Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/XuqPmhizTCbKOnJjhpAzttFGxAs.roa
File:                     XuqPmhizTCbKOnJjhpAzttFGxAs.roa (raw, json)
Hash identifier:          qFJhMvjgEnYw3avYoCG1tf3vOvFWnTIPoRT+NUXqVrA=
Subject key identifier:   5E:EA:8F:9A:18:B3:4C:26:CA:3A:72:63:86:90:33:B6:D1:46:C4:0B
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0422
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/XuqPmhizTCbKOnJjhpAzttFGxAs.roa
Signing time:             Tue 06 Jun 2023 16:09:05 +0000
ROA not before:           Tue 06 Jun 2023 16:09:05 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.104.24.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1058 (0x422)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  6 16:09:05 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=5EEA8F9A18B34C26CA3A7263869033B6D146C40B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a2:24:5a:47:60:9d:68:dc:3e:75:69:af:c9:c0:
                    5c:8e:4b:f7:7a:ef:3a:6e:ce:02:31:8d:cd:88:99:
                    86:bb:ee:47:bb:0a:65:c7:a0:8e:fc:e8:5c:1d:88:
                    d3:9d:80:bf:78:da:fe:03:78:c2:30:82:52:47:6c:
                    20:20:18:01:ac:e3:f2:05:5d:96:1d:87:58:7a:d5:
                    fd:60:d2:84:fc:ef:74:8b:a9:7e:fa:5c:5d:9f:a1:
                    4a:6f:71:52:1a:f7:fe:8a:05:68:9f:c9:97:b9:af:
                    89:53:d7:fd:0c:01:a8:f0:39:01:c5:bf:78:7b:59:
                    84:66:f4:52:9e:87:bc:dd:dc:f6:10:f1:0c:4b:d7:
                    ac:b3:26:0f:57:6d:9f:26:43:16:b0:4b:c9:db:b7:
                    30:30:18:c6:da:2f:a3:22:c8:13:a3:d0:08:7c:99:
                    f5:c1:e3:41:46:84:7f:b0:84:40:73:22:d0:d9:4c:
                    3b:66:3a:33:34:b1:ce:6b:78:5d:8e:26:70:02:33:
                    b9:83:75:f6:ff:09:0a:02:b6:26:ba:3f:39:0f:a0:
                    79:15:38:01:b4:0b:01:0a:d7:28:e5:58:14:14:6d:
                    ba:83:88:4e:a6:84:72:d3:4c:db:00:70:95:de:8b:
                    3e:f3:f6:91:da:37:be:c5:96:23:f4:9a:2b:4b:9a:
                    45:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5E:EA:8F:9A:18:B3:4C:26:CA:3A:72:63:86:90:33:B6:D1:46:C4:0B
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/XuqPmhizTCbKOnJjhpAzttFGxAs.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.104.24.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c6:fd:d5:1a:9f:76:8f:0a:fb:cc:1b:8e:aa:dc:2c:0a:e6:90:
         a5:8b:a7:69:38:cc:45:d4:b4:fa:7f:fb:a7:aa:3e:f6:8a:01:
         16:8a:83:e2:89:16:fb:89:b4:fa:ca:e2:b0:e7:5c:d6:2a:f9:
         0a:d6:0e:de:9a:fd:5a:a7:53:5c:00:0b:21:e8:92:42:34:df:
         c7:c5:6f:4c:4c:07:cb:78:92:64:a8:0a:35:e7:7f:bc:cb:1f:
         c6:4a:ee:02:e2:3a:2f:e8:ea:86:33:94:d3:89:a9:91:72:6d:
         02:68:25:c0:70:fa:ab:82:1c:4c:86:f7:50:91:ca:d8:57:0c:
         7e:54:ba:5f:e4:63:c6:9b:d1:ec:15:99:c3:37:56:9d:44:29:
         f3:6a:86:13:16:ed:b3:27:56:95:63:be:43:1b:36:24:06:ce:
         53:b4:f1:d9:57:1b:f4:5c:6e:d7:f5:6c:e1:00:ac:ef:f1:ff:
         70:f4:62:46:0d:97:3a:4a:5e:93:95:fb:af:16:1c:d2:22:f0:
         a0:45:bc:43:fc:53:c3:f4:1e:64:a6:51:3d:9b:22:d6:80:0d:
         b2:44:3b:ed:8b:3f:0d:36:64:1b:cc:e0:33:00:b7:dc:97:e9:
         0e:83:77:b2:ff:26:e1:0c:43:2e:1c:09:37:e8:f4:68:b7:5e:
         b4:11:84:77
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBCIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDYx
NjA5MDVaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDVFRUE4RjlBMThCMzRD
MjZDQTNBNzI2Mzg2OTAzM0I2RDE0NkM0MEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCiJFpHYJ1o3D51aa/JwFyOS/d67zpuzgIxjc2ImYa77ke7CmXH
oI786FwdiNOdgL942v4DeMIwglJHbCAgGAGs4/IFXZYdh1h61f1g0oT873SLqX76
XF2foUpvcVIa9/6KBWifyZe5r4lT1/0MAajwOQHFv3h7WYRm9FKeh7zd3PYQ8QxL
16yzJg9XbZ8mQxawS8nbtzAwGMbaL6MiyBOj0Ah8mfXB40FGhH+whEBzItDZTDtm
OjM0sc5reF2OJnACM7mDdfb/CQoCtia6PzkPoHkVOAG0CwEK1yjlWBQUbbqDiE6m
hHLTTNsAcJXeiz7z9pHaN77FliP0mitLmkW1AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUXuqPmhizTCbKOnJjhpAzttFGxAswHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1h1cVBtaGl6VENiS09uSmpocEF6dHRGR3hBcy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxaBgwDQYJKoZIhvcNAQELBQADggEBAMb91Rqfdo8K+8wbjqrcLArmkKWL
p2k4zEXUtPp/+6eqPvaKARaKg+KJFvuJtPrK4rDnXNYq+QrWDt6a/VqnU1wACyHo
kkI038fFb0xMB8t4kmSoCjXnf7zLH8ZK7gLiOi/o6oYzlNOJqZFybQJoJcBw+quC
HEyG91CRythXDH5Uul/kY8ab0ewVmcM3Vp1EKfNqhhMW7bMnVpVjvkMbNiQGzlO0
8dlXG/Rcbtf1bOEArO/x/3D0YkYNlzpKXpOV+68WHNIi8KBFvEP8U8P0HmSmUT2b
ItaADbJEO+2LPw02ZBvM4DMAt9yX6Q6Dd7L/JuEMQy4cCTfo9Gi3XrQRhHc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org