Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/Pw4J9mxBPtUKubh-PbbyBqqfuU8.roa
File:                     Pw4J9mxBPtUKubh-PbbyBqqfuU8.roa (raw, json)
Hash identifier:          JQxk9knBnAbvffe75Rw63FQYOnVwhFMoLOkrJ9a+cnA=
Subject key identifier:   3F:0E:09:F6:6C:41:3E:D5:0A:B9:B8:7E:3D:B6:F2:06:AA:9F:B9:4F
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       02C2
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Pw4J9mxBPtUKubh-PbbyBqqfuU8.roa
Signing time:             Tue 30 May 2023 17:17:36 +0000
ROA not before:           Tue 30 May 2023 17:17:36 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.102.132.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 706 (0x2c2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 30 17:17:36 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=3F0E09F66C413ED50AB9B87E3DB6F206AA9FB94F
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ce:ad:c6:52:8b:5e:42:38:4d:70:39:45:a1:39:
                    24:98:4d:ff:a5:ca:e8:46:69:07:58:ec:5f:32:85:
                    1d:55:4b:5d:46:14:26:75:cb:43:1b:a4:0b:50:82:
                    0d:39:c6:79:f6:95:1c:f4:98:dd:19:83:23:a9:92:
                    26:1c:1c:29:ea:6e:59:8d:01:81:a9:05:23:68:e6:
                    52:7e:05:48:49:92:c8:b8:27:a2:bf:d1:d3:85:53:
                    bf:a0:07:cd:88:9f:1d:9a:a1:2d:93:7f:03:c4:43:
                    0a:04:70:62:65:4c:2a:7c:c9:57:43:13:6b:d2:82:
                    da:ce:8c:fc:44:d3:32:01:1a:b7:b1:4a:17:31:e3:
                    00:d4:bb:0b:96:39:7c:47:06:9a:f5:eb:5f:db:dd:
                    a4:61:a1:9d:c2:bf:88:94:9b:82:a9:42:c6:31:57:
                    ca:79:ed:8f:bf:48:4e:bf:37:83:31:1d:43:39:21:
                    76:02:26:95:26:f8:97:91:8e:aa:10:14:18:b2:61:
                    fd:bb:f2:9a:43:32:20:e4:03:58:a4:92:17:5b:e2:
                    0f:09:ba:5d:65:2c:92:e1:7f:15:2c:65:43:a2:e1:
                    79:f0:84:3c:ba:7a:13:10:42:16:d7:60:bd:04:e4:
                    94:66:18:8d:c0:21:f9:6d:ea:09:cf:fc:c7:aa:95:
                    6d:d7
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                3F:0E:09:F6:6C:41:3E:D5:0A:B9:B8:7E:3D:B6:F2:06:AA:9F:B9:4F
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Pw4J9mxBPtUKubh-PbbyBqqfuU8.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.102.132.0/23

    Signature Algorithm: sha256WithRSAEncryption
         e6:50:01:fe:af:62:b7:9b:28:0d:2a:f1:71:be:b6:1a:54:ff:
         40:88:3b:6e:10:56:f9:a1:f8:b7:9d:4a:2f:01:28:d3:3a:4c:
         16:b3:ae:bc:d2:6a:e8:bf:fa:2d:d8:8a:69:3a:13:39:0d:80:
         84:59:84:76:90:f1:cd:3c:f8:e8:f0:57:b9:58:b3:bc:c9:61:
         83:4b:31:6b:67:35:6b:54:82:2b:94:99:69:3b:32:66:9e:fa:
         ed:44:c9:20:78:65:cd:5b:b9:99:1e:a8:d7:13:64:e2:ae:75:
         f2:04:92:bb:c7:c8:43:94:20:21:0f:e7:95:4f:64:47:06:a8:
         ed:ed:0f:e0:29:e5:b3:79:98:64:5a:e1:5a:e4:85:96:91:90:
         a1:2d:0f:b1:5f:b8:c0:f5:ae:3c:1c:7a:9a:04:66:64:d7:34:
         ef:17:7d:ab:9d:54:81:f0:e8:19:ec:38:e8:ce:e7:85:db:2d:
         02:f7:2d:09:70:cf:e4:a3:0a:e6:5a:ea:a2:e4:51:d8:fc:98:
         20:4b:b1:53:f9:39:70:da:2d:1a:f6:d6:dd:af:93:76:5d:6b:
         26:d2:4a:7f:12:63:30:f4:67:2c:84:f2:9d:30:48:08:71:64:
         d5:03:57:04:1e:1b:76:12:63:42:83:35:a0:55:1f:be:f4:b6:
         72:44:d6:0a
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAsIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MzAx
NzE3MzZaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDNGMEUwOUY2NkM0MTNF
RDUwQUI5Qjg3RTNEQjZGMjA2QUE5RkI5NEYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDOrcZSi15COE1wOUWhOSSYTf+lyuhGaQdY7F8yhR1VS11GFCZ1
y0MbpAtQgg05xnn2lRz0mN0ZgyOpkiYcHCnqblmNAYGpBSNo5lJ+BUhJksi4J6K/
0dOFU7+gB82Inx2aoS2TfwPEQwoEcGJlTCp8yVdDE2vSgtrOjPxE0zIBGrexShcx
4wDUuwuWOXxHBpr161/b3aRhoZ3Cv4iUm4KpQsYxV8p57Y+/SE6/N4MxHUM5IXYC
JpUm+JeRjqoQFBiyYf278ppDMiDkA1ikkhdb4g8Jul1lLJLhfxUsZUOi4XnwhDy6
ehMQQhbXYL0E5JRmGI3AIflt6gnP/MeqlW3XAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUPw4J9mxBPtUKubh+PbbyBqqfuU8wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1B3NEo5bXhCUHRVS3ViaC1QYmJ5QnFxZnVVOC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExZoQwDQYJKoZIhvcNAQELBQADggEBAOZQAf6vYrebKA0q8XG+thpU/0CI
O24QVvmh+LedSi8BKNM6TBazrrzSaui/+i3Yimk6EzkNgIRZhHaQ8c08+OjwV7lY
s7zJYYNLMWtnNWtUgiuUmWk7Mmae+u1EySB4Zc1buZkeqNcTZOKudfIEkrvHyEOU
ICEP55VPZEcGqO3tD+Ap5bN5mGRa4VrkhZaRkKEtD7FfuMD1rjwcepoEZmTXNO8X
faudVIHw6BnsOOjO54XbLQL3LQlwz+SjCuZa6qLkUdj8mCBLsVP5OXDaLRr21t2v
k3ZdaybSSn8SYzD0ZyyE8p0wSAhxZNUDVwQeG3YSY0KDNaBVH770tnJE1go=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org