Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/RfueAsqgQXwcoPj_tq2ViamWrTU.roa
File:                     RfueAsqgQXwcoPj_tq2ViamWrTU.roa (raw, json)
Hash identifier:          L7RgmK78rfs2V0ezNPmBOok0ngdiQZQWMxuqjzmhDu0=
Subject key identifier:   45:FB:9E:02:CA:A0:41:7C:1C:A0:F8:FF:B6:AD:95:89:A9:96:AD:35
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       21
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/RfueAsqgQXwcoPj_tq2ViamWrTU.roa
Signing time:             Mon 27 Mar 2023 16:01:55 +0000
ROA not before:           Mon 27 Mar 2023 16:01:55 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.66.100.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 33 (0x21)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 27 16:01:55 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=45FB9E02CAA0417C1CA0F8FFB6AD9589A996AD35
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:4b:9a:30:9f:fe:41:c4:d2:bd:58:f1:6a:fc:
                    76:ca:97:68:0f:d9:8c:bf:39:2d:ab:6c:5e:05:e9:
                    7d:dd:f3:d9:e7:b7:eb:a9:11:c7:58:ef:fd:63:bd:
                    e2:dd:fb:c5:61:80:45:eb:f1:48:99:87:da:09:6c:
                    f3:63:31:ae:25:71:d3:80:89:14:36:a9:7c:bf:47:
                    34:8a:dd:d9:cf:d3:82:1e:e5:dd:d5:7a:4b:3e:18:
                    fe:df:b6:69:d0:57:8c:23:c3:d2:40:00:6f:8c:27:
                    e9:41:c9:15:b7:97:b3:e1:8b:3d:f5:6f:05:14:95:
                    36:85:5d:9b:b2:be:af:f8:72:34:8a:a6:6d:b2:47:
                    44:72:f8:f1:01:85:8f:f8:27:18:d8:29:0d:aa:58:
                    4d:f4:89:ac:d3:21:0b:db:6e:7f:ae:c1:64:f3:39:
                    8b:ea:fc:8f:aa:90:8c:d0:c7:0c:95:50:3b:4c:bf:
                    2a:81:23:5c:c2:6b:ae:7c:60:d7:f6:bd:c7:ad:73:
                    bf:90:0b:68:27:5f:a2:d0:3b:b2:3f:aa:36:10:d0:
                    8a:cb:98:aa:ff:33:04:1c:7f:51:d0:d1:d7:97:a1:
                    c5:4d:97:88:a0:8f:75:8b:dd:65:bd:74:3f:8f:0b:
                    6b:63:78:06:63:8f:db:10:6c:7b:09:21:60:83:2e:
                    02:09
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                45:FB:9E:02:CA:A0:41:7C:1C:A0:F8:FF:B6:AD:95:89:A9:96:AD:35
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/RfueAsqgQXwcoPj_tq2ViamWrTU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.66.100.0/22

    Signature Algorithm: sha256WithRSAEncryption
         36:99:a3:ca:95:f7:be:52:2c:ea:ff:e0:a3:e8:29:2c:1e:d4:
         e5:af:e8:f0:77:a0:e8:c6:8b:42:70:c3:15:73:0b:71:35:99:
         f7:34:a7:9b:22:8c:ba:2a:a8:12:d0:0d:9e:3d:ef:4a:71:dc:
         93:e7:c3:35:e8:95:c9:02:d7:ea:0b:47:01:77:3c:49:83:c3:
         d1:25:38:4b:32:ae:0f:56:ad:7d:a4:54:7c:9b:74:a5:52:98:
         df:76:98:e5:4c:48:79:47:2f:c3:c6:06:56:88:eb:be:1d:73:
         2b:7d:1e:cd:ed:2c:e0:07:52:d1:37:5d:54:df:97:6c:a7:8c:
         b0:a9:b4:a0:71:13:73:c1:55:7e:e9:87:e3:fc:d5:89:ca:e1:
         21:20:05:1c:17:b3:58:3f:35:4a:08:9d:99:d2:27:c1:bf:4f:
         e0:cb:72:44:47:bd:ed:ca:cd:a4:ca:d2:09:9b:5d:8c:25:a8:
         20:a1:ef:44:32:5a:01:86:9b:72:6e:b3:50:65:a9:b2:55:bd:
         1f:c8:34:95:0a:f7:b5:ff:3c:35:f0:07:37:10:32:7e:9b:73:
         bb:ae:b0:0d:0b:af:46:5b:68:44:5b:e2:9a:d0:f5:64:cc:e5:
         2d:40:cc:83:54:a3:74:a2:3c:ca:e9:b5:ea:ea:79:6f:0e:a7:
         4d:7d:3e:5b
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTY1
QjBCMjBEREUwN0E0Qzk3OEUyNDA3M0VBMEUxMTE3QjM3NDczMB4XDTIzMDMyNzE2
MDE1NVoXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoNDVGQjlFMDJDQUEwNDE3
QzFDQTBGOEZGQjZBRDk1ODlBOTk2QUQzNTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAKJLmjCf/kHE0r1Y8Wr8dsqXaA/ZjL85LatsXgXpfd3z2ee366kR
x1jv/WO94t37xWGARevxSJmH2gls82MxriVx04CJFDapfL9HNIrd2c/Tgh7l3dV6
Sz4Y/t+2adBXjCPD0kAAb4wn6UHJFbeXs+GLPfVvBRSVNoVdm7K+r/hyNIqmbbJH
RHL48QGFj/gnGNgpDapYTfSJrNMhC9tuf67BZPM5i+r8j6qQjNDHDJVQO0y/KoEj
XMJrrnxg1/a9x61zv5ALaCdfotA7sj+qNhDQisuYqv8zBBx/UdDR15ehxU2XiKCP
dYvdZb10P48La2N4BmOP2xBsewkhYIMuAgkCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBRF+54CyqBBfByg+P+2rZWJqZatNTAfBgNVHSMEGDAWgBRpZbCyDd4HpMl44kBz
6g4RF7N0czAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5L2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJlemRITS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJl
emRITS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvUmZ1ZUFzcWdRWHdjb1BqX3RxMlZpYW1XclRVLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAgFCZDANBgkqhkiG9w0BAQsFAAOCAQEANpmjypX3vlIs6v/go+gpLB7U5a/o
8Heg6MaLQnDDFXMLcTWZ9zSnmyKMuiqoEtANnj3vSnHck+fDNeiVyQLX6gtHAXc8
SYPD0SU4SzKuD1atfaRUfJt0pVKY33aY5UxIeUcvw8YGVojrvh1zK30eze0s4AdS
0TddVN+XbKeMsKm0oHETc8FVfumH4/zVicrhISAFHBezWD81SgidmdInwb9P4Mty
REe97crNpMrSCZtdjCWoIKHvRDJaAYabcm6zUGWpslW9H8g0lQr3tf88NfAHNxAy
fptzu66wDQuvRltoRFvimtD1ZMzlLUDMg1SjdKI8yum16up5bw6nTX0+Ww==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:01 2024 by rpki-client on console-ams.rpki-client.org