Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/-wefOQCAxwY2_jzXSyMqnqO0hig.roa
File:                     -wefOQCAxwY2_jzXSyMqnqO0hig.roa (raw, json)
Hash identifier:          SYrJFZ9w2AqSawKmyZPdLEswvE+AUUGoe8x1X3aaEWo=
Subject key identifier:   FB:07:9F:39:00:80:C7:06:36:FE:3C:D7:4B:23:2A:9E:A3:B4:86:28
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       7C
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/-wefOQCAxwY2_jzXSyMqnqO0hig.roa
Signing time:             Mon 27 Mar 2023 16:12:02 +0000
ROA not before:           Mon 27 Mar 2023 16:12:02 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.75.4.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 124 (0x7c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 27 16:12:02 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=FB079F390080C70636FE3CD74B232A9EA3B48628
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:03:5b:58:1e:7a:99:51:ea:8c:6a:5a:df:56:
                    43:d3:72:4f:91:fd:1d:5b:b7:2f:22:0f:d0:f1:11:
                    5e:67:78:5e:ed:c5:18:f3:2a:49:ad:fb:01:2d:52:
                    7e:a6:0f:b5:de:c4:6e:15:a5:23:4a:a6:ae:44:50:
                    95:3e:7b:38:92:ca:a3:3c:6e:6a:e5:6f:5c:c0:67:
                    be:36:b4:52:b6:71:04:63:46:ea:40:dc:64:c5:79:
                    e3:d7:d0:32:91:f1:dc:27:7b:b4:65:73:74:76:70:
                    db:c1:ea:5b:3a:85:73:d9:57:12:8c:b0:7c:03:26:
                    7a:9a:ee:d0:39:67:8d:ff:69:67:27:30:da:4a:b1:
                    70:db:5b:21:bc:fe:ba:c8:3d:30:f1:8c:cc:7b:83:
                    4c:ee:d8:18:04:a5:44:1a:55:0e:f9:46:72:08:02:
                    d7:70:ae:ee:71:50:58:3b:ee:40:35:e5:ab:3e:a2:
                    36:3f:ce:19:4d:5e:e0:00:33:38:bc:e7:f2:12:b5:
                    5b:7a:ae:93:15:35:77:33:42:ef:9c:83:bf:d4:4d:
                    f8:4b:3d:ff:ca:f9:30:af:1d:d5:64:da:ff:8c:ad:
                    a0:fd:5c:ba:3d:cf:40:b8:da:6c:13:ee:d1:53:99:
                    90:ec:8c:c6:bf:4c:77:84:dc:ca:f7:18:6f:f7:48:
                    30:df
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                FB:07:9F:39:00:80:C7:06:36:FE:3C:D7:4B:23:2A:9E:A3:B4:86:28
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/-wefOQCAxwY2_jzXSyMqnqO0hig.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.75.4.0/22

    Signature Algorithm: sha256WithRSAEncryption
         67:2d:4a:14:a7:38:46:cf:71:fd:82:a9:b2:93:2d:b7:ae:dc:
         95:6a:27:fe:79:e5:7b:df:db:bf:2b:b3:1f:6f:eb:bd:f3:ed:
         73:13:cd:01:76:df:38:44:4c:58:a3:8b:e7:35:45:42:85:f4:
         c8:38:dd:fb:cc:1f:a4:dc:fb:40:e9:d2:75:c8:ef:c3:2e:59:
         3b:86:ed:7b:9b:f9:7d:10:9b:d7:36:a5:8d:d1:06:39:54:40:
         9b:67:71:93:3f:19:4a:32:b3:f8:cf:f6:27:6b:c5:7e:d6:10:
         c4:6f:db:12:06:d5:41:4d:45:74:a3:75:d1:c2:23:29:96:5c:
         f2:4a:d5:43:46:70:10:50:92:ad:05:4a:ef:de:08:1e:87:c9:
         74:3d:a2:7d:86:3b:83:37:72:a0:76:dd:ac:12:62:87:64:a4:
         74:44:49:4c:f5:1f:9d:d5:06:92:d5:6a:f2:fe:df:df:b2:c8:
         47:50:08:1d:40:c5:5c:36:34:7b:7f:a9:50:d0:e5:98:56:8d:
         f2:71:36:d2:a4:92:db:94:25:2b:9b:98:f8:3d:5a:dd:54:4d:
         35:4f:96:fc:47:90:93:a7:dd:0c:97:9f:02:92:3d:d3:48:db:
         d7:98:ff:99:e8:e1:23:3e:d9:7c:7d:92:8a:3d:8c:56:42:8c:
         cd:6b:56:9d
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBfDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTY1
QjBCMjBEREUwN0E0Qzk3OEUyNDA3M0VBMEUxMTE3QjM3NDczMB4XDTIzMDMyNzE2
MTIwMloXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoRkIwNzlGMzkwMDgwQzcw
NjM2RkUzQ0Q3NEIyMzJBOUVBM0I0ODYyODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALMDW1geeplR6oxqWt9WQ9NyT5H9HVu3LyIP0PERXmd4Xu3FGPMq
Sa37AS1SfqYPtd7EbhWlI0qmrkRQlT57OJLKozxuauVvXMBnvja0UrZxBGNG6kDc
ZMV549fQMpHx3Cd7tGVzdHZw28HqWzqFc9lXEoywfAMmepru0Dlnjf9pZycw2kqx
cNtbIbz+usg9MPGMzHuDTO7YGASlRBpVDvlGcggC13Cu7nFQWDvuQDXlqz6iNj/O
GU1e4AAzOLzn8hK1W3qukxU1dzNC75yDv9RN+Es9/8r5MK8d1WTa/4ytoP1cuj3P
QLjabBPu0VOZkOyMxr9Md4TcyvcYb/dIMN8CAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBT7B585AIDHBjb+PNdLIyqeo7SGKDAfBgNVHSMEGDAWgBRpZbCyDd4HpMl44kBz
6g4RF7N0czAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5L2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJlemRITS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJl
emRITS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvLXdlZk9RQ0F4d1kyX2p6WFN5TXFucU8waGlnLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAgFLBDANBgkqhkiG9w0BAQsFAAOCAQEAZy1KFKc4Rs9x/YKpspMtt67clWon
/nnle9/bvyuzH2/rvfPtcxPNAXbfOERMWKOL5zVFQoX0yDjd+8wfpNz7QOnSdcjv
wy5ZO4bte5v5fRCb1zaljdEGOVRAm2dxkz8ZSjKz+M/2J2vFftYQxG/bEgbVQU1F
dKN10cIjKZZc8krVQ0ZwEFCSrQVK794IHofJdD2ifYY7gzdyoHbdrBJih2SkdERJ
TPUfndUGktVq8v7f37LIR1AIHUDFXDY0e3+pUNDlmFaN8nE20qSS25QlK5uY+D1a
3VRNNU+W/EeQk6fdDJefApI900jb15j/mejhIz7ZfH2Sij2MVkKMzWtWnQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:00 2024 by rpki-client on console-ams.rpki-client.org