Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/QcFHauWohjDwoyIl3jFwQ0yCYMI.roa
File:                     QcFHauWohjDwoyIl3jFwQ0yCYMI.roa (raw, json)
Hash identifier:          KrHfK3hg15HqDfSCEzu3UO7yDgn/m8nMSJa0ipx/zfg=
Subject key identifier:   41:C1:47:6A:E5:A8:86:30:F0:A3:22:25:DE:31:70:43:4C:82:60:C2
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       01B9
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/QcFHauWohjDwoyIl3jFwQ0yCYMI.roa
Signing time:             Wed 24 May 2023 16:37:09 +0000
ROA not before:           Wed 24 May 2023 16:37:09 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.79.74.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 441 (0x1b9)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 24 16:37:09 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=41C1476AE5A88630F0A32225DE3170434C8260C2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a4:26:3a:8b:fc:b4:75:25:00:59:8d:df:11:2c:
                    c7:5a:8f:4a:b4:b8:2c:1e:f6:f5:d9:f6:a7:12:0c:
                    41:50:1b:28:f5:05:60:d5:a8:6d:da:b2:9c:44:f2:
                    7c:3e:62:d1:6b:18:0c:b0:c7:71:22:76:79:b0:b5:
                    79:d4:17:81:0d:a7:61:de:a1:c8:3f:72:66:da:b4:
                    6c:eb:0e:e3:69:64:ef:06:69:a1:93:10:b1:da:61:
                    1c:57:86:d5:54:d7:45:dc:a9:cc:f4:53:27:11:3e:
                    16:84:b5:a2:44:4d:b4:63:d8:52:73:6b:b1:66:15:
                    63:4d:8e:d8:dd:87:e9:d6:84:3e:34:ac:24:2c:c3:
                    3a:66:b1:c8:fc:bd:6f:4d:ca:1a:49:8c:2f:e8:89:
                    07:48:36:17:8d:8a:22:ab:d7:4d:52:e2:66:03:11:
                    b4:cb:e3:bd:34:2c:20:08:cd:43:c3:9d:95:2d:93:
                    0f:1c:cd:aa:44:c3:1c:51:0b:84:db:70:38:74:c5:
                    04:86:99:6b:27:4a:a1:b3:c7:b0:2a:7e:d9:83:37:
                    03:92:3f:46:f4:0e:6a:2d:d7:f0:79:3c:f8:e9:b9:
                    d3:f6:1f:ab:ef:ab:bf:b0:c2:ef:2d:bf:31:39:e1:
                    a5:4f:72:36:6d:d4:6c:82:36:58:f5:ba:1a:21:c5:
                    ca:3f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                41:C1:47:6A:E5:A8:86:30:F0:A3:22:25:DE:31:70:43:4C:82:60:C2
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/QcFHauWohjDwoyIl3jFwQ0yCYMI.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.79.74.0/24

    Signature Algorithm: sha256WithRSAEncryption
         a7:67:ad:37:7c:51:8f:56:c2:25:ee:fc:90:eb:a6:4f:3a:c8:
         cf:98:85:f9:21:07:d6:ea:81:f3:16:6f:65:ae:92:93:78:bf:
         a2:b9:74:3b:ce:04:88:1e:95:9e:78:e5:4f:af:db:27:53:ed:
         fa:5c:1e:71:6b:32:1b:19:0c:3c:2d:52:d2:9f:70:98:bb:d1:
         56:1c:b5:37:e2:ed:fc:89:3d:95:41:78:2b:1f:a2:8e:be:0d:
         a3:75:e7:2c:c6:92:bb:ad:37:67:7a:00:c5:a8:35:d6:6b:54:
         53:34:30:55:56:de:91:cd:d6:0d:39:6c:a4:75:50:e0:ea:83:
         38:7d:61:18:25:c0:2f:1b:8a:ad:71:71:61:5e:8a:2c:94:b3:
         b9:87:25:5e:70:98:11:cd:ac:84:2c:2a:27:a3:ab:f4:82:1c:
         4e:1e:c9:28:42:76:10:a8:d0:60:c6:d4:09:dd:df:bd:fa:a3:
         5f:18:14:eb:14:f5:6a:bd:32:16:e6:ab:37:de:cb:f6:f8:6e:
         0c:93:3b:0d:91:cf:8f:75:8e:2d:1b:05:18:8d:0d:ec:1f:bb:
         8a:55:91:05:04:f3:aa:ad:d0:73:f9:76:e8:9e:fc:8a:22:5d:
         d0:52:64:38:24:6d:f2:75:23:b9:ed:c3:1b:13:d9:4c:31:0d:
         ea:d7:70:c4
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAbkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MjQx
NjM3MDlaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDQxQzE0NzZBRTVBODg2
MzBGMEEzMjIyNURFMzE3MDQzNEM4MjYwQzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCkJjqL/LR1JQBZjd8RLMdaj0q0uCwe9vXZ9qcSDEFQGyj1BWDV
qG3aspxE8nw+YtFrGAywx3EidnmwtXnUF4ENp2Heocg/cmbatGzrDuNpZO8GaaGT
ELHaYRxXhtVU10Xcqcz0UycRPhaEtaJETbRj2FJza7FmFWNNjtjdh+nWhD40rCQs
wzpmscj8vW9NyhpJjC/oiQdINheNiiKr101S4mYDEbTL4700LCAIzUPDnZUtkw8c
zapEwxxRC4TbcDh0xQSGmWsnSqGzx7AqftmDNwOSP0b0Dmot1/B5PPjpudP2H6vv
q7+wwu8tvzE54aVPcjZt1GyCNlj1uhohxco/AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUQcFHauWohjDwoyIl3jFwQ0yCYMIwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1FjRkhhdVdvaGpEd295SWwzakZ3UTB5Q1lNSS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAABT0owDQYJKoZIhvcNAQELBQADggEBAKdnrTd8UY9WwiXu/JDrpk86yM+Y
hfkhB9bqgfMWb2WukpN4v6K5dDvOBIgelZ545U+v2ydT7fpcHnFrMhsZDDwtUtKf
cJi70VYctTfi7fyJPZVBeCsfoo6+DaN15yzGkrutN2d6AMWoNdZrVFM0MFVW3pHN
1g05bKR1UODqgzh9YRglwC8biq1xcWFeiiyUs7mHJV5wmBHNrIQsKiejq/SCHE4e
yShCdhCo0GDG1And3736o18YFOsU9Wq9Mhbmqzfey/b4bgyTOw2Rz491ji0bBRiN
Dewfu4pVkQUE86qt0HP5duie/IoiXdBSZDgkbfJ1I7ntwxsT2UwxDerXcMQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:01 2024 by rpki-client on console-ams.rpki-client.org