Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/XWzoW5h3puNw0rz7h43taHg33n0.roa
File:                     XWzoW5h3puNw0rz7h43taHg33n0.roa (raw, json)
Hash identifier:          SQIz7SF4sqTG0ttoPEPKb6TewwUg0ClJlIQmpxqm9Zo=
Subject key identifier:   5D:6C:E8:5B:98:77:A6:E3:70:D2:BC:FB:87:8D:ED:68:78:37:DE:7D
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       0227
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/XWzoW5h3puNw0rz7h43taHg33n0.roa
Signing time:             Tue 30 May 2023 17:42:22 +0000
ROA not before:           Tue 30 May 2023 17:42:22 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:6b:9200::/40 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 551 (0x227)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: May 30 17:42:22 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=5D6CE85B9877A6E370D2BCFB878DED687837DE7D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:74:b5:b2:56:2d:3b:8a:90:ed:56:9d:36:68:
                    b9:6a:e4:23:74:21:92:6f:04:6d:36:63:c3:80:23:
                    2d:ac:3c:7e:6a:87:94:73:18:35:a5:9a:8b:09:82:
                    c2:73:29:88:19:13:92:f9:1b:ac:c1:6c:4d:c9:d5:
                    15:00:43:f7:2b:1b:41:8d:19:ea:e1:dd:b3:97:4d:
                    8f:57:38:44:d9:f5:91:2d:a7:c6:71:eb:dd:e4:1d:
                    0a:90:fb:e3:1b:56:72:d0:d6:70:08:78:47:55:61:
                    57:69:fa:cd:a9:23:14:46:af:de:77:3c:7f:8e:37:
                    2e:88:d4:f3:6d:19:fb:e4:33:46:79:92:8a:d8:46:
                    51:a9:0c:c5:e3:d3:1f:ca:58:38:19:2c:77:4e:53:
                    b3:e3:1e:cc:50:53:60:fd:cc:3f:39:b3:d5:d7:b5:
                    78:5a:f6:e3:46:10:cd:17:e6:eb:74:71:26:db:20:
                    8c:d3:71:90:94:f4:89:18:71:33:44:75:6c:ce:88:
                    7d:f1:ff:6e:b3:6e:37:90:83:4a:bd:1c:10:82:48:
                    6d:f2:41:d6:cf:97:2a:fd:4c:d7:15:cf:6f:da:34:
                    65:62:1e:6a:cc:9b:bc:28:dd:d7:b6:9e:58:72:31:
                    8a:fc:ca:67:54:bc:de:a0:71:61:f5:6a:05:57:1f:
                    f6:e5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5D:6C:E8:5B:98:77:A6:E3:70:D2:BC:FB:87:8D:ED:68:78:37:DE:7D
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/XWzoW5h3puNw0rz7h43taHg33n0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:6b:9200::/40

    Signature Algorithm: sha256WithRSAEncryption
         46:e5:0a:c3:1c:de:73:69:e4:47:64:e7:2a:e1:e6:bb:22:b8:
         e7:5f:e2:65:94:52:8a:99:27:a9:7a:70:27:45:eb:67:e9:bb:
         14:da:4a:dd:19:ae:64:f2:80:23:e3:7f:78:90:65:fd:3f:0f:
         4b:a6:61:13:84:82:ba:0d:f3:6e:ee:b7:00:2e:01:d6:36:a9:
         17:7a:6e:00:68:bb:38:a3:7e:93:18:eb:d6:67:1c:cb:25:8c:
         3b:bb:08:73:a3:69:64:45:b4:32:28:5e:b1:d8:36:67:0c:82:
         1e:63:43:27:5d:05:19:4c:65:35:3d:62:64:58:89:86:d0:13:
         8c:e2:22:9c:a4:95:1e:00:f2:96:73:9f:25:a7:29:69:6f:6e:
         4c:58:2f:b0:0c:5b:35:8b:6e:e1:7e:a9:8d:69:b3:a0:3a:b5:
         3e:28:bf:e1:17:b7:f1:e2:5c:0b:bb:6f:c2:9c:83:a2:ac:23:
         ad:b7:28:ce:a0:3f:e0:7b:be:5d:0b:3a:25:fe:04:77:9f:2d:
         d7:c7:58:d8:8f:58:11:05:ec:b9:d6:93:c4:33:84:32:6f:c7:
         53:fa:8c:aa:9b:cc:85:2b:ed:84:ad:90:b5:bf:63:88:4a:6f:
         28:a7:e4:a7:90:79:fc:51:b7:a2:24:e1:2c:74:d7:b4:ab:7b:
         cb:8a:80:4f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgICAicwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTEy
NjE3M0I4RDZCM0ZGMTBFM0YwM0ZCMDU2MEZFNjU1MURFQTJEQjAeFw0yMzA1MzAx
NzQyMjJaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDVENkNFODVCOTg3N0E2
RTM3MEQyQkNGQjg3OERFRDY4NzgzN0RFN0QwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCsdLWyVi07ipDtVp02aLlq5CN0IZJvBG02Y8OAIy2sPH5qh5Rz
GDWlmosJgsJzKYgZE5L5G6zBbE3J1RUAQ/crG0GNGerh3bOXTY9XOETZ9ZEtp8Zx
693kHQqQ++MbVnLQ1nAIeEdVYVdp+s2pIxRGr953PH+ONy6I1PNtGfvkM0Z5korY
RlGpDMXj0x/KWDgZLHdOU7PjHsxQU2D9zD85s9XXtXha9uNGEM0X5ut0cSbbIIzT
cZCU9IkYcTNEdWzOiH3x/26zbjeQg0q9HBCCSG3yQdbPlyr9TNcVz2/aNGViHmrM
m7wo3de2nlhyMYr8ymdUvN6gcWH1agVXH/blAgMBAAGjggIqMIICJjAdBgNVHQ4E
FgQUXWzoW5h3puNw0rz7h43taHg33n0wHwYDVR0jBBgwFoAUUSYXO41rP/EOPwP7
BWD+ZVHeotswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwMTI5L1VTWVhPNDFyUF9FT1B3UDdCV0QtWlZIZW90cy5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1VTWVhPNDFyUF9FT1B3UDdCV0Qt
WlZIZW90cy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8zMDEyOS9YV3pvVzVoM3B1Tncwcno3aDQzdGFIZzMzbjAu
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAoAa5IwDQYJKoZIhvcNAQELBQADggEBAEblCsMc3nNp5Edk5yrh
5rsiuOdf4mWUUoqZJ6l6cCdF62fpuxTaSt0ZrmTygCPjf3iQZf0/D0umYROEgroN
827utwAuAdY2qRd6bgBouzijfpMY69ZnHMsljDu7CHOjaWRFtDIoXrHYNmcMgh5j
QyddBRlMZTU9YmRYiYbQE4ziIpyklR4A8pZznyWnKWlvbkxYL7AMWzWLbuF+qY1p
s6A6tT4ov+EXt/HiXAu7b8Kcg6KsI623KM6gP+B7vl0LOiX+BHefLdfHWNiPWBEF
7LnWk8QzhDJvx1P6jKqbzIUr7YStkLW/Y4hKbyin5KeQefxRt6Ik4Sx017Sre8uK
gE8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:45:57 2024 by rpki-client on console-ams.rpki-client.org