Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/-majQbCIPPoHAESchN7GuW6WhH8.roa
File:                     -majQbCIPPoHAESchN7GuW6WhH8.roa (raw, json)
Hash identifier:          CsBajvz1cSS1JhkbffMVntIISD8INeWvYcuyKkJ5llw=
Subject key identifier:   FA:66:A3:41:B0:88:3C:FA:07:00:44:9C:84:DE:C6:B9:6E:96:84:7F
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       03C7
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/-majQbCIPPoHAESchN7GuW6WhH8.roa
Signing time:             Tue 06 Jun 2023 16:02:59 +0000
ROA not before:           Tue 06 Jun 2023 16:02:59 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.104.21.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 967 (0x3c7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  6 16:02:59 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=FA66A341B0883CFA0700449C84DEC6B96E96847F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:3c:bd:67:b5:fc:26:05:0b:2e:38:86:a2:43:
                    78:78:b3:61:39:54:68:40:05:3e:9f:4e:b9:3a:ae:
                    0b:80:50:f2:68:2e:60:96:80:f3:53:3d:ab:66:7e:
                    27:94:32:b8:03:93:02:23:a1:13:5a:f6:04:2c:85:
                    c4:d7:28:6f:b3:b6:01:4d:ce:96:60:12:46:e5:5b:
                    98:b6:ef:c7:5f:ad:d0:af:49:1f:b2:5f:6b:1d:02:
                    d9:c6:f4:d4:6b:81:de:3f:12:19:6f:e5:a1:19:75:
                    c9:4d:d4:43:49:69:eb:42:97:5d:a6:3b:92:24:5e:
                    30:db:88:06:b7:e0:11:38:6f:46:ca:f9:a0:ce:01:
                    f3:f2:d8:89:1b:de:d2:3f:29:2a:a3:56:a1:02:49:
                    f8:57:c2:7d:c9:70:35:64:e9:46:38:49:40:ef:fa:
                    21:82:07:55:72:86:00:5d:2c:df:2b:80:ce:6f:f2:
                    d7:8c:85:47:62:af:05:74:fb:a9:44:1f:7c:b9:b6:
                    0a:c5:59:70:3c:ec:ce:15:18:8b:7e:62:93:b2:a5:
                    20:a1:fb:70:44:22:d5:e7:56:22:1d:9f:01:94:d2:
                    08:70:fb:9f:74:80:bd:f3:c3:fb:ec:71:cc:e9:06:
                    45:32:f9:df:f1:6f:fe:b3:1b:54:a2:33:9d:4d:fa:
                    33:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FA:66:A3:41:B0:88:3C:FA:07:00:44:9C:84:DE:C6:B9:6E:96:84:7F
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/-majQbCIPPoHAESchN7GuW6WhH8.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.104.21.0/24

    Signature Algorithm: sha256WithRSAEncryption
         37:c4:a9:72:f0:33:30:0c:ad:96:4a:80:c4:ef:ef:39:51:c4:
         5f:ae:3a:38:84:fe:19:fc:92:b3:bc:59:50:8d:2b:19:18:85:
         c4:75:93:c7:e5:25:94:d1:f9:29:38:d8:cb:1f:7c:a2:7a:00:
         f1:e6:0f:68:12:64:00:0f:8a:5c:67:e8:4c:e1:02:97:0b:77:
         8f:e3:71:39:16:82:5c:dd:63:6f:77:7b:96:25:68:a6:73:54:
         42:7f:a3:fe:50:47:77:0f:88:d9:9a:f7:57:20:50:93:e6:80:
         a2:6b:ec:b0:c3:63:a1:9b:a2:c8:66:45:ef:7a:60:1b:6d:5e:
         e4:4d:fd:82:7e:81:82:1c:10:3f:84:14:53:eb:e7:07:2d:2c:
         83:df:31:48:a3:b0:c2:77:29:d7:30:b6:d0:03:6a:d0:08:fb:
         28:10:20:98:a0:7e:9d:a4:71:70:b5:b7:33:c3:17:6a:a7:68:
         81:4e:8e:27:bc:e7:db:6c:9d:9e:67:43:39:23:a4:4f:36:4d:
         d9:47:4d:85:bc:7f:d6:5c:6e:78:41:67:76:bc:8d:1d:5d:cf:
         f4:38:0d:59:c5:1d:90:4c:8e:15:32:82:9e:2b:6b:db:93:54:
         e0:2a:ba:7a:71:ea:c0:02:6b:51:f1:fd:45:9a:b6:d9:fc:20:
         a2:3b:d6:a5
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICA8cwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDYx
NjAyNTlaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEZBNjZBMzQxQjA4ODND
RkEwNzAwNDQ5Qzg0REVDNkI5NkU5Njg0N0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiPL1ntfwmBQsuOIaiQ3h4s2E5VGhABT6fTrk6rguAUPJoLmCW
gPNTPatmfieUMrgDkwIjoRNa9gQshcTXKG+ztgFNzpZgEkblW5i278dfrdCvSR+y
X2sdAtnG9NRrgd4/Ehlv5aEZdclN1ENJaetCl12mO5IkXjDbiAa34BE4b0bK+aDO
AfPy2Ikb3tI/KSqjVqECSfhXwn3JcDVk6UY4SUDv+iGCB1VyhgBdLN8rgM5v8teM
hUdirwV0+6lEH3y5tgrFWXA87M4VGIt+YpOypSCh+3BEItXnViIdnwGU0ghw+590
gL3zw/vscczpBkUy+d/xb/6zG1SiM51N+jP9AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU+majQbCIPPoHAESchN7GuW6WhH8wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5Ly1tYWpRYkNJUFBvSEFFU2NoTjdHdVc2V2hIOC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxaBUwDQYJKoZIhvcNAQELBQADggEBADfEqXLwMzAMrZZKgMTv7zlRxF+u
OjiE/hn8krO8WVCNKxkYhcR1k8flJZTR+Sk42MsffKJ6APHmD2gSZAAPilxn6Ezh
ApcLd4/jcTkWglzdY293e5YlaKZzVEJ/o/5QR3cPiNma91cgUJPmgKJr7LDDY6Gb
oshmRe96YBttXuRN/YJ+gYIcED+EFFPr5wctLIPfMUijsMJ3KdcwttADatAI+ygQ
IJigfp2kcXC1tzPDF2qnaIFOjie859tsnZ5nQzkjpE82TdlHTYW8f9ZcbnhBZ3a8
jR1dz/Q4DVnFHZBMjhUygp4ra9uTVOAqunpx6sACa1Hx/UWattn8IKI71qU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:50 2024 by rpki-client on console-fra.rpki-client.org