Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/tYf6bxCQZWL0o1zw6wF6uBSeupA.roa
File:                     tYf6bxCQZWL0o1zw6wF6uBSeupA.roa (raw, json)
Hash identifier:          b+9UZ2G4cGLI+1mwJcjTtItsMsVRtumQ6UzfE9EZmsk=
Subject key identifier:   B5:87:FA:6F:10:90:65:62:F4:A3:5C:F0:EB:01:7A:B8:14:9E:BA:90
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       0A
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/tYf6bxCQZWL0o1zw6wF6uBSeupA.roa
Signing time:             Wed 15 Mar 2023 03:20:19 +0000
ROA not before:           Wed 15 Mar 2023 03:20:19 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:70:8::/48 maxlen: 48

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 10 (0xa)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: Mar 15 03:20:19 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=B587FA6F10906562F4A35CF0EB017AB8149EBA90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ca:15:b5:18:2c:5e:1b:52:f7:3a:d5:73:41:ef:
                    8f:4b:13:85:76:73:45:71:f0:b2:d4:1f:45:16:01:
                    2a:d1:8c:14:66:e2:f0:90:be:99:e9:e8:25:97:aa:
                    b1:99:f4:8f:8f:64:2b:25:fb:ef:c6:a2:58:95:a0:
                    ce:2f:8b:68:3e:22:2e:8a:e9:46:72:e5:f5:c8:e2:
                    f4:88:d0:82:9b:c6:f8:a9:9c:2c:64:84:b1:bb:b6:
                    c9:2e:74:60:8f:2c:f0:4a:b2:ba:f3:aa:d7:84:38:
                    d4:c5:ba:cf:39:c8:b7:8a:59:7e:ca:ab:a3:75:e1:
                    85:0f:79:40:e1:2f:17:dc:f6:42:fb:fa:2f:2a:f0:
                    25:c8:d7:c1:41:65:75:f2:d3:25:20:56:1d:0f:15:
                    08:16:ad:65:14:00:67:08:f0:07:67:5a:47:69:cc:
                    fc:17:d5:2d:fa:0f:7f:61:e5:32:2e:1f:c7:6d:b7:
                    a7:7c:4a:b4:fc:0e:56:e5:aa:fa:e9:c8:01:b8:a2:
                    c3:7c:52:d2:3d:a9:18:c4:92:fd:77:f0:41:1c:47:
                    3f:db:4f:82:3b:1d:ff:ec:12:87:fd:d8:a2:40:bb:
                    59:f5:e5:ab:77:b4:0f:2a:0e:60:8f:59:70:19:3d:
                    9d:85:e8:90:a1:f1:fe:b9:64:4b:04:da:75:44:f5:
                    e0:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B5:87:FA:6F:10:90:65:62:F4:A3:5C:F0:EB:01:7A:B8:14:9E:BA:90
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/tYf6bxCQZWL0o1zw6wF6uBSeupA.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:70:8::/48

    Signature Algorithm: sha256WithRSAEncryption
         72:55:54:cb:52:41:4b:a6:a0:ec:6f:0b:d8:55:58:35:81:48:
         e0:8a:87:18:5b:7e:b5:6f:4b:f4:68:21:a3:c7:bc:fd:41:6e:
         d3:d5:18:60:9e:6d:48:2b:32:02:fc:28:9b:e2:e5:b7:bb:f7:
         f8:1e:14:2c:b1:17:23:30:3c:c1:10:36:ee:01:3a:00:3d:05:
         c2:c3:ca:22:d5:df:14:d6:7c:84:c4:65:6e:b6:49:a6:d1:65:
         68:db:7b:7f:d6:16:e0:b4:ba:a1:7e:66:22:9b:9b:fc:c9:c7:
         fd:71:81:0c:4e:cd:8c:f5:ad:81:d2:3b:59:8b:9f:68:c1:3f:
         05:1f:bd:40:84:f9:1c:6f:ea:1b:b2:04:7b:a1:a8:c2:00:c3:
         b6:2a:fd:bb:bd:b6:34:06:5d:f3:44:4f:68:cb:05:af:c2:e1:
         4a:00:b5:11:bc:10:2e:3e:bb:1c:40:f9:1a:f3:9b:33:32:ae:
         71:ad:5d:f1:90:49:43:a9:a3:20:8e:52:70:7c:47:ba:81:49:
         22:1f:52:bc:fc:c5:9c:c8:e8:a4:df:27:83:e0:29:98:de:db:
         f4:90:d1:0f:d8:8d:b4:87:b5:96:10:79:82:9d:70:d5:bc:ac:
         af:24:a0:4c:b0:19:9d:32:d5:39:3d:60:72:2b:ce:40:a4:0e:
         8e:4d:f2:08
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgIBCjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1MTI2
MTczQjhENkIzRkYxMEUzRjAzRkIwNTYwRkU2NTUxREVBMkRCMB4XDTIzMDMxNTAz
MjAxOVoXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoQjU4N0ZBNkYxMDkwNjU2
MkY0QTM1Q0YwRUIwMTdBQjgxNDlFQkE5MDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMoVtRgsXhtS9zrVc0Hvj0sThXZzRXHwstQfRRYBKtGMFGbi8JC+
menoJZeqsZn0j49kKyX778aiWJWgzi+LaD4iLorpRnLl9cji9IjQgpvG+KmcLGSE
sbu2yS50YI8s8EqyuvOq14Q41MW6zznIt4pZfsqro3XhhQ95QOEvF9z2Qvv6Lyrw
JcjXwUFldfLTJSBWHQ8VCBatZRQAZwjwB2daR2nM/BfVLfoPf2HlMi4fx223p3xK
tPwOVuWq+unIAbiiw3xS0j2pGMSS/XfwQRxHP9tPgjsd/+wSh/3YokC7WfXlq3e0
DyoOYI9ZcBk9nYXokKHx/rlkSwTadUT14J0CAwEAAaOCAiswggInMB0GA1UdDgQW
BBS1h/pvEJBlYvSjXPDrAXq4FJ66kDAfBgNVHSMEGDAWgBRRJhc7jWs/8Q4/A/sF
YP5lUd6i2zAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzAxMjkvVVNZWE80MXJQX0VPUHdQN0JXRC1aVkhlb3RzLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvVVNZWE80MXJQX0VPUHdQN0JXRC1a
Vkhlb3RzLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzMwMTI5L3RZZjZieENRWldMMG8xenc2d0Y2dUJTZXVwQS5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwIgYIKwYBBQUHAQcBAf8EEzARMA8E
AgACMAkDBwAkCgBwAAgwDQYJKoZIhvcNAQELBQADggEBAHJVVMtSQUumoOxvC9hV
WDWBSOCKhxhbfrVvS/RoIaPHvP1BbtPVGGCebUgrMgL8KJvi5be79/geFCyxFyMw
PMEQNu4BOgA9BcLDyiLV3xTWfITEZW62SabRZWjbe3/WFuC0uqF+ZiKbm/zJx/1x
gQxOzYz1rYHSO1mLn2jBPwUfvUCE+Rxv6huyBHuhqMIAw7Yq/bu9tjQGXfNET2jL
Ba/C4UoAtRG8EC4+uxxA+RrzmzMyrnGtXfGQSUOpoyCOUnB8R7qBSSIfUrz8xZzI
6KTfJ4PgKZje2/SQ0Q/YjbSHtZYQeYKdcNW8rK8koEywGZ0y1Tk9YHIrzkCkDo5N
8gg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:45:58 2024 by rpki-client on console-ams.rpki-client.org