Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/2PsLrOdRHDp64OGo5rxkCm4ywOI.roa
File:                     2PsLrOdRHDp64OGo5rxkCm4ywOI.roa (raw, json)
Hash identifier:          L/9FcCon3Jrzd9eYYMFYDLm4W/VRY6VAZ0/0XQMElCE=
Subject key identifier:   D8:FB:0B:AC:E7:51:1C:3A:7A:E0:E1:A8:E6:BC:64:0A:6E:32:C0:E2
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       027A
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/2PsLrOdRHDp64OGo5rxkCm4ywOI.roa
Signing time:             Tue 30 May 2023 16:34:22 +0000
ROA not before:           Tue 30 May 2023 16:34:22 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        220.210.0.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 634 (0x27a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 30 16:34:22 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=D8FB0BACE7511C3A7AE0E1A8E6BC640A6E32C0E2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e6:75:86:f6:b3:49:6b:3c:0e:57:46:3c:88:2c:
                    57:52:5f:86:7b:c8:fe:5e:e1:ed:82:2c:3e:5f:ba:
                    bc:83:c3:ed:e0:3a:13:a6:01:d6:79:5d:ba:f3:74:
                    f6:7c:4f:ed:9f:6b:d0:38:be:07:63:36:20:0a:95:
                    e2:14:69:5b:b7:8e:04:2f:f8:77:a8:53:92:34:6d:
                    de:3b:29:6f:fc:46:d5:81:c5:c7:46:c9:0c:0f:93:
                    de:b4:79:45:4b:9e:88:c1:af:f6:da:b7:88:93:59:
                    97:5a:48:05:7f:2d:92:e3:50:a1:1f:e2:9a:8f:2a:
                    26:fe:ff:fc:c4:ce:e0:14:74:52:95:f8:62:d2:a9:
                    32:6d:45:66:c7:25:b1:f2:64:4e:fd:2c:30:0b:f3:
                    c4:63:33:fb:14:9e:dc:a5:66:eb:ed:3e:62:c9:e3:
                    f0:df:45:67:e1:e3:3e:92:b5:ab:cd:7e:1e:e2:b9:
                    3d:7d:24:9c:04:e6:ab:ac:2e:9f:a8:65:a0:fc:17:
                    76:ad:24:92:26:40:2d:c8:08:9a:bd:4e:64:2c:9d:
                    c8:64:91:d0:00:e0:54:88:a2:d5:c1:7b:8b:44:8e:
                    ce:15:0b:93:f1:3d:1d:fc:df:ab:9f:67:6f:30:d6:
                    28:98:26:30:ba:30:86:86:23:7a:31:fe:32:81:15:
                    f2:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D8:FB:0B:AC:E7:51:1C:3A:7A:E0:E1:A8:E6:BC:64:0A:6E:32:C0:E2
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/2PsLrOdRHDp64OGo5rxkCm4ywOI.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.210.0.0/20

    Signature Algorithm: sha256WithRSAEncryption
         d2:a2:68:6c:e7:b9:6b:d6:a9:9a:e7:07:95:38:0a:f9:4b:87:
         76:62:9b:48:f5:8a:a5:ca:e1:3d:15:26:9c:e7:1f:c8:4d:ca:
         2e:94:a7:96:15:b0:fd:07:d1:62:2d:ad:00:3f:12:c8:21:6e:
         c0:b3:fa:95:0a:69:67:7b:cc:85:a1:9b:0c:8d:9d:db:b4:23:
         57:0b:2f:24:fc:5a:98:34:32:77:55:72:30:95:52:ac:53:36:
         ca:15:b0:7a:de:6c:3d:61:65:c1:ed:fc:c5:94:cc:8a:5a:21:
         c3:05:31:7c:4b:5a:43:ae:a7:dc:13:38:de:6e:63:c5:12:52:
         97:96:22:03:04:96:25:8e:ae:15:c1:66:1e:f4:a5:45:bd:03:
         0b:19:fa:83:b6:be:9a:b6:a0:db:fc:bc:cb:2c:f7:5e:22:2a:
         34:cf:f4:a7:4d:e0:78:12:34:7b:45:66:28:02:7a:21:fa:47:
         b3:b7:d0:e8:de:c0:2b:d4:1a:4f:9d:fa:d1:2a:9a:81:4c:16:
         ca:e7:64:8f:c1:76:f8:ce:d9:fd:8a:74:1a:ce:82:c9:7f:d8:
         1a:8d:90:7c:b2:07:a5:a9:3e:da:d7:66:db:7e:74:57:2b:34:
         74:de:22:0e:aa:fd:c5:83:88:1b:c6:9b:93:2d:ff:f9:38:0b:
         da:62:f5:e9
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAnowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MzAx
NjM0MjJaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEQ4RkIwQkFDRTc1MTFD
M0E3QUUwRTFBOEU2QkM2NDBBNkUzMkMwRTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDmdYb2s0lrPA5XRjyILFdSX4Z7yP5e4e2CLD5furyDw+3gOhOm
AdZ5XbrzdPZ8T+2fa9A4vgdjNiAKleIUaVu3jgQv+HeoU5I0bd47KW/8RtWBxcdG
yQwPk960eUVLnojBr/bat4iTWZdaSAV/LZLjUKEf4pqPKib+//zEzuAUdFKV+GLS
qTJtRWbHJbHyZE79LDAL88RjM/sUntylZuvtPmLJ4/DfRWfh4z6StavNfh7iuT19
JJwE5qusLp+oZaD8F3atJJImQC3ICJq9TmQsnchkkdAA4FSIotXBe4tEjs4VC5Px
PR3836ufZ28w1iiYJjC6MIaGI3ox/jKBFfIpAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU2PsLrOdRHDp64OGo5rxkCm4ywOIwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzJQc0xyT2RSSERwNjRPR281cnhrQ200eXdPSS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATc0gAwDQYJKoZIhvcNAQELBQADggEBANKiaGznuWvWqZrnB5U4CvlLh3Zi
m0j1iqXK4T0VJpznH8hNyi6Up5YVsP0H0WItrQA/EsghbsCz+pUKaWd7zIWhmwyN
ndu0I1cLLyT8Wpg0MndVcjCVUqxTNsoVsHrebD1hZcHt/MWUzIpaIcMFMXxLWkOu
p9wTON5uY8USUpeWIgMEliWOrhXBZh70pUW9AwsZ+oO2vpq2oNv8vMss914iKjTP
9KdN4HgSNHtFZigCeiH6R7O30OjewCvUGk+d+tEqmoFMFsrnZI/BdvjO2f2KdBrO
gsl/2BqNkHyyB6WpPtrXZtt+dFcrNHTeIg6q/cWDiBvGm5Mt//k4C9pi9ek=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:00 2024 by rpki-client on console-ams.rpki-client.org