTYwRkU2NTUxREVBMkRCMB4XDTIzMDMxNTAz
MjAyMFoXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoNTM2MzM5NUEyNjYwNTBD
NTdCRkI5Rjg2ODZFNTlFMjFDNjA5QjRENjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMyHxHx4mMgZkNUjqpsQswBNRcHpKc/dDMnZ3YIPlxJqKiL6mu7G
N1i0paHSLgp3CkS9hkSQhi1FdVZEF8SJyLHud0xcrj4sgroDl7SKEycdcLRR7P0j
1tLVBstsgyKkLecXdGyYkp4HRvfQAXZITl71cRsb3hqJ0003iOjnP7K/KRsKX6Kt
gwI3e1CtnKaVltOP3qwKN00XK7pSALT5yjSbSnNMgAV6ij8uFNwiZufFpGaK96gr
KBWRFX4YaiLUviWJ7vErhzuievAjA3ZcKke1CYwEUfq1x19R0rX8IZAiZqpjn5O3
iZtg07Ze8HnfWAqopSngGomeqTbXn5/yJV0CAwEAAaOCAiswggInMB0GA1UdDgQW
BBRTYzlaJmBQxXv7n4aG5Z4hxgm01jAfBgNVHSMEGDAWgBRRJhc7jWs/8Q4/A/sF
YP5lUd6i2zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzAxMjkvVVNZWE80MXJQX0VPUHdQN0JXRC1aVkhlb3RzLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvVVNZWE80MXJQX0VPUHdQN0JXRC1a
Vkhlb3RzLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzMwMTI5L1UyTTVXaVpnVU1WNy01LUdodVdlSWNZSnROWS5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAkCgBwAAAwDQYJKoZIhvcNAQELBQADggEBACflqm1oCw5eLci7eBvG
9sK7te1BI0rerO+GhpCxK8R7++DfDjhIpy4TKNv9eHUT8MjNGc+1jBzj9k/4weqx
QL2DihQ4ApmGlrqtsJx3jv/jErXT9vxYYgq7P2DxM7LdXdYLYEDWVExb5tZm3cg4
Z6ushPWvqnMZunnkxDyfzSM28zddyuJRxLqgnyCg1OYglganh0p8r33C5yKccfuR
GUrl2vBboqPf0/7Fu2pJJDIZJM7lE2luOZpe8ZtIYFQbmqYBjHnJROFpHoxuOWgJ
OUW9g9r+nQU322yD/HnczVV74jIgRudmfT4Aiqe/f9BWkyoXRNTvHyNB3wenIZbx
5AE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:50 2024 by rpki-client on console-fra.rpki-client.org