Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/505mscV1YkMX2rjOcSmC43uuDHw.roa
File:                     505mscV1YkMX2rjOcSmC43uuDHw.roa (raw, json)
Hash identifier:          Cg8qHs4lSDY/vKkV2BS8K3EUVEbw2EgcoWZqS2XvcfU=
Subject key identifier:   E7:4E:66:B1:C5:75:62:43:17:DA:B8:CE:71:29:82:E3:7B:AE:0C:7C
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       027E
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/505mscV1YkMX2rjOcSmC43uuDHw.roa
Signing time:             Tue 30 May 2023 16:34:24 +0000
ROA not before:           Tue 30 May 2023 16:34:24 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.72.12.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 638 (0x27e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 30 16:34:24 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=E74E66B1C575624317DAB8CE712982E37BAE0C7C
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:b1:4a:5d:28:69:8f:96:bf:06:d9:9e:b9:b3:
                    cb:93:57:c4:8e:4e:89:4d:eb:9a:8a:5f:6c:da:b1:
                    f0:19:51:6a:0f:1b:1a:34:ef:57:fd:19:6b:0d:d7:
                    19:24:28:10:75:85:7a:f9:2c:3a:bd:c1:fe:1f:0d:
                    11:2b:a8:66:b9:b5:6e:9a:67:e3:ca:ff:c1:1b:a9:
                    58:92:41:da:e4:21:d1:63:83:e2:a7:a8:d1:ee:7e:
                    c0:d6:d5:03:9e:46:be:b2:7c:ef:80:aa:87:89:95:
                    1a:63:4f:4b:4d:87:29:54:09:88:a0:53:d5:b2:57:
                    72:76:55:0d:81:be:02:86:61:95:8c:08:80:8d:11:
                    68:a5:37:fa:d0:47:c1:5d:5e:f3:0e:25:33:0b:81:
                    44:22:df:84:cc:3f:4f:ae:35:cc:b7:45:de:c4:78:
                    4d:6b:ab:a7:c8:3c:83:78:5d:2f:bb:8d:2b:8b:b0:
                    8b:16:0f:75:6b:dc:1f:9b:fa:75:94:ac:b4:df:62:
                    ca:ed:cd:d0:9d:45:a9:3d:c4:5e:0d:7b:fb:d4:e6:
                    fd:eb:68:01:4e:49:cf:04:cd:cf:25:d8:fd:ff:f2:
                    c8:6c:9a:a8:79:e4:29:fb:36:b2:63:6a:fb:d7:ce:
                    63:8c:03:cb:6b:f5:24:a6:ce:1e:73:ef:a0:06:97:
                    0c:6b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                E7:4E:66:B1:C5:75:62:43:17:DA:B8:CE:71:29:82:E3:7B:AE:0C:7C
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/505mscV1YkMX2rjOcSmC43uuDHw.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.72.12.0/22

    Signature Algorithm: sha256WithRSAEncryption
         97:46:01:46:3d:8f:67:92:ea:9f:08:11:f1:8b:01:2d:11:3b:
         2f:2f:8f:71:eb:e2:84:86:62:20:87:87:e8:18:e0:08:c5:41:
         0e:82:a6:0c:02:63:1d:5c:50:49:a4:11:51:8a:9c:0b:ec:72:
         a8:cb:b1:11:83:8d:00:0e:07:8f:82:78:a0:6c:04:46:33:9b:
         d2:53:9e:05:5a:13:d0:09:ae:22:f0:76:69:89:75:5e:39:24:
         ff:1f:9c:0e:22:5e:73:49:92:89:2a:d4:da:1f:65:37:f1:32:
         fa:f0:f1:02:a4:17:a3:a3:9d:bf:83:5a:c4:1f:00:69:6d:4e:
         ef:2f:ab:fe:53:0f:65:6d:c0:41:42:4b:6c:4a:cb:9a:10:c3:
         f1:67:e2:6f:66:fd:7e:69:4b:e6:de:8f:4b:61:71:4f:90:93:
         4d:17:dc:0d:e2:31:d5:10:9a:20:fd:12:7d:df:29:f1:c2:83:
         cc:9c:f9:5e:03:62:6e:40:f0:25:cb:62:fc:ab:1f:ee:f4:24:
         de:2d:38:40:d9:7a:ed:d7:ca:46:6c:58:5a:0b:4e:75:4c:f1:
         53:e4:c8:65:8a:cf:25:b4:22:de:be:1b:01:99:a0:4d:2d:9c:
         13:a5:67:61:de:ce:b3:a5:93:e9:3a:77:4e:70:82:5a:47:55:
         ba:7b:f5:3c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAn4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MzAx
NjM0MjRaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEU3NEU2NkIxQzU3NTYy
NDMxN0RBQjhDRTcxMjk4MkUzN0JBRTBDN0MwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDAsUpdKGmPlr8G2Z65s8uTV8SOTolN65qKX2zasfAZUWoPGxo0
71f9GWsN1xkkKBB1hXr5LDq9wf4fDRErqGa5tW6aZ+PK/8EbqViSQdrkIdFjg+Kn
qNHufsDW1QOeRr6yfO+AqoeJlRpjT0tNhylUCYigU9WyV3J2VQ2BvgKGYZWMCICN
EWilN/rQR8FdXvMOJTMLgUQi34TMP0+uNcy3Rd7EeE1rq6fIPIN4XS+7jSuLsIsW
D3Vr3B+b+nWUrLTfYsrtzdCdRak9xF4Ne/vU5v3raAFOSc8Ezc8l2P3/8shsmqh5
5Cn7NrJjavvXzmOMA8tr9SSmzh5z76AGlwxrAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU505mscV1YkMX2rjOcSmC43uuDHwwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzUwNW1zY1YxWWtNWDJyak9jU21DNDN1dURIdy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIBSAwwDQYJKoZIhvcNAQELBQADggEBAJdGAUY9j2eS6p8IEfGLAS0ROy8v
j3Hr4oSGYiCHh+gY4AjFQQ6CpgwCYx1cUEmkEVGKnAvscqjLsRGDjQAOB4+CeKBs
BEYzm9JTngVaE9AJriLwdmmJdV45JP8fnA4iXnNJkokq1NofZTfxMvrw8QKkF6Oj
nb+DWsQfAGltTu8vq/5TD2VtwEFCS2xKy5oQw/Fn4m9m/X5pS+bej0thcU+Qk00X
3A3iMdUQmiD9En3fKfHCg8yc+V4DYm5A8CXLYvyrH+70JN4tOEDZeu3XykZsWFoL
TnVM8VPkyGWKzyW0It6+GwGZoE0tnBOlZ2HezrOlk+k6d05wglpHVbp79Tw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org