Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/8HIbOcpm3bJvR020AL7TNgCKBtY.roa
File:                     8HIbOcpm3bJvR020AL7TNgCKBtY.roa (raw, json)
Hash identifier:          /Q8hbVoTITocPdoQA62R+CcU2oFoQBPYR0daC+LVEk8=
Subject key identifier:   F0:72:1B:39:CA:66:DD:B2:6F:47:4D:B4:00:BE:D3:36:00:8A:06:D6
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       8D
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/8HIbOcpm3bJvR020AL7TNgCKBtY.roa
Signing time:             Wed 29 Mar 2023 16:04:58 +0000
ROA not before:           Wed 29 Mar 2023 16:04:58 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.96.250.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 141 (0x8d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 29 16:04:58 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=F0721B39CA66DDB26F474DB400BED336008A06D6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:27:d6:ba:0c:b7:91:89:61:95:ea:2d:42:90:
                    fc:7f:b3:e1:12:e2:05:5b:d1:8d:f8:dc:1d:3e:6b:
                    6b:3c:08:49:da:22:8e:ad:9a:f2:55:db:59:88:7d:
                    89:82:08:a5:f9:0d:02:d6:8b:8a:03:7f:6e:bf:a1:
                    c6:4a:7b:69:dd:62:e4:ae:1b:08:be:da:99:5f:e9:
                    6d:00:2b:fc:50:70:f7:7b:a7:c6:17:53:33:c5:04:
                    38:c1:87:6e:a9:35:54:f9:d4:ab:92:83:fe:a0:f0:
                    87:72:57:8d:51:17:ac:cf:81:c3:84:64:53:40:bf:
                    09:85:49:1e:d2:bb:af:27:a5:2b:fe:8a:c4:a3:83:
                    bb:03:b8:67:2b:93:d7:9b:65:64:6d:30:65:d9:2a:
                    2d:3e:3e:37:43:47:62:e1:8d:50:94:e8:e7:60:aa:
                    40:29:80:cf:31:79:72:ae:82:a7:2d:30:3d:c1:14:
                    02:89:7e:d8:4d:68:2a:25:08:3c:87:c1:7a:ba:04:
                    8b:0c:a4:29:f5:ea:29:ce:1c:1f:85:1e:26:47:18:
                    95:ae:65:c8:0a:f3:01:7b:a4:b1:3a:86:5f:66:4f:
                    86:e1:0b:27:e8:c6:f2:a9:51:45:81:51:88:ca:44:
                    66:35:1d:4a:c1:9f:5b:be:21:76:37:97:ca:ba:90:
                    e6:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:72:1B:39:CA:66:DD:B2:6F:47:4D:B4:00:BE:D3:36:00:8A:06:D6
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/8HIbOcpm3bJvR020AL7TNgCKBtY.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.96.250.0/23

    Signature Algorithm: sha256WithRSAEncryption
         1f:ce:54:34:f2:64:09:72:96:dd:e0:44:a2:7b:45:8d:4b:70:
         51:86:e8:14:42:35:96:4a:fe:5f:13:15:73:89:95:1d:97:12:
         3c:66:8b:85:cf:84:8e:61:f0:88:8a:6a:ce:53:69:fe:bc:aa:
         4a:b4:44:db:4a:3a:61:a9:33:5a:7f:21:7e:37:d3:9c:ca:1b:
         90:0e:fc:58:39:f2:af:30:69:e5:db:11:46:4b:f6:4d:65:39:
         e2:62:3c:4e:cd:47:dc:2b:38:90:38:8d:c8:42:55:27:e1:3a:
         93:19:95:19:f9:d7:a5:0d:9a:10:ef:c3:2b:b6:2f:cc:b9:e6:
         57:a9:3e:18:36:2e:49:58:af:eb:9d:24:98:a2:3d:24:64:06:
         19:be:0e:b8:61:1d:d6:c2:c4:1a:37:e1:dd:66:39:63:90:5a:
         d5:3b:10:96:0c:64:8d:bb:00:b7:78:22:b4:52:43:35:4d:a1:
         c3:74:36:27:47:23:34:d3:72:dc:28:23:6d:00:a5:19:61:5b:
         c2:84:16:49:c5:44:86:52:dd:0b:25:35:89:12:4f:d4:62:2d:
         10:19:db:cd:b3:dc:e7:d8:96:6d:a8:0c:14:c5:f6:b5:79:e3:
         f3:69:a8:11:16:85:ef:2a:f5:80:67:1a:d3:8e:8c:8c:d8:bd:
         f4:3b:ee:af
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAI0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzAzMjkx
NjA0NThaFw0yNDAzMTQwMTMwMDJaMDMxMTAvBgNVBAMTKEYwNzIxQjM5Q0E2NkRE
QjI2RjQ3NERCNDAwQkVEMzM2MDA4QTA2RDYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1J9a6DLeRiWGV6i1CkPx/s+ES4gVb0Y343B0+a2s8CEnaIo6t
mvJV21mIfYmCCKX5DQLWi4oDf26/ocZKe2ndYuSuGwi+2plf6W0AK/xQcPd7p8YX
UzPFBDjBh26pNVT51KuSg/6g8IdyV41RF6zPgcOEZFNAvwmFSR7Su68npSv+isSj
g7sDuGcrk9ebZWRtMGXZKi0+PjdDR2LhjVCU6OdgqkApgM8xeXKugqctMD3BFAKJ
fthNaColCDyHwXq6BIsMpCn16inOHB+FHiZHGJWuZcgK8wF7pLE6hl9mT4bhCyfo
xvKpUUWBUYjKRGY1HUrBn1u+IXY3l8q6kObXAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU8HIbOcpm3bJvR020AL7TNgCKBtYwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzhISWJPY3BtM2JKdlIwMjBBTDdUTmdDS0J0WS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExYPowDQYJKoZIhvcNAQELBQADggEBAB/OVDTyZAlylt3gRKJ7RY1LcFGG
6BRCNZZK/l8TFXOJlR2XEjxmi4XPhI5h8IiKas5Taf68qkq0RNtKOmGpM1p/IX43
05zKG5AO/Fg58q8waeXbEUZL9k1lOeJiPE7NR9wrOJA4jchCVSfhOpMZlRn516UN
mhDvwyu2L8y55lepPhg2LklYr+udJJiiPSRkBhm+DrhhHdbCxBo34d1mOWOQWtU7
EJYMZI27ALd4IrRSQzVNocN0NidHIzTTctwoI20ApRlhW8KEFknFRIZS3QslNYkS
T9RiLRAZ282z3OfYlm2oDBTF9rV54/NpqBEWhe8q9YBnGtOOjIzYvfQ77q8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org