Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/Sz1TXcTG1Kns9dMugzQNP9OAXKE.roa
File:                     Sz1TXcTG1Kns9dMugzQNP9OAXKE.roa (raw, json)
Hash identifier:          ZfVlGLcBMLNlY916gsCVm20LGG8sT3y//V6sKW0A+IM=
Subject key identifier:   4B:3D:53:5D:C4:C6:D4:A9:EC:F5:D3:2E:83:34:0D:3F:D3:80:5C:A1
Certificate issuer:       /CN=F89E0F15C1E20E191AAF17288F6E30FF01869A6E
Certificate serial:       21
Authority key identifier: F8:9E:0F:15:C1:E2:0E:19:1A:AF:17:28:8F:6E:30:FF:01:86:9A:6E
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/-J4PFcHiDhkarxcoj24w_wGGmm4.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Sz1TXcTG1Kns9dMugzQNP9OAXKE.roa
Signing time:             Tue 30 May 2023 17:17:31 +0000
ROA not before:           Tue 30 May 2023 17:17:31 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        160.249.112.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 33 (0x21)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=F89E0F15C1E20E191AAF17288F6E30FF01869A6E
        Validity
            Not Before: May 30 17:17:31 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=4B3D535DC4C6D4A9ECF5D32E83340D3FD3805CA1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d6:70:f1:7f:1a:03:5a:c0:28:4a:25:ab:e7:e1:
                    bc:f4:ac:4a:7a:3c:d8:2b:39:95:80:96:ae:e4:0d:
                    e0:ec:b1:6e:cb:79:8a:1b:cd:eb:ee:05:9b:f9:e6:
                    c1:e5:fe:82:7f:f0:5c:0f:c4:d5:a3:5e:ca:a3:3a:
                    8c:60:14:6a:b0:5b:9a:8a:98:0e:96:08:57:b4:a2:
                    c6:48:f4:69:19:9b:49:07:17:b2:7c:2b:4e:f3:e6:
                    9e:98:0b:ac:b0:ed:be:4d:72:c0:84:ac:82:fc:b0:
                    ef:15:d5:24:f9:08:ba:a6:9f:4b:90:ef:f7:cb:d1:
                    85:9f:6a:d7:9e:ae:fa:b9:24:42:f5:eb:8a:93:cf:
                    3c:bf:2a:04:50:5d:77:b4:7e:50:a4:85:22:9a:e6:
                    82:84:3f:f4:85:e9:83:f9:c9:bf:15:5b:a1:27:60:
                    7d:da:45:eb:07:a5:70:e0:4c:f4:cd:ea:a7:5a:3e:
                    28:7c:39:6e:75:22:60:3b:80:b4:d5:aa:33:d0:61:
                    48:0f:8e:6a:c2:d7:a4:7b:f0:99:41:21:26:7f:9f:
                    30:fc:40:3a:c3:88:bf:c3:b5:31:68:76:0d:74:6b:
                    28:3d:46:c7:2b:b6:b3:bf:81:4c:58:be:7e:59:41:
                    d3:85:00:90:be:3b:20:fe:3f:a7:5f:9b:83:36:b8:
                    88:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4B:3D:53:5D:C4:C6:D4:A9:EC:F5:D3:2E:83:34:0D:3F:D3:80:5C:A1
            X509v3 Authority Key Identifier:
                keyid:F8:9E:0F:15:C1:E2:0E:19:1A:AF:17:28:8F:6E:30:FF:01:86:9A:6E

