Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/V5nrqdW2CQNXdAg13yg2kP9TAkU.roa
File:                     V5nrqdW2CQNXdAg13yg2kP9TAkU.roa (raw, json)
Hash identifier:          UD+l2MK9HHcFrfLBe/cPXdFzpJhveXhvuMAK940R0ag=
Subject key identifier:   57:99:EB:A9:D5:B6:09:03:57:74:08:35:DF:28:36:90:FF:53:02:45
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       018E
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/V5nrqdW2CQNXdAg13yg2kP9TAkU.roa
Signing time:             Wed 24 May 2023 16:33:29 +0000
ROA not before:           Wed 24 May 2023 16:33:29 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.105.72.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 398 (0x18e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 24 16:33:29 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=5799EBA9D5B6090357740835DF283690FF530245
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:af:a0:65:79:4e:36:c2:cf:ae:52:be:8a:01:df:
                    94:d9:98:94:62:64:7f:f9:a2:8b:2f:22:97:8f:fa:
                    03:92:13:1f:d7:b0:d4:7d:fe:8e:f7:45:c2:d3:32:
                    a8:ef:63:0b:da:ba:6f:1a:97:0e:9a:4b:e2:b3:7c:
                    b0:18:3c:1b:db:51:dc:01:c9:40:8a:36:05:1a:fc:
                    03:36:e9:d0:b5:3c:30:e8:4d:b4:54:a0:fe:f5:f1:
                    37:c1:4b:af:7c:58:55:38:72:cc:f5:29:ef:03:04:
                    26:43:6b:61:92:dc:d6:d5:6f:b3:38:8b:98:b9:1c:
                    81:5d:46:43:64:a7:16:76:30:b7:f0:3b:a4:00:5c:
                    86:ee:84:fe:34:96:05:da:1a:0d:e7:d3:4f:19:f7:
                    00:a3:ca:fd:2c:e6:55:05:d8:93:ec:77:cd:a5:53:
                    1f:57:5c:e1:d9:96:c2:70:89:8b:91:f7:ac:29:08:
                    d7:84:ba:65:cc:62:1f:7e:89:48:7b:fc:df:14:66:
                    f0:78:30:7b:be:0d:6b:97:41:1e:db:fc:8a:8d:89:
                    2e:0b:d3:56:cb:31:3d:47:e7:4e:e0:2c:b1:dc:9b:
                    58:ce:d1:c4:77:3f:fa:a2:98:1a:5c:c7:20:af:d2:
                    a4:d0:12:37:bd:7a:14:e6:e1:ed:c0:ea:8f:74:55:
                    26:1b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                57:99:EB:A9:D5:B6:09:03:57:74:08:35:DF:28:36:90:FF:53:02:45
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/V5nrqdW2CQNXdAg13yg2kP9TAkU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.105.72.0/24

    Signature Algorithm: sha256WithRSAEncryption
         bd:c8:c9:8b:8d:97:31:de:25:04:07:f6:68:ae:a3:5c:1d:68:
         be:9f:3a:51:7f:85:cd:34:35:a1:9d:2a:90:1f:10:eb:49:31:
         d6:76:9a:bf:15:9f:50:88:d0:1d:81:02:b8:78:4a:79:46:eb:
         34:b4:43:11:d7:85:83:3d:09:b0:54:ea:5f:f5:26:11:42:32:
         2e:34:1f:0d:96:a1:b1:42:db:12:3c:48:ba:fa:9d:4a:fc:60:
         46:93:ad:59:28:fd:0f:4e:b4:77:3f:99:36:3f:dd:4c:a9:c7:
         30:f9:a5:b0:e8:5a:4a:21:86:21:ba:79:a3:da:0c:18:76:92:
         c3:5b:58:a2:ce:52:a1:6e:d5:ef:d7:1f:41:aa:7b:d5:6f:b9:
         61:89:c9:5b:6f:a9:09:5e:d4:49:fb:4e:e9:d7:44:fc:07:34:
         a3:43:ea:23:3b:87:86:21:7e:fa:e0:82:d6:e8:9f:d0:ac:31:
         79:0a:3a:84:cf:ff:57:ac:6b:fc:fb:be:de:55:df:be:97:ae:
         fa:47:34:a4:1f:8a:ba:7e:1a:32:09:0b:c1:27:6d:50:fa:32:
         23:5c:29:6d:51:16:bf:7c:72:9f:0e:91:0c:ea:8b:77:b7:56:
         d0:7b:5d:91:7b:fa:0d:73:14:86:43:57:9c:fe:07:ba:c0:58:
         f3:c4:a8:11
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAY4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MjQx
NjMzMjlaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDU3OTlFQkE5RDVCNjA5
MDM1Nzc0MDgzNURGMjgzNjkwRkY1MzAyNDUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvoGV5TjbCz65SvooB35TZmJRiZH/5oosvIpeP+gOSEx/XsNR9
/o73RcLTMqjvYwvaum8alw6aS+KzfLAYPBvbUdwByUCKNgUa/AM26dC1PDDoTbRU
oP718TfBS698WFU4csz1Ke8DBCZDa2GS3NbVb7M4i5i5HIFdRkNkpxZ2MLfwO6QA
XIbuhP40lgXaGg3n008Z9wCjyv0s5lUF2JPsd82lUx9XXOHZlsJwiYuR96wpCNeE
umXMYh9+iUh7/N8UZvB4MHu+DWuXQR7b/IqNiS4L01bLMT1H507gLLHcm1jO0cR3
P/qimBpcxyCv0qTQEje9ehTm4e3A6o90VSYbAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUV5nrqdW2CQNXdAg13yg2kP9TAkUwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1Y1bnJxZFcyQ1FOWGRBZzEzeWcya1A5VEFrVS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxaUgwDQYJKoZIhvcNAQELBQADggEBAL3IyYuNlzHeJQQH9miuo1wdaL6f
OlF/hc00NaGdKpAfEOtJMdZ2mr8Vn1CI0B2BArh4SnlG6zS0QxHXhYM9CbBU6l/1
JhFCMi40Hw2WobFC2xI8SLr6nUr8YEaTrVko/Q9OtHc/mTY/3UypxzD5pbDoWkoh
hiG6eaPaDBh2ksNbWKLOUqFu1e/XH0Gqe9VvuWGJyVtvqQle1En7TunXRPwHNKND
6iM7h4Yhfvrggtbon9CsMXkKOoTP/1esa/z7vt5V376XrvpHNKQfirp+GjIJC8En
bVD6MiNcKW1RFr98cp8OkQzqi3e3VtB7XZF7+g1zFIZDV5z+B7rAWPPEqBE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org