Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/JYZ4e3I3odQnXjEvupHpNfU0JN0.roa
File:                     JYZ4e3I3odQnXjEvupHpNfU0JN0.roa (raw, json)
Hash identifier:          3FDjExRF+Wy4DFclAPC/7vCx6Lp1XsX+58E/cyL+YpM=
Subject key identifier:   25:86:78:7B:72:37:A1:D4:27:5E:31:2F:BA:91:E9:35:F5:34:24:DD
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       20
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/JYZ4e3I3odQnXjEvupHpNfU0JN0.roa
Signing time:             Wed 22 Mar 2023 17:25:46 +0000
ROA not before:           Wed 22 Mar 2023 17:25:46 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.73.74.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 32 (0x20)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 22 17:25:46 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=2586787B7237A1D4275E312FBA91E935F53424DD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ee:30:51:7e:1f:31:e9:4c:ce:d1:d9:65:29:c5:
                    0a:00:64:e8:10:4e:56:b2:07:77:b0:f4:05:ec:bd:
                    5e:08:f7:cd:2f:e9:ad:e9:bb:33:0c:3f:62:a6:34:
                    c8:08:21:11:69:bb:bc:a6:d8:45:da:e4:e0:4f:8a:
                    7c:63:0c:70:4e:98:6a:8f:35:db:c1:78:cd:2c:33:
                    5c:5f:9d:5c:3c:b3:d9:25:0d:00:60:c1:8a:7b:02:
                    3f:8a:9d:4a:ae:1a:23:3d:5c:89:69:09:01:87:c5:
                    3a:64:fe:bb:b3:c9:ee:f1:a2:62:1b:3b:93:50:22:
                    c7:a3:fb:9e:c4:ad:ac:e1:04:21:87:f5:18:21:81:
                    bf:97:e7:bc:a5:43:62:80:6f:76:66:f3:e9:95:8b:
                    87:53:94:7a:84:17:db:5e:a7:80:95:88:8b:0a:7b:
                    70:85:84:f5:c5:84:95:11:88:a3:1b:84:8b:a2:a7:
                    17:38:fa:fa:3f:af:31:ea:d4:65:ce:c4:7d:cf:67:
                    e8:41:04:74:c0:56:43:5e:25:a9:5b:c9:46:aa:59:
                    a9:3d:df:a8:94:83:de:ea:9f:ba:e4:44:8a:af:ff:
                    1b:a4:e3:59:cf:5c:6d:1d:40:35:bf:c4:80:d0:a8:
                    38:c2:bd:fa:59:ca:67:6e:d7:df:96:fc:2a:55:fb:
                    a4:15
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                25:86:78:7B:72:37:A1:D4:27:5E:31:2F:BA:91:E9:35:F5:34:24:DD
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/JYZ4e3I3odQnXjEvupHpNfU0JN0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.73.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         af:ee:a4:ea:86:35:ae:a9:c4:fd:b5:49:9f:07:a5:8f:f5:c4:
         c6:28:38:7a:19:57:5c:06:47:80:9f:7b:5c:41:e2:76:c5:05:
         ed:aa:0d:ea:5e:38:74:6c:1e:68:54:cb:3f:66:62:49:e4:06:
         03:8e:d1:85:51:cd:82:0f:2d:57:75:eb:fa:d7:16:ce:8d:3e:
         9e:c5:fd:b2:37:bf:5d:7b:a9:55:4f:10:bb:60:28:6b:16:a5:
         b7:9d:05:cb:1e:b2:03:57:2c:3d:fd:ca:b1:66:2c:4a:05:20:
         cd:1e:a7:c3:15:34:a7:46:b4:01:ed:bb:cf:b6:37:0f:6e:cb:
         5f:c6:ab:17:65:8f:97:f4:d2:c1:45:4c:a2:29:78:4f:c0:23:
         5e:16:0d:82:cd:48:31:69:02:65:a6:92:1e:ef:54:63:30:41:
         3b:7d:73:95:33:83:b4:b0:08:c4:07:a0:4b:ba:4b:6d:fa:d7:
         84:df:a5:7b:9a:a7:50:3e:38:54:d7:ab:85:b6:5d:82:73:98:
         b4:9c:16:4f:34:42:28:56:07:c2:94:46:fa:d4:6d:d2:be:b8:
         24:6b:a9:0f:24:14:80:2a:95:34:4d:ca:c0:4b:8e:43:b2:b5:
         1d:74:cf:8c:0b:5c:e5:d9:70:6e:f6:90:e9:a6:f4:ba:e5:25:
         4d:7e:42:12
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBIDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTY1
QjBCMjBEREUwN0E0Qzk3OEUyNDA3M0VBMEUxMTE3QjM3NDczMB4XDTIzMDMyMjE3
MjU0NloXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoMjU4Njc4N0I3MjM3QTFE
NDI3NUUzMTJGQkE5MUU5MzVGNTM0MjRERDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAO4wUX4fMelMztHZZSnFCgBk6BBOVrIHd7D0Bey9Xgj3zS/prem7
Mww/YqY0yAghEWm7vKbYRdrk4E+KfGMMcE6Yao8128F4zSwzXF+dXDyz2SUNAGDB
insCP4qdSq4aIz1ciWkJAYfFOmT+u7PJ7vGiYhs7k1Aix6P7nsStrOEEIYf1GCGB
v5fnvKVDYoBvdmbz6ZWLh1OUeoQX216ngJWIiwp7cIWE9cWElRGIoxuEi6KnFzj6
+j+vMerUZc7Efc9n6EEEdMBWQ14lqVvJRqpZqT3fqJSD3uqfuuREiq//G6TjWc9c
bR1ANb/EgNCoOMK9+lnKZ27X35b8KlX7pBUCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBQlhnh7cjeh1CdeMS+6kek19TQk3TAfBgNVHSMEGDAWgBRpZbCyDd4HpMl44kBz
6g4RF7N0czAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5L2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJlemRITS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJl
emRITS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvSllaNGUzSTNvZFFuWGpFdnVwSHBOZlUwSk4wLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAAFJSjANBgkqhkiG9w0BAQsFAAOCAQEAr+6k6oY1rqnE/bVJnwelj/XExig4
ehlXXAZHgJ97XEHidsUF7aoN6l44dGweaFTLP2ZiSeQGA47RhVHNgg8tV3Xr+tcW
zo0+nsX9sje/XXupVU8Qu2Aoaxalt50Fyx6yA1csPf3KsWYsSgUgzR6nwxU0p0a0
Ae27z7Y3D27LX8arF2WPl/TSwUVMoil4T8AjXhYNgs1IMWkCZaaSHu9UYzBBO31z
lTODtLAIxAegS7pLbfrXhN+le5qnUD44VNerhbZdgnOYtJwWTzRCKFYHwpRG+tRt
0r64JGupDyQUgCqVNE3KwEuOQ7K1HXTPjAtc5dlwbvaQ6ab0uuUlTX5CEg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org