Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30129/wQ0w_gJQd-lzP0fAoQJXXFU-tkQ.roa
File:                     wQ0w_gJQd-lzP0fAoQJXXFU-tkQ.roa (raw, json)
Hash identifier:          oi73CRgX3hXUW/vf/6gbpmlhZEgybk7h5FpXaz8Rld0=
Subject key identifier:   C1:0D:30:FE:02:50:77:E9:73:3F:47:C0:A1:02:57:5C:55:3E:B6:44
Certificate issuer:       /CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
Certificate serial:       01D9
Authority key identifier: 51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/wQ0w_gJQd-lzP0fAoQJXXFU-tkQ.roa
Signing time:             Tue 30 May 2023 17:38:26 +0000
ROA not before:           Tue 30 May 2023 17:38:26 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        240a:6b:ae00::/40 maxlen: 40

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 473 (0x1d9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=5126173B8D6B3FF10E3F03FB0560FE6551DEA2DB
        Validity
            Not Before: May 30 17:38:26 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=C10D30FE025077E9733F47C0A102575C553EB644
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:88:44:5d:17:91:97:d8:f3:35:98:fb:28:1a:
                    07:5d:a4:a0:cf:d7:d2:1e:fb:29:0e:64:c8:7c:d8:
                    53:f0:98:1e:0f:96:13:9a:92:3e:13:ba:83:dd:9b:
                    63:fd:ac:17:ee:8c:47:0d:6e:3f:2c:80:1d:93:e2:
                    11:fb:76:ef:9f:5b:61:74:7a:5d:ef:9a:17:62:c3:
                    12:1a:b3:e0:97:46:f0:c2:3b:a6:bb:d5:bf:fd:78:
                    7c:be:46:ce:f5:43:b3:51:83:3b:8b:2a:44:dc:94:
                    13:93:59:07:e8:41:34:d6:aa:06:05:6c:00:78:84:
                    74:7d:0f:19:d5:45:8d:79:5f:78:af:99:0c:19:81:
                    e6:9b:ac:ff:d7:62:a5:ff:41:96:73:33:99:10:2a:
                    24:1b:5a:e8:3a:f1:6c:c5:29:a9:f7:ea:cb:d5:3f:
                    10:ca:5d:af:7a:25:fe:47:54:07:67:01:c8:f9:f7:
                    17:f6:1b:73:c7:6d:1b:16:81:a6:93:75:99:a4:7c:
                    47:0b:14:da:a5:7a:f9:34:ca:fe:b8:52:7d:00:ee:
                    6c:ae:5f:6c:12:b1:2c:a1:f9:6a:17:68:1c:0e:1f:
                    6d:f5:97:93:3e:4d:21:88:f5:57:b1:6d:0e:bd:a5:
                    a8:f2:02:f9:15:c9:e7:b3:2f:a7:3b:3d:02:fb:3c:
                    89:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C1:0D:30:FE:02:50:77:E9:73:3F:47:C0:A1:02:57:5C:55:3E:B6:44
            X509v3 Authority Key Identifier:
                keyid:51:26:17:3B:8D:6B:3F:F1:0E:3F:03:FB:05:60:FE:65:51:DE:A2:DB

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/USYXO41rP_EOPwP7BWD-ZVHeots.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/USYXO41rP_EOPwP7BWD-ZVHeots.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30129/wQ0w_gJQd-lzP0fAoQJXXFU-tkQ.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  240a:6b:ae00::/40

