Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/XhC-Mb_un9hFeWDY56ZtmID_I-0.roa
File:                     XhC-Mb_un9hFeWDY56ZtmID_I-0.roa (raw, json)
Hash identifier:          LHTf5C3ArdagGAh1eKR6bbVS7kg/OOLfNPplzpt9C9g=
Subject key identifier:   5E:10:BE:31:BF:EE:9F:D8:45:79:60:D8:E7:A6:6D:98:80:FF:23:ED
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       03EA
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/XhC-Mb_un9hFeWDY56ZtmID_I-0.roa
Signing time:             Tue 06 Jun 2023 16:03:44 +0000
ROA not before:           Tue 06 Jun 2023 16:03:44 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.106.206.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1002 (0x3ea)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  6 16:03:44 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=5E10BE31BFEE9FD8457960D8E7A66D9880FF23ED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d1:23:88:2a:a9:d2:66:9e:10:7e:af:67:d0:18:
                    f4:19:1e:1d:3a:fa:c3:61:3f:51:9a:57:59:0a:a9:
                    9a:8a:06:59:d3:b4:58:16:46:cd:d1:da:c7:ee:2f:
                    92:f9:1b:7c:f4:eb:e4:4e:6c:70:06:f7:12:97:02:
                    ce:e1:95:ef:e7:2d:f1:e3:f9:7e:ee:c0:ef:1b:48:
                    b7:45:c5:e0:0c:b4:fc:05:a2:9f:72:aa:f8:98:40:
                    94:e1:4a:d0:de:0a:e7:42:ea:83:b3:04:8d:1d:a1:
                    e2:88:33:c4:84:de:05:6b:98:53:94:ca:db:1e:94:
                    92:64:90:2c:32:0d:c3:82:50:e5:d4:a0:4f:c9:21:
                    7b:fb:e2:bb:e1:44:05:46:55:b3:fb:78:06:01:d2:
                    dd:9b:35:9e:b6:55:54:3e:27:93:4b:79:20:26:b8:
                    0f:5d:b4:84:6e:58:6b:4b:28:f3:ac:ea:c0:a8:53:
                    0e:7c:a9:dd:e9:6f:98:a3:a3:a8:65:79:65:17:70:
                    ac:31:97:c1:76:8b:f3:70:a6:3d:5c:fb:d4:69:48:
                    46:cb:f4:ce:b3:02:12:ff:ef:17:0a:e6:6e:2f:4c:
                    da:3e:0b:c2:eb:1f:f0:96:2f:50:fd:a9:c5:07:2c:
                    4e:9e:89:fa:4d:eb:a0:d9:31:0c:26:d2:ec:f2:a3:
                    96:43
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:10:BE:31:BF:EE:9F:D8:45:79:60:D8:E7:A6:6D:98:80:FF:23:ED
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/XhC-Mb_un9hFeWDY56ZtmID_I-0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.106.206.0/24

    Signature Algorithm: sha256WithRSAEncryption
         51:a9:fe:20:3a:83:a0:a1:40:4e:26:6c:85:96:44:50:b8:42:
         cf:a4:63:fb:ae:4d:d0:99:57:c0:83:eb:51:58:89:b2:b4:12:
         02:89:c0:25:e0:e0:c6:34:b2:8f:c6:26:4d:53:c8:c3:36:e7:
         c9:28:9d:73:8a:be:51:29:30:46:81:05:37:26:92:2f:16:5b:
         37:da:6c:b6:1d:e9:75:8d:c1:21:17:8b:fb:5d:b7:d1:7c:c1:
         27:d9:e6:7a:9a:f7:d2:6a:69:9f:21:03:59:40:fe:df:ed:f1:
         90:62:0f:ac:f6:d7:38:79:9a:38:a0:26:3a:ba:18:f9:aa:d3:
         74:77:30:b7:8f:0f:2b:bf:cd:e2:57:ed:b9:73:cf:e8:96:b0:
         e0:f6:15:59:37:6c:73:9b:57:51:f3:2b:1c:99:90:de:9b:51:
         ef:23:07:b5:0d:76:02:bc:65:d9:9e:1e:5c:d3:96:21:22:87:
         7b:2e:4d:c2:2e:ee:0f:96:33:68:35:d6:37:c7:c2:ec:39:82:
         27:d3:98:d6:f6:0c:6e:b7:c6:7f:f7:3e:36:83:d7:aa:3e:d8:
         b9:d6:3b:51:73:f4:c0:ac:5c:b7:65:8a:1c:45:1e:9c:c4:dd:
         d8:0f:56:7c:f8:ba:69:e3:77:8e:ec:cb:b5:1c:60:09:5f:a6:
         c8:88:f5:ef
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICA+owDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDYx
NjAzNDRaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDVFMTBCRTMxQkZFRTlG
RDg0NTc5NjBEOEU3QTY2RDk4ODBGRjIzRUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDRI4gqqdJmnhB+r2fQGPQZHh06+sNhP1GaV1kKqZqKBlnTtFgW
Rs3R2sfuL5L5G3z06+RObHAG9xKXAs7hle/nLfHj+X7uwO8bSLdFxeAMtPwFop9y
qviYQJThStDeCudC6oOzBI0doeKIM8SE3gVrmFOUytselJJkkCwyDcOCUOXUoE/J
IXv74rvhRAVGVbP7eAYB0t2bNZ62VVQ+J5NLeSAmuA9dtIRuWGtLKPOs6sCoUw58
qd3pb5ijo6hleWUXcKwxl8F2i/Nwpj1c+9RpSEbL9M6zAhL/7xcK5m4vTNo+C8Lr
H/CWL1D9qcUHLE6eifpN66DZMQwm0uzyo5ZDAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUXhC+Mb/un9hFeWDY56ZtmID/I+0wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1hoQy1NYl91bjloRmVXRFk1Nlp0bUlEX0ktMC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxas4wDQYJKoZIhvcNAQELBQADggEBAFGp/iA6g6ChQE4mbIWWRFC4Qs+k
Y/uuTdCZV8CD61FYibK0EgKJwCXg4MY0so/GJk1TyMM258konXOKvlEpMEaBBTcm
ki8WWzfabLYd6XWNwSEXi/tdt9F8wSfZ5nqa99JqaZ8hA1lA/t/t8ZBiD6z21zh5
mjigJjq6GPmq03R3MLePDyu/zeJX7blzz+iWsOD2FVk3bHObV1HzKxyZkN6bUe8j
B7UNdgK8ZdmeHlzTliEih3suTcIu7g+WM2g11jfHwuw5gifTmNb2DG63xn/3PjaD
16o+2LnWO1Fz9MCsXLdlihxFHpzE3dgPVnz4umnjd47sy7UcYAlfpsiI9e8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:02 2024 by rpki-client on console-ams.rpki-client.org