Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/Qk_wGD4E37G5DD67UoLtqyWrHlA.roa
File:                     Qk_wGD4E37G5DD67UoLtqyWrHlA.roa (raw, json)
Hash identifier:          JQzSJbVrri2MI1k4X+VqaWnEJp6ChOwvvYL6sR5y2CE=
Subject key identifier:   42:4F:F0:18:3E:04:DF:B1:B9:0C:3E:BB:52:82:ED:AB:25:AB:1E:50
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       1D
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Qk_wGD4E37G5DD67UoLtqyWrHlA.roa
Signing time:             Tue 21 Mar 2023 17:31:15 +0000
ROA not before:           Tue 21 Mar 2023 17:31:15 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.104.8.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 29 (0x1d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 21 17:31:15 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=424FF0183E04DFB1B90C3EBB5282EDAB25AB1E50
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c4:b8:cc:73:2d:3c:a8:c7:aa:18:88:8b:2e:52:
                    a0:77:94:0d:40:34:0f:b2:9d:9f:ba:0d:a4:5f:41:
                    ba:2a:93:4c:fb:b5:45:44:46:6d:db:3d:97:d1:6f:
                    48:9c:ce:b0:83:5c:38:0e:ca:6a:16:50:e3:b1:a3:
                    c8:d6:6d:40:de:bd:d3:da:55:06:cc:3a:74:73:3f:
                    2c:c9:36:21:4d:bb:d6:8f:50:56:65:c0:66:48:ee:
                    7b:e8:19:6d:96:4a:2c:a4:9f:46:54:18:85:10:e9:
                    b7:24:3c:ac:95:75:70:a9:ab:fa:fe:f4:1c:cf:f5:
                    49:50:ca:2b:c1:19:b7:cb:07:a3:26:88:11:8e:95:
                    1e:fd:7b:97:ea:6a:f0:20:68:2c:5c:58:e2:c2:6f:
                    c5:28:4f:b6:fc:97:c6:8d:7a:43:36:76:ea:b4:2b:
                    5b:68:75:b3:b0:57:f8:65:05:05:41:c6:fd:35:52:
                    f6:ce:9d:3d:0d:bd:e6:12:94:34:53:f5:93:96:e8:
                    71:87:7b:29:9c:54:a7:aa:c2:74:42:1b:9c:62:a5:
                    46:53:17:38:57:aa:1a:0c:05:bb:44:aa:f1:00:e0:
                    3e:46:96:3b:45:b0:ec:77:ee:49:29:00:43:4c:ec:
                    48:ae:d7:aa:7a:4c:5a:78:0a:c2:71:fe:c6:66:63:
                    0d:d5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:4F:F0:18:3E:04:DF:B1:B9:0C:3E:BB:52:82:ED:AB:25:AB:1E:50
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Qk_wGD4E37G5DD67UoLtqyWrHlA.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.104.8.0/24

    Signature Algorithm: sha256WithRSAEncryption
         04:02:37:63:70:25:42:ff:e2:a9:29:91:6f:30:27:b8:79:c5:
         6d:4e:e2:2b:e9:26:ee:2b:e4:a8:d9:c8:00:15:94:6e:e8:28:
         87:65:9e:d0:b4:ac:c2:29:59:09:5b:91:9d:89:26:ce:44:12:
         cf:1b:28:18:b1:27:d3:5c:59:1a:7f:2a:0e:28:1f:39:4f:57:
         46:22:d3:e9:be:e1:fe:cc:e6:51:78:ee:60:da:8b:6b:2c:db:
         68:7c:fc:4b:c8:38:2f:c6:48:9f:a7:a5:db:f6:30:e6:83:55:
         44:ed:d8:1c:29:cf:de:0a:d3:a5:c7:0b:d4:1a:b9:0a:c6:b3:
         13:31:9e:ae:bd:21:d9:0b:5d:ab:05:c5:1c:e1:a8:99:e8:21:
         ba:01:27:18:7a:93:6e:36:89:0c:22:27:b7:31:dc:77:b3:eb:
         9c:2e:5b:cc:ce:eb:82:ee:00:78:9e:a8:fd:54:ad:ee:08:00:
         0d:96:7d:e3:b2:3d:19:ba:62:e4:c2:a8:b4:0e:41:31:41:06:
         fa:ba:71:4b:ff:5e:09:82:6b:2a:e6:97:0a:8d:78:7d:2a:31:
         d2:47:a8:e5:a8:38:39:3e:e7:ce:9d:5b:46:49:99:b7:84:6b:
         3c:c0:a4:93:bf:83:b3:1e:35:b8:80:8f:04:f3:3e:c3:25:5c:
         60:16:b0:43
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBHTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTY1
QjBCMjBEREUwN0E0Qzk3OEUyNDA3M0VBMEUxMTE3QjM3NDczMB4XDTIzMDMyMTE3
MzExNVoXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoNDI0RkYwMTgzRTA0REZC
MUI5MEMzRUJCNTI4MkVEQUIyNUFCMUU1MDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMS4zHMtPKjHqhiIiy5SoHeUDUA0D7Kdn7oNpF9BuiqTTPu1RURG
bds9l9FvSJzOsINcOA7KahZQ47GjyNZtQN6909pVBsw6dHM/LMk2IU271o9QVmXA
Zkjue+gZbZZKLKSfRlQYhRDptyQ8rJV1cKmr+v70HM/1SVDKK8EZt8sHoyaIEY6V
Hv17l+pq8CBoLFxY4sJvxShPtvyXxo16QzZ26rQrW2h1s7BX+GUFBUHG/TVS9s6d
PQ295hKUNFP1k5bocYd7KZxUp6rCdEIbnGKlRlMXOFeqGgwFu0Sq8QDgPkaWO0Ww
7HfuSSkAQ0zsSK7XqnpMWngKwnH+xmZjDdUCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBRCT/AYPgTfsbkMPrtSgu2rJaseUDAfBgNVHSMEGDAWgBRpZbCyDd4HpMl44kBz
6g4RF7N0czAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5L2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJlemRITS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJl
emRITS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvUWtfd0dENEUzN0c1REQ2N1VvTHRxeVdySGxBLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEADFoCDANBgkqhkiG9w0BAQsFAAOCAQEABAI3Y3AlQv/iqSmRbzAnuHnFbU7i
K+km7ivkqNnIABWUbugoh2We0LSswilZCVuRnYkmzkQSzxsoGLEn01xZGn8qDigf
OU9XRiLT6b7h/szmUXjuYNqLayzbaHz8S8g4L8ZIn6el2/Yw5oNVRO3YHCnP3grT
pccL1Bq5CsazEzGerr0h2QtdqwXFHOGomeghugEnGHqTbjaJDCIntzHcd7PrnC5b
zM7rgu4AeJ6o/VSt7ggADZZ947I9Gbpi5MKotA5BMUEG+rpxS/9eCYJrKuaXCo14
fSox0keo5ag4OT7nzp1bRkmZt4RrPMCkk7+Dsx41uICPBPM+wyVcYBawQw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:01 2024 by rpki-client on console-ams.rpki-client.org