Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/30304/gFGchMRnZdF1HtcoWRXBPGGAmJQ.roa
File:                     gFGchMRnZdF1HtcoWRXBPGGAmJQ.roa (raw, json)
Hash identifier:          /SsuXAZJphmZs0AmrYjlaJ9eMh2dbDsOhgwcBOIOyYQ=
Subject key identifier:   80:51:9C:84:C4:67:65:D1:75:1E:D7:28:59:15:C1:3C:61:80:98:94
Certificate issuer:       /CN=6A513AF7BF5D2DD629FD1826885C1002929305CD
Certificate serial:       0C
Authority key identifier: 6A:51:3A:F7:BF:5D:2D:D6:29:FD:18:26:88:5C:10:02:92:93:05:CD
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/alE6979dLdYp_RgmiFwQApKTBc0.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30304/gFGchMRnZdF1HtcoWRXBPGGAmJQ.roa
Signing time:             Thu 11 May 2023 08:45:37 +0000
ROA not before:           Thu 11 May 2023 08:45:37 +0000
ROA not after:            Fri 10 May 2024 08:19:05 +0000
asID:                     59127
IP address blocks:        2401:7ec0:b000::/36 maxlen: 36

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 12 (0xc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6A513AF7BF5D2DD629FD1826885C1002929305CD
        Validity
            Not Before: May 11 08:45:37 2023 GMT
            Not After : May 10 08:19:05 2024 GMT
        Subject: CN=80519C84C46765D1751ED7285915C13C61809894
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:20:e1:11:9a:09:d1:ad:88:60:e3:2c:6a:56:
                    d6:1f:92:09:2f:f1:ac:27:da:6c:14:c0:f8:b7:97:
                    bf:6a:59:ad:e4:12:3e:67:90:f4:ac:03:6c:7e:22:
                    de:6b:db:ea:27:c2:76:fc:e2:e2:91:ce:72:b0:c9:
                    e8:8f:0c:01:4e:95:37:7f:e9:2f:39:a9:5c:fd:89:
                    01:b2:a9:b5:ae:c1:09:a5:91:c6:9b:3d:0b:ac:af:
                    03:28:27:33:47:43:e0:a9:ba:ff:59:8b:68:59:e5:
                    72:f3:8d:e1:bb:e6:fd:41:9d:e1:cb:10:77:29:b2:
                    0f:51:4a:3d:0a:fc:6a:d6:e9:36:4b:85:9a:49:66:
                    2c:1b:0a:0e:70:c5:e6:0b:01:e5:d1:40:10:5e:ce:
                    36:a9:32:a1:ec:8b:c9:39:4e:b9:dc:3b:df:a4:74:
                    e1:61:14:11:d6:8b:39:12:13:ae:e1:8c:9f:ef:a5:
                    52:94:3e:59:68:42:7f:ac:20:53:be:7a:af:9c:d2:
                    48:93:b8:8c:a3:ad:90:c9:59:df:ad:14:ac:39:a0:
                    02:34:15:e6:69:14:de:68:f2:95:08:2d:25:fa:26:
                    8b:ae:4f:07:47:f7:2b:5a:00:14:eb:12:5b:2b:b6:
                    f4:91:85:6f:ec:08:c4:58:1d:8d:7d:46:33:a4:be:
                    6d:ad
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                80:51:9C:84:C4:67:65:D1:75:1E:D7:28:59:15:C1:3C:61:80:98:94
            X509v3 Authority Key Identifier:
                keyid:6A:51:3A:F7:BF:5D:2D:D6:29:FD:18:26:88:5C:10:02:92:93:05:CD

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30304/alE6979dLdYp_RgmiFwQApKTBc0.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/alE6979dLdYp_RgmiFwQApKTBc0.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/30304/gFGchMRnZdF1HtcoWRXBPGGAmJQ.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv6:
                  2401:7ec0:b000::/36

