Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/YYaplmDIXlKzAZAq_yinGLTSWwY.roa
File:                     YYaplmDIXlKzAZAq_yinGLTSWwY.roa (raw, json)
Hash identifier:          vBvmnMxSNwAWqCoQN08dxCiNwgVXFK1o6ONHNLyOUH4=
Subject key identifier:   61:86:A9:96:60:C8:5E:52:B3:01:90:2A:FF:28:A7:18:B4:D2:5B:06
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       7E
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/YYaplmDIXlKzAZAq_yinGLTSWwY.roa
Signing time:             Mon 27 Mar 2023 16:12:03 +0000
ROA not before:           Mon 27 Mar 2023 16:12:03 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.97.106.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 126 (0x7e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 27 16:12:03 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=6186A99660C85E52B301902AFF28A718B4D25B06
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d3:8d:f1:3e:c6:fb:fe:02:0d:a4:f5:bb:dc:ae:
                    35:8a:5d:1c:d5:d9:1f:f8:13:44:27:64:c0:66:c8:
                    77:a7:55:bf:4d:dd:06:34:72:53:9e:6e:d6:97:7f:
                    bb:eb:73:d2:df:89:29:b3:e8:49:99:35:b2:5d:e5:
                    03:86:30:1e:94:94:02:84:74:c4:c9:cb:14:f0:82:
                    73:9b:bf:ca:0e:76:f2:ec:00:7e:88:ac:cb:80:ed:
                    0e:3b:b4:4a:40:d4:ed:9e:5b:74:64:f4:41:55:b4:
                    41:03:4c:c4:b8:fd:8b:aa:af:35:09:4d:5c:a4:dc:
                    5f:34:e7:f0:7f:7f:e5:5e:fc:57:34:fd:32:7f:88:
                    5c:2e:08:36:36:57:13:6b:25:f3:f8:9c:1a:00:78:
                    ec:c5:5d:86:86:bf:b8:24:62:56:3d:75:cc:5c:68:
                    d2:b0:01:3d:fa:1b:a3:be:6e:9b:bf:68:15:13:6d:
                    03:0a:3c:54:66:31:29:12:98:60:ba:e8:a5:56:e4:
                    d8:56:d9:de:b7:cf:b6:d8:8f:6f:32:81:c6:eb:0c:
                    80:ab:d8:a2:d4:ef:ac:4d:4d:f2:05:46:9c:3b:cf:
                    7e:cd:68:2e:4b:7d:b7:58:5b:d2:cf:bd:c4:1b:a7:
                    ef:ca:bd:67:51:4b:f2:e0:dd:9a:f2:a1:0a:11:42:
                    0c:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                61:86:A9:96:60:C8:5E:52:B3:01:90:2A:FF:28:A7:18:B4:D2:5B:06
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/YYaplmDIXlKzAZAq_yinGLTSWwY.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.97.106.0/23

    Signature Algorithm: sha256WithRSAEncryption
         e4:98:dc:70:16:35:63:f5:ba:1b:39:40:8a:48:41:19:19:1c:
         44:e1:87:58:57:06:96:fc:86:49:5f:9a:7e:d9:f7:a7:ad:02:
         d7:c9:f0:e5:51:83:8b:ef:a4:6f:9a:b5:3b:1a:4f:8c:a5:18:
         73:9f:09:7d:42:d7:19:c6:d7:7b:bc:d8:0b:41:3b:be:fb:af:
         7b:47:9e:5b:d9:75:ab:db:88:75:da:b8:2d:ab:d4:39:b7:64:
         da:96:e2:41:6a:8d:d5:c8:4f:43:15:5a:3a:2c:0c:27:7e:39:
         bd:44:a3:f3:71:67:e7:1b:65:2b:e7:2b:73:77:55:1d:92:66:
         b4:b0:8c:ad:80:a3:dd:ba:19:f0:48:22:34:a8:c8:7e:e8:60:
         89:26:ec:bc:be:41:fc:09:4b:53:de:15:48:e4:6a:2e:1d:a9:
         41:b4:2a:94:96:0a:ac:e1:5f:e8:90:ac:aa:68:20:c2:b3:43:
         8b:a2:a5:2b:6e:2b:ed:1f:72:19:63:5d:bc:3b:06:5f:58:9d:
         cd:5c:b2:2a:97:d4:da:f4:7a:24:1b:bc:f7:4b:40:45:63:23:
         73:ba:1e:fb:fa:ca:c3:01:80:4d:75:19:22:17:b9:8a:b5:fb:
         0a:ac:7c:5c:01:f8:69:18:8a:1f:2c:2c:de:98:82:1f:60:86:
         ec:1f:28:b4
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBfjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTY1
QjBCMjBEREUwN0E0Qzk3OEUyNDA3M0VBMEUxMTE3QjM3NDczMB4XDTIzMDMyNzE2
MTIwM1oXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoNjE4NkE5OTY2MEM4NUU1
MkIzMDE5MDJBRkYyOEE3MThCNEQyNUIwNjCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANON8T7G+/4CDaT1u9yuNYpdHNXZH/gTRCdkwGbId6dVv03dBjRy
U55u1pd/u+tz0t+JKbPoSZk1sl3lA4YwHpSUAoR0xMnLFPCCc5u/yg528uwAfois
y4DtDju0SkDU7Z5bdGT0QVW0QQNMxLj9i6qvNQlNXKTcXzTn8H9/5V78VzT9Mn+I
XC4INjZXE2sl8/icGgB47MVdhoa/uCRiVj11zFxo0rABPfobo75um79oFRNtAwo8
VGYxKRKYYLropVbk2FbZ3rfPttiPbzKBxusMgKvYotTvrE1N8gVGnDvPfs1oLkt9
t1hb0s+9xBun78q9Z1FL8uDdmvKhChFCDB8CAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBRhhqmWYMheUrMBkCr/KKcYtNJbBjAfBgNVHSMEGDAWgBRpZbCyDd4HpMl44kBz
6g4RF7N0czAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5L2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJlemRITS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJl
emRITS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvWVlhcGxtRElYbEt6QVpBcV95aW5HTFRTV3dZLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEATFhajANBgkqhkiG9w0BAQsFAAOCAQEA5JjccBY1Y/W6GzlAikhBGRkcROGH
WFcGlvyGSV+aftn3p60C18nw5VGDi++kb5q1OxpPjKUYc58JfULXGcbXe7zYC0E7
vvuve0eeW9l1q9uIddq4LavUObdk2pbiQWqN1chPQxVaOiwMJ345vUSj83Fn5xtl
K+crc3dVHZJmtLCMrYCj3boZ8EgiNKjIfuhgiSbsvL5B/AlLU94VSORqLh2pQbQq
lJYKrOFf6JCsqmggwrNDi6KlK24r7R9yGWNdvDsGX1idzVyyKpfU2vR6JBu890tA
RWMjc7oe+/rKwwGATXUZIhe5irX7Cqx8XAH4aRiKHyws3piCH2CG7B8otA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:02 2024 by rpki-client on console-ams.rpki-client.org