Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/b2oTLUqo4vPEKRyEvmQ0iDRq8Ns.roa
File:                     b2oTLUqo4vPEKRyEvmQ0iDRq8Ns.roa (raw, json)
Hash identifier:          vrDIc37MjXUChyTAqH8dRGcAKkRVv4luKGF2qpcwvkY=
Subject key identifier:   6F:6A:13:2D:4A:A8:E2:F3:C4:29:1C:84:BE:64:34:88:34:6A:F0:DB
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       7D
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/b2oTLUqo4vPEKRyEvmQ0iDRq8Ns.roa
Signing time:             Tue 30 May 2023 16:06:24 +0000
ROA not before:           Tue 30 May 2023 16:06:24 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:6b:c100::/40 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 125 (0x7d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: May 30 16:06:24 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=6F6A132D4AA8E2F3C4291C84BE643488346AF0DB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:7c:96:c8:98:47:85:af:43:fc:8c:09:20:fc:
                    1e:28:42:4b:a8:d1:f4:97:a3:42:7c:49:05:95:c6:
                    13:a1:c1:34:c2:30:c0:5c:77:96:25:59:2b:51:ac:
                    6c:fd:b9:98:bc:06:d4:f5:af:6f:6e:e4:5d:38:82:
                    3a:5c:04:ef:01:f7:01:74:00:cb:f7:d8:8e:b4:1c:
                    94:53:fe:9a:92:73:74:55:e8:86:9c:2f:ea:bb:e1:
                    b4:9f:2f:62:a6:49:44:12:5a:67:ad:65:87:cb:8b:
                    04:59:ee:17:85:29:47:c8:a3:fe:c6:0e:1a:5a:b7:
                    7b:d0:c0:24:67:80:62:3c:98:59:5b:8c:a3:c1:91:
                    eb:b1:e9:b4:79:7d:4b:5c:07:2f:63:f2:cd:2d:74:
                    1c:07:65:80:f1:38:e4:5b:10:c7:2a:a2:58:b4:8a:
                    ba:af:73:fc:4c:c5:91:ee:fa:e5:3e:83:6f:fe:1b:
                    44:07:a4:2e:33:ea:cd:6d:80:22:fb:4d:19:60:11:
                    a8:1c:b5:f6:2a:f9:27:ed:40:9a:48:fd:cc:a6:b9:
                    af:97:43:28:1d:a0:3c:4a:6c:67:11:9b:a2:17:41:
                    10:62:e5:33:47:a0:55:d9:64:84:60:6c:91:65:6c:
                    35:fb:68:4b:5f:89:a6:a3:78:04:5a:14:63:02:60:
                    a4:55
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6F:6A:13:2D:4A:A8:E2:F3:C4:29:1C:84:BE:64:34:88:34:6A:F0:DB
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/b2oTLUqo4vPEKRyEvmQ0iDRq8Ns.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:6b:c100::/40

    Signature Algorithm: sha256WithRSAEncryption
         9f:6d:52:b1:6c:89:f2:b2:93:f2:07:1d:39:f5:34:e7:2e:e1:
         67:18:52:34:45:d3:04:3d:62:72:fe:51:74:cc:45:96:2a:65:
         cd:40:07:f0:8e:b3:09:1a:9f:61:eb:49:f4:48:bf:bf:e4:5a:
         4b:24:f4:1d:d9:b6:2c:84:66:fc:2d:25:3e:78:2c:73:b0:bb:
         ed:84:da:ad:c6:0b:04:d6:d7:6d:09:7b:ef:f5:78:b3:96:f5:
         a1:db:0e:c1:fa:cd:4c:6c:bc:44:46:dc:a8:84:17:93:3e:43:
         45:84:8b:12:a0:00:6f:64:e6:78:88:b6:a1:a9:00:49:06:45:
         ef:49:be:a7:50:87:85:e9:a1:e3:6d:a0:52:d3:70:97:c9:57:
         d8:24:79:8e:78:f1:d6:68:d7:6c:47:77:07:55:d3:4f:b2:ae:
         df:b9:50:ff:fe:10:c1:5c:eb:a3:47:72:94:76:bb:4b:d5:0b:
         e1:9e:c0:7e:a4:d0:6a:9d:6b:ee:f0:0b:eb:ba:de:8c:8f:fb:
         c4:c7:19:08:2c:0e:cf:cc:19:6c:b4:30:44:63:c1:89:da:7a:
         e0:f8:56:87:e7:61:1d:0d:5b:f2:ed:94:89:e2:24:9b:4e:75:
         e1:67:15:56:2d:bd:83:c4:b7:7c:11:64:69:7d:de:98:ee:a4:
         2a:4b:de:f3
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIBfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1MTI2
MTczQjhENkIzRkYxMEUzRjAzRkIwNTYwRkU2NTUxREVBMkRCMB4XDTIzMDUzMDE2
MDYyNFoXDTI0MDUxNDAxMzAwMlowMzExMC8GA1UEAxMoNkY2QTEzMkQ0QUE4RTJG
M0M0MjkxQzg0QkU2NDM0ODgzNDZBRjBEQjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAN18lsiYR4WvQ/yMCSD8HihCS6jR9JejQnxJBZXGE6HBNMIwwFx3
liVZK1GsbP25mLwG1PWvb27kXTiCOlwE7wH3AXQAy/fYjrQclFP+mpJzdFXohpwv
6rvhtJ8vYqZJRBJaZ61lh8uLBFnuF4UpR8ij/sYOGlq3e9DAJGeAYjyYWVuMo8GR
67HptHl9S1wHL2PyzS10HAdlgPE45FsQxyqiWLSKuq9z/EzFke765T6Db/4bRAek
LjPqzW2AIvtNGWARqBy19ir5J+1Amkj9zKa5r5dDKB2gPEpsZxGbohdBEGLlM0eg
VdlkhGBskWVsNftoS1+JpqN4BFoUYwJgpFUCAwEAAaOCAiowggImMB0GA1UdDgQW
BBRvahMtSqji88QpHIS+ZDSINGrw2zAfBgNVHSMEGDAWgBRRJhc7jWs/8Q4/A/sF
YP5lUd6i2zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzAxMjkvVVNZWE80MXJQX0VPUHdQN0JXRC1aVkhlb3RzLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvVVNZWE80MXJQX0VPUHdQN0JXRC1a
Vkhlb3RzLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzMwMTI5L2Iyb1RMVXFvNHZQRUtSeUV2bVEwaURScThOcy5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAkCgBrwTANBgkqhkiG9w0BAQsFAAOCAQEAn21SsWyJ8rKT8gcdOfU0
5y7hZxhSNEXTBD1icv5RdMxFliplzUAH8I6zCRqfYetJ9Ei/v+RaSyT0Hdm2LIRm
/C0lPngsc7C77YTarcYLBNbXbQl77/V4s5b1odsOwfrNTGy8REbcqIQXkz5DRYSL
EqAAb2TmeIi2oakASQZF70m+p1CHhemh422gUtNwl8lX2CR5jnjx1mjXbEd3B1XT
T7Ku37lQ//4QwVzro0dylHa7S9UL4Z7AfqTQap1r7vAL67rejI/7xMcZCCwOz8wZ
bLQwRGPBidp64PhWh+dhHQ1b8u2UieIkm0514WcVVi29g8S3fBFkaX3emO6kKkve
8w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:45:57 2024 by rpki-client on console-ams.rpki-client.org