Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/YtG1rtgphiO0jPi-xImP7SLd-VM.roa
File:                     YtG1rtgphiO0jPi-xImP7SLd-VM.roa (raw, json)
Hash identifier:          OwGh2+tfhDEIk3l/dFXLmLCdMi9D8YqFy6mC8pRgiJc=
Subject key identifier:   62:D1:B5:AE:D8:29:86:23:B4:8C:F8:BE:C4:89:8F:ED:22:DD:F9:53
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       02C1
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/YtG1rtgphiO0jPi-xImP7SLd-VM.roa
Signing time:             Tue 30 May 2023 17:17:36 +0000
ROA not before:           Tue 30 May 2023 17:17:36 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.102.154.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 705 (0x2c1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 30 17:17:36 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=62D1B5AED8298623B48CF8BEC4898FED22DDF953
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a8:d1:10:29:8e:46:29:c1:72:56:2e:31:7c:84:
                    70:3f:77:4a:4a:13:ea:ba:75:c4:53:35:40:47:54:
                    2d:cc:e3:be:79:af:c8:e1:d1:6c:db:7e:8c:0b:9b:
                    7c:bf:78:10:19:ac:97:2f:fa:14:80:cf:9e:7c:d9:
                    34:ec:89:4c:7d:3e:2e:da:62:64:fc:2b:fb:6b:df:
                    04:b2:8b:82:54:b6:73:db:fc:ba:5d:d3:82:10:d8:
                    77:f0:15:f1:0d:dc:ad:7a:eb:64:1b:c5:3a:c8:00:
                    81:28:bc:20:86:ae:bf:94:aa:ae:14:3b:46:5b:54:
                    b2:52:74:f5:e3:84:52:33:5b:65:7e:e9:1b:d4:d0:
                    d5:86:b9:c3:a9:ae:81:24:3c:6e:19:04:0a:7c:a6:
                    a6:ec:8c:7b:d7:7c:2a:ed:33:9c:0c:91:ef:a8:1e:
                    d9:91:a9:28:10:2a:d8:1c:39:e1:e1:11:4e:fc:bb:
                    6f:88:4c:23:e2:bb:12:58:fc:38:91:3a:8c:00:68:
                    8b:c7:ee:c3:4a:53:e6:a5:48:05:ef:f1:44:75:21:
                    38:6c:dc:e2:48:c0:e1:01:db:ee:62:87:a2:d5:da:
                    86:c1:f3:32:6e:76:0f:99:89:e9:62:86:80:5f:8d:
                    77:01:17:4f:01:b9:c0:c5:6f:68:7d:a2:72:7d:6a:
                    bf:05
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                62:D1:B5:AE:D8:29:86:23:B4:8C:F8:BE:C4:89:8F:ED:22:DD:F9:53
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/YtG1rtgphiO0jPi-xImP7SLd-VM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.102.154.0/23

    Signature Algorithm: sha256WithRSAEncryption
         16:19:97:89:77:93:9f:a7:f1:3f:66:42:ac:bd:54:ef:4f:02:
         1b:3b:4e:52:29:04:8e:4c:dc:f2:80:7c:6b:1c:ed:ef:2d:58:
         09:c5:58:97:b9:c4:f4:78:a4:00:12:cc:d5:81:52:d0:08:38:
         de:5f:4c:8f:62:2b:90:cd:41:ce:f9:2c:f4:bc:5e:0d:7b:25:
         29:33:e5:fa:02:c0:41:de:1b:fd:8e:f9:58:30:64:fa:17:52:
         2e:4f:ac:73:50:48:aa:75:87:af:c0:2f:ca:e9:ff:0a:f9:b2:
         70:a7:7d:3e:05:5e:9b:c4:90:a9:12:94:a1:61:84:6e:f8:67:
         a5:32:bd:83:36:40:79:69:38:90:da:31:88:6e:0d:79:ef:89:
         9a:62:aa:c8:27:8e:6b:87:6e:16:3f:ea:8e:5a:a3:8f:05:83:
         13:ad:27:ec:3b:17:57:4e:38:0f:1c:35:b3:70:f6:87:fe:7a:
         d1:1e:19:62:93:a1:8e:57:93:db:f9:b0:4d:e1:71:95:63:73:
         8e:8f:af:3f:69:35:62:ca:44:9e:56:ea:62:d2:89:8a:4f:76:
         82:73:55:3f:e2:d0:a3:25:83:5c:2d:15:c2:fa:3f:b1:30:6b:
         9a:13:f9:b6:8f:e1:ca:fd:e7:be:9f:7f:99:ff:31:fb:1d:2f:
         85:f0:92:18
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAsEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MzAx
NzE3MzZaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDYyRDFCNUFFRDgyOTg2
MjNCNDhDRjhCRUM0ODk4RkVEMjJEREY5NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCo0RApjkYpwXJWLjF8hHA/d0pKE+q6dcRTNUBHVC3M4755r8jh
0WzbfowLm3y/eBAZrJcv+hSAz5582TTsiUx9Pi7aYmT8K/tr3wSyi4JUtnPb/Lpd
04IQ2HfwFfEN3K1662QbxTrIAIEovCCGrr+Uqq4UO0ZbVLJSdPXjhFIzW2V+6RvU
0NWGucOproEkPG4ZBAp8pqbsjHvXfCrtM5wMke+oHtmRqSgQKtgcOeHhEU78u2+I
TCPiuxJY/DiROowAaIvH7sNKU+alSAXv8UR1IThs3OJIwOEB2+5ih6LV2obB8zJu
dg+ZielihoBfjXcBF08BucDFb2h9onJ9ar8FAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUYtG1rtgphiO0jPi+xImP7SLd+VMwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L1l0RzFydGdwaGlPMGpQaS14SW1QN1NMZC1WTS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExZpowDQYJKoZIhvcNAQELBQADggEBABYZl4l3k5+n8T9mQqy9VO9PAhs7
TlIpBI5M3PKAfGsc7e8tWAnFWJe5xPR4pAASzNWBUtAION5fTI9iK5DNQc75LPS8
Xg17JSkz5foCwEHeG/2O+VgwZPoXUi5PrHNQSKp1h6/AL8rp/wr5snCnfT4FXpvE
kKkSlKFhhG74Z6UyvYM2QHlpOJDaMYhuDXnviZpiqsgnjmuHbhY/6o5ao48FgxOt
J+w7F1dOOA8cNbNw9of+etEeGWKToY5Xk9v5sE3hcZVjc46Prz9pNWLKRJ5W6mLS
iYpPdoJzVT/i0KMlg1wtFcL6P7Ewa5oT+baP4cr9576ff5n/MfsdL4Xwkhg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:02 2024 by rpki-client on console-ams.rpki-client.org