Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/helrRdghmvMt4VITiAkTSYmodDc.roa
File:                     helrRdghmvMt4VITiAkTSYmodDc.roa (raw, json)
Hash identifier:          IxX382hDeULYnZhflS/3FwjxcVnwOVQvfY/gbkjBK5I=
Subject key identifier:   85:E9:6B:45:D8:21:9A:F3:2D:E1:52:13:88:09:13:49:89:A8:74:37
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0415
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/helrRdghmvMt4VITiAkTSYmodDc.roa
Signing time:             Tue 06 Jun 2023 16:05:56 +0000
ROA not before:           Tue 06 Jun 2023 16:05:56 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.104.14.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1045 (0x415)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  6 16:05:56 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=85E96B45D8219AF32DE152138809134989A87437
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:07:00:ef:0f:88:fe:09:4a:6b:8a:96:f0:c4:
                    f7:0f:16:65:f8:ff:f6:b6:9f:17:18:b5:98:3e:f1:
                    b7:bc:ea:e4:02:26:48:62:0e:dd:44:18:c5:fd:5b:
                    74:2f:4d:6d:96:58:56:25:90:db:0d:92:2f:9a:e0:
                    76:f4:11:81:b3:28:da:66:25:01:70:93:f1:1c:54:
                    1f:53:87:26:19:7a:63:d6:35:3f:23:56:a5:cf:57:
                    40:54:9f:b1:9b:8b:e0:0f:d8:84:7d:1b:61:d2:f6:
                    e5:05:fe:40:bf:4e:a0:31:e2:6e:8b:c7:33:01:3b:
                    ac:0c:20:93:09:00:01:a1:a1:36:2b:75:bc:d6:ed:
                    72:94:e6:94:db:77:02:cc:fc:2b:91:d3:30:ad:77:
                    e7:07:cf:3a:82:c5:58:a9:2e:82:ce:43:e0:90:1f:
                    6b:2e:90:b7:6f:1c:c0:45:1a:f8:95:5c:9e:e4:78:
                    85:30:7d:8e:b8:62:12:25:05:c7:c1:55:63:6f:09:
                    75:6a:00:75:53:e7:61:93:c1:a7:c6:29:43:b8:5a:
                    3a:c9:23:7c:ac:a9:87:9c:e7:0c:99:ec:40:5b:50:
                    cf:58:fe:a5:c7:2e:f1:40:6a:fe:03:db:e8:ae:40:
                    4c:f7:4b:11:4a:43:a5:11:67:61:fe:b2:68:b2:91:
                    12:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                85:E9:6B:45:D8:21:9A:F3:2D:E1:52:13:88:09:13:49:89:A8:74:37
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/helrRdghmvMt4VITiAkTSYmodDc.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.104.14.0/23

    Signature Algorithm: sha256WithRSAEncryption
         be:96:c9:30:d5:43:1b:3f:c3:f7:d1:a6:6a:92:db:47:bc:72:
         3f:c4:ae:00:96:51:75:17:40:34:34:06:55:75:8d:c3:de:23:
         72:45:08:32:c4:8e:8a:32:26:74:9b:df:7c:73:ff:d0:af:f8:
         90:1c:0b:3f:18:91:22:d9:f2:f6:51:c5:36:1d:26:74:4b:17:
         25:06:3f:96:c9:6b:9a:f4:ee:16:58:98:b5:4a:23:10:e7:c7:
         72:89:aa:8b:45:ec:9c:ee:2b:19:85:55:af:25:6d:23:f1:63:
         d7:5e:d2:82:c6:05:f6:1e:c6:ff:53:07:33:dd:c7:a7:2d:79:
         48:44:4f:5a:be:b9:06:f4:88:44:95:43:87:d5:c0:bd:b9:1b:
         ec:ac:25:67:99:f3:a0:7a:8f:6e:2f:0a:db:3b:ec:4b:0d:1a:
         d0:71:a5:66:f7:e4:64:9d:1a:9c:b6:30:79:82:cb:16:61:09:
         71:38:ee:b5:b4:9d:aa:41:47:d5:30:69:2d:90:71:b1:37:e8:
         37:f0:30:2b:09:3e:7a:ce:03:c9:82:2d:06:e8:bf:c5:f7:12:
         7c:3d:98:9a:85:69:a9:de:a2:78:2d:38:5c:36:98:e6:7a:24:
         71:66:a2:cc:cf:b0:ba:8e:ea:9a:fc:6e:05:ed:80:9e:b5:f5:
         d8:f9:7a:b9
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBBUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDYx
NjA1NTZaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDg1RTk2QjQ1RDgyMTlB
RjMyREUxNTIxMzg4MDkxMzQ5ODlBODc0MzcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDqBwDvD4j+CUpripbwxPcPFmX4//a2nxcYtZg+8be86uQCJkhi
Dt1EGMX9W3QvTW2WWFYlkNsNki+a4Hb0EYGzKNpmJQFwk/EcVB9ThyYZemPWNT8j
VqXPV0BUn7Gbi+AP2IR9G2HS9uUF/kC/TqAx4m6LxzMBO6wMIJMJAAGhoTYrdbzW
7XKU5pTbdwLM/CuR0zCtd+cHzzqCxVipLoLOQ+CQH2sukLdvHMBFGviVXJ7keIUw
fY64YhIlBcfBVWNvCXVqAHVT52GTwafGKUO4WjrJI3ysqYec5wyZ7EBbUM9Y/qXH
LvFAav4D2+iuQEz3SxFKQ6URZ2H+smiykRIjAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUhelrRdghmvMt4VITiAkTSYmodDcwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2hlbHJSZGdobXZNdDRWSVRpQWtUU1ltb2REYy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExaA4wDQYJKoZIhvcNAQELBQADggEBAL6WyTDVQxs/w/fRpmqS20e8cj/E
rgCWUXUXQDQ0BlV1jcPeI3JFCDLEjooyJnSb33xz/9Cv+JAcCz8YkSLZ8vZRxTYd
JnRLFyUGP5bJa5r07hZYmLVKIxDnx3KJqotF7JzuKxmFVa8lbSPxY9de0oLGBfYe
xv9TBzPdx6cteUhET1q+uQb0iESVQ4fVwL25G+ysJWeZ86B6j24vCts77EsNGtBx
pWb35GSdGpy2MHmCyxZhCXE47rW0napBR9UwaS2QcbE36DfwMCsJPnrOA8mCLQbo
v8X3Enw9mJqFaaneongtOFw2mOZ6JHFmoszPsLqO6pr8bgXtgJ619dj5erk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:52 2024 by rpki-client on console-fra.rpki-client.org