Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/W960VWkRNHtlHz64HbVrYkyc_Gc.roa
File:                     W960VWkRNHtlHz64HbVrYkyc_Gc.roa (raw, json)
Hash identifier:          qAeSfSQvI7iGehe1oWqYMun5DHWbiGAqzvJ6iAPLE70=
Subject key identifier:   5B:DE:B4:55:69:11:34:7B:65:1F:3E:B8:1D:B5:6B:62:4C:9C:FC:67
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       042E
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/W960VWkRNHtlHz64HbVrYkyc_Gc.roa
Signing time:             Tue 06 Jun 2023 16:09:10 +0000
ROA not before:           Tue 06 Jun 2023 16:09:10 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.106.204.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1070 (0x42e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  6 16:09:10 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=5BDEB4556911347B651F3EB81DB56B624C9CFC67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:67:c0:30:7b:92:f4:dd:7a:8e:5c:a1:a8:b0:
                    3e:64:46:1c:2b:91:9d:a4:e8:7d:f2:5f:8c:9a:34:
                    60:1f:19:22:41:80:21:96:f4:fd:b6:3e:56:8f:18:
                    0c:cd:85:d3:98:01:af:90:65:5d:72:4c:9e:d3:49:
                    88:de:e3:c6:7e:0e:71:5d:5b:ad:f7:c0:fc:15:2d:
                    ac:c6:b4:6a:7d:12:03:7d:13:17:d9:99:b2:25:ef:
                    e0:0a:d0:91:27:fb:77:6d:3e:6b:b8:8d:e3:39:49:
                    67:2b:7a:59:b6:0e:43:6a:fb:55:03:af:ed:e0:36:
                    2d:1f:5d:ec:8e:3f:20:8d:51:bc:ea:fb:81:53:d8:
                    64:7a:31:ad:f7:87:cc:de:da:a1:24:48:26:a5:b6:
                    51:11:68:90:64:ec:02:9c:8f:b4:75:12:ef:07:7e:
                    97:87:64:11:e7:16:da:ea:00:06:ec:b2:91:b9:74:
                    0a:ab:75:bd:b9:1d:35:8d:d8:6f:05:f1:af:76:2e:
                    37:b7:6f:f6:5c:20:46:20:23:0f:6d:68:9f:02:49:
                    90:ce:b9:07:15:f1:f4:8a:a8:d8:71:d4:83:37:d4:
                    80:7b:08:fa:37:90:0a:83:0c:b9:0b:ff:5a:8d:e0:
                    b8:04:79:de:df:41:c4:30:dd:5a:d4:bd:15:ea:80:
                    36:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5B:DE:B4:55:69:11:34:7B:65:1F:3E:B8:1D:B5:6B:62:4C:9C:FC:67
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/W960VWkRNHtlHz64HbVrYkyc_Gc.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.106.204.0/23

    Signature Algorithm: sha256WithRSAEncryption
         ab:fc:8d:c2:0a:d2:be:75:ce:34:0b:96:80:4d:18:b5:31:e7:
         a8:40:fe:18:d5:dd:4d:da:56:07:2f:b4:50:b4:52:91:bf:08:
         bd:81:57:a6:bf:09:15:2e:fd:3d:10:ed:42:71:f2:b9:c5:17:
         25:1f:80:2a:66:8b:a6:b1:30:ad:be:34:fe:22:d1:5d:4a:6f:
         4a:b7:fd:70:dd:81:da:93:f4:96:3c:ff:5d:9f:ef:a7:8d:c2:
         08:60:81:78:2a:82:fd:8e:b9:33:35:c6:72:ba:39:f5:bc:b8:
         29:52:40:44:f1:7f:8c:b6:98:5d:f4:4b:de:90:7c:e2:92:c6:
         d1:2a:63:ca:ae:11:82:21:9c:d2:70:12:8f:52:58:8b:21:b1:
         9b:f2:60:a9:77:77:5d:0f:e7:be:ab:89:46:c5:52:b2:cb:6f:
         cb:dc:02:f9:42:62:80:7c:e0:6d:d0:83:a4:2f:e3:68:9c:f1:
         f9:ba:3e:19:87:74:2f:59:4a:15:00:87:97:cd:1c:f0:fb:f7:
         1e:a0:7f:f3:77:61:b3:7a:d9:bc:61:b5:c7:de:4f:61:04:46:
         46:3b:e6:c9:08:1f:0f:fd:9b:7b:f0:3f:8e:51:64:06:1a:30:
         3e:7b:b7:d1:05:fc:ad:6d:34:e1:2a:1c:ba:24:89:6b:c2:1a:
         fb:d9:2b:29
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBC4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDYx
NjA5MTBaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDVCREVCNDU1NjkxMTM0
N0I2NTFGM0VCODFEQjU2QjYyNEM5Q0ZDNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+Z8Awe5L03XqOXKGosD5kRhwrkZ2k6H3yX4yaNGAfGSJBgCGW
9P22PlaPGAzNhdOYAa+QZV1yTJ7TSYje48Z+DnFdW633wPwVLazGtGp9EgN9ExfZ
mbIl7+AK0JEn+3dtPmu4jeM5SWcrelm2DkNq+1UDr+3gNi0fXeyOPyCNUbzq+4FT
2GR6Ma33h8ze2qEkSCaltlERaJBk7AKcj7R1Eu8HfpeHZBHnFtrqAAbsspG5dAqr
db25HTWN2G8F8a92Lje3b/ZcIEYgIw9taJ8CSZDOuQcV8fSKqNhx1IM31IB7CPo3
kAqDDLkL/1qN4LgEed7fQcQw3VrUvRXqgDbBAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUW960VWkRNHtlHz64HbVrYkyc/GcwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1c5NjBWV2tSTkh0bEh6NjRIYlZyWWt5Y19HYy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExaswwDQYJKoZIhvcNAQELBQADggEBAKv8jcIK0r51zjQLloBNGLUx56hA
/hjV3U3aVgcvtFC0UpG/CL2BV6a/CRUu/T0Q7UJx8rnFFyUfgCpmi6axMK2+NP4i
0V1Kb0q3/XDdgdqT9JY8/12f76eNwghggXgqgv2OuTM1xnK6OfW8uClSQETxf4y2
mF30S96QfOKSxtEqY8quEYIhnNJwEo9SWIshsZvyYKl3d10P576riUbFUrLLb8vc
AvlCYoB84G3Qg6Qv42ic8fm6PhmHdC9ZShUAh5fNHPD79x6gf/N3YbN62bxhtcfe
T2EERkY75skIHw/9m3vwP45RZAYaMD57t9EF/K1tNOEqHLokiWvCGvvZKyk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:02 2024 by rpki-client on console-ams.rpki-client.org