Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/OA6yFVWk-2u7Bb2TvgpaTE79TqE.roa
File:                     OA6yFVWk-2u7Bb2TvgpaTE79TqE.roa (raw, json)
Hash identifier:          cKiQJ68yG7xKb/TT1dVApriwKaHkjV6ra0K8qUjwHXQ=
Subject key identifier:   38:0E:B2:15:55:A4:FB:6B:BB:05:BD:93:BE:0A:5A:4C:4E:FD:4E:A1
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       02F1
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/OA6yFVWk-2u7Bb2TvgpaTE79TqE.roa
Signing time:             Thu 01 Jun 2023 16:04:37 +0000
ROA not before:           Thu 01 Jun 2023 16:04:37 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.96.220.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 753 (0x2f1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  1 16:04:37 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=380EB21555A4FB6BBB05BD93BE0A5A4C4EFD4EA1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:72:ff:7f:30:65:1a:34:87:15:77:f9:80:e2:
                    77:2f:c8:56:67:00:10:93:5d:c5:bd:27:34:ef:35:
                    2f:a1:e3:5c:41:41:cf:d0:6b:e1:d9:66:a1:ef:e3:
                    87:1d:d3:72:de:01:e1:9c:9e:ca:e2:18:91:41:51:
                    2f:24:f3:2c:e0:7a:78:b3:20:07:c1:fd:08:5e:cb:
                    d6:0a:84:37:f1:b7:77:27:76:71:45:1b:cc:4d:39:
                    52:8f:e9:3a:37:90:71:a7:45:e5:44:e2:b2:b3:7d:
                    3e:96:11:9a:57:52:a3:2c:a9:fc:a2:91:96:19:9e:
                    8f:0d:82:55:ad:b6:58:27:99:73:80:9a:f8:09:99:
                    74:5c:57:4c:ce:c6:5b:fb:4d:7e:00:3b:8f:7f:be:
                    01:3f:4f:51:fa:92:09:d2:b1:10:fb:df:0e:e9:59:
                    83:33:9b:82:40:b1:c8:ec:0d:b8:4c:9c:fb:6f:c9:
                    f3:74:0c:e7:d9:78:85:10:0c:37:2b:9c:4a:da:36:
                    75:09:24:1b:d4:d4:a4:fb:ad:4b:b0:ec:d4:0b:ca:
                    ef:75:5e:45:8c:bd:f2:82:ea:df:9b:6a:f7:a6:ec:
                    7c:bd:c7:b4:fb:f5:85:18:60:b3:ca:55:68:a8:ff:
                    b2:1f:01:33:88:11:6c:47:5d:17:17:dd:a9:d8:7c:
                    f8:4f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:0E:B2:15:55:A4:FB:6B:BB:05:BD:93:BE:0A:5A:4C:4E:FD:4E:A1
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/OA6yFVWk-2u7Bb2TvgpaTE79TqE.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.96.220.0/22

    Signature Algorithm: sha256WithRSAEncryption
         e7:b8:dd:5e:24:cf:7b:ed:35:b9:89:52:f2:ac:bc:d0:4f:59:
         07:10:e2:3d:0e:2b:75:b8:42:fc:ae:61:97:b4:de:21:75:07:
         28:e3:4c:10:3d:7a:5b:4d:a2:d5:62:bf:70:56:9d:3c:98:82:
         b6:58:80:7a:73:82:ac:7d:9d:36:94:17:56:39:5d:03:ed:3e:
         e8:91:ca:b6:2f:fa:96:2e:0e:ce:e5:73:dd:96:5f:c0:95:f0:
         a6:0b:46:f3:43:eb:31:9d:4a:66:d8:3b:d2:c1:e7:ee:32:70:
         41:94:54:e1:d9:27:b2:be:99:3a:0a:9a:60:04:df:38:4c:0b:
         f0:3f:a5:fc:62:bc:0a:4b:14:93:70:ea:6b:72:3b:2a:6e:b5:
         24:56:62:55:61:37:4a:ed:b0:98:53:85:c3:e5:97:c4:4e:e2:
         e1:18:bf:e5:c9:cf:54:09:8d:28:e0:c1:d1:a1:e4:a5:53:43:
         15:7e:f3:8e:3b:7c:68:f0:ba:85:48:eb:78:5b:67:bf:74:ab:
         c3:04:b7:5b:0b:1c:0c:7a:b7:8d:d5:43:57:de:6b:c8:2e:e3:
         bd:dd:c4:be:6d:22:fc:36:26:62:2e:a6:9d:bf:12:94:ff:17:
         f2:79:0c:ab:57:d3:28:05:65:2e:e5:a8:44:55:ca:83:09:58:
         bf:48:c1:d5
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAvEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDEx
NjA0MzdaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDM4MEVCMjE1NTVBNEZC
NkJCQjA1QkQ5M0JFMEE1QTRDNEVGRDRFQTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC6cv9/MGUaNIcVd/mA4ncvyFZnABCTXcW9JzTvNS+h41xBQc/Q
a+HZZqHv44cd03LeAeGcnsriGJFBUS8k8yzgenizIAfB/Qhey9YKhDfxt3cndnFF
G8xNOVKP6To3kHGnReVE4rKzfT6WEZpXUqMsqfyikZYZno8NglWttlgnmXOAmvgJ
mXRcV0zOxlv7TX4AO49/vgE/T1H6kgnSsRD73w7pWYMzm4JAscjsDbhMnPtvyfN0
DOfZeIUQDDcrnEraNnUJJBvU1KT7rUuw7NQLyu91XkWMvfKC6t+bavem7Hy9x7T7
9YUYYLPKVWio/7IfATOIEWxHXRcX3anYfPhPAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUOA6yFVWk+2u7Bb2TvgpaTE79TqEwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L09BNnlGVldrLTJ1N0JiMlR2Z3BhVEU3OVRxRS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxYNwwDQYJKoZIhvcNAQELBQADggEBAOe43V4kz3vtNbmJUvKsvNBPWQcQ
4j0OK3W4QvyuYZe03iF1ByjjTBA9eltNotViv3BWnTyYgrZYgHpzgqx9nTaUF1Y5
XQPtPuiRyrYv+pYuDs7lc92WX8CV8KYLRvND6zGdSmbYO9LB5+4ycEGUVOHZJ7K+
mToKmmAE3zhMC/A/pfxivApLFJNw6mtyOyputSRWYlVhN0rtsJhThcPll8RO4uEY
v+XJz1QJjSjgwdGh5KVTQxV+8447fGjwuoVI63hbZ790q8MEt1sLHAx6t43VQ1fe
a8gu473dxL5tIvw2JmIupp2/EpT/F/J5DKtX0ygFZS7lqERVyoMJWL9IwdU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:01 2024 by rpki-client on console-ams.rpki-client.org