    Signature Algorithm: sha256WithRSAEncryption
         af:72:7e:4e:93:36:39:cb:d9:a8:13:39:b9:a0:9e:d0:99:d2:
         2b:75:4c:6e:ef:4c:de:5e:a0:0f:2b:99:3a:1a:f5:62:e6:40:
         f1:81:78:cb:8c:5f:b1:d7:fc:6f:7d:ad:77:9e:be:ce:a3:a2:
         43:73:82:7e:8e:04:c0:7d:db:72:58:a0:8e:a5:7a:03:03:61:
         43:b1:ce:3c:c6:20:ca:d2:9d:d4:77:a4:5d:dc:17:15:bb:e8:
         87:2b:89:7f:16:cf:75:f9:f0:c5:b4:74:aa:17:8c:53:86:d9:
         ef:2d:55:c7:d3:cb:9d:20:0f:c1:4c:b0:f2:63:fd:cb:79:0d:
         0f:78:c2:6d:18:16:b5:ca:85:f9:36:ae:6e:26:d6:e2:c1:a9:
         b8:43:da:83:04:00:ea:ae:21:65:e7:1b:52:41:7b:5e:91:30:
         18:ae:22:31:47:92:fc:26:59:b3:cf:60:34:d9:78:ab:0f:a9:
         1e:07:33:01:99:08:05:a1:1f:ff:8f:28:fd:3f:3a:2b:5e:e0:
         6c:09:af:7d:ff:8f:55:c3:a1:76:f4:91:5a:72:27:c1:08:a1:
         e3:bd:25:67:43:eb:40:cd:7b:bb:24:05:b9:d1:a9:6b:39:f3:
         da:31:88:c5:68:b7:bf:f7:62:79:ac:6e:8c:1d:33:5b:7d:b0:
         17:fc:4e:84
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIBDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2QTUx
M0FGN0JGNUQyREQ2MjlGRDE4MjY4ODVDMTAwMjkyOTMwNUNEMB4XDTIzMDUxMTA4
NDUzN1oXDTI0MDUxMDA4MTkwNVowMzExMC8GA1UEAxMoODA1MTlDODRDNDY3NjVE
MTc1MUVENzI4NTkxNUMxM0M2MTgwOTg5NDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALwg4RGaCdGtiGDjLGpW1h+SCS/xrCfabBTA+LeXv2pZreQSPmeQ
9KwDbH4i3mvb6ifCdvzi4pHOcrDJ6I8MAU6VN3/pLzmpXP2JAbKpta7BCaWRxps9
C6yvAygnM0dD4Km6/1mLaFnlcvON4bvm/UGd4csQdymyD1FKPQr8atbpNkuFmklm
LBsKDnDF5gsB5dFAEF7ONqkyoeyLyTlOudw736R04WEUEdaLORITruGMn++lUpQ+
WWhCf6wgU756r5zSSJO4jKOtkMlZ360UrDmgAjQV5mkU3mjylQgtJfomi65PB0f3
K1oAFOsSWyu29JGFb+wIxFgdjX1GM6S+ba0CAwEAAaOCAiowggImMB0GA1UdDgQW
BBSAUZyExGdl0XUe1yhZFcE8YYCYlDAfBgNVHSMEGDAWgBRqUTr3v10t1in9GCaI
XBACkpMFzTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGgGA1UdHwRhMF8wXaBb
oFmGV3JzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzAzMDQvYWxFNjk3OWRMZFlwX1JnbWlGd1FBcEtUQmMwLmNybDBtBggr
BgEFBQcBAQRhMF8wXQYIKwYBBQUHMAKGUXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5
Lm5pYy5hZC5qcC9hcC9BOTFBNzM4MTAwMDAvYWxFNjk3OWRMZFlwX1JnbWlGd1FB
cEtUQmMwLmNlcjAOBgNVHQ8BAf8EBAMCB4Awgb0GCCsGAQUFBwELBIGwMIGtMGMG
CCsGAQUFBzALhldyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAv
QTkxQTczODEwMDAwLzMwMzA0L2dGR2NoTVJuWmRGMUh0Y29XUlhCUEdHQW1KUS5y
b2EwRgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5q
cC9ycmRwL2FwL25vdGlmaWNhdGlvbi54bWwwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgQkAX7AsDANBgkqhkiG9w0BAQsFAAOCAQEAr3J+TpM2OcvZqBM5uaCe
0JnSK3VMbu9M3l6gDyuZOhr1YuZA8YF4y4xfsdf8b32td56+zqOiQ3OCfo4EwH3b
cligjqV6AwNhQ7HOPMYgytKd1HekXdwXFbvohyuJfxbPdfnwxbR0qheMU4bZ7y1V
x9PLnSAPwUyw8mP9y3kND3jCbRgWtcqF+TaubibW4sGpuEPagwQA6q4hZecbUkF7
XpEwGK4iMUeS/CZZs89gNNl4qw+pHgczAZkIBaEf/48o/T86K17gbAmvff+PVcOh
dvSRWnInwQih470lZ0PrQM17uyQFudGpaznz2jGIxWi3v/dieaxujB0zW32wF/xO
hA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:50 2024 by rpki-client on console-fra.rpki-client.org