Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/bXh5ORF0K0-HrdPgVh2-AYR-vXM.roa
File:                     bXh5ORF0K0-HrdPgVh2-AYR-vXM.roa (raw, json)
Hash identifier:          MfRlUMQNBH7ctnZBBvVv+i+xp2FP+IQhtdthyoV8u/c=
Subject key identifier:   6D:78:79:39:11:74:2B:4F:87:AD:D3:E0:56:1D:BE:01:84:7E:BD:73
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       73
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/bXh5ORF0K0-HrdPgVh2-AYR-vXM.roa
Signing time:             Mon 27 Mar 2023 16:11:58 +0000
ROA not before:           Mon 27 Mar 2023 16:11:58 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.72.8.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 115 (0x73)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 27 16:11:58 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=6D78793911742B4F87ADD3E0561DBE01847EBD73
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c2:a6:38:1a:27:0f:a1:c7:85:f4:70:bb:ad:94:
                    e0:b1:f7:18:5a:1d:d3:68:18:bc:cc:a1:72:16:94:
                    03:02:70:aa:fa:5b:da:1c:31:44:92:65:66:09:a4:
                    91:29:e9:cf:18:45:ea:1f:b6:fc:65:66:0a:f5:ef:
                    66:50:51:90:84:47:5f:f3:b8:7d:c9:99:46:d0:dc:
                    6d:75:e7:7e:24:a5:5a:c1:44:f5:05:88:20:51:34:
                    9b:b7:ca:43:8d:7d:a1:1f:25:7d:c1:52:29:88:db:
                    24:ea:db:e2:f2:54:7c:48:cb:c9:bc:47:bd:0e:e5:
                    1f:14:67:88:43:3b:25:b0:9a:2c:38:1a:3b:d8:82:
                    2d:5c:08:65:3c:fa:24:fe:27:f0:7a:59:ca:32:2c:
                    56:ed:2d:1e:68:9a:b0:18:b2:db:45:5e:12:69:17:
                    5b:f9:c9:d1:a9:aa:b4:37:fc:6b:bc:42:dd:7e:f7:
                    26:60:b8:f5:54:4f:3c:15:33:0b:37:a5:d0:a9:ff:
                    66:f6:28:6e:75:66:06:0f:12:ff:72:39:48:af:94:
                    15:3f:3c:07:7a:e2:ae:e0:ca:2e:ab:5f:fd:1f:c8:
                    25:69:12:f7:c4:87:d4:ed:03:bd:a5:0b:bf:2f:33:
                    38:92:c0:e1:ed:b3:82:ae:48:f0:dc:38:f9:39:15:
                    c2:9b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                6D:78:79:39:11:74:2B:4F:87:AD:D3:E0:56:1D:BE:01:84:7E:BD:73
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/bXh5ORF0K0-HrdPgVh2-AYR-vXM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.72.8.0/23

    Signature Algorithm: sha256WithRSAEncryption
         9b:82:fc:45:95:70:65:41:bc:fb:44:dd:57:63:fe:47:16:81:
         d3:3e:c9:8f:b5:a1:f3:64:60:89:10:53:b2:78:1b:a5:88:90:
         65:35:32:32:46:7a:5c:64:e8:51:aa:5d:42:3f:76:af:8f:66:
         4c:40:eb:64:95:41:2d:e0:61:20:b4:81:c3:00:fd:94:9e:35:
         04:37:f0:e6:b3:ab:74:6e:08:95:b9:c1:bb:b0:e9:6a:fa:fd:
         7b:98:01:f9:be:4c:c6:e0:fa:68:c4:2e:49:7d:e8:8b:50:df:
         21:52:7b:5a:a3:f1:c3:54:2f:78:09:01:f1:8d:65:7a:77:26:
         68:e2:2a:e6:dd:57:44:68:7a:7e:5c:2d:04:97:c9:52:bb:7b:
         44:8a:3b:10:0c:05:79:95:d1:7a:d0:50:08:d1:cc:95:35:3f:
         94:ee:aa:ff:27:db:fd:b8:d1:8a:9b:d5:0b:10:a6:37:1b:9b:
         dc:2a:f2:2f:8f:70:6e:40:52:26:51:47:b0:04:e4:9b:da:ef:
         13:3d:04:d5:aa:a5:63:f1:44:96:a9:ba:84:7c:22:f6:ff:57:
         3a:aa:66:69:25:08:82:09:48:ed:90:dd:43:78:60:7a:2e:74:
         13:be:bc:dd:f6:a0:53:95:ab:72:c6:e0:9e:10:bd:01:49:51:
         8e:fa:1d:bc
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTY1
QjBCMjBEREUwN0E0Qzk3OEUyNDA3M0VBMEUxMTE3QjM3NDczMB4XDTIzMDMyNzE2
MTE1OFoXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoNkQ3ODc5MzkxMTc0MkI0
Rjg3QUREM0UwNTYxREJFMDE4NDdFQkQ3MzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAMKmOBonD6HHhfRwu62U4LH3GFod02gYvMyhchaUAwJwqvpb2hwx
RJJlZgmkkSnpzxhF6h+2/GVmCvXvZlBRkIRHX/O4fcmZRtDcbXXnfiSlWsFE9QWI
IFE0m7fKQ419oR8lfcFSKYjbJOrb4vJUfEjLybxHvQ7lHxRniEM7JbCaLDgaO9iC
LVwIZTz6JP4n8HpZyjIsVu0tHmiasBiy20VeEmkXW/nJ0amqtDf8a7xC3X73JmC4
9VRPPBUzCzel0Kn/ZvYobnVmBg8S/3I5SK+UFT88B3riruDKLqtf/R/IJWkS98SH
1O0DvaULvy8zOJLA4e2zgq5I8Nw4+TkVwpsCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBRteHk5EXQrT4et0+BWHb4BhH69czAfBgNVHSMEGDAWgBRpZbCyDd4HpMl44kBz
6g4RF7N0czAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5L2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJlemRITS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJl
emRITS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvYlhoNU9SRjBLMC1IcmRQZ1ZoMi1BWVItdlhNLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAQFICDANBgkqhkiG9w0BAQsFAAOCAQEAm4L8RZVwZUG8+0TdV2P+RxaB0z7J
j7Wh82RgiRBTsngbpYiQZTUyMkZ6XGToUapdQj92r49mTEDrZJVBLeBhILSBwwD9
lJ41BDfw5rOrdG4IlbnBu7Dpavr9e5gB+b5MxuD6aMQuSX3oi1DfIVJ7WqPxw1Qv
eAkB8Y1lencmaOIq5t1XRGh6flwtBJfJUrt7RIo7EAwFeZXRetBQCNHMlTU/lO6q
/yfb/bjRipvVCxCmNxub3CryL49wbkBSJlFHsATkm9rvEz0E1aqlY/FElqm6hHwi
9v9XOqpmaSUIgglI7ZDdQ3hgei50E7683fagU5WrcsbgnhC9AUlRjvodvA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:52 2024 by rpki-client on console-fra.rpki-client.org