Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/2_aXyx2csjH_SHLqssKa9y7L92Q.roa
File:                     2_aXyx2csjH_SHLqssKa9y7L92Q.roa (raw, json)
Hash identifier:          uw9k+b9+hk1HBG/Tb5esASAeVkp/7S6R0OPdJ5crVlY=
Subject key identifier:   DB:F6:97:CB:1D:9C:B2:31:FF:48:72:EA:B2:C2:9A:F7:2E:CB:F7:64
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0262
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/2_aXyx2csjH_SHLqssKa9y7L92Q.roa
Signing time:             Tue 30 May 2023 16:34:14 +0000
ROA not before:           Tue 30 May 2023 16:34:14 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.103.20.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 610 (0x262)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 30 16:34:14 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=DBF697CB1D9CB231FF4872EAB2C29AF72ECBF764
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:18:3e:07:76:a2:93:5c:61:f6:ac:d5:e2:a2:
                    ec:86:6c:51:9c:8c:bf:96:1b:f1:ce:c9:dd:61:19:
                    f5:b2:e0:62:29:fd:1d:cf:76:c4:4b:b1:08:13:d7:
                    8f:b1:58:2c:d7:6a:79:21:62:7f:d8:0e:90:a7:11:
                    60:9f:00:be:94:1d:32:82:ed:54:b7:02:33:72:f7:
                    29:9d:22:0c:fc:37:1c:76:10:52:d7:3d:aa:06:b3:
                    3e:47:17:ac:cc:d8:74:28:93:68:c3:dc:41:21:ef:
                    65:07:2a:00:64:1c:b6:8c:ce:5d:b3:a2:dd:18:e6:
                    77:64:4a:72:04:09:cc:a9:de:71:86:0a:f5:20:c0:
                    e5:d5:8a:ec:a8:42:1f:15:4d:8e:ce:9f:73:b7:96:
                    eb:7b:44:17:a6:42:be:6e:45:d9:11:85:0e:e9:33:
                    a0:81:a2:e7:e7:1a:2e:91:d2:4b:a1:80:14:27:87:
                    c2:2f:44:ee:a2:ac:36:7e:30:29:1d:b3:f5:7c:24:
                    d6:4a:02:15:29:bb:4a:1f:fa:4c:70:87:70:a9:cf:
                    89:62:0c:15:3b:dd:9b:f3:d2:79:e3:29:65:e1:2e:
                    31:83:85:f8:42:4a:3e:88:c5:bf:35:7b:23:74:77:
                    59:ca:dc:53:55:0a:a4:57:bb:49:d1:97:34:66:75:
                    74:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:F6:97:CB:1D:9C:B2:31:FF:48:72:EA:B2:C2:9A:F7:2E:CB:F7:64
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/2_aXyx2csjH_SHLqssKa9y7L92Q.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.103.20.0/22

    Signature Algorithm: sha256WithRSAEncryption
         75:b2:43:48:7c:54:2f:76:b1:8a:75:25:b6:41:1f:7f:85:11:
         48:a4:fc:43:f0:7e:c4:19:19:c6:b3:aa:d3:55:3b:d7:bb:03:
         c4:34:85:fa:6a:7a:f6:e9:94:26:bf:7a:35:80:8d:2e:08:a0:
         cc:d8:a2:f7:44:98:58:82:66:14:9c:dc:35:ec:3e:1c:2e:5b:
         0a:0f:b5:ab:2c:68:86:63:1d:fd:b4:d4:bf:70:bf:11:cd:c9:
         ec:8d:5a:22:5a:aa:14:86:49:b8:be:9b:bb:09:34:17:b5:0e:
         87:22:ad:e1:9d:a1:34:d1:c9:9a:2d:fa:55:bf:ff:d9:94:c3:
         a6:29:00:29:f8:2d:f6:66:65:ca:68:f9:ec:75:16:d5:e5:44:
         7e:ff:64:9e:aa:00:00:b5:4e:4a:2d:ce:7c:c4:24:f1:aa:74:
         94:ca:6d:cb:31:ef:30:2f:86:5c:20:f7:25:e7:3f:6a:b6:bd:
         e9:b2:5e:54:49:5f:5b:26:cd:fb:dd:ed:6b:0a:af:a6:2a:a8:
         b5:fa:c9:24:2d:ea:e3:9f:75:22:dc:9a:8e:1b:86:b4:fd:be:
         9a:2c:48:e5:59:86:2b:d8:23:af:15:37:3c:28:8a:4f:ae:4c:
         96:e9:a2:99:18:e3:5a:12:1d:17:a0:95:71:32:95:e5:d6:83:
         97:56:f0:9f
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAmIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MzAx
NjM0MTRaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKERCRjY5N0NCMUQ5Q0Iy
MzFGRjQ4NzJFQUIyQzI5QUY3MkVDQkY3NjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCrGD4HdqKTXGH2rNXiouyGbFGcjL+WG/HOyd1hGfWy4GIp/R3P
dsRLsQgT14+xWCzXankhYn/YDpCnEWCfAL6UHTKC7VS3AjNy9ymdIgz8Nxx2EFLX
PaoGsz5HF6zM2HQok2jD3EEh72UHKgBkHLaMzl2zot0Y5ndkSnIECcyp3nGGCvUg
wOXViuyoQh8VTY7On3O3lut7RBemQr5uRdkRhQ7pM6CBoufnGi6R0kuhgBQnh8Iv
RO6irDZ+MCkds/V8JNZKAhUpu0of+kxwh3Cpz4liDBU73Zvz0nnjKWXhLjGDhfhC
Sj6Ixb81eyN0d1nK3FNVCqRXu0nRlzRmdXSRAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU2/aXyx2csjH/SHLqssKa9y7L92QwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzJfYVh5eDJjc2pIX1NITHFzc0thOXk3TDkyUS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxZxQwDQYJKoZIhvcNAQELBQADggEBAHWyQ0h8VC92sYp1JbZBH3+FEUik
/EPwfsQZGcazqtNVO9e7A8Q0hfpqevbplCa/ejWAjS4IoMzYovdEmFiCZhSc3DXs
PhwuWwoPtassaIZjHf201L9wvxHNyeyNWiJaqhSGSbi+m7sJNBe1DocireGdoTTR
yZot+lW//9mUw6YpACn4LfZmZcpo+ex1FtXlRH7/ZJ6qAAC1TkotznzEJPGqdJTK
bcsx7zAvhlwg9yXnP2q2vemyXlRJX1smzfvd7WsKr6YqqLX6ySQt6uOfdSLcmo4b
hrT9vposSOVZhivYI68VNzwoik+uTJbpopkY41oSHReglXEyleXWg5dW8J8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org