Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/IAXaAdmwzJiSwzgE0sxqFr27Q24.roa
File:                     IAXaAdmwzJiSwzgE0sxqFr27Q24.roa (raw, json)
Hash identifier:          YAfyBUDHJpzmA0O1TBSZzBX0kCyTj51DC9gtJw6H0Xc=
Subject key identifier:   20:05:DA:01:D9:B0:CC:98:92:C3:38:04:D2:CC:6A:16:BD:BB:43:6E
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       01E9
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/IAXaAdmwzJiSwzgE0sxqFr27Q24.roa
Signing time:             Wed 24 May 2023 16:42:34 +0000
ROA not before:           Wed 24 May 2023 16:42:33 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.75.248.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 489 (0x1e9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 24 16:42:33 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=2005DA01D9B0CC9892C33804D2CC6A16BDBB436E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:98:d1:8a:f9:f8:ec:36:86:52:e5:8e:78:3f:
                    51:f2:9e:ae:d4:e6:71:bf:b8:36:ce:85:c7:34:7f:
                    45:cb:be:62:8a:2f:22:4a:b9:f4:7e:7e:88:98:48:
                    55:a6:e2:98:a6:8f:84:cd:67:83:94:2a:4e:b3:40:
                    15:40:49:17:33:04:05:1b:b3:1f:da:32:0a:12:8c:
                    eb:68:e1:69:1e:ce:32:2c:c6:8f:4e:7a:00:8c:f5:
                    b9:68:93:f7:20:94:e4:71:ba:9d:a7:f2:68:09:02:
                    80:ec:7a:81:ef:9f:17:bf:5b:1d:5b:3a:d9:94:00:
                    75:7b:d9:63:b1:07:de:45:4f:1e:e2:69:d4:9e:a8:
                    72:72:e3:11:c5:21:c1:0b:59:a8:56:be:ba:e6:ab:
                    2a:ad:7f:99:29:70:de:f8:0e:92:2a:24:bf:47:10:
                    c8:a0:fb:a2:b5:1c:40:63:e5:f6:fe:73:3f:b8:94:
                    08:b6:8d:c4:c0:64:7c:85:79:a2:d1:46:46:3e:89:
                    97:33:09:c9:b5:f1:3b:b8:19:8c:bd:78:6c:fa:b1:
                    60:2c:c6:ae:36:21:01:f5:3f:18:20:6d:91:e5:59:
                    e7:ec:5f:63:24:91:a9:01:ad:72:72:2e:31:a8:16:
                    41:d2:64:a7:21:37:5b:28:4e:1f:f9:e4:ca:20:81:
                    33:2b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                20:05:DA:01:D9:B0:CC:98:92:C3:38:04:D2:CC:6A:16:BD:BB:43:6E
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/IAXaAdmwzJiSwzgE0sxqFr27Q24.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.75.248.0/21

    Signature Algorithm: sha256WithRSAEncryption
         0a:a9:c8:73:43:43:04:c2:10:ea:31:7d:4a:12:c6:1c:93:b3:
         e1:ab:00:3a:2b:77:82:e5:98:bd:fe:16:74:f7:a3:a4:ec:6c:
         02:28:9f:68:40:e5:11:90:b7:aa:ef:c9:97:b5:99:52:e1:f6:
         f1:21:99:70:b4:8e:b1:e5:5b:ff:c4:21:66:c0:f8:dd:da:d7:
         e3:28:c1:f4:fd:91:e3:89:bd:19:f3:05:0a:80:d6:11:cc:48:
         cd:c0:6a:02:8b:7b:a4:b1:bf:e5:b8:82:e7:4e:ab:fa:69:f8:
         99:b6:37:9b:86:f3:3b:73:08:01:0e:e6:23:1d:3d:0d:46:a0:
         59:f4:a1:6c:26:76:15:9f:e2:3c:06:ed:fc:69:c7:c0:35:52:
         b9:9c:ba:05:08:d6:b4:44:d8:c9:05:50:ea:c1:8c:3b:d2:76:
         a8:3b:d8:4a:c3:4f:89:62:35:2d:d8:f3:cb:aa:c9:c5:48:da:
         43:86:a1:32:6c:4d:60:cf:3f:f4:2f:cc:2e:9f:1c:45:35:1e:
         3c:36:c9:b4:e9:f0:cf:3c:05:47:82:7e:c2:0b:9a:49:59:e5:
         f0:55:b4:02:de:47:2d:fe:f8:8a:d6:f1:0e:f0:b6:24:b5:91:
         9f:71:3c:6b:28:ba:5f:db:80:6f:3b:f3:6a:a0:59:3e:d5:35:
         2a:30:6b:cd
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAekwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MjQx
NjQyMzNaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDIwMDVEQTAxRDlCMEND
OTg5MkMzMzgwNEQyQ0M2QTE2QkRCQjQzNkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvmNGK+fjsNoZS5Y54P1Hynq7U5nG/uDbOhcc0f0XLvmKKLyJK
ufR+foiYSFWm4pimj4TNZ4OUKk6zQBVASRczBAUbsx/aMgoSjOto4WkezjIsxo9O
egCM9blok/cglORxup2n8mgJAoDseoHvnxe/Wx1bOtmUAHV72WOxB95FTx7iadSe
qHJy4xHFIcELWahWvrrmqyqtf5kpcN74DpIqJL9HEMig+6K1HEBj5fb+cz+4lAi2
jcTAZHyFeaLRRkY+iZczCcm18Tu4GYy9eGz6sWAsxq42IQH1PxggbZHlWefsX2Mk
kakBrXJyLjGoFkHSZKchN1soTh/55MoggTMrAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUIAXaAdmwzJiSwzgE0sxqFr27Q24wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0lBWGFBZG13ekppU3d6Z0Uwc3hxRnIyN1EyNC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMBS/gwDQYJKoZIhvcNAQELBQADggEBAAqpyHNDQwTCEOoxfUoSxhyTs+Gr
ADord4LlmL3+FnT3o6TsbAIon2hA5RGQt6rvyZe1mVLh9vEhmXC0jrHlW//EIWbA
+N3a1+MowfT9keOJvRnzBQqA1hHMSM3AagKLe6Sxv+W4gudOq/pp+Jm2N5uG8ztz
CAEO5iMdPQ1GoFn0oWwmdhWf4jwG7fxpx8A1UrmcugUI1rRE2MkFUOrBjDvSdqg7
2ErDT4liNS3Y88uqycVI2kOGoTJsTWDPP/QvzC6fHEU1Hjw2ybTp8M88BUeCfsIL
mklZ5fBVtALeRy3++IrW8Q7wtiS1kZ9xPGsoul/bgG8782qgWT7VNSowa80=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org