Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/TkyD8h6ov9wmA9tuoE-1mPJ2mO0.roa
File:                     TkyD8h6ov9wmA9tuoE-1mPJ2mO0.roa (raw, json)
Hash identifier:          fde7kqAvJT+JsadS8fj+hy9WfwBJC6GH74wAzr+3erE=
Subject key identifier:   4E:4C:83:F2:1E:A8:BF:DC:26:03:DB:6E:A0:4F:B5:98:F2:76:98:ED
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       28
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/TkyD8h6ov9wmA9tuoE-1mPJ2mO0.roa
Signing time:             Mon 27 Mar 2023 16:02:02 +0000
ROA not before:           Mon 27 Mar 2023 16:02:02 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.75.16.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 40 (0x28)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 27 16:02:02 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=4E4C83F21EA8BFDC2603DB6EA04FB598F27698ED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:aa:11:e8:ca:9b:95:11:49:11:27:c9:c6:db:
                    fc:10:bc:b6:d1:e6:79:63:1e:16:3d:48:bc:fe:f4:
                    ca:89:0d:8d:64:6a:08:10:da:72:e5:0b:97:ee:03:
                    7a:2f:8c:eb:32:16:2a:2c:c6:22:7e:28:18:83:77:
                    5e:e0:31:16:12:47:c5:e9:b7:ec:1a:fa:09:3a:b2:
                    07:c1:64:48:9e:dc:f6:41:fc:5b:a2:69:3d:38:1a:
                    90:1b:1e:e6:dd:f8:d4:8d:d8:4f:69:96:53:07:c0:
                    22:55:d0:41:d6:0f:12:d3:31:76:ee:ff:4c:5f:e4:
                    58:ff:e4:73:e5:dd:0c:35:7f:d4:13:9f:26:b0:bd:
                    ab:51:05:32:85:b0:f8:98:29:0b:7f:69:59:44:d2:
                    e2:cc:6d:25:b4:7b:37:e2:e0:da:56:f3:4c:f5:ce:
                    ad:de:fd:7b:2d:0f:a1:c3:30:bf:95:3d:ee:0b:40:
                    7d:02:45:5c:91:db:87:dd:ad:20:8a:84:01:bf:7c:
                    b4:01:c4:0c:07:83:b0:34:74:2b:dc:5b:50:6d:be:
                    33:be:a6:87:43:eb:ca:79:92:fc:45:73:82:f7:6c:
                    10:00:61:d3:52:41:39:79:79:82:36:e2:c7:9e:55:
                    06:bc:cf:81:da:e0:c2:ac:ff:31:96:d4:ad:2b:4c:
                    ae:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:4C:83:F2:1E:A8:BF:DC:26:03:DB:6E:A0:4F:B5:98:F2:76:98:ED
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/TkyD8h6ov9wmA9tuoE-1mPJ2mO0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.75.16.0/21

    Signature Algorithm: sha256WithRSAEncryption
         36:a0:ee:ed:ee:7d:42:ff:d2:e1:70:bb:43:45:83:75:42:8c:
         01:97:bc:76:6c:7e:35:60:98:da:fa:b8:25:c9:6e:ab:dd:de:
         c5:1e:28:a0:54:15:04:64:f2:46:c5:ef:48:0a:df:dd:ee:3f:
         06:fe:d7:9c:91:ac:a3:93:2c:8e:48:d9:ba:d0:45:fc:23:1b:
         a1:bd:e5:0b:42:64:6d:04:32:de:d3:67:f7:a7:42:44:97:2c:
         ce:a8:4c:95:d0:7a:01:30:5c:a5:37:c5:80:40:18:a8:43:ec:
         48:7e:70:65:ef:f9:a4:1b:08:fe:32:87:92:dc:41:f2:fc:0d:
         af:3e:3a:63:2c:60:f8:74:37:34:fb:c2:c3:d3:f0:7e:de:af:
         e7:c6:f4:9f:a5:05:a9:97:3b:3c:dd:31:59:5a:64:33:68:73:
         20:f0:e1:d6:1d:55:87:25:1f:46:58:1f:59:6b:73:17:db:ff:
         b8:45:2e:8b:ea:4c:7a:cd:28:cd:b6:bb:8b:3a:18:f8:2c:85:
         0a:36:a0:4e:5a:50:ae:2f:27:c0:05:47:9c:83:16:0c:3d:65:
         6b:7b:9d:15:ee:9f:dd:47:e3:aa:00:5f:f9:06:a5:ec:97:d9:
         45:2d:e2:5d:56:47:59:3b:5f:75:28:b5:e9:fd:55:c5:d8:34:
         f4:20:b0:21
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTY1
QjBCMjBEREUwN0E0Qzk3OEUyNDA3M0VBMEUxMTE3QjM3NDczMB4XDTIzMDMyNzE2
MDIwMloXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoNEU0QzgzRjIxRUE4QkZE
QzI2MDNEQjZFQTA0RkI1OThGMjc2OThFRDCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALWqEejKm5URSREnycbb/BC8ttHmeWMeFj1IvP70yokNjWRqCBDa
cuULl+4Dei+M6zIWKizGIn4oGIN3XuAxFhJHxem37Br6CTqyB8FkSJ7c9kH8W6Jp
PTgakBse5t341I3YT2mWUwfAIlXQQdYPEtMxdu7/TF/kWP/kc+XdDDV/1BOfJrC9
q1EFMoWw+JgpC39pWUTS4sxtJbR7N+Lg2lbzTPXOrd79ey0PocMwv5U97gtAfQJF
XJHbh92tIIqEAb98tAHEDAeDsDR0K9xbUG2+M76mh0PrynmS/EVzgvdsEABh01JB
OXl5gjbix55VBrzPgdrgwqz/MZbUrStMrosCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBROTIPyHqi/3CYD226gT7WY8naY7TAfBgNVHSMEGDAWgBRpZbCyDd4HpMl44kBz
6g4RF7N0czAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5L2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJlemRITS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJl
emRITS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvVGt5RDhoNm92OXdtQTl0dW9FLTFtUEoybU8wLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAwFLEDANBgkqhkiG9w0BAQsFAAOCAQEANqDu7e59Qv/S4XC7Q0WDdUKMAZe8
dmx+NWCY2vq4Jcluq93exR4ooFQVBGTyRsXvSArf3e4/Bv7XnJGso5MsjkjZutBF
/CMbob3lC0JkbQQy3tNn96dCRJcszqhMldB6ATBcpTfFgEAYqEPsSH5wZe/5pBsI
/jKHktxB8vwNrz46Yyxg+HQ3NPvCw9Pwft6v58b0n6UFqZc7PN0xWVpkM2hzIPDh
1h1VhyUfRlgfWWtzF9v/uEUui+pMes0ozba7izoY+CyFCjagTlpQri8nwAVHnIMW
DD1la3udFe6f3UfjqgBf+Qal7JfZRS3iXVZHWTtfdSi16f1Vxdg09CCwIQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:01 2024 by rpki-client on console-ams.rpki-client.org