Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/9HuqL1NTbvPnKO1NKmXpG1aj048.roa
File:                     9HuqL1NTbvPnKO1NKmXpG1aj048.roa (raw, json)
Hash identifier:          VImxV25j28sdeUaJ+6AHUwIUhoxk2cCBq4/E0ZJOa0U=
Subject key identifier:   F4:7B:AA:2F:53:53:6E:F3:E7:28:ED:4D:2A:65:E9:1B:56:A3:D3:8F
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       03FF
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/9HuqL1NTbvPnKO1NKmXpG1aj048.roa
Signing time:             Tue 06 Jun 2023 16:03:52 +0000
ROA not before:           Tue 06 Jun 2023 16:03:52 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.104.42.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1023 (0x3ff)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  6 16:03:52 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=F47BAA2F53536EF3E728ED4D2A65E91B56A3D38F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:44:2c:e8:97:54:d7:a1:02:7e:f2:f1:81:4c:
                    61:4f:01:56:ab:12:3e:6b:8a:e8:9f:fd:ae:eb:3f:
                    93:2f:d2:7b:ba:7e:bc:24:d5:19:7b:66:ca:18:56:
                    b9:af:8c:02:56:77:5d:87:1f:a9:1b:fb:87:73:34:
                    78:1e:8c:2e:c0:09:e1:d9:b8:f3:24:65:ea:ee:d7:
                    9a:73:a4:12:1b:f6:b0:f6:04:99:c0:41:da:cb:b7:
                    c9:6b:25:7e:e2:e5:ea:e7:06:62:23:44:66:28:0b:
                    c7:ef:f7:d1:5c:8a:d8:fd:ca:f2:1e:b4:79:6c:03:
                    95:f9:cb:73:76:0e:cc:50:45:7d:c0:7a:25:64:bf:
                    4d:5c:93:c5:6d:d6:86:5b:c6:8a:07:bd:ea:00:4c:
                    a8:83:e7:e4:1d:b1:a8:d2:99:fb:24:d5:14:44:a1:
                    06:89:ee:b0:c0:59:a4:42:21:4c:42:dc:8b:c7:85:
                    60:8e:94:47:45:ac:d7:66:e5:6f:46:35:7a:35:9c:
                    5b:fc:1c:d8:48:3c:2c:1e:e5:c2:41:67:08:81:6a:
                    71:da:23:22:57:e2:64:e7:66:6d:fe:bc:d1:b7:54:
                    52:c7:60:65:1a:08:18:db:ce:2e:81:b8:ad:bb:4c:
                    c7:ee:9c:47:04:2b:94:1e:30:d7:ce:73:1f:2d:53:
                    ed:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:7B:AA:2F:53:53:6E:F3:E7:28:ED:4D:2A:65:E9:1B:56:A3:D3:8F
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/9HuqL1NTbvPnKO1NKmXpG1aj048.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.104.42.0/23

    Signature Algorithm: sha256WithRSAEncryption
         d5:e7:7e:af:c0:69:2d:eb:ba:2a:8c:33:01:16:cc:d3:db:e7:
         f0:e8:6e:bf:d8:18:04:f4:ca:a7:12:68:8e:82:b7:b7:a5:1d:
         2e:90:0c:60:56:51:40:d6:f3:5a:6a:93:23:81:48:aa:94:5c:
         b7:fd:cf:71:f9:85:06:21:3c:01:94:4d:95:dc:4c:f1:da:85:
         a9:8d:fb:40:2e:64:30:f1:70:66:20:30:d9:4e:96:53:da:50:
         aa:f6:2f:4e:a9:42:d9:a3:5f:d0:c2:52:d7:87:4d:ea:5b:82:
         9c:d1:a5:66:2d:81:f9:9e:1d:f9:34:c5:ee:97:ea:95:cf:c2:
         0a:36:79:41:27:92:d4:a5:65:66:2b:f9:e8:aa:83:3a:9d:9c:
         68:86:f8:b5:92:37:b9:7b:5d:f1:17:b8:1a:e4:98:93:43:d2:
         ee:be:ea:ec:3a:99:42:8e:2b:48:b3:bf:f3:3d:fb:68:87:a7:
         98:01:ea:52:25:d7:6a:af:39:9a:52:73:96:c3:14:1c:43:4b:
         a6:b0:3c:03:2d:e6:c3:45:1c:6e:63:bb:be:f6:39:53:b7:4d:
         91:46:bb:af:bf:cb:98:e6:e0:99:c1:8c:af:56:c2:c9:d7:02:
         b4:3c:5d:51:18:a6:06:ea:33:48:f4:81:c3:fd:c9:13:40:48:
         da:29:dc:0c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICA/8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDYx
NjAzNTJaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEY0N0JBQTJGNTM1MzZF
RjNFNzI4RUQ0RDJBNjVFOTFCNTZBM0QzOEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/RCzol1TXoQJ+8vGBTGFPAVarEj5riuif/a7rP5Mv0nu6frwk
1Rl7ZsoYVrmvjAJWd12HH6kb+4dzNHgejC7ACeHZuPMkZeru15pzpBIb9rD2BJnA
QdrLt8lrJX7i5ernBmIjRGYoC8fv99Fcitj9yvIetHlsA5X5y3N2DsxQRX3AeiVk
v01ck8Vt1oZbxooHveoATKiD5+QdsajSmfsk1RREoQaJ7rDAWaRCIUxC3IvHhWCO
lEdFrNdm5W9GNXo1nFv8HNhIPCwe5cJBZwiBanHaIyJX4mTnZm3+vNG3VFLHYGUa
CBjbzi6BuK27TMfunEcEK5QeMNfOcx8tU+1PAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU9HuqL1NTbvPnKO1NKmXpG1aj048wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzlIdXFMMU5UYnZQbktPMU5LbVhwRzFhajA0OC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExaCowDQYJKoZIhvcNAQELBQADggEBANXnfq/AaS3ruiqMMwEWzNPb5/Do
br/YGAT0yqcSaI6Ct7elHS6QDGBWUUDW81pqkyOBSKqUXLf9z3H5hQYhPAGUTZXc
TPHahamN+0AuZDDxcGYgMNlOllPaUKr2L06pQtmjX9DCUteHTepbgpzRpWYtgfme
Hfk0xe6X6pXPwgo2eUEnktSlZWYr+eiqgzqdnGiG+LWSN7l7XfEXuBrkmJND0u6+
6uw6mUKOK0izv/M9+2iHp5gB6lIl12qvOZpSc5bDFBxDS6awPAMt5sNFHG5ju772
OVO3TZFGu6+/y5jm4JnBjK9WwsnXArQ8XVEYpgbqM0j0gcP9yRNASNop3Aw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org