Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/JCoFcqxAwxhaxsuwOTRLfJf5LIQ.roa
File:                     JCoFcqxAwxhaxsuwOTRLfJf5LIQ.roa (raw, json)
Hash identifier:          kMxYmuzK3PUj49B4lc5rxdtxMXCnwaEnzRNz5KZAwiA=
Subject key identifier:   24:2A:05:72:AC:40:C3:18:5A:C6:CB:B0:39:34:4B:7C:97:F9:2C:84
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0386
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/JCoFcqxAwxhaxsuwOTRLfJf5LIQ.roa
Signing time:             Thu 01 Jun 2023 17:57:37 +0000
ROA not before:           Thu 01 Jun 2023 17:57:37 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.106.200.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 902 (0x386)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  1 17:57:37 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=242A0572AC40C3185AC6CBB039344B7C97F92C84
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:48:45:f7:7c:be:1d:78:be:42:bd:41:c8:22:
                    85:ff:9f:ae:51:c4:a5:84:8b:c1:b8:0e:cb:bf:65:
                    4d:27:25:21:e9:66:99:ce:ab:16:ce:2d:ec:b7:59:
                    1f:e0:7f:7c:e8:bf:45:4d:1b:14:8e:89:4b:0f:da:
                    59:da:29:86:49:59:03:1b:ff:73:33:96:ca:65:58:
                    55:a5:d4:6f:43:15:32:48:33:a3:73:7f:95:04:f1:
                    88:22:b5:de:44:91:32:1e:cc:bb:3a:9e:4b:0a:3d:
                    dc:81:58:fb:70:35:b0:c5:bc:84:28:47:87:3a:05:
                    26:52:f0:fc:43:66:39:b2:2d:b9:8d:59:7c:1a:c1:
                    57:e8:9b:88:42:6a:1b:6a:3a:49:22:f4:9c:99:bc:
                    ec:d4:ef:ea:5a:83:f0:6f:44:05:97:a0:11:15:ad:
                    49:c9:7e:a6:32:9c:ae:07:0d:62:0c:f5:54:85:02:
                    19:9f:a4:3c:9f:99:70:25:24:a7:06:c8:a0:18:97:
                    61:0a:ef:b0:6e:ab:51:a3:1a:0a:01:98:f9:d7:2d:
                    4a:12:ff:5a:ce:56:b6:fe:ad:27:09:d0:ec:ec:ea:
                    61:85:e5:c1:c8:4c:8c:75:a6:28:ec:55:e6:cc:a6:
                    a2:29:aa:58:55:52:bf:1f:3f:a3:e0:f4:34:cf:12:
                    da:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                24:2A:05:72:AC:40:C3:18:5A:C6:CB:B0:39:34:4B:7C:97:F9:2C:84
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/JCoFcqxAwxhaxsuwOTRLfJf5LIQ.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.106.200.0/23

    Signature Algorithm: sha256WithRSAEncryption
         20:72:71:a4:73:28:91:7a:c9:b6:95:7f:4e:de:40:bf:1c:33:
         61:27:9a:a4:0c:15:d0:42:db:93:5f:5a:86:2d:35:26:c3:cd:
         ab:19:b8:a5:74:a6:5c:27:68:ad:26:f8:63:9e:6f:70:0b:41:
         4d:d2:0b:71:ac:49:41:99:d4:02:59:55:db:8d:2d:df:1d:e2:
         2d:92:ac:ef:2e:5c:89:82:8b:1f:37:ae:3a:0b:d4:17:50:19:
         68:b9:2f:86:4f:d9:c5:26:3c:a1:72:3f:d7:7f:8a:1d:23:49:
         3f:af:1f:7e:6f:4a:b2:a5:01:b0:c4:d4:e1:8d:87:c1:a9:17:
         fe:e2:57:e1:91:37:be:cb:b5:af:cd:91:48:4c:95:9c:b2:e9:
         cd:05:2a:c5:7d:b4:f9:1f:fb:50:58:25:c3:c1:b2:77:d9:9b:
         f5:2d:47:83:1a:29:82:2d:b8:5e:84:38:e9:a5:e6:2b:4e:6c:
         fe:e7:48:e6:81:e3:c1:c4:1b:06:8e:bd:92:43:77:c6:7d:2a:
         1e:81:c2:53:5d:10:a5:61:dc:1b:73:ca:82:20:33:af:20:c2:
         f7:40:71:30:4e:91:c3:81:d5:31:52:11:5f:6a:6d:e2:bf:1e:
         5c:a8:3b:98:eb:65:e9:2f:9e:d3:f7:69:43:3c:d0:f9:ea:cb:
         99:1d:fe:3f
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICA4YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDEx
NzU3MzdaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDI0MkEwNTcyQUM0MEMz
MTg1QUM2Q0JCMDM5MzQ0QjdDOTdGOTJDODQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDASEX3fL4deL5CvUHIIoX/n65RxKWEi8G4Dsu/ZU0nJSHpZpnO
qxbOLey3WR/gf3zov0VNGxSOiUsP2lnaKYZJWQMb/3MzlsplWFWl1G9DFTJIM6Nz
f5UE8Ygitd5EkTIezLs6nksKPdyBWPtwNbDFvIQoR4c6BSZS8PxDZjmyLbmNWXwa
wVfom4hCahtqOkki9JyZvOzU7+pag/BvRAWXoBEVrUnJfqYynK4HDWIM9VSFAhmf
pDyfmXAlJKcGyKAYl2EK77Buq1GjGgoBmPnXLUoS/1rOVrb+rScJ0Ozs6mGF5cHI
TIx1pijsVebMpqIpqlhVUr8fP6Pg9DTPEtqRAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUJCoFcqxAwxhaxsuwOTRLfJf5LIQwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0pDb0ZjcXhBd3hoYXhzdXdPVFJMZkpmNUxJUS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExasgwDQYJKoZIhvcNAQELBQADggEBACBycaRzKJF6ybaVf07eQL8cM2En
mqQMFdBC25NfWoYtNSbDzasZuKV0plwnaK0m+GOeb3ALQU3SC3GsSUGZ1AJZVduN
Ld8d4i2SrO8uXImCix83rjoL1BdQGWi5L4ZP2cUmPKFyP9d/ih0jST+vH35vSrKl
AbDE1OGNh8GpF/7iV+GRN77Lta/NkUhMlZyy6c0FKsV9tPkf+1BYJcPBsnfZm/Ut
R4MaKYItuF6EOOml5itObP7nSOaB48HEGwaOvZJDd8Z9Kh6BwlNdEKVh3BtzyoIg
M68gwvdAcTBOkcOB1TFSEV9qbeK/HlyoO5jrZekvntP3aUM80Pnqy5kd/j8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org