Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/CXZw7QfC5NNh2CfP92jxcZyhqxA.roa
File:                     CXZw7QfC5NNh2CfP92jxcZyhqxA.roa (raw, json)
Hash identifier:          vAR3AYOeNt/1JIkPICBek1gAaUWQCW4vpuJWnkSApiU=
Subject key identifier:   09:76:70:ED:07:C2:E4:D3:61:D8:27:CF:F7:68:F1:71:9C:A1:AB:10
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       02D9
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/CXZw7QfC5NNh2CfP92jxcZyhqxA.roa
Signing time:             Tue 30 May 2023 17:18:26 +0000
ROA not before:           Tue 30 May 2023 17:18:26 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.106.186.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 729 (0x2d9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 30 17:18:26 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=097670ED07C2E4D361D827CFF768F1719CA1AB10
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:c4:57:98:37:3e:3a:c6:f4:02:11:5f:77:de:
                    9b:cc:fe:90:26:07:3e:72:57:21:94:ed:84:ea:a2:
                    3b:e2:90:ac:2f:db:8e:9e:95:18:b4:32:de:1c:1d:
                    a7:f6:e9:1e:e8:17:62:24:6b:72:3b:c0:67:a4:5f:
                    2f:df:2a:d5:48:0c:a9:f2:b9:a0:d8:33:a8:ca:c1:
                    ea:30:8d:b9:f6:10:dc:d6:82:6f:b4:a2:d0:ae:7c:
                    f3:57:06:d7:3a:e5:e4:99:7e:a9:72:00:10:3e:1f:
                    25:6e:44:57:24:51:ac:07:c6:f6:c5:93:ab:d2:d4:
                    ca:7d:ac:35:37:58:3a:8e:f9:6e:a7:4b:99:42:c7:
                    45:de:b8:2b:f1:55:c8:da:f6:a6:97:fa:8c:00:32:
                    2f:8a:52:4f:c6:7f:d0:93:1b:b3:e6:e6:71:02:68:
                    97:25:5d:6e:8d:40:0d:7d:7b:51:4f:38:7e:50:85:
                    22:38:44:b9:d3:82:33:07:cb:af:14:b9:54:6c:b0:
                    d0:01:8d:98:05:3c:68:2a:21:55:fa:39:5e:a8:3c:
                    0e:00:28:64:97:af:a6:42:d5:41:54:1b:88:cd:3f:
                    76:84:6b:8d:47:b3:fa:58:02:10:70:28:89:a1:e7:
                    da:8e:0b:88:32:18:5e:4f:4d:73:7d:cb:07:86:15:
                    2d:2d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                09:76:70:ED:07:C2:E4:D3:61:D8:27:CF:F7:68:F1:71:9C:A1:AB:10
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/CXZw7QfC5NNh2CfP92jxcZyhqxA.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.106.186.0/23

    Signature Algorithm: sha256WithRSAEncryption
         d0:96:3c:d3:13:45:d8:db:01:68:5e:2e:d6:13:26:55:a7:d7:
         10:5b:8a:9d:d9:5c:79:bf:f9:5e:2e:27:40:3a:4c:27:e7:b1:
         d5:aa:94:f9:30:a7:b3:42:f0:11:7d:48:45:65:09:8b:29:dc:
         20:b7:21:07:7c:8d:fe:ec:82:08:7c:17:84:e9:b2:bf:c8:8e:
         e0:bf:66:7b:c5:61:f0:32:a3:a3:ec:62:b3:32:0b:7b:84:70:
         48:60:10:ac:48:8f:92:64:e2:31:54:7d:0c:f9:5b:94:8b:47:
         5d:06:ee:74:60:62:3b:31:6d:f8:10:a3:e1:25:97:dd:ba:b4:
         ca:fa:e9:2c:b2:c8:cf:54:f8:36:d8:ab:12:89:b9:ea:c5:0c:
         74:8a:c6:27:72:75:57:c1:6d:cf:bf:64:08:74:7e:56:52:62:
         4a:2e:e7:50:78:5e:67:4a:7d:09:c2:4b:5d:88:62:7c:f8:58:
         00:6c:b3:c2:f3:d7:27:7e:a0:a5:46:bf:f9:ee:a5:8f:22:62:
         db:f5:75:b5:45:ca:cb:0e:a1:b0:d7:6f:6c:0a:c3:37:3a:bd:
         66:ef:6a:b8:bb:13:37:00:b4:18:fa:89:0d:26:8d:e5:3a:35:
         8d:6a:70:e2:9a:95:03:eb:5c:c2:aa:c5:ca:09:02:31:21:b0:
         27:16:58:c7
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAtkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MzAx
NzE4MjZaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDA5NzY3MEVEMDdDMkU0
RDM2MUQ4MjdDRkY3NjhGMTcxOUNBMUFCMTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7xFeYNz46xvQCEV933pvM/pAmBz5yVyGU7YTqojvikKwv246e
lRi0Mt4cHaf26R7oF2Ika3I7wGekXy/fKtVIDKnyuaDYM6jKweowjbn2ENzWgm+0
otCufPNXBtc65eSZfqlyABA+HyVuRFckUawHxvbFk6vS1Mp9rDU3WDqO+W6nS5lC
x0XeuCvxVcja9qaX+owAMi+KUk/Gf9CTG7Pm5nECaJclXW6NQA19e1FPOH5QhSI4
RLnTgjMHy68UuVRssNABjZgFPGgqIVX6OV6oPA4AKGSXr6ZC1UFUG4jNP3aEa41H
s/pYAhBwKImh59qOC4gyGF5PTXN9yweGFS0tAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUCXZw7QfC5NNh2CfP92jxcZyhqxAwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0NYWnc3UWZDNU5OaDJDZlA5Mmp4Y1p5aHF4QS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExarowDQYJKoZIhvcNAQELBQADggEBANCWPNMTRdjbAWheLtYTJlWn1xBb
ip3ZXHm/+V4uJ0A6TCfnsdWqlPkwp7NC8BF9SEVlCYsp3CC3IQd8jf7sggh8F4Tp
sr/IjuC/ZnvFYfAyo6PsYrMyC3uEcEhgEKxIj5Jk4jFUfQz5W5SLR10G7nRgYjsx
bfgQo+Ell926tMr66SyyyM9U+DbYqxKJuerFDHSKxidydVfBbc+/ZAh0flZSYkou
51B4XmdKfQnCS12IYnz4WABss8Lz1yd+oKVGv/nupY8iYtv1dbVFyssOobDXb2wK
wzc6vWbvari7EzcAtBj6iQ0mjeU6NY1qcOKalQPrXMKqxcoJAjEhsCcWWMc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org