Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/2yOwT1are6nq6QhajaO1AbieFeA.roa
File:                     2yOwT1are6nq6QhajaO1AbieFeA.roa (raw, json)
Hash identifier:          ITafVlH7ePHlAehaH8uDS0oSb+H1tSWypCZ55CiTZH8=
Subject key identifier:   DB:23:B0:4F:56:AB:7B:A9:EA:E9:08:5A:8D:A3:B5:01:B8:9E:15:E0
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       020C
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/2yOwT1are6nq6QhajaO1AbieFeA.roa
Signing time:             Tue 30 May 2023 16:29:30 +0000
ROA not before:           Tue 30 May 2023 16:29:30 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.76.152.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 524 (0x20c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 30 16:29:30 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=DB23B04F56AB7BA9EAE9085A8DA3B501B89E15E0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:ab:c7:9a:7e:42:6a:b0:40:f1:0c:8a:23:1d:
                    63:06:76:15:a6:20:ef:b6:1e:04:08:7e:91:50:51:
                    d0:6f:72:59:fc:1d:a4:94:73:d3:d0:0d:1f:69:1b:
                    72:ab:ad:ec:be:55:f4:a3:ba:67:0d:94:6f:91:c3:
                    8b:38:49:b1:8f:22:82:a6:5a:1c:70:af:41:be:4b:
                    22:1f:fa:40:e7:eb:3b:3e:74:84:58:56:90:f9:8b:
                    58:7f:e5:8c:1a:8b:29:e1:47:d4:3f:96:bd:31:e4:
                    ca:c3:69:c5:d3:d3:51:c1:a8:61:38:a2:c2:ca:71:
                    1a:d3:6c:72:2a:06:52:b6:b4:be:45:d7:68:91:55:
                    ca:ec:fc:4e:e7:af:77:e5:b9:1d:22:17:25:48:0b:
                    4a:24:7d:60:15:50:47:4e:3b:c8:66:c2:51:fd:c0:
                    f3:e9:69:6a:81:0c:54:8f:c2:cf:a7:77:2e:d3:bc:
                    28:41:cf:40:c2:b0:b4:6f:6c:50:81:41:ea:15:de:
                    f8:ac:3d:2e:3a:91:9f:d2:60:d2:e8:14:00:85:bc:
                    90:6e:39:7d:0b:f8:7f:c4:06:91:50:f0:35:9f:ce:
                    2d:e6:c3:2a:3b:d4:be:81:b1:ad:41:02:97:c5:2d:
                    77:86:17:0f:fe:63:42:72:44:96:43:1b:90:2d:3b:
                    8d:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DB:23:B0:4F:56:AB:7B:A9:EA:E9:08:5A:8D:A3:B5:01:B8:9E:15:E0
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/2yOwT1are6nq6QhajaO1AbieFeA.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.76.152.0/21

    Signature Algorithm: sha256WithRSAEncryption
         d2:03:08:36:7f:65:5a:29:46:54:77:7c:f1:39:f4:83:87:a8:
         39:13:e7:a1:3f:61:ea:4b:4d:0c:a3:f4:be:56:03:90:e6:a5:
         80:e5:44:e3:75:e8:e7:12:51:b6:04:4b:f0:c2:a3:05:ca:a6:
         9e:4d:ab:47:d5:34:04:06:46:85:b4:44:a3:3b:46:cd:54:eb:
         94:af:41:56:ae:a9:99:ad:94:00:40:dd:d7:b3:fe:49:50:59:
         98:cc:c7:48:a0:71:10:52:be:5a:77:d7:20:d0:df:2c:86:46:
         2f:4f:f3:e6:10:b7:29:88:e6:67:c5:16:5a:d2:fc:90:71:81:
         07:ec:12:58:38:67:27:f0:f5:22:fa:da:2a:1e:33:c3:6e:aa:
         fe:01:6d:2f:e9:21:bf:d5:c4:0b:61:bd:c7:7c:ca:59:ae:f4:
         01:9e:11:d0:a6:22:a3:45:94:05:d4:9e:9f:3c:2a:70:73:6e:
         04:7e:af:a1:31:fe:31:54:60:3b:06:0e:43:0c:55:85:77:6e:
         ed:98:12:dc:65:6d:44:a6:27:d7:e5:29:f1:93:6d:cb:e1:29:
         08:36:ec:41:5a:5f:3f:3d:b0:33:23:47:77:ad:10:40:da:07:
         8a:fd:77:bd:10:ca:fc:81:37:d1:74:e0:4b:38:b0:81:70:f3:
         ea:a0:52:62
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAgwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MzAx
NjI5MzBaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKERCMjNCMDRGNTZBQjdC
QTlFQUU5MDg1QThEQTNCNTAxQjg5RTE1RTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCq8eafkJqsEDxDIojHWMGdhWmIO+2HgQIfpFQUdBvcln8HaSU
c9PQDR9pG3Krrey+VfSjumcNlG+Rw4s4SbGPIoKmWhxwr0G+SyIf+kDn6zs+dIRY
VpD5i1h/5YwaiynhR9Q/lr0x5MrDacXT01HBqGE4osLKcRrTbHIqBlK2tL5F12iR
Vcrs/E7nr3fluR0iFyVIC0okfWAVUEdOO8hmwlH9wPPpaWqBDFSPws+ndy7TvChB
z0DCsLRvbFCBQeoV3visPS46kZ/SYNLoFACFvJBuOX0L+H/EBpFQ8DWfzi3mwyo7
1L6Bsa1BApfFLXeGFw/+Y0JyRJZDG5AtO40vAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU2yOwT1are6nq6QhajaO1AbieFeAwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzJ5T3dUMWFyZTZucTZRaGFqYU8xQWJpZUZlQS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMBTJgwDQYJKoZIhvcNAQELBQADggEBANIDCDZ/ZVopRlR3fPE59IOHqDkT
56E/YepLTQyj9L5WA5DmpYDlRON16OcSUbYES/DCowXKpp5Nq0fVNAQGRoW0RKM7
Rs1U65SvQVauqZmtlABA3dez/klQWZjMx0igcRBSvlp31yDQ3yyGRi9P8+YQtymI
5mfFFlrS/JBxgQfsElg4Zyfw9SL62ioeM8Nuqv4BbS/pIb/VxAthvcd8ylmu9AGe
EdCmIqNFlAXUnp88KnBzbgR+r6Ex/jFUYDsGDkMMVYV3bu2YEtxlbUSmJ9flKfGT
bcvhKQg27EFaXz89sDMjR3etEEDaB4r9d70QyvyBN9F04Es4sIFw8+qgUmI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:00 2024 by rpki-client on console-ams.rpki-client.org