Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/4vwCZlZUl9-2iSdgWX2YeJb1afU.roa
File:                     4vwCZlZUl9-2iSdgWX2YeJb1afU.roa (raw, json)
Hash identifier:          ICk/i2LvwgAnx+4/gpKX/BxVNPo52yFPWg2J803TwtE=
Subject key identifier:   E2:FC:02:66:56:54:97:DF:B6:89:27:60:59:7D:98:78:96:F5:69:F5
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       19
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/4vwCZlZUl9-2iSdgWX2YeJb1afU.roa
Signing time:             Wed 15 Mar 2023 02:05:48 +0000
ROA not before:           Wed 15 Mar 2023 02:05:48 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        220.159.54.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 25 (0x19)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 15 02:05:48 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=E2FC0266565497DFB6892760597D987896F569F5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:90:96:04:e1:48:05:29:2d:19:7c:e2:24:4a:
                    2d:f6:0a:da:41:85:ec:80:53:fe:16:6c:76:ad:2e:
                    76:c7:44:f6:95:a5:cc:2b:5a:ef:53:a0:01:11:44:
                    1b:c8:a6:38:db:c1:50:98:45:c8:98:70:b0:b9:7f:
                    c8:08:04:25:db:4d:4a:5e:3c:fd:d7:2e:a5:3d:a5:
                    b8:57:4c:5b:49:a8:bc:8d:a4:bf:f8:cc:7d:39:07:
                    1a:17:29:8e:80:f6:67:54:60:1b:4b:b4:54:83:36:
                    0b:24:16:50:60:c8:19:55:94:50:6f:f7:f4:ed:8d:
                    5d:c3:1e:03:3f:bc:b0:2b:b1:26:2a:3f:55:f5:f8:
                    69:35:9d:94:13:8a:fb:66:c7:d8:2e:bb:71:52:51:
                    cf:e2:49:58:cc:43:35:86:c8:96:d2:78:f1:e5:6f:
                    19:75:d3:b1:bd:4d:2e:0c:47:61:6b:68:dc:3b:e2:
                    a8:07:4e:2d:0e:e9:be:36:ba:61:fe:e0:1b:44:4a:
                    07:03:98:2d:25:b4:cc:fa:ba:ef:83:33:a0:89:01:
                    ad:dc:b5:26:13:70:b4:f9:0c:7e:9a:55:9e:d8:fa:
                    89:43:a8:b6:78:c8:aa:17:f9:75:58:8c:76:d1:e4:
                    0c:7b:8b:78:39:a7:d4:76:ff:1f:ff:a5:b0:90:31:
                    57:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E2:FC:02:66:56:54:97:DF:B6:89:27:60:59:7D:98:78:96:F5:69:F5
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/4vwCZlZUl9-2iSdgWX2YeJb1afU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.159.54.0/23

    Signature Algorithm: sha256WithRSAEncryption
         94:9a:2c:bf:c7:a1:47:cf:27:6c:aa:cd:cd:01:a1:9a:44:b8:
         37:1b:91:1c:21:b2:db:96:f0:cf:92:d1:a8:d3:6e:2a:ab:ec:
         e3:8e:0b:ce:11:6a:be:f1:3e:23:7d:af:6e:b3:96:d8:47:13:
         e8:96:e6:de:7a:2d:63:e5:5f:61:a0:bb:10:84:82:2c:8e:7c:
         dc:de:8e:37:70:b6:15:24:7a:f7:0d:c5:2b:b1:0e:f0:d6:b9:
         59:38:40:2a:1a:c1:ab:8e:de:e3:ee:e0:ca:1e:de:1d:26:a2:
         7f:99:51:99:88:59:d9:2e:f4:7b:82:e2:eb:d8:66:65:cd:46:
         8f:88:19:2f:19:61:cf:66:cf:33:86:fd:5f:0e:4f:72:9d:70:
         5b:2c:fe:f9:cd:71:f7:ca:94:d5:6f:49:3c:0f:99:58:74:a2:
         79:a5:6f:12:b7:d0:2a:43:b5:ed:d7:97:4a:8e:68:d8:2d:74:
         48:a9:19:20:a7:06:01:37:d2:ad:8a:05:fd:d8:fb:25:2e:3a:
         1f:2e:21:bc:41:47:fc:0e:ef:c7:bf:8c:b7:38:5a:83:bb:12:
         fb:80:53:be:83:8d:26:6b:8c:30:ee:ee:b2:ed:41:f9:2d:c5:
         d5:1a:0f:b9:d3:03:44:38:07:40:3a:bf:62:7f:a3:20:41:70:
         2b:76:83:f7
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTY1
QjBCMjBEREUwN0E0Qzk3OEUyNDA3M0VBMEUxMTE3QjM3NDczMB4XDTIzMDMxNTAy
MDU0OFoXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoRTJGQzAyNjY1NjU0OTdE
RkI2ODkyNzYwNTk3RDk4Nzg5NkY1NjlGNTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANmQlgThSAUpLRl84iRKLfYK2kGF7IBT/hZsdq0udsdE9pWlzCta
71OgARFEG8imONvBUJhFyJhwsLl/yAgEJdtNSl48/dcupT2luFdMW0movI2kv/jM
fTkHGhcpjoD2Z1RgG0u0VIM2CyQWUGDIGVWUUG/39O2NXcMeAz+8sCuxJio/VfX4
aTWdlBOK+2bH2C67cVJRz+JJWMxDNYbIltJ48eVvGXXTsb1NLgxHYWto3DviqAdO
LQ7pvja6Yf7gG0RKBwOYLSW0zPq674MzoIkBrdy1JhNwtPkMfppVntj6iUOotnjI
qhf5dViMdtHkDHuLeDmn1Hb/H/+lsJAxV+kCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBTi/AJmVlSX37aJJ2BZfZh4lvVp9TAfBgNVHSMEGDAWgBRpZbCyDd4HpMl44kBz
6g4RF7N0czAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5L2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJlemRITS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJl
emRITS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvNHZ3Q1psWlVsOS0yaVNkZ1dYMlllSmIxYWZVLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAdyfNjANBgkqhkiG9w0BAQsFAAOCAQEAlJosv8ehR88nbKrNzQGhmkS4NxuR
HCGy25bwz5LRqNNuKqvs444LzhFqvvE+I32vbrOW2EcT6Jbm3notY+VfYaC7EISC
LI583N6ON3C2FSR69w3FK7EO8Na5WThAKhrBq47e4+7gyh7eHSaif5lRmYhZ2S70
e4Li69hmZc1Gj4gZLxlhz2bPM4b9Xw5Pcp1wWyz++c1x98qU1W9JPA+ZWHSieaVv
ErfQKkO17deXSo5o2C10SKkZIKcGATfSrYoF/dj7JS46Hy4hvEFH/A7vx7+Mtzha
g7sS+4BTvoONJmuMMO7usu1B+S3F1RoPudMDRDgHQDq/Yn+jIEFwK3aD9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:00 2024 by rpki-client on console-ams.rpki-client.org