Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/XzcPLgGHUVqLcKa5JqOdlvVTlE4.roa
File:                     XzcPLgGHUVqLcKa5JqOdlvVTlE4.roa (raw, json)
Hash identifier:          MjN0kDXe1+WknnuWz42bG+fx8jnuf2/XA6owslmKzK0=
Subject key identifier:   5F:37:0F:2E:01:87:51:5A:8B:70:A6:B9:26:A3:9D:96:F5:53:94:4E
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0416
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/XzcPLgGHUVqLcKa5JqOdlvVTlE4.roa
Signing time:             Tue 06 Jun 2023 16:05:57 +0000
ROA not before:           Tue 06 Jun 2023 16:05:57 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.104.64.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1046 (0x416)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  6 16:05:57 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=5F370F2E0187515A8B70A6B926A39D96F553944E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:ae:d0:42:8d:bc:eb:37:ec:0b:4b:a9:02:f8:
                    80:ab:52:a9:5d:30:c3:87:57:ad:3d:38:b5:0c:1d:
                    e5:ec:81:0a:ed:90:8b:32:52:dc:e8:a4:69:9b:09:
                    3d:6b:d5:d0:87:ed:1c:22:8a:38:60:74:2d:37:54:
                    56:7b:50:60:2c:10:7b:79:75:cd:e3:f6:6f:e4:59:
                    d1:45:ba:7c:c9:9a:a1:14:75:79:c4:70:f6:55:82:
                    d3:d5:c5:bc:9e:5b:27:6a:82:9e:3d:1d:8b:fa:d5:
                    ef:87:c6:68:f0:33:ac:03:ed:96:e6:c5:55:06:a8:
                    13:f2:38:3b:ab:a0:f6:97:c2:37:65:9e:ec:33:5a:
                    b9:64:12:d0:19:f7:84:8a:84:c5:a6:69:59:99:5a:
                    3b:f8:f1:12:65:80:76:be:70:78:b0:94:1c:dc:8a:
                    84:b0:28:b1:2a:b3:7f:50:52:90:19:fc:10:af:2d:
                    c3:7c:7b:04:69:7b:68:bb:a1:88:69:1b:1b:af:4a:
                    a3:76:74:3a:67:e0:17:89:7f:38:06:ea:a6:89:d3:
                    16:e0:4c:f1:62:07:44:99:57:8d:28:0c:e7:75:81:
                    75:bf:14:31:72:1a:50:f8:43:37:66:9d:e5:57:75:
                    28:0a:e4:8c:e8:f5:22:0a:c1:50:4c:dc:f8:18:6c:
                    ac:59
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                5F:37:0F:2E:01:87:51:5A:8B:70:A6:B9:26:A3:9D:96:F5:53:94:4E
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/XzcPLgGHUVqLcKa5JqOdlvVTlE4.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.104.64.0/21

    Signature Algorithm: sha256WithRSAEncryption
         26:93:b0:7a:b2:1b:3f:e1:d7:a4:b5:9a:0d:b8:32:3d:62:23:
         93:04:5a:e4:81:0c:da:40:b2:c4:92:5c:76:db:76:7b:c6:40:
         82:99:f5:17:ab:f6:7e:bc:d7:a1:5d:9e:73:21:f2:4c:66:9c:
         1c:4f:d5:61:a7:41:0f:7c:aa:0a:ae:ad:42:c4:6c:f9:c0:b3:
         8b:88:ac:3b:77:4d:a0:b6:9d:a5:3e:a8:d0:ce:0b:c7:c6:0a:
         01:3f:31:28:06:ca:98:8c:55:14:75:21:86:99:1f:d0:b0:da:
         b4:45:ba:3f:6a:ca:e6:62:13:6e:e0:50:82:66:cc:ed:4c:3c:
         94:11:37:75:7d:d6:ac:c5:e4:18:9f:bc:7f:77:aa:a4:30:4b:
         44:d0:4b:c9:48:d8:89:46:47:8f:1b:4b:a2:37:6c:cc:0c:f5:
         ff:22:4b:91:ff:b6:f7:df:ae:8e:14:25:3f:a2:b5:5d:e2:c6:
         98:fe:48:37:57:7e:82:26:32:55:c8:36:24:1f:f6:8f:bb:8f:
         ce:4c:6f:78:f5:67:2a:d6:b1:33:05:4d:d1:a9:68:9f:77:e5:
         c1:02:0b:96:46:41:d6:95:2e:9b:43:d3:61:c3:16:c2:45:ea:
         90:3e:94:b3:f3:14:f3:82:5f:19:7f:1c:a0:5d:31:00:d1:fc:
         0c:5e:d7:b2
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBBYwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDYx
NjA1NTdaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDVGMzcwRjJFMDE4NzUx
NUE4QjcwQTZCOTI2QTM5RDk2RjU1Mzk0NEUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1rtBCjbzrN+wLS6kC+ICrUqldMMOHV609OLUMHeXsgQrtkIsy
UtzopGmbCT1r1dCH7RwiijhgdC03VFZ7UGAsEHt5dc3j9m/kWdFFunzJmqEUdXnE
cPZVgtPVxbyeWydqgp49HYv61e+HxmjwM6wD7ZbmxVUGqBPyODuroPaXwjdlnuwz
WrlkEtAZ94SKhMWmaVmZWjv48RJlgHa+cHiwlBzcioSwKLEqs39QUpAZ/BCvLcN8
ewRpe2i7oYhpGxuvSqN2dDpn4BeJfzgG6qaJ0xbgTPFiB0SZV40oDOd1gXW/FDFy
GlD4QzdmneVXdSgK5Izo9SIKwVBM3PgYbKxZAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUXzcPLgGHUVqLcKa5JqOdlvVTlE4wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1h6Y1BMZ0dIVVZxTGNLYTVKcU9kbHZWVGxFNC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMxaEAwDQYJKoZIhvcNAQELBQADggEBACaTsHqyGz/h16S1mg24Mj1iI5ME
WuSBDNpAssSSXHbbdnvGQIKZ9Rer9n6816FdnnMh8kxmnBxP1WGnQQ98qgqurULE
bPnAs4uIrDt3TaC2naU+qNDOC8fGCgE/MSgGypiMVRR1IYaZH9Cw2rRFuj9qyuZi
E27gUIJmzO1MPJQRN3V91qzF5BifvH93qqQwS0TQS8lI2IlGR48bS6I3bMwM9f8i
S5H/tvffro4UJT+itV3ixpj+SDdXfoImMlXINiQf9o+7j85Mb3j1ZyrWsTMFTdGp
aJ935cECC5ZGQdaVLptD02HDFsJF6pA+lLPzFPOCXxl/HKBdMQDR/Axe17I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org