Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/QniNJmXvR8yZsHi4N0D4kTxg8-U.roa
File:                     QniNJmXvR8yZsHi4N0D4kTxg8-U.roa (raw, json)
Hash identifier:          LIoIWhKUPXmntkmbOk6Hg01/K3awPgADSzDEBN0CItk=
Subject key identifier:   42:78:8D:26:65:EF:47:CC:99:B0:78:B8:37:40:F8:91:3C:60:F3:E5
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       020B
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/QniNJmXvR8yZsHi4N0D4kTxg8-U.roa
Signing time:             Tue 30 May 2023 16:29:30 +0000
ROA not before:           Tue 30 May 2023 16:29:30 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.76.32.0/19 maxlen: 19

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 523 (0x20b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 30 16:29:30 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=42788D2665EF47CC99B078B83740F8913C60F3E5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c9:ac:af:a2:e4:6c:ba:68:c8:18:65:e2:31:36:
                    16:af:cb:ad:1b:8a:be:38:8c:61:8b:f2:a7:2b:af:
                    ba:7f:ab:6e:d8:11:66:e8:b2:67:f0:69:1f:fb:6f:
                    70:6e:c8:ca:d6:c3:48:48:49:4f:0c:0b:33:1f:da:
                    83:4b:1a:08:42:83:0c:06:ef:17:14:a4:90:c6:73:
                    ee:89:f8:f8:3b:df:fe:a8:11:28:27:4a:3f:69:30:
                    21:48:1b:b7:c8:04:66:21:12:e6:94:df:cc:8a:74:
                    9c:5e:ab:1c:21:5d:ac:22:5b:54:b7:0a:c0:4f:a8:
                    33:1b:1d:78:a7:fb:78:fa:5f:da:c6:50:1a:96:a4:
                    bd:5e:37:98:5e:2b:b3:00:72:e8:f8:08:5b:5c:1f:
                    0a:12:17:70:b2:01:62:ba:80:bc:64:75:b9:b4:37:
                    10:ea:fc:db:31:89:09:53:ee:b3:e0:c9:cc:50:fb:
                    21:b6:26:e3:96:46:69:07:d3:35:cb:cf:c3:88:59:
                    1e:8f:75:23:35:d6:a2:f3:3a:2b:b6:db:ef:0f:76:
                    6a:07:5e:48:4d:ba:01:26:40:31:59:1a:cd:1a:32:
                    e5:1c:6d:91:54:07:0e:50:18:43:2e:a1:29:c3:87:
                    16:ec:01:a6:f5:89:25:2c:f6:05:a3:f2:4d:6e:8f:
                    88:2f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:78:8D:26:65:EF:47:CC:99:B0:78:B8:37:40:F8:91:3C:60:F3:E5
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/QniNJmXvR8yZsHi4N0D4kTxg8-U.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.76.32.0/19

    Signature Algorithm: sha256WithRSAEncryption
         c2:f7:8c:bb:3d:c2:a6:78:8b:c6:ca:6f:d0:5f:84:26:38:c2:
         37:32:cf:a1:af:8c:fa:f8:b3:29:22:f2:91:26:b9:57:fc:b1:
         30:b7:92:c0:06:7d:04:f8:e4:dc:a3:10:2e:93:94:f6:9f:ef:
         69:83:6a:1b:56:0e:09:e6:df:16:33:75:92:df:5e:77:3b:0c:
         40:89:57:ba:52:d5:a0:05:12:2f:4d:85:52:f9:c4:70:d7:75:
         6f:b4:28:c1:1c:64:88:3f:e2:1d:2b:af:87:79:fa:d2:dd:ff:
         28:e0:1b:da:ad:98:c1:fc:8b:8e:40:7f:b6:0b:e7:84:6d:5e:
         dc:bf:5c:3b:ff:0c:41:95:5f:f2:9e:fa:be:39:56:37:a5:03:
         b7:dd:d3:55:7f:86:bc:f5:77:52:b6:e9:ee:5d:0d:85:42:c5:
         30:b1:c1:32:86:c0:6a:c6:93:e3:cc:b9:0a:ce:6f:da:03:e3:
         d1:1f:39:9b:85:de:9c:4e:c8:05:48:cf:d9:ed:cb:15:5b:1c:
         9c:db:3c:96:b7:66:e0:10:e4:16:9a:8e:41:21:48:47:3c:57:
         bf:c4:08:13:82:0d:b4:d6:0a:3a:25:c9:30:e3:f5:b2:62:5a:
         89:9a:95:a4:29:51:ff:77:d4:34:b5:f1:b3:fa:8b:82:71:64:
         35:d0:12:35
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAgswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MzAx
NjI5MzBaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDQyNzg4RDI2NjVFRjQ3
Q0M5OUIwNzhCODM3NDBGODkxM0M2MEYzRTUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDJrK+i5Gy6aMgYZeIxNhavy60bir44jGGL8qcrr7p/q27YEWbo
smfwaR/7b3BuyMrWw0hISU8MCzMf2oNLGghCgwwG7xcUpJDGc+6J+Pg73/6oESgn
Sj9pMCFIG7fIBGYhEuaU38yKdJxeqxwhXawiW1S3CsBPqDMbHXin+3j6X9rGUBqW
pL1eN5heK7MAcuj4CFtcHwoSF3CyAWK6gLxkdbm0NxDq/NsxiQlT7rPgycxQ+yG2
JuOWRmkH0zXLz8OIWR6PdSM11qLzOiu22+8PdmoHXkhNugEmQDFZGs0aMuUcbZFU
Bw5QGEMuoSnDhxbsAab1iSUs9gWj8k1uj4gvAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUQniNJmXvR8yZsHi4N0D4kTxg8+UwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1FuaU5KbVh2Ujh5WnNIaTROMEQ0a1R4ZzgtVS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAUBTCAwDQYJKoZIhvcNAQELBQADggEBAML3jLs9wqZ4i8bKb9BfhCY4wjcy
z6GvjPr4syki8pEmuVf8sTC3ksAGfQT45NyjEC6TlPaf72mDahtWDgnm3xYzdZLf
Xnc7DECJV7pS1aAFEi9NhVL5xHDXdW+0KMEcZIg/4h0rr4d5+tLd/yjgG9qtmMH8
i45Af7YL54RtXty/XDv/DEGVX/Ke+r45VjelA7fd01V/hrz1d1K26e5dDYVCxTCx
wTKGwGrGk+PMuQrOb9oD49EfOZuF3pxOyAVIz9ntyxVbHJzbPJa3ZuAQ5BaajkEh
SEc8V7/ECBOCDbTWCjolyTDj9bJiWomalaQpUf931DS18bP6i4JxZDXQEjU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org