Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/BK-h5Mr5LKlzq1pTMYdKNVRp2sU.roa
File:                     BK-h5Mr5LKlzq1pTMYdKNVRp2sU.roa (raw, json)
Hash identifier:          w+UEAEcmKYnrf/M05F+O1kJy+2+U91MKXtbNC2nFq2c=
Subject key identifier:   04:AF:A1:E4:CA:F9:2C:A9:73:AB:5A:53:31:87:4A:35:54:69:DA:C5
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0345
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/BK-h5Mr5LKlzq1pTMYdKNVRp2sU.roa
Signing time:             Thu 01 Jun 2023 16:10:47 +0000
ROA not before:           Thu 01 Jun 2023 16:10:47 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.76.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 837 (0x345)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  1 16:10:47 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=04AFA1E4CAF92CA973AB5A5331874A355469DAC5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:2c:05:e2:70:47:10:f5:dc:4c:2d:66:eb:74:
                    05:39:8d:23:7d:22:4a:b5:df:44:50:b8:0e:5d:49:
                    23:6d:fb:73:d0:36:b3:42:92:80:58:d4:ed:dc:35:
                    e1:53:7d:cd:38:e5:7b:99:57:1b:56:bc:f4:a8:d8:
                    d4:68:10:5f:f8:f4:d4:47:e0:3b:54:3d:c0:1e:4d:
                    42:cf:32:e6:14:26:3e:17:de:44:aa:27:e3:80:f0:
                    eb:52:47:56:0f:29:a6:02:1a:8f:64:b9:2f:0b:3a:
                    30:4e:6b:ba:00:5c:da:a6:6f:9b:6f:20:d9:15:12:
                    a9:a7:26:1a:83:d5:ad:8d:1c:af:23:b9:01:00:85:
                    ee:e0:26:a5:21:d4:f9:1d:df:fc:17:08:86:6c:43:
                    2e:16:1b:32:30:43:49:8d:62:7d:74:18:83:b6:60:
                    98:8d:19:37:13:ab:95:da:9d:c5:04:23:2a:05:c6:
                    61:26:cd:01:e0:a5:d1:ef:a6:7a:6b:01:63:2b:43:
                    e2:0f:c9:e3:01:23:a2:cc:c9:f1:b4:2d:da:7c:bf:
                    4e:a2:0e:b6:5d:1a:d8:b8:9e:b4:94:69:7c:e3:f1:
                    b1:79:1d:d9:36:c5:73:6d:40:4e:cb:7b:f4:3a:6e:
                    22:4e:22:f6:fe:73:61:1a:1d:f7:b2:a0:7c:42:dc:
                    71:79
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                04:AF:A1:E4:CA:F9:2C:A9:73:AB:5A:53:31:87:4A:35:54:69:DA:C5
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/BK-h5Mr5LKlzq1pTMYdKNVRp2sU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.76.0/22

    Signature Algorithm: sha256WithRSAEncryption
         06:62:89:c9:00:67:db:26:cc:75:26:31:44:39:41:0e:53:c6:
         89:ec:24:50:96:da:58:20:28:60:ea:60:c4:19:63:8f:4b:91:
         c5:e3:82:5e:59:c6:65:3a:7d:e6:30:f1:3a:41:ab:a1:28:a4:
         e7:02:3f:1c:cf:38:d0:55:87:de:3b:f8:e5:26:3f:e9:dd:8f:
         fb:1c:66:3b:ca:c7:9c:56:ac:37:2d:a6:84:e9:58:7c:e5:86:
         6c:45:2b:64:82:a6:b4:92:c8:44:f8:63:1b:1e:89:03:1b:9e:
         56:19:a3:fe:07:4e:51:e1:80:73:b8:32:bf:f3:cb:f3:01:31:
         4e:5d:97:76:98:07:05:7d:c7:d6:24:ef:72:3f:db:28:bc:e7:
         69:74:8a:2e:df:5b:fc:bb:87:a4:b9:e5:ae:19:6a:e6:f2:8e:
         9a:90:a9:e8:4a:b5:4c:c5:5f:b7:0e:6b:e6:7d:eb:c4:c5:5d:
         df:eb:0f:2a:fa:2d:78:33:aa:c6:03:ef:ca:66:52:21:f6:26:
         cc:15:28:1b:86:28:76:a6:c1:0b:72:0a:a5:10:14:05:01:1d:
         c5:c5:87:e2:63:d9:ca:ee:11:f0:06:b7:c1:7d:b6:e3:64:e4:
         2b:72:bd:26:80:5b:8a:c1:d6:0a:ac:fe:27:d6:37:67:2b:ff:
         ec:38:77:ef
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICA0UwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDEx
NjEwNDdaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDA0QUZBMUU0Q0FGOTJD
QTk3M0FCNUE1MzMxODc0QTM1NTQ2OURBQzUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/LAXicEcQ9dxMLWbrdAU5jSN9Ikq130RQuA5dSSNt+3PQNrNC
koBY1O3cNeFTfc045XuZVxtWvPSo2NRoEF/49NRH4DtUPcAeTULPMuYUJj4X3kSq
J+OA8OtSR1YPKaYCGo9kuS8LOjBOa7oAXNqmb5tvINkVEqmnJhqD1a2NHK8juQEA
he7gJqUh1Pkd3/wXCIZsQy4WGzIwQ0mNYn10GIO2YJiNGTcTq5XancUEIyoFxmEm
zQHgpdHvpnprAWMrQ+IPyeMBI6LMyfG0Ldp8v06iDrZdGti4nrSUaXzj8bF5Hdk2
xXNtQE7Le/Q6biJOIvb+c2EaHfeyoHxC3HF5AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUBK+h5Mr5LKlzq1pTMYdKNVRp2sUwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0JLLWg1TXI1TEtsenExcFRNWWRLTlZScDJzVS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxYkwwDQYJKoZIhvcNAQELBQADggEBAAZiickAZ9smzHUmMUQ5QQ5Txons
JFCW2lggKGDqYMQZY49LkcXjgl5ZxmU6feYw8TpBq6EopOcCPxzPONBVh947+OUm
P+ndj/scZjvKx5xWrDctpoTpWHzlhmxFK2SCprSSyET4YxseiQMbnlYZo/4HTlHh
gHO4Mr/zy/MBMU5dl3aYBwV9x9Yk73I/2yi852l0ii7fW/y7h6S55a4ZaubyjpqQ
qehKtUzFX7cOa+Z968TFXd/rDyr6LXgzqsYD78pmUiH2JswVKBuGKHamwQtyCqUQ
FAUBHcXFh+Jj2cruEfAGt8F9tuNk5CtyvSaAW4rB1gqs/ifWN2cr/+w4d+8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:01 2024 by rpki-client on console-ams.rpki-client.org