Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/iDSJ5jNBp3w-I0_JvPpDfEGUSmc.roa
File:                     iDSJ5jNBp3w-I0_JvPpDfEGUSmc.roa (raw, json)
Hash identifier:          bL7QoJPC9/3HkRgpf4yoen8ZVLlqozid4+VCd93ndVc=
Subject key identifier:   88:34:89:E6:33:41:A7:7C:3E:23:4F:C9:BC:FA:43:7C:41:94:4A:67
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0140
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/iDSJ5jNBp3w-I0_JvPpDfEGUSmc.roa
Signing time:             Wed 24 May 2023 16:31:11 +0000
ROA not before:           Wed 24 May 2023 16:31:11 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.105.120.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 320 (0x140)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 24 16:31:11 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=883489E63341A77C3E234FC9BCFA437C41944A67
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:cc:51:9a:68:7b:ec:11:e1:1a:96:12:1f:95:
                    46:66:07:8b:d6:74:2c:9a:92:19:1c:87:86:72:90:
                    06:08:47:67:b9:16:be:fc:92:d3:a5:98:14:c3:6a:
                    eb:4c:8f:b9:6e:da:12:d7:c1:be:56:35:2c:9b:1e:
                    a1:04:37:b0:e0:eb:f8:38:47:79:4c:b2:d8:9e:cb:
                    5d:d0:4d:4a:04:af:92:82:6e:51:77:ed:0c:da:77:
                    84:53:4e:20:8c:75:ef:ae:39:39:6f:f7:4a:03:8a:
                    89:f7:e8:19:81:84:c7:44:b1:68:42:5e:31:86:ef:
                    9c:22:0b:9b:3b:9f:13:5d:94:68:a9:9a:0f:14:61:
                    2c:5a:76:11:cd:44:85:57:4e:bd:59:32:8e:76:c9:
                    10:d9:92:ac:67:51:1a:ac:41:4f:5e:f5:79:25:62:
                    d5:73:33:2d:7f:dd:d1:9b:32:0d:6c:1b:71:e6:11:
                    4d:82:5b:85:96:a3:c8:2d:40:2c:a0:c3:f7:95:e2:
                    65:08:9e:fb:62:bc:5c:e4:ad:4a:46:f1:f5:4e:d2:
                    36:7a:a6:4d:80:f5:3b:0e:b6:c2:f7:73:cb:14:62:
                    5f:36:6c:60:84:de:03:0d:42:c9:c0:ac:f8:b4:08:
                    95:15:17:be:37:be:e9:a0:8c:11:e8:58:aa:5c:35:
                    b7:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                88:34:89:E6:33:41:A7:7C:3E:23:4F:C9:BC:FA:43:7C:41:94:4A:67
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/iDSJ5jNBp3w-I0_JvPpDfEGUSmc.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.105.120.0/21

    Signature Algorithm: sha256WithRSAEncryption
         87:fb:f9:21:27:32:93:81:11:57:78:74:f6:fe:9a:9a:7f:66:
         36:cf:da:2d:3e:23:ee:e2:06:df:f2:70:cd:22:68:c2:f3:13:
         82:47:5e:37:6e:b2:87:31:db:81:51:db:e0:6f:71:95:dc:50:
         4e:f3:8a:fb:15:e8:3d:a8:0e:cf:12:4b:73:00:5b:3c:b5:c3:
         7d:96:4c:07:95:5e:8f:bf:30:40:9e:70:29:bf:36:f2:c1:53:
         6d:a6:cf:35:95:db:2e:f2:5b:20:27:ea:29:e1:5b:65:dd:69:
         a0:e3:24:48:05:dd:82:14:ef:88:ef:db:79:5b:a1:53:46:e6:
         78:5b:27:a1:96:0c:2a:93:fb:72:c3:bf:e7:48:f2:7c:06:15:
         90:17:93:3f:f7:9d:9f:81:6e:6b:6c:9a:7d:56:c8:21:20:de:
         63:8e:14:81:a1:60:dc:12