Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/1VEr-tm7aVs2P47q5Fsuiy2DEXs.roa
File:                     1VEr-tm7aVs2P47q5Fsuiy2DEXs.roa (raw, json)
Hash identifier:          cIk4plWSD7IYOCP+iMir6EWcPl0Ii2c+J7cMR6BtbB4=
Subject key identifier:   D5:51:2B:FA:D9:BB:69:5B:36:3F:8E:EA:E4:5B:2E:8B:2D:83:11:7B
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       36
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/1VEr-tm7aVs2P47q5Fsuiy2DEXs.roa
Signing time:             Mon 27 Mar 2023 16:02:07 +0000
ROA not before:           Mon 27 Mar 2023 16:02:07 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.72.2.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 54 (0x36)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 27 16:02:07 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=D5512BFAD9BB695B363F8EEAE45B2E8B2D83117B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a0:8f:19:f8:38:cb:df:55:d0:b0:dd:17:e2:dc:
                    07:0f:b6:52:0e:e8:47:b0:3f:15:f6:55:2a:03:0c:
                    b5:78:56:dd:64:ce:5e:b4:3f:45:7d:b1:8c:6f:f9:
                    b4:cd:f2:6d:ee:1c:ba:37:fd:47:04:2d:b3:82:72:
                    cb:c7:fe:3f:8a:14:f5:f4:a8:ff:fa:0a:3b:97:a6:
                    1c:df:4f:50:6c:e2:e4:ae:d4:d3:5b:18:4f:9e:67:
                    9a:9e:f5:1f:b8:4e:d9:e9:da:f7:6f:3d:75:89:e0:
                    8d:de:b7:1f:ca:54:0b:91:b4:ab:e4:97:c3:41:ed:
                    29:61:8d:0f:d3:ec:d3:9e:9c:54:77:26:77:cb:bd:
                    bb:93:c2:de:4f:13:a9:6f:80:45:0f:2d:d9:ef:45:
                    fe:52:36:85:06:2d:69:ea:41:fa:80:0d:df:9b:a4:
                    6f:32:20:32:e4:ec:99:10:00:f3:5b:57:0e:dd:da:
                    71:91:8c:d6:c3:eb:72:bb:c1:12:e1:02:8a:f6:11:
                    70:80:4d:7e:e6:22:f4:e4:45:6f:66:23:81:87:f7:
                    b8:1f:b3:db:70:19:b9:69:3a:46:5f:8b:0e:88:c4:
                    63:36:9f:63:7b:a7:67:4c:8c:77:83:a7:d0:7a:41:
                    28:94:5e:46:75:20:7a:e7:de:12:ea:57:c3:f2:5e:
                    47:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D5:51:2B:FA:D9:BB:69:5B:36:3F:8E:EA:E4:5B:2E:8B:2D:83:11:7B
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/1VEr-tm7aVs2P47q5Fsuiy2DEXs.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.72.2.0/23

    Signature Algorithm: sha256WithRSAEncryption
         e2:67:8a:c0:d3:9b:a9:99:1c:1c:95:6c:55:ae:db:fe:c0:24:
         4d:e3:bd:8c:45:e2:d1:f4:16:9f:33:2c:00:91:bc:c7:de:b2:
         d3:4b:d1:79:ec:d8:6a:57:e4:a4:2d:aa:e4:28:6a:50:a5:06:
         25:f6:89:58:24:0e:1c:6a:dc:10:53:47:c9:21:ad:88:a1:15:
         96:c1:a7:d2:d0:31:db:ba:92:1f:32:a4:5c:9c:3c:d6:59:64:
         d4:d2:04:80:65:02:75:c5:57:b5:2a:99:e0:b9:22:3e:a2:37:
         fb:f5:f2:8f:9d:b6:e8:27:75:e5:d4:1b:a9:6d:40:ee:80:13:
         8c:15:b8:2c:18:9a:18:c0:56:06:e8:b5:6b:06:8e:5c:dd:37:
         fb:86:d5:d8:e3:8e:9c:ff:5f:43:c7:19:6f:6c:e9:16:7f:35:
         25:28:17:7e:c2:0e:5c:fe:20:ab:10:66:c9:da:64:1f:dc:f5:
         b7:5a:9a:34:a7:c3:ef:29:15:8e:d8:f0:df:b1:d6:2d:9b:91:
         ed:1d:60:16:a0:d0:52:1c:84:c3:5e:88:5c:2b:66:75:01:8b:
         e7:1f:20:db:54:c1:d1:52:24:06:2b:26:75:1d:f1:6c:66:81:
         2a:81:89:59:28:c0:25:51:66:f0:6c:53:a6:4a:6c:2f:62:9f:
         77:7b:23:3c
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBNjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTY1
QjBCMjBEREUwN0E0Qzk3OEUyNDA3M0VBMEUxMTE3QjM3NDczMB4XDTIzMDMyNzE2
MDIwN1oXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoRDU1MTJCRkFEOUJCNjk1
QjM2M0Y4RUVBRTQ1QjJFOEIyRDgzMTE3QjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKCPGfg4y99V0LDdF+LcBw+2Ug7oR7A/FfZVKgMMtXhW3WTOXrQ/
RX2xjG/5tM3ybe4cujf9RwQts4Jyy8f+P4oU9fSo//oKO5emHN9PUGzi5K7U01sY
T55nmp71H7hO2ena9289dYngjd63H8pUC5G0q+SXw0HtKWGND9Ps056cVHcmd8u9
u5PC3k8TqW+ARQ8t2e9F/lI2hQYtaepB+oAN35ukbzIgMuTsmRAA81tXDt3acZGM
1sPrcrvBEuECivYRcIBNfuYi9ORFb2YjgYf3uB+z23AZuWk6Rl+LDojEYzafY3un
Z0yMd4On0HpBKJReRnUgeufeEupXw/JeR70CAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBTVUSv62btpWzY/jurkWy6LLYMRezAfBgNVHSMEGDAWgBRpZbCyDd4HpMl44kBz
6g4RF7N0czAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5L2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJlemRITS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJl
emRITS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvMVZFci10bTdhVnMyUDQ3cTVGc3VpeTJERVhzLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAQFIAjANBgkqhkiG9w0BAQsFAAOCAQEA4meKwNObqZkcHJVsVa7b/sAkTeO9
jEXi0fQWnzMsAJG8x96y00vReezYalfkpC2q5ChqUKUGJfaJWCQOHGrcEFNHySGt
iKEVlsGn0tAx27qSHzKkXJw81llk1NIEgGUCdcVXtSqZ4LkiPqI3+/Xyj5226Cd1
5dQbqW1A7oATjBW4LBiaGMBWBui1awaOXN03+4bV2OOOnP9fQ8cZb2zpFn81JSgX
fsIOXP4gqxBmydpkH9z1t1qaNKfD7ykVjtjw37HWLZuR7R1gFqDQUhyEw16IXCtm
dQGL5x8g21TB0VIkBismdR3xbGaBKoGJWSjAJVFm8GxTpkpsL2Kfd3sjPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:00 2024 by rpki-client on console-ams.rpki-client.org