Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/AcITEsWseA4_uVFjSrX_Tm9KGnI.roa
File:                     AcITEsWseA4_uVFjSrX_Tm9KGnI.roa (raw, json)
Hash identifier:          Nrqt0CkwwT+CjMSPugpUiVoCkBoMrMv2/TxxfzlLD+Y=
Subject key identifier:   01:C2:13:12:C5:AC:78:0E:3F:B9:51:63:4A:B5:FF:4E:6F:4A:1A:72
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       02BD
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/AcITEsWseA4_uVFjSrX_Tm9KGnI.roa
Signing time:             Tue 30 May 2023 17:17:34 +0000
ROA not before:           Tue 30 May 2023 17:17:34 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        220.210.68.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 701 (0x2bd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 30 17:17:34 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=01C21312C5AC780E3FB951634AB5FF4E6F4A1A72
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:78:8d:14:18:de:a0:32:4c:c5:0d:2d:b4:c2:
                    88:1b:ae:f5:f2:22:3c:b7:43:af:26:d1:5a:2d:51:
                    d9:08:cf:77:cb:87:6d:fd:a0:05:b4:71:f7:90:dc:
                    74:fa:f2:76:84:ed:96:13:d4:2d:47:d7:dd:61:d0:
                    a9:23:70:de:d1:55:63:c9:ea:0d:ee:9c:14:11:90:
                    a4:4a:5d:e8:24:b2:0a:a8:9b:25:a9:e2:17:72:75:
                    9a:17:dc:ae:1d:74:88:14:3e:31:e7:45:0f:a3:72:
                    98:14:52:09:40:b2:f8:ed:e3:31:82:de:62:aa:a7:
                    60:14:e9:1a:dd:7a:83:43:c6:99:89:ed:02:a7:0f:
                    b9:c8:8d:be:29:1e:db:37:b0:3d:bd:72:9d:b6:34:
                    f5:d9:7f:67:6e:ae:ee:ed:43:56:89:26:7e:5a:bc:
                    f2:ca:3d:d0:a3:11:81:6a:94:b3:07:e4:67:93:55:
                    43:52:5c:b8:7e:02:7a:a8:a1:b0:54:6f:3a:d2:4a:
                    9f:8b:b3:fc:73:b2:65:ff:e5:d4:3f:25:a9:08:bb:
                    30:df:4a:88:b7:a8:f7:08:e2:f6:ac:9e:97:c4:24:
                    51:0f:ab:64:6b:00:97:24:27:03:e6:5f:dd:1e:36:
                    f7:eb:9b:58:a0:34:29:24:6f:7f:29:0b:f7:90:47:
                    57:ff
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                01:C2:13:12:C5:AC:78:0E:3F:B9:51:63:4A:B5:FF:4E:6F:4A:1A:72
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/AcITEsWseA4_uVFjSrX_Tm9KGnI.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.210.68.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ca:25:44:61:99:b7:94:2b:e1:08:6f:4d:ad:52:ea:0b:4d:79:
         9c:1b:12:12:89:72:7b:2c:22:fc:bf:05:b1:1c:a3:75:de:41:
         95:76:c3:19:27:5d:96:cf:f7:27:29:ee:25:3b:61:cd:61:e8:
         02:f1:9e:a3:39:64:99:39:7e:4b:2d:7d:bd:9d:0c:61:01:86:
         d8:64:14:ad:e8:ee:bf:1f:b6:c3:60:92:b6:b9:a1:29:e6:b0:
         ea:0d:95:86:f4:f4:a3:2b:96:8f:4d:73:1b:da:15:0e:fd:c6:
         3f:46:c7:d8:8b:85:3c:2f:53:58:73:ad:71:4b:82:33:bd:c3:
         49:47:3e:b7:f0:5e:1f:99:ad:40:1f:7f:46:f4:47:35:36:2f:
         62:b6:84:7c:a3:57:7b:97:69:79:50:91:9b:6e:e8:4a:ac:63:
         00:ce:ce:e4:a6:89:dc:29:57:87:93:2f:d1:3a:69:a1:af:1f:
         b8:30:df:11:ed:44:5c:47:d9:17:65:d1:12:0c:c7:92:4e:43:
         76:df:80:4f:17:bc:d7:ba:07:ee:90:65:8e:eb:10:be:38:5a:
         66:91:89:56:22:c2:55:33:d0:16:05:c8:cc:06:ec:0f:43:06:
         81:8d:90:a0:71:68:0c:85:10:c4:4a:47:84:14:49:57:4f:c4:
         cb:a8:4d:ad
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAr0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MzAx
NzE3MzRaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDAxQzIxMzEyQzVBQzc4
MEUzRkI5NTE2MzRBQjVGRjRFNkY0QTFBNzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzeI0UGN6gMkzFDS20wogbrvXyIjy3Q68m0VotUdkIz3fLh239
oAW0cfeQ3HT68naE7ZYT1C1H191h0KkjcN7RVWPJ6g3unBQRkKRKXegksgqomyWp
4hdydZoX3K4ddIgUPjHnRQ+jcpgUUglAsvjt4zGC3mKqp2AU6RrdeoNDxpmJ7QKn
D7nIjb4pHts3sD29cp22NPXZf2duru7tQ1aJJn5avPLKPdCjEYFqlLMH5GeTVUNS
XLh+AnqoobBUbzrSSp+Ls/xzsmX/5dQ/JakIuzDfSoi3qPcI4vasnpfEJFEPq2Rr
AJckJwPmX90eNvfrm1igNCkkb38pC/eQR1f/AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUAcITEsWseA4/uVFjSrX/Tm9KGnIwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0FjSVRFc1dzZUE0X3VWRmpTclhfVG05S0duSS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAHc0kQwDQYJKoZIhvcNAQELBQADggEBAMolRGGZt5Qr4QhvTa1S6gtNeZwb
EhKJcnssIvy/BbEco3XeQZV2wxknXZbP9ycp7iU7Yc1h6ALxnqM5ZJk5fkstfb2d
DGEBhthkFK3o7r8ftsNgkra5oSnmsOoNlYb09KMrlo9NcxvaFQ79xj9Gx9iLhTwv
U1hzrXFLgjO9w0lHPrfwXh+ZrUAff0b0RzU2L2K2hHyjV3uXaXlQkZtu6EqsYwDO
zuSmidwpV4eTL9E6aaGvH7gw3xHtRFxH2Rdl0RIMx5JOQ3bfgE8XvNe6B+6QZY7r
EL44WmaRiVYiwlUz0BYFyMwG7A9DBoGNkKBxaAyFEMRKR4QUSVdPxMuoTa0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:01 2024 by rpki-client on console-ams.rpki-client.org