Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/OS5pdSj_Mpl2yFMIXpItjV_d0s8.roa
File:                     OS5pdSj_Mpl2yFMIXpItjV_d0s8.roa (raw, json)
Hash identifier:          s2oRW0EgXv9ldQ8vT6saNOgN2appezC5+X78IZiZm1g=
Subject key identifier:   39:2E:69:75:28:FF:32:99:76:C8:53:08:5E:92:2D:8D:5F:DD:D2:CF
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       03E9
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/OS5pdSj_Mpl2yFMIXpItjV_d0s8.roa
Signing time:             Tue 06 Jun 2023 16:03:44 +0000
ROA not before:           Tue 06 Jun 2023 16:03:44 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.104.72.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1001 (0x3e9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  6 16:03:44 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=392E697528FF329976C853085E922D8D5FDDD2CF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c1:58:a8:3f:aa:5f:e1:ca:39:70:80:9e:c3:ad:
                    31:99:02:ee:8a:dd:c4:22:7e:ef:2e:09:34:4c:0f:
                    c3:a7:a4:d4:86:09:1d:1b:2f:62:e6:b0:2c:ce:3c:
                    46:73:c8:60:1d:6d:bb:a9:ad:d6:c7:c8:2e:17:3f:
                    68:4d:68:fa:08:9e:79:1a:83:0d:b3:6c:c4:db:9e:
                    11:0e:1d:bb:a2:d8:b1:ed:56:ce:b6:e2:51:88:b4:
                    bb:a0:2c:81:40:73:86:35:4c:18:ac:ab:15:a6:46:
                    12:9c:0b:71:57:1c:66:7a:14:99:36:05:2d:95:e0:
                    9f:f9:0d:93:82:a9:f7:ce:53:d9:5e:27:92:18:66:
                    d7:0d:b7:a8:d8:d4:f8:d0:00:4f:04:25:28:ca:9b:
                    39:ed:16:de:ef:3b:2b:82:6b:e9:03:ed:c3:30:5d:
                    fa:6f:2c:db:f6:ee:6c:cd:c9:e7:63:d5:3b:d3:ed:
                    61:91:23:43:92:64:fe:8d:dd:0c:61:b3:e6:88:bd:
                    f6:0d:4c:18:a4:85:cf:3a:e8:05:f1:2d:b4:fa:5f:
                    36:23:3d:fc:5b:bc:65:ed:00:9c:0b:c8:c5:4d:a6:
                    51:17:43:ee:f0:b1:78:46:db:56:2b:a6:66:9b:0a:
                    52:ba:fb:0f:b6:fc:c7:b6:b5:0e:2f:32:c9:65:21:
                    ae:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                39:2E:69:75:28:FF:32:99:76:C8:53:08:5E:92:2D:8D:5F:DD:D2:CF
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/OS5pdSj_Mpl2yFMIXpItjV_d0s8.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.104.72.0/22

    Signature Algorithm: sha256WithRSAEncryption
         4a:f8:e0:d7:89:a3:f6:f3:b3:e1:dd:b6:a9:c9:17:c8:ca:01:
         be:77:b2:de:2c:f3:74:bd:02:c1:a5:77:05:64:53:8d:bc:de:
         c2:18:45:5a:2f:2b:0e:2b:71:65:16:d2:d5:0b:0b:d3:97:70:
         55:5f:96:cd:f3:12:a0:c8:87:30:e2:c9:08:e2:54:82:77:c9:
         de:62:9f:a9:48:d1:6e:db:99:47:72:ec:28:65:e8:8d:d7:55:
         c5:47:91:66:a6:3c:be:5c:b8:fd:19:ac:25:6e:a6:a7:c4:4f:
         63:84:2b:f9:15:21:b3:6f:fc:52:de:c3:7a:ee:05:e6:67:32:
         6b:90:9b:62:ba:16:f0:71:c7:29:7a:cb:10:98:e1:5c:3e:0c:
         da:fa:59:62:3a:75:78:82:ad:eb:3f:0b:90:c8:08:7a:5d:f0:
         f4:f1:48:74:77:ee:6a:93:6e:e8:93:de:ac:be:d4:a6:dc:8c:
         7f:fd:a6:ea:76:6f:ec:f9:d0:27:b2:5a:cf:d2:7b:5f:35:48:
         32:b3:e9:10:a5:19:8c:cd:2e:f1:6c:78:92:63:77:21:c6:70:
         53:0c:ff:1f:33:af:fb:1b:bc:68:5c:35:f9:46:4d:ba:5e:b9:
         41:d3:cb:b4:9b:d1:44:fd:6e:82:1c:e8:1a:aa:3b:06:fc:bc:
         ff:9b:ca:7b
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICA+kwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDYx
NjAzNDRaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDM5MkU2OTc1MjhGRjMy
OTk3NkM4NTMwODVFOTIyRDhENUZEREQyQ0YwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDBWKg/ql/hyjlwgJ7DrTGZAu6K3cQifu8uCTRMD8OnpNSGCR0b
L2LmsCzOPEZzyGAdbbuprdbHyC4XP2hNaPoInnkagw2zbMTbnhEOHbui2LHtVs62
4lGItLugLIFAc4Y1TBisqxWmRhKcC3FXHGZ6FJk2BS2V4J/5DZOCqffOU9leJ5IY
ZtcNt6jY1PjQAE8EJSjKmzntFt7vOyuCa+kD7cMwXfpvLNv27mzNyedj1TvT7WGR
I0OSZP6N3Qxhs+aIvfYNTBikhc866AXxLbT6XzYjPfxbvGXtAJwLyMVNplEXQ+7w
sXhG21YrpmabClK6+w+2/Me2tQ4vMsllIa7zAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUOS5pdSj/Mpl2yFMIXpItjV/d0s8wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L09TNXBkU2pfTXBsMnlGTUlYcEl0alZfZDBzOC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxaEgwDQYJKoZIhvcNAQELBQADggEBAEr44NeJo/bzs+HdtqnJF8jKAb53
st4s83S9AsGldwVkU4283sIYRVovKw4rcWUW0tULC9OXcFVfls3zEqDIhzDiyQji
VIJ3yd5in6lI0W7bmUdy7Chl6I3XVcVHkWamPL5cuP0ZrCVupqfET2OEK/kVIbNv
/FLew3ruBeZnMmuQm2K6FvBxxyl6yxCY4Vw+DNr6WWI6dXiCres/C5DICHpd8PTx
SHR37mqTbuiT3qy+1KbcjH/9pup2b+z50CeyWs/Se181SDKz6RClGYzNLvFseJJj
dyHGcFMM/x8zr/sbvGhcNflGTbpeuUHTy7Sb0UT9boIc6BqqOwb8vP+byns=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:01 2024 by rpki-client on console-ams.rpki-client.org