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/-J4PFcHiDhkarxcoj24w_wGGmm4.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/-J4PFcHiDhkarxcoj24w_wGGmm4.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Sz1TXcTG1Kns9dMugzQNP9OAXKE.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  160.249.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         20:e7:f5:f7:54:c7:78:9d:c9:f3:de:ed:d2:85:07:c0:e2:e7:
         ae:0f:7c:5f:5d:4f:22:97:e1:c8:72:09:0f:5f:a1:9e:6a:b3:
         90:2e:a2:48:19:bd:a3:af:f1:a0:a2:57:32:5f:e0:f1:fa:b8:
         90:f3:f0:58:b5:7a:b2:6a:db:ff:b2:bc:e6:68:14:40:71:6b:
         cf:03:60:67:2b:a2:bb:2b:25:70:73:17:7a:cf:28:9e:13:ab:
         1b:2b:e0:b8:1b:44:fc:23:7d:52:57:c8:97:38:f5:7f:fa:e0:
         71:12:c5:02:17:b2:1f:11:ff:e6:b8:6b:13:a9:71:37:13:ce:
         b5:a5:37:19:3c:ee:0b:18:ce:ac:ac:49:77:5d:8c:3e:c5:49:
         7b:5b:a3:89:36:52:a5:4f:19:ae:c8:77:e5:e2:2b:55:91:82:
         99:71:26:7d:81:76:b0:25:d7:f0:53:92:55:01:c7:6c:8b:f7:
         22:d6:ec:c8:6d:ae:23:ac:00:5e:b5:de:a6:2f:c8:af:aa:13:
         44:31:d2:10:c3:a5:f7:3f:34:8b:38:49:05:1f:24:5d:58:33:
         7c:3f:ec:8c:95:a9:07:90:d8:69:79:10:30:9a:16:91:0b:65:
         18:07:55:ae:3e:a4:e5:5b:18:02:d7:65:b1:f2:6f:32:86:07:
         ed:c0:60:e0
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBITANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhGODlF
MEYxNUMxRTIwRTE5MUFBRjE3Mjg4RjZFMzBGRjAxODY5QTZFMB4XDTIzMDUzMDE3
MTczMVoXDTI0MDUxNDAxMzAwMlowMzExMC8GA1UEAxMoNEIzRDUzNURDNEM2RDRB
OUVDRjVEMzJFODMzNDBEM0ZEMzgwNUNBMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANZw8X8aA1rAKEolq+fhvPSsSno82Cs5lYCWruQN4Oyxbst5ihvN
6+4Fm/nmweX+gn/wXA/E1aNeyqM6jGAUarBbmoqYDpYIV7Sixkj0aRmbSQcXsnwr
TvPmnpgLrLDtvk1ywISsgvyw7xXVJPkIuqafS5Dv98vRhZ9q156u+rkkQvXripPP
PL8qBFBdd7R+UKSFIprmgoQ/9IXpg/nJvxVboSdgfdpF6welcOBM9M3qp1o+KHw5
bnUiYDuAtNWqM9BhSA+OasLXpHvwmUEhJn+fMPxAOsOIv8O1MWh2DXRrKD1Gxyu2
s7+BTFi+fllB04UAkL47IP4/p1+bgza4iB8CAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBRLPVNdxMbUqez10y6DNA0/04BcoTAfBgNVHSMEGDAWgBT4ng8VweIOGRqvFyiP
bjD/AYaabjAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5Ly1KNFBGY0hpRGhrYXJ4Y29qMjR3X3dHR21tNC5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwLy1KNFBGY0hpRGhrYXJ4Y29qMjR3X3dH
R21tNC5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvU3oxVFhjVEcxS25zOWRNdWd6UU5QOU9BWEtFLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBKD5cDANBgkqhkiG9w0BAQsFAAOCAQEAIOf191THeJ3J897t0oUHwOLnrg98
X11PIpfhyHIJD1+hnmqzkC6iSBm9o6/xoKJXMl/g8fq4kPPwWLV6smrb/7K85mgU
QHFrzwNgZyuiuyslcHMXes8onhOrGyvguBtE/CN9UlfIlzj1f/rgcRLFAheyHxH/
5rhrE6lxNxPOtaU3GTzuCxjOrKxJd12MPsVJe1ujiTZSpU8Zrsh35eIrVZGCmXEm
fYF2sCXX8FOSVQHHbIv3ItbsyG2uI6wAXrXepi/Ir6oTRDHSEMOl9z80izhJBR8k
XVgzfD/sjJWpB5DYaXkQMJoWkQtlGAdVrj6k5VsYAtdlsfJvMoYH7cBg4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:01 2024 by rpki-client on console-ams.rpki-client.org