Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/QXn-xAkJjFQ0SLlGT6lO6Glb6MM.roa
File:                     QXn-xAkJjFQ0SLlGT6lO6Glb6MM.roa (raw, json)
Hash identifier:          21nwm8WlxXoC9DN7OzIt7z8Sa9D7qskquRbuRiJPEto=
Subject key identifier:   41:79:FE:C4:09:09:8C:54:34:48:B9:46:4F:A9:4E:E8:69:5B:E8:C3
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       B7
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/QXn-xAkJjFQ0SLlGT6lO6Glb6MM.roa
Signing time:             Wed 29 Mar 2023 16:05:55 +0000
ROA not before:           Wed 29 Mar 2023 16:05:55 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.96.2.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 183 (0xb7)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 29 16:05:55 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=4179FEC409098C543448B9464FA94EE8695BE8C3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:07:b1:87:53:34:35:da:20:58:94:66:bb:4a:
                    0b:9e:ed:48:a4:84:0e:f4:3e:af:05:a9:81:3d:90:
                    c8:51:7d:7e:e3:e5:3f:ac:dc:01:cc:a0:d8:b6:aa:
                    a2:06:98:05:d0:8f:b8:5b:f7:ad:03:d9:ab:f6:23:
                    25:7a:55:d9:95:eb:18:a3:af:09:85:2c:09:bd:c8:
                    5b:09:5c:16:ea:e6:df:fa:89:e1:1b:f1:b1:59:53:
                    8e:03:33:9b:72:e6:fd:b0:ea:8f:53:b5:f4:1a:c0:
                    32:7b:5d:ca:8d:3b:25:f1:c1:35:b5:b3:eb:ce:64:
                    3d:cc:ef:6a:08:30:ec:57:25:7d:ec:b9:7c:26:b5:
                    51:6b:2a:cc:73:11:12:55:80:16:f6:fb:2f:ad:df:
                    7f:8f:5b:9b:30:00:46:7b:83:50:4d:3c:fb:cc:6f:
                    95:83:6e:3c:7f:c7:85:28:4a:e8:51:8f:08:11:02:
                    06:67:8a:58:5a:15:89:90:0c:69:3e:b0:fb:1f:ef:
                    c8:1e:69:12:b5:e3:44:a5:8b:ec:d0:1b:c6:c6:a3:
                    fc:13:39:ca:8c:d7:37:b6:2c:09:2a:96:b7:7f:9d:
                    fd:4f:3c:80:a7:82:5c:b3:c3:e8:8a:79:52:48:01:
                    f4:df:3c:b6:9e:ab:55:95:2c:d2:2e:40:36:14:6f:
                    ec:95
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:79:FE:C4:09:09:8C:54:34:48:B9:46:4F:A9:4E:E8:69:5B:E8:C3
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/QXn-xAkJjFQ0SLlGT6lO6Glb6MM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.96.2.0/23

    Signature Algorithm: sha256WithRSAEncryption
         b5:00:af:8e:f4:ab:dc:b7:c1:b1:2a:c7:02:5a:64:1e:1b:17:
         e4:4d:71:ac:47:c4:7e:d0:f9:6d:2a:90:83:24:c4:b1:0e:24:
         55:3c:a9:d0:ee:54:20:69:9b:b2:11:40:dc:ce:e9:77:8e:c2:
         98:36:bd:19:4d:0c:42:f7:20:10:3f:c8:24:45:05:fa:f7:be:
         3e:0f:19:25:49:13:54:8d:be:c0:28:66:f6:05:4e:18:a0:d2:
         a3:ca:e0:22:b1:e9:ba:eb:77:7a:46:ef:97:0d:c0:88:b9:7f:
         7d:60:71:dc:67:0d:76:0b:f3:1c:d7:2d:40:52:4e:26:20:ea:
         ed:7d:df:0e:cd:8f:3e:68:9c:de:bc:24:2c:9a:87:b7:bc:6c:
         e0:c2:74:cc:2d:cd:f3:33:e8:31:94:c9:60:aa:ea:86:24:9f:
         79:3f:7b:a7:6f:f6:f0:e5:e8:2f:83:82:fc:cb:96:55:e9:b0:
         f3:f8:97:48:72:1d:66:ea:c3:84:12:b8:dc:e1:80:97:bd:0a:
         01:1e:ee:09:3c:c6:a0:96:f9:25:d8:77:56:ea:22:f3:8c:98:
         9a:e2:ef:7d:5d:65:d8:63:e9:8c:dd:78:4d:04:cf:36:d9:08:
         69:cf:34:06:5d:b4:70:f1:fe:19:60:b9:b0:68:66:14:1b:bd:
         f1:38:e8:7f
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICALcwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzAzMjkx
NjA1NTVaFw0yNDAzMTQwMTMwMDJaMDMxMTAvBgNVBAMTKDQxNzlGRUM0MDkwOThD
NTQzNDQ4Qjk0NjRGQTk0RUU4Njk1QkU4QzMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC7B7GHUzQ12iBYlGa7Sgue7UikhA70Pq8FqYE9kMhRfX7j5T+s
3AHMoNi2qqIGmAXQj7hb960D2av2IyV6VdmV6xijrwmFLAm9yFsJXBbq5t/6ieEb
8bFZU44DM5ty5v2w6o9TtfQawDJ7XcqNOyXxwTW1s+vOZD3M72oIMOxXJX3suXwm
tVFrKsxzERJVgBb2+y+t33+PW5swAEZ7g1BNPPvMb5WDbjx/x4UoSuhRjwgRAgZn
ilhaFYmQDGk+sPsf78geaRK140Sli+zQG8bGo/wTOcqM1ze2LAkqlrd/nf1PPICn
glyzw+iKeVJIAfTfPLaeq1WVLNIuQDYUb+yVAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUQXn+xAkJjFQ0SLlGT6lO6Glb6MMwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1FYbi14QWtKakZRMFNMbEdUNmxPNkdsYjZNTS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExYAIwDQYJKoZIhvcNAQELBQADggEBALUAr470q9y3wbEqxwJaZB4bF+RN
caxHxH7Q+W0qkIMkxLEOJFU8qdDuVCBpm7IRQNzO6XeOwpg2vRlNDEL3IBA/yCRF
Bfr3vj4PGSVJE1SNvsAoZvYFThig0qPK4CKx6brrd3pG75cNwIi5f31gcdxnDXYL
8xzXLUBSTiYg6u193w7Njz5onN68JCyah7e8bODCdMwtzfMz6DGUyWCq6oYkn3k/
e6dv9vDl6C+DgvzLllXpsPP4l0hyHWbqw4QSuNzhgJe9CgEe7gk8xqCW+SXYd1bq
IvOMmJri731dZdhj6YzdeE0EzzbZCGnPNAZdtHDx/hlgubBoZhQbvfE46H8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org