Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/33kkJVkrWIB2v5Z5aOhOLnDkQmk.roa
File:                     33kkJVkrWIB2v5Z5aOhOLnDkQmk.roa (raw, json)
Hash identifier:          D5WP+QT5e0z8O4B76TjJ9QJI0GQkavIQtrR47U5cq+E=
Subject key identifier:   DF:79:24:25:59:2B:58:80:76:BF:96:79:68:E8:4E:2E:70:E4:42:69
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       3B
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/33kkJVkrWIB2v5Z5aOhOLnDkQmk.roa
Signing time:             Mon 27 Mar 2023 16:02:08 +0000
ROA not before:           Mon 27 Mar 2023 16:02:08 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.75.10.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 59 (0x3b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 27 16:02:08 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=DF792425592B588076BF967968E84E2E70E44269
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:06:6b:5b:33:4c:a8:1d:58:59:14:d6:dc:7e:
                    58:28:84:38:10:83:fe:6f:55:29:5e:0c:5e:2b:92:
                    bf:53:b4:44:fe:ce:d4:33:47:fc:e6:16:b8:36:6c:
                    ef:12:1c:16:59:4c:f0:c2:68:01:2f:4d:cb:10:90:
                    fd:be:84:ba:18:2b:12:2c:c2:0c:f9:25:3c:80:71:
                    ce:94:78:91:a7:98:09:88:34:12:c3:89:9a:ed:1d:
                    69:ee:1d:b7:b4:48:ec:d6:29:c6:46:66:ca:27:84:
                    f3:d7:37:fd:ee:d5:48:db:7b:8b:93:1c:89:b7:db:
                    8c:e8:ba:66:9d:ec:59:fd:b3:fb:6c:36:4d:05:d2:
                    e7:6f:b1:f9:c4:e5:ce:62:dd:3a:af:b7:59:e8:6c:
                    8b:23:bc:ed:ad:0b:9f:9b:a0:0a:0a:c3:ab:63:9f:
                    44:13:f0:85:56:41:29:42:59:70:6f:15:5b:9f:d3:
                    bf:ce:e3:80:de:3f:a1:08:10:90:42:dc:28:eb:e8:
                    b1:23:2e:87:ef:64:9e:5f:d1:93:45:15:a2:f0:2a:
                    bb:22:73:a5:f7:ef:26:2c:d1:34:41:6f:a5:20:ba:
                    c8:39:21:c4:84:fd:7a:dc:ad:58:f2:8d:31:c0:6e:
                    e6:a0:93:f5:7e:d7:8d:9e:ca:fc:a5:0b:65:83:61:
                    1a:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:79:24:25:59:2B:58:80:76:BF:96:79:68:E8:4E:2E:70:E4:42:69
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/33kkJVkrWIB2v5Z5aOhOLnDkQmk.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.75.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c0:9e:75:a3:5e:c3:e3:f1:de:d8:50:8b:93:42:c6:18:75:f5:
         50:38:2f:fd:07:a1:ac:93:18:75:05:e3:18:eb:3f:47:29:5a:
         5b:00:7c:a0:91:db:5c:e3:17:8d:59:d6:52:12:f3:e5:72:e5:
         47:e1:45:c5:e6:be:21:c0:39:a2:db:af:ba:d9:11:d7:7a:48:
         5a:b7:d0:fe:1c:af:59:58:5b:d6:ff:fc:eb:2c:53:43:cd:23:
         32:8d:77:7d:e7:a9:90:0c:ad:e2:10:aa:4a:bb:8f:f0:61:3d:
         82:bd:2b:15:e2:1a:d3:22:3d:18:72:0f:22:52:e4:b8:62:91:
         37:87:59:c5:5b:b9:b2:73:3e:7c:87:b5:fe:50:4b:0c:23:55:
         70:9a:2f:29:62:bd:02:61:6b:ae:af:15:71:22:36:cd:24:c0:
         45:c2:13:74:a8:6c:8d:8e:58:d7:be:b4:b3:a2:eb:18:c4:7e:
         f4:11:fc:02:ac:37:e0:1a:d0:89:34:55:a3:16:b2:5c:10:ae:
         ec:e0:c1:46:27:3b:a0:c2:7d:75:6e:fc:1d:83:ee:a5:83:fa:
         ca:9e:d8:d7:c1:1d:31:41:13:ed:80:e7:c2:89:b0:2e:27:a6:
         f2:55:6f:ea:6f:fa:06:1d:52:a1:29:e2:bc:d4:d8:fd:e1:88:
         fe:67:be:9d
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTY1
QjBCMjBEREUwN0E0Qzk3OEUyNDA3M0VBMEUxMTE3QjM3NDczMB4XDTIzMDMyNzE2
MDIwOFoXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoREY3OTI0MjU1OTJCNTg4
MDc2QkY5Njc5NjhFODRFMkU3MEU0NDI2OTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAOEGa1szTKgdWFkU1tx+WCiEOBCD/m9VKV4MXiuSv1O0RP7O1DNH
/OYWuDZs7xIcFllM8MJoAS9NyxCQ/b6EuhgrEizCDPklPIBxzpR4kaeYCYg0EsOJ
mu0dae4dt7RI7NYpxkZmyieE89c3/e7VSNt7i5McibfbjOi6Zp3sWf2z+2w2TQXS
52+x+cTlzmLdOq+3WehsiyO87a0Ln5ugCgrDq2OfRBPwhVZBKUJZcG8VW5/Tv87j
gN4/oQgQkELcKOvosSMuh+9knl/Rk0UVovAquyJzpffvJizRNEFvpSC6yDkhxIT9
etytWPKNMcBu5qCT9X7XjZ7K/KULZYNhGg0CAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBTfeSQlWStYgHa/lnlo6E4ucORCaTAfBgNVHSMEGDAWgBRpZbCyDd4HpMl44kBz
6g4RF7N0czAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5L2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJlemRITS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJl
emRITS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvMzNra0pWa3JXSUIydjVaNWFPaE9MbkRrUW1rLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAAFLCjANBgkqhkiG9w0BAQsFAAOCAQEAwJ51o17D4/He2FCLk0LGGHX1UDgv
/QehrJMYdQXjGOs/RylaWwB8oJHbXOMXjVnWUhLz5XLlR+FFxea+IcA5otuvutkR
13pIWrfQ/hyvWVhb1v/86yxTQ80jMo13feepkAyt4hCqSruP8GE9gr0rFeIa0yI9
GHIPIlLkuGKRN4dZxVu5snM+fIe1/lBLDCNVcJovKWK9AmFrrq8VcSI2zSTARcIT
dKhsjY5Y1760s6LrGMR+9BH8Aqw34BrQiTRVoxayXBCu7ODBRic7oMJ9dW78HYPu
pYP6yp7Y18EdMUET7YDnwomwLiem8lVv6m/6Bh1SoSnivNTY/eGI/me+nQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org