Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/XyyI_1ZN2Pu1vDvh06hIUmLG778.roa
File:                     XyyI_1ZN2Pu1vDvh06hIUmLG778.roa (raw, json)
Hash identifier:          OopjpOI+o5U59Mm2mQ+dlvjhDn7bkgbj7o6LxPvLGrY=
Subject key identifier:   5F:2C:88:FF:56:4D:D8:FB:B5:BC:3B:E1:D3:A8:48:52:62:C6:EF:BF
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       72
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/XyyI_1ZN2Pu1vDvh06hIUmLG778.roa
Signing time:             Mon 27 Mar 2023 16:11:57 +0000
ROA not before:           Mon 27 Mar 2023 16:11:57 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.97.102.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 114 (0x72)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 27 16:11:57 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=5F2C88FF564DD8FBB5BC3BE1D3A8485262C6EFBF
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:0a:78:ac:2d:a5:e2:68:bf:85:e4:22:b2:d5:
                    80:4b:7a:0a:6f:49:2b:99:b4:de:84:2b:0b:84:f3:
                    ac:e4:da:69:b2:a2:b4:0d:8f:7e:ec:2d:49:3c:1d:
                    e9:a1:66:20:a2:ab:19:44:8f:42:86:c0:e7:8a:25:
                    93:8f:16:5d:09:4b:e9:e6:b2:fb:3b:fb:8a:2e:d3:
                    72:cc:9d:63:be:3e:f4:dc:71:5d:ae:43:51:a6:01:
                    48:d4:28:b4:5e:58:e5:b2:aa:b6:08:a7:d0:df:b1:
                    6e:98:9b:0d:72:3d:88:bd:8e:27:c4:c0:4f:9a:45:
                    0c:c2:10:8d:e1:14:6a:e3:fb:f9:ef:29:d7:cd:32:
                    e7:b2:ad:ae:c7:a6:79:62:79:b5:1a:8e:3a:a8:d7:
                    77:5d:dd:05:90:63:ee:09:82:f9:6c:92:78:b5:0c:
                    e4:80:57:8b:1d:36:5e:76:a2:03:30:d4:3f:b9:b9:
                    45:b9:67:b1:9e:59:1c:97:dc:f5:bd:cb:a8:31:19:
                    e7:64:e6:fe:bf:85:1e:57:1c:03:d0:d5:db:cc:72:
                    27:1c:57:f3:bb:6b:11:d1:87:6b:9e:f3:1c:ea:f0:
                    0d:e4:50:93:38:66:22:a1:02:55:f6:b6:95:ac:83:
                    51:94:6d:3c:48:37:5a:6f:eb:ae:f3:66:a8:fd:81:
                    c4:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:2C:88:FF:56:4D:D8:FB:B5:BC:3B:E1:D3:A8:48:52:62:C6:EF:BF
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/XyyI_1ZN2Pu1vDvh06hIUmLG778.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.97.102.0/23

    Signature Algorithm: sha256WithRSAEncryption
         a0:71:dd:f8:b7:16:00:3c:42:0f:3e:b1:1a:ab:4f:ec:6d:99:
         3c:38:43:cd:b7:3f:40:e5:54:07:ed:e4:69:2d:3b:fd:c8:ca:
         51:cd:49:96:24:07:b6:56:21:01:c6:1a:f6:9c:c7:31:0a:3c:
         89:64:ce:e2:ba:44:83:c2:f3:aa:68:25:38:43:9e:8d:55:bc:
         f4:27:5d:ee:91:74:b2:05:48:91:a9:6e:73:30:1e:f1:8f:db:
         5d:e0:94:3f:98:2b:3a:d8:fc:6c:57:9f:65:aa:a0:f6:05:29:
         36:ac:86:86:23:35:80:2f:d7:1b:6d:4d:5d:fd:5b:b5:fb:a1:
         8b:d7:b9:1c:59:30:e4:4e:f6:fb:51:c3:64:7a:58:71:22:a5:
         ef:86:18:4a:05:32:8e:65:5e:41:31:19:b1:e7:02:c3:63:ae:
         eb:4b:cf:bf:07:34:74:c5:60:19:60:12:74:a3:79:78:97:b7:
         12:b1:cc:7a:c4:28:b8:a3:28:0c:bf:85:88:a4:ba:86:b3:be:
         ea:57:b9:51:66:d8:de:5e:89:ed:ba:e5:7e:11:9e:d4:86:03:
         a4:bb:71:ef:11:fa:c4:10:b3:66:f5:77:5e:d0:a2:65:11:4a:
         69:55:76:05:a4:89:38:df:b3:a7:f3:e7:f7:4d:6d:eb:be:4e:
         88:86:49:65
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBcjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTY1
QjBCMjBEREUwN0E0Qzk3OEUyNDA3M0VBMEUxMTE3QjM3NDczMB4XDTIzMDMyNzE2
MTE1N1oXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoNUYyQzg4RkY1NjRERDhG
QkI1QkMzQkUxRDNBODQ4NTI2MkM2RUZCRjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAK4KeKwtpeJov4XkIrLVgEt6Cm9JK5m03oQrC4TzrOTaabKitA2P
fuwtSTwd6aFmIKKrGUSPQobA54olk48WXQlL6eay+zv7ii7TcsydY74+9NxxXa5D
UaYBSNQotF5Y5bKqtgin0N+xbpibDXI9iL2OJ8TAT5pFDMIQjeEUauP7+e8p180y
57KtrsemeWJ5tRqOOqjXd13dBZBj7gmC+WySeLUM5IBXix02XnaiAzDUP7m5Rbln
sZ5ZHJfc9b3LqDEZ52Tm/r+FHlccA9DV28xyJxxX87trEdGHa57zHOrwDeRQkzhm
IqECVfa2layDUZRtPEg3Wm/rrvNmqP2BxIUCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBRfLIj/Vk3Y+7W8O+HTqEhSYsbvvzAfBgNVHSMEGDAWgBRpZbCyDd4HpMl44kBz
6g4RF7N0czAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5L2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJlemRITS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJl
emRITS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvWHl5SV8xWk4yUHUxdkR2aDA2aElVbUxHNzc4LnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEATFhZjANBgkqhkiG9w0BAQsFAAOCAQEAoHHd+LcWADxCDz6xGqtP7G2ZPDhD
zbc/QOVUB+3kaS07/cjKUc1JliQHtlYhAcYa9pzHMQo8iWTO4rpEg8LzqmglOEOe
jVW89Cdd7pF0sgVIkaluczAe8Y/bXeCUP5grOtj8bFefZaqg9gUpNqyGhiM1gC/X
G21NXf1btfuhi9e5HFkw5E72+1HDZHpYcSKl74YYSgUyjmVeQTEZsecCw2Ou60vP
vwc0dMVgGWASdKN5eJe3ErHMesQouKMoDL+FiKS6hrO+6le5UWbY3l6J7brlfhGe
1IYDpLtx7xH6xBCzZvV3XtCiZRFKaVV2BaSJON+zp/Pn901t675OiIZJZQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:02 2024 by rpki-client on console-ams.rpki-client.org