Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/FH-eSQjIdTXURc50Gf9sH4FL3UQ.roa
File:                     FH-eSQjIdTXURc50Gf9sH4FL3UQ.roa (raw, json)
Hash identifier:          mLQrPcOzdYJZS/yyryfY+mJpggleOIisyNl4JLSoQjk=
Subject key identifier:   14:7F:9E:49:08:C8:75:35:D4:45:CE:74:19:FF:6C:1F:81:4B:DD:44
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       51
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/FH-eSQjIdTXURc50Gf9sH4FL3UQ.roa
Signing time:             Mon 27 Mar 2023 16:04:26 +0000
ROA not before:           Mon 27 Mar 2023 16:04:26 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.73.224.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 81 (0x51)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 27 16:04:26 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=147F9E4908C87535D445CE7419FF6C1F814BDD44
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c6:c8:8e:0d:68:78:07:27:e3:89:24:68:a8:64:
                    e6:f4:c1:5c:42:06:2b:11:ab:ce:1f:ec:8f:d6:2c:
                    77:bc:3c:bb:f1:cc:aa:55:a2:a0:fb:98:47:ba:9e:
                    cd:36:8b:bf:5d:41:2e:80:75:4b:19:81:e7:6c:45:
                    97:55:ff:a5:55:db:c8:f5:8e:93:b8:b6:c9:e1:57:
                    ab:4c:6a:39:da:3b:9a:03:15:b3:2e:b5:12:e0:43:
                    06:79:62:ba:e4:e8:52:92:12:a3:bd:79:65:d8:96:
                    ea:62:f9:f2:ef:ca:a6:77:08:f4:63:56:4d:79:59:
                    bb:9e:40:e9:00:08:94:f8:46:8a:82:49:d9:7f:7d:
                    10:c0:51:81:15:a6:21:23:20:ed:02:ed:78:9b:31:
                    c1:72:c5:32:77:b7:3e:d7:af:c0:32:28:8b:66:f2:
                    c4:f0:23:11:2e:8c:fe:02:7e:0d:3d:21:c6:4a:c9:
                    d8:92:49:2b:4d:5f:2b:cc:0c:b0:b6:62:52:8a:e5:
                    e3:2e:63:b2:e0:aa:54:22:f7:45:49:1c:3e:cc:0c:
                    73:c7:bf:58:1f:c1:e3:78:5d:23:ef:de:90:6c:1d:
                    d3:ea:ed:6a:6f:c0:16:51:b1:a2:6b:a6:16:90:3d:
                    42:4c:3d:d4:37:80:59:f2:c2:c6:61:ae:5d:df:be:
                    ff:45
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                14:7F:9E:49:08:C8:75:35:D4:45:CE:74:19:FF:6C:1F:81:4B:DD:44
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/FH-eSQjIdTXURc50Gf9sH4FL3UQ.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.73.224.0/23

    Signature Algorithm: sha256WithRSAEncryption
         c7:5c:b4:47:8e:2c:37:3e:37:c9:df:38:7f:c1:39:8e:77:24:
         c8:2d:f0:d2:79:6b:08:40:e8:a1:78:3f:94:55:7e:32:91:b8:
         7f:3f:57:e2:0d:c8:8f:54:0d:7a:d4:c4:a0:52:2e:c8:82:4f:
         24:c2:c9:12:8c:ff:51:06:1e:85:0c:55:f6:79:40:06:60:d0:
         7d:26:1b:28:90:96:01:1e:0d:ee:b5:cc:de:02:b2:f7:94:fb:
         4b:59:ee:03:21:2f:fe:96:d2:26:e5:e0:f8:87:ef:b7:64:76:
         61:4b:cc:96:75:d8:1d:2e:81:38:9e:91:5a:a3:a8:49:a5:f7:
         90:d0:4f:37:e8:81:eb:9e:b5:01:37:b9:c8:5a:92:df:53:09:
         3b:cc:f1:2d:ba:2b:2d:28:8b:c3:20:67:2c:24:df:84:68:f6:
         cc:20:6a:65:de:0d:28:0c:6d:4b:7b:25:d2:a5:19:c8:fd:41:
         a9:e2:4e:0b:e1:e4:e5:80:24:cd:22:9f:b2:41:ba:2a:d1:cb:
         0c:13:94:02:fe:a7:3b:51:eb:41:ba:12:4d:ce:fa:67:6d:f3:
         34:f3:94:bf:8c:2d:ec:04:0e:9c:e6:27:8f:71:8d:7d:f5:d8:
         db:bf:8a:db:68:be:4a:ee:24:7c:eb:29:4f:b1:02:4e:4a:e8:
         7c:7b:6d:33
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBUTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTY1
QjBCMjBEREUwN0E0Qzk3OEUyNDA3M0VBMEUxMTE3QjM3NDczMB4XDTIzMDMyNzE2
MDQyNloXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoMTQ3RjlFNDkwOEM4NzUz
NUQ0NDVDRTc0MTlGRjZDMUY4MTRCREQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMbIjg1oeAcn44kkaKhk5vTBXEIGKxGrzh/sj9Ysd7w8u/HMqlWi
oPuYR7qezTaLv11BLoB1SxmB52xFl1X/pVXbyPWOk7i2yeFXq0xqOdo7mgMVsy61
EuBDBnliuuToUpISo715ZdiW6mL58u/KpncI9GNWTXlZu55A6QAIlPhGioJJ2X99
EMBRgRWmISMg7QLteJsxwXLFMne3PtevwDIoi2byxPAjES6M/gJ+DT0hxkrJ2JJJ
K01fK8wMsLZiUorl4y5jsuCqVCL3RUkcPswMc8e/WB/B43hdI+/ekGwd0+rtam/A
FlGxomumFpA9Qkw91DeAWfLCxmGuXd++/0UCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBQUf55JCMh1NdRFznQZ/2wfgUvdRDAfBgNVHSMEGDAWgBRpZbCyDd4HpMl44kBz
6g4RF7N0czAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5L2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJlemRITS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJl
emRITS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvRkgtZVNRaklkVFhVUmM1MEdmOXNINEZMM1VRLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAQFJ4DANBgkqhkiG9w0BAQsFAAOCAQEAx1y0R44sNz43yd84f8E5jnckyC3w
0nlrCEDooXg/lFV+MpG4fz9X4g3Ij1QNetTEoFIuyIJPJMLJEoz/UQYehQxV9nlA
BmDQfSYbKJCWAR4N7rXM3gKy95T7S1nuAyEv/pbSJuXg+Ifvt2R2YUvMlnXYHS6B
OJ6RWqOoSaX3kNBPN+iB6561ATe5yFqS31MJO8zxLborLSiLwyBnLCTfhGj2zCBq
Zd4NKAxtS3sl0qUZyP1BqeJOC+Hk5YAkzSKfskG6KtHLDBOUAv6nO1HrQboSTc76
Z23zNPOUv4wt7AQOnOYnj3GNffXY27+K22i+Su4kfOspT7ECTkrofHttMw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:01 2024 by rpki-client on console-ams.rpki-client.org