Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/9Kw1zekZx1Hem8B-8ys3mQt1JPQ.roa
File:                     9Kw1zekZx1Hem8B-8ys3mQt1JPQ.roa (raw, json)
Hash identifier:          H+8NZxDJgdpU77J9Qds65f7MHEuDj0EeF6eAUDdhEoE=
Subject key identifier:   F4:AC:35:CD:E9:19:C7:51:DE:9B:C0:7E:F3:2B:37:99:0B:75:24:F4
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       03FB
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/9Kw1zekZx1Hem8B-8ys3mQt1JPQ.roa
Signing time:             Tue 06 Jun 2023 16:03:50 +0000
ROA not before:           Tue 06 Jun 2023 16:03:50 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.101.0.0/17 maxlen: 17

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1019 (0x3fb)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  6 16:03:50 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=F4AC35CDE919C751DE9BC07EF32B37990B7524F4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:3f:f7:9f:25:9f:66:6d:5a:42:ce:bc:2c:06:
                    fb:ef:8e:2d:32:9d:91:d3:41:70:d6:3a:99:20:7a:
                    2e:39:b2:c2:a3:cb:fb:25:e3:1f:4b:fd:a9:cc:07:
                    7f:c8:11:f6:d2:f0:f8:01:2e:5f:f6:9d:96:45:d0:
                    a5:30:b5:61:6d:e6:ef:25:a9:c9:b1:ea:83:cb:e0:
                    eb:59:84:78:54:e6:6f:d7:4a:e5:64:bc:9d:3c:50:
                    a4:1d:29:9c:27:a3:dc:79:0d:3a:7c:2e:fb:0e:06:
                    49:92:f6:fd:69:6c:fc:4b:06:19:99:98:8b:6d:f8:
                    3e:78:97:a4:4f:ff:cd:fb:14:55:a9:98:01:f9:6e:
                    a8:72:d0:7a:8c:b8:0a:64:32:7b:85:47:c2:2b:0d:
                    ce:65:da:8c:4b:88:97:b9:84:54:f7:12:23:99:10:
                    35:fc:5e:1e:45:5c:d4:86:c0:f8:ee:19:84:33:e1:
                    b6:0d:43:a5:97:97:99:b9:af:ff:30:67:29:1a:93:
                    77:ed:d7:11:72:e1:69:35:ee:03:c0:ba:3d:84:d0:
                    44:ad:0a:5f:cb:ef:69:cb:65:9b:fe:29:eb:b4:31:
                    9b:ca:5a:98:49:51:6a:68:5a:8a:9f:d2:d1:e6:5f:
                    b4:03:49:04:49:29:60:ca:b1:71:3e:59:14:20:84:
                    b1:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F4:AC:35:CD:E9:19:C7:51:DE:9B:C0:7E:F3:2B:37:99:0B:75:24:F4
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/9Kw1zekZx1Hem8B-8ys3mQt1JPQ.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.101.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         b9:8c:67:38:95:20:89:f9:8d:6e:a1:7b:03:ab:c4:d3:53:f0:
         79:b0:32:80:e7:18:b9:d3:82:0e:49:a0:58:69:cb:ff:be:bc:
         39:45:e1:fc:f1:b1:d7:b2:c7:b4:e2:7e:94:e4:6a:04:b5:ac:
         8b:02:c3:5d:c5:25:00:b9:2d:0e:76:87:a5:22:e1:bf:71:a3:
         50:3d:f7:f2:17:ef:35:a0:ae:70:47:93:26:62:63:6e:39:7a:
         cc:cb:43:18:01:b2:0b:99:3b:d1:f7:f8:0f:5a:21:1d:8b:fd:
         cd:f9:20:50:93:be:d2:4b:3f:a7:2f:04:6d:5c:64:58:59:69:
         0e:ea:03:f3:61:e1:b0:96:1e:c1:65:2c:93:b9:43:06:1c:40:
         ee:70:a7:cb:bc:52:16:91:96:a7:a1:2d:4c:26:9f:b7:5f:2c:
         55:40:ae:bb:7f:c3:eb:8a:ea:60:e1:86:22:c8:6d:ac:65:ee:
         11:f2:e2:58:ff:e5:4f:45:e6:b8:ee:47:12:1d:7e:41:1e:8a:
         b6:69:62:43:6d:b0:43:f0:67:1a:fb:2a:2f:c0:77:65:9a:99:
         72:50:2a:83:39:5c:c5:c2:1d:e4:3a:a8:b5:6f:25:57:16:5a:
         25:61:2d:8c:db:d7:52:1b:d5:ad:c4:5b:95:86:35:2c:ec:a1:
         a6:90:61:d5
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICA/swDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDYx
NjAzNTBaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEY0QUMzNUNERTkxOUM3
NTFERTlCQzA3RUYzMkIzNzk5MEI3NTI0RjQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDZP/efJZ9mbVpCzrwsBvvvji0ynZHTQXDWOpkgei45ssKjy/sl
4x9L/anMB3/IEfbS8PgBLl/2nZZF0KUwtWFt5u8lqcmx6oPL4OtZhHhU5m/XSuVk
vJ08UKQdKZwno9x5DTp8LvsOBkmS9v1pbPxLBhmZmItt+D54l6RP/837FFWpmAH5
bqhy0HqMuApkMnuFR8IrDc5l2oxLiJe5hFT3EiOZEDX8Xh5FXNSGwPjuGYQz4bYN
Q6WXl5m5r/8wZykak3ft1xFy4Wk17gPAuj2E0EStCl/L72nLZZv+Keu0MZvKWphJ
UWpoWoqf0tHmX7QDSQRJKWDKsXE+WRQghLFxAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU9Kw1zekZx1Hem8B+8ys3mQt1JPQwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzlLdzF6ZWtaeDFIZW04Qi04eXMzbVF0MUpQUS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAcxZQAwDQYJKoZIhvcNAQELBQADggEBALmMZziVIIn5jW6hewOrxNNT8Hmw
MoDnGLnTgg5JoFhpy/++vDlF4fzxsdeyx7TifpTkagS1rIsCw13FJQC5LQ52h6Ui
4b9xo1A99/IX7zWgrnBHkyZiY245eszLQxgBsguZO9H3+A9aIR2L/c35IFCTvtJL
P6cvBG1cZFhZaQ7qA/Nh4bCWHsFlLJO5QwYcQO5wp8u8UhaRlqehLUwmn7dfLFVA
rrt/w+uK6mDhhiLIbaxl7hHy4lj/5U9F5rjuRxIdfkEeirZpYkNtsEPwZxr7Ki/A
d2WamXJQKoM5XMXCHeQ6qLVvJVcWWiVhLYzb11Ib1a3EW5WGNSzsoaaQYdU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:01 2024 by rpki-client on console-ams.rpki-client.org