    Signature Algorithm: sha256WithRSAEncryption
         52:8b:87:2f:b1:47:21:1d:69:62:44:91:db:5e:7a:b8:cc:2e:
         dc:f5:d0:00:2c:f5:d1:9a:49:13:44:90:78:af:f9:1f:c6:b4:
         39:c3:9b:ba:f1:a2:c6:60:24:e2:bf:5a:a4:e4:60:e6:08:36:
         17:0b:07:de:65:af:cc:ce:a4:89:1b:2f:60:35:e4:94:95:45:
         a5:bd:b4:76:52:0c:88:81:54:13:c4:dd:a2:02:ed:6b:71:d6:
         b6:f3:a2:de:97:3f:84:fd:37:7e:ef:bb:54:a6:76:d6:9f:c0:
         90:0c:9c:19:6b:da:1f:60:6d:c7:a7:f0:fe:97:d8:89:f1:53:
         ab:8f:09:8c:a4:3a:2b:ad:9e:ba:53:69:f9:80:59:b1:b5:bd:
         20:4e:8e:eb:43:fd:df:6d:7a:69:1a:6f:d1:03:09:8a:34:01:
         d8:e3:2f:b9:b7:7e:17:05:95:86:6b:72:99:6c:97:b5:4d:55:
         d7:8d:55:5c:2a:d4:88:ec:d4:6e:e8:2f:0b:da:81:a8:f2:29:
         6f:fc:61:08:6a:23:a9:66:6c:b1:80:f0:10:f6:ad:e6:ea:c4:
         fe:6c:ef:5d:3a:af:9a:4f:04:1f:cd:f4:75:f7:4a:a1:ea:83:
         7b:43:41:03:48:07:9b:bc:31:06:b4:5d:e2:db:79:85:8a:85:
         b9:15:da:25
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgICAdkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNTEy
NjE3M0I4RDZCM0ZGMTBFM0YwM0ZCMDU2MEZFNjU1MURFQTJEQjAeFw0yMzA1MzAx
NzM4MjZaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEMxMEQzMEZFMDI1MDc3
RTk3MzNGNDdDMEExMDI1NzVDNTUzRUI2NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIiERdF5GX2PM1mPsoGgddpKDP19Ie+ykOZMh82FPwmB4PlhOa
kj4TuoPdm2P9rBfujEcNbj8sgB2T4hH7du+fW2F0el3vmhdiwxIas+CXRvDCO6a7
1b/9eHy+Rs71Q7NRgzuLKkTclBOTWQfoQTTWqgYFbAB4hHR9DxnVRY15X3ivmQwZ
geabrP/XYqX/QZZzM5kQKiQbWug68WzFKan36svVPxDKXa96Jf5HVAdnAcj59xf2
G3PHbRsWgaaTdZmkfEcLFNqlevk0yv64Un0A7myuX2wSsSyh+WoXaBwOH231l5M+
TSGI9VexbQ69pajyAvkVyeezL6c7PQL7PIkjAgMBAAGjggIqMIICJjAdBgNVHQ4E
FgQUwQ0w/gJQd+lzP0fAoQJXXFU+tkQwHwYDVR0jBBgwFoAUUSYXO41rP/EOPwP7
BWD+ZVHeotswGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBoBgNVHR8EYTBfMF2g
W6BZhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwMTI5L1VTWVhPNDFyUF9FT1B3UDdCV0QtWlZIZW90cy5jcmwwbQYI
KwYBBQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9y
eS5uaWMuYWQuanAvYXAvQTkxQTczODEwMDAwL1VTWVhPNDFyUF9FT1B3UDdCV0Qt
WlZIZW90cy5jZXIwDgYDVR0PAQH/BAQDAgeAMIG9BggrBgEFBQcBCwSBsDCBrTBj
BggrBgEFBQcwC4ZXcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2Fw
L0E5MUE3MzgxMDAwMC8zMDEyOS93UTB3X2dKUWQtbHpQMGZBb1FKWFhGVS10a1Eu
cm9hMEYGCCsGAQUFBzANhjpodHRwczovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQu
anAvcnJkcC9hcC9ub3RpZmljYXRpb24ueG1sMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAoAa64wDQYJKoZIhvcNAQELBQADggEBAFKLhy+xRyEdaWJEkdte
erjMLtz10AAs9dGaSRNEkHiv+R/GtDnDm7rxosZgJOK/WqTkYOYINhcLB95lr8zO
pIkbL2A15JSVRaW9tHZSDIiBVBPE3aIC7Wtx1rbzot6XP4T9N37vu1SmdtafwJAM
nBlr2h9gbcen8P6X2InxU6uPCYykOiutnrpTafmAWbG1vSBOjutD/d9temkab9ED
CYo0AdjjL7m3fhcFlYZrcplsl7VNVdeNVVwq1Ijs1G7oLwvagajyKW/8YQhqI6lm
bLGA8BD2rebqxP5s7106r5pPBB/N9HX3SqHqg3tDQQNIB5u8MQa0XeLbeYWKhbkV
2iU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:50 2024 by rpki-client on console-fra.rpki-client.org