Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/7zqebfJeCdTKSWyod9azq_VVw7c.roa
File:                     7zqebfJeCdTKSWyod9azq_VVw7c.roa (raw, json)
Hash identifier:          APbq36hRAnDyhR563WanTZ+3vx3qfTjf3AE12OflA0M=
Subject key identifier:   EF:3A:9E:6D:F2:5E:09:D4:CA:49:6C:A8:77:D6:B3:AB:F5:55:C3:B7
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       03A2
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/7zqebfJeCdTKSWyod9azq_VVw7c.roa
Signing time:             Thu 01 Jun 2023 17:59:31 +0000
ROA not before:           Thu 01 Jun 2023 17:59:31 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.104.64.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 930 (0x3a2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  1 17:59:31 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=EF3A9E6DF25E09D4CA496CA877D6B3ABF555C3B7
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:79:fc:6a:9d:4b:6b:c5:05:b4:cd:e4:39:c2:
                    4e:ba:44:79:73:2b:aa:1c:9c:59:89:63:19:2c:a6:
                    13:ab:e8:96:0a:4a:28:0a:f6:cf:6c:d7:1c:cc:34:
                    a6:97:6f:41:e1:39:c3:cf:53:77:57:73:7e:c1:b1:
                    6f:a4:03:08:5a:aa:31:fd:04:8c:22:0c:e1:8d:7e:
                    b2:36:58:e4:35:fa:0b:56:05:5a:8b:e5:36:48:1f:
                    9b:4c:30:51:c5:94:e1:cf:a8:a4:97:45:25:85:ec:
                    c9:0c:7c:e8:d2:87:b6:f6:f6:c1:42:8c:58:c7:13:
                    e5:08:4a:9c:47:28:4d:a7:27:a5:35:9c:af:27:ce:
                    1f:0e:ae:c8:e9:c6:de:8c:4c:2a:47:25:db:02:35:
                    38:3a:63:27:0b:c9:a6:32:d9:5a:8d:27:33:d7:17:
                    22:f9:5a:ac:0a:e8:ea:95:be:bf:5a:97:a7:0e:ef:
                    52:03:76:d6:72:b3:fe:80:d1:6a:45:49:f4:06:94:
                    ae:34:82:1b:4e:30:08:9f:e3:23:c1:c4:e8:aa:2c:
                    f5:07:f3:84:b8:11:54:d0:0a:04:32:fe:60:a7:06:
                    3a:c4:26:b6:e2:97:62:da:02:00:70:15:d8:df:ec:
                    62:cb:b6:c5:ba:b8:41:e2:f4:64:a7:ec:ed:34:27:
                    a8:29
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                EF:3A:9E:6D:F2:5E:09:D4:CA:49:6C:A8:77:D6:B3:AB:F5:55:C3:B7
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/7zqebfJeCdTKSWyod9azq_VVw7c.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.104.64.0/21

    Signature Algorithm: sha256WithRSAEncryption
         08:ee:b5:64:45:bf:ed:7d:73:32:d6:51:84:d8:44:f2:da:a3:
         83:0f:61:57:a2:55:5d:d3:07:2d:42:d0:08:d1:44:0d:0c:4d:
         76:28:37:78:28:84:a0:4c:5e:c4:24:90:ea:87:ed:8b:36:df:
         34:44:d5:c2:b6:19:0d:69:07:88:f5:1c:27:75:c6:49:3d:35:
         2f:9b:08:bb:a9:74:89:63:74:5d:ab:55:77:5c:67:da:10:fe:
         49:45:a6:d6:7d:49:a4:0f:26:91:b8:77:c3:d5:09:a0:73:03:
         0a:78:84:d0:c2:48:cc:5c:63:ea:01:65:03:ed:ac:01:db:4d:
         09:a2:aa:95:5c:8d:2a:f2:2f:57:5b:98:de:13:15:eb:f6:b4:
         f9:a1:0d:ed:db:0a:9b:b7:d7:fa:32:10:0d:84:20:7f:15:11:
         6d:6a:30:73:47:5c:fd:2a:fe:ef:02:42:7f:4c:14:03:97:3a:
         c8:41:03:70:2a:9b:40:4a:ef:3d:5a:6a:67:c8:2a:b5:24:1a:
         1e:01:06:30:a2:af:51:b2:b9:d9:63:90:bf:ab:29:22:ce:e9:
         ed:87:f7:5a:92:02:92:08:70:48:f3:26:38:01:c7:3d:f4:3b:
         a2:37:2e:83:da:bc:93:6b:90:9c:db:af:34:d6:09:5d:23:b1:
         08:11:42:13
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICA6IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDEx
NzU5MzFaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEVGM0E5RTZERjI1RTA5
RDRDQTQ5NkNBODc3RDZCM0FCRjU1NUMzQjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOefxqnUtrxQW0zeQ5wk66RHlzK6ocnFmJYxksphOr6JYKSigK
9s9s1xzMNKaXb0HhOcPPU3dXc37BsW+kAwhaqjH9BIwiDOGNfrI2WOQ1+gtWBVqL
5TZIH5tMMFHFlOHPqKSXRSWF7MkMfOjSh7b29sFCjFjHE+UISpxHKE2nJ6U1nK8n
zh8Orsjpxt6MTCpHJdsCNTg6YycLyaYy2VqNJzPXFyL5WqwK6OqVvr9al6cO71ID
dtZys/6A0WpFSfQGlK40ghtOMAif4yPBxOiqLPUH84S4EVTQCgQy/mCnBjrEJrbi
l2LaAgBwFdjf7GLLtsW6uEHi9GSn7O00J6gpAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU7zqebfJeCdTKSWyod9azq/VVw7cwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5Lzd6cWViZkplQ2RUS1NXeW9kOWF6cV9WVnc3Yy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMxaEAwDQYJKoZIhvcNAQELBQADggEBAAjutWRFv+19czLWUYTYRPLao4MP
YVeiVV3TBy1C0AjRRA0MTXYoN3gohKBMXsQkkOqH7Ys23zRE1cK2GQ1pB4j1HCd1
xkk9NS+bCLupdIljdF2rVXdcZ9oQ/klFptZ9SaQPJpG4d8PVCaBzAwp4hNDCSMxc
Y+oBZQPtrAHbTQmiqpVcjSryL1dbmN4TFev2tPmhDe3bCpu31/oyEA2EIH8VEW1q
MHNHXP0q/u8CQn9MFAOXOshBA3Aqm0BK7z1aamfIKrUkGh4BBjCir1GyudljkL+r
KSLO6e2H91qSApIIcEjzJjgBxz30O6I3LoPavJNrkJzbrzTWCV0jsQgRQhM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:01 2024 by rpki-client on console-ams.rpki-client.org