Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/Trb2v8jwHxQ24_mECO1y0Umuwhk.roa
File:                     Trb2v8jwHxQ24_mECO1y0Umuwhk.roa (raw, json)
Hash identifier:          KYvs7RVjyI/CT+lBuYBscdp99MXEiPc+37O/wndJukQ=
Subject key identifier:   4E:B6:F6:BF:C8:F0:1F:14:36:E3:F9:84:08:ED:72:D1:49:AE:C2:19
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       023C
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Trb2v8jwHxQ24_mECO1y0Umuwhk.roa
Signing time:             Tue 30 May 2023 16:32:22 +0000
ROA not before:           Tue 30 May 2023 16:32:22 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        220.210.48.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 572 (0x23c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 30 16:32:22 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=4EB6F6BFC8F01F1436E3F98408ED72D149AEC219
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ac:f9:e3:d8:ef:7e:01:20:c2:c6:67:ab:d8:38:
                    4e:b7:75:2c:db:82:44:d5:4a:f2:48:0b:c6:e2:c8:
                    80:c2:82:91:dc:c0:3f:bb:51:86:eb:78:ce:ac:73:
                    c0:99:3c:bb:2b:de:c5:d2:fd:76:45:21:15:4a:5b:
                    87:e1:1b:06:c1:2f:28:c5:a8:3f:5e:54:77:75:67:
                    c4:0d:49:6b:b4:64:6c:e9:88:83:c6:84:6c:93:86:
                    40:59:1b:f8:7d:b3:9c:c4:96:67:bc:0f:19:7a:1d:
                    fa:70:9c:22:e3:3c:c0:0b:f2:52:87:52:18:46:fd:
                    21:44:e7:32:0c:6b:e0:24:f4:91:48:40:26:ba:2f:
                    48:75:46:c3:74:c6:be:38:e4:ad:1e:32:10:2c:fc:
                    c0:a6:af:e3:d2:11:56:8d:af:7f:17:58:84:6d:84:
                    19:2d:46:ab:f1:3e:90:c3:d3:9a:d0:82:24:3a:58:
                    2f:02:1e:e0:9d:cd:95:76:cf:70:9c:34:66:c5:3f:
                    a6:19:12:71:5b:57:96:25:52:37:09:ff:78:de:f2:
                    4f:1c:7c:e4:13:f5:3a:a2:4b:bc:3a:2a:10:79:a0:
                    9f:e0:bd:ff:93:87:26:2d:6c:39:55:9a:09:48:c0:
                    ce:65:76:ef:fb:a3:12:86:be:3a:c3:4d:cc:b5:3e:
                    1e:7d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4E:B6:F6:BF:C8:F0:1F:14:36:E3:F9:84:08:ED:72:D1:49:AE:C2:19
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/Trb2v8jwHxQ24_mECO1y0Umuwhk.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.210.48.0/21

    Signature Algorithm: sha256WithRSAEncryption
         aa:92:06:b4:4f:1d:7a:67:16:0f:29:03:42:9e:83:df:e1:b6:
         b2:7c:aa:f8:3a:99:40:4e:ff:f0:4f:78:73:67:c8:d5:7d:ac:
         09:1f:ce:18:a2:3a:96:9c:8a:a1:0d:2f:14:05:4e:05:66:3d:
         b6:54:03:53:da:71:c5:16:19:cb:5d:db:6a:9e:b1:4e:d1:81:
         60:46:41:00:d7:f9:ab:ad:58:f0:5c:83:1e:a4:1f:83:80:d0:
         1b:6a:0b:aa:68:13:8d:b0:40:2e:f1:ad:85:b1:c4:eb:e7:33:
         65:57:65:62:b0:f9:bb:ff:4f:a7:4a:85:81:8f:63:74:37:ce:
         f2:45:18:45:e3:1e:a8:81:8e:71:55:fb:92:93:30:22:26:39:
         ec:b9:9f:b9:66:1c:a2:68:7e:2e:65:6e:01:dc:6d:07:0f:57:
         a5:20:24:7c:aa:8c:04:36:f3:e8:25:4e:29:34:ee:7b:cc:05:
         6d:58:d9:de:40:36:a8:3a:7c:44:55:99:2b:94:73:7c:ba:8c:
         31:48:7c:c0:c0:45:6a:33:99:cb:df:8e:3f:1a:46:ed:19:b0:
         bb:1a:f4:32:4a:c6:ff:65:30:1f:81:52:df:01:c3:73:ed:64:
         1a:05:ae:da:ae:7e:3d:9c:4f:e3:20:77:c2:35:ab:28:17:56:
         85:63:dc:3f
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAjwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MzAx
NjMyMjJaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDRFQjZGNkJGQzhGMDFG
MTQzNkUzRjk4NDA4RUQ3MkQxNDlBRUMyMTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCs+ePY734BIMLGZ6vYOE63dSzbgkTVSvJIC8biyIDCgpHcwD+7
UYbreM6sc8CZPLsr3sXS/XZFIRVKW4fhGwbBLyjFqD9eVHd1Z8QNSWu0ZGzpiIPG
hGyThkBZG/h9s5zElme8Dxl6HfpwnCLjPMAL8lKHUhhG/SFE5zIMa+Ak9JFIQCa6
L0h1RsN0xr445K0eMhAs/MCmr+PSEVaNr38XWIRthBktRqvxPpDD05rQgiQ6WC8C
HuCdzZV2z3CcNGbFP6YZEnFbV5YlUjcJ/3je8k8cfOQT9TqiS7w6KhB5oJ/gvf+T
hyYtbDlVmglIwM5ldu/7oxKGvjrDTcy1Ph59AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUTrb2v8jwHxQ24/mECO1y0UmuwhkwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1RyYjJ2OGp3SHhRMjRfbUVDTzF5MFVtdXdoay5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAPc0jAwDQYJKoZIhvcNAQELBQADggEBAKqSBrRPHXpnFg8pA0Keg9/htrJ8
qvg6mUBO//BPeHNnyNV9rAkfzhiiOpaciqENLxQFTgVmPbZUA1PaccUWGctd22qe
sU7RgWBGQQDX+autWPBcgx6kH4OA0BtqC6poE42wQC7xrYWxxOvnM2VXZWKw+bv/
T6dKhYGPY3Q3zvJFGEXjHqiBjnFV+5KTMCImOey5n7lmHKJofi5lbgHcbQcPV6Ug
JHyqjAQ28+glTik07nvMBW1Y2d5ANqg6fERVmSuUc3y6jDFIfMDARWozmcvfjj8a
Ru0ZsLsa9DJKxv9lMB+BUt8Bw3PtZBoFrtqufj2cT+Mgd8I1qygXVoVj3D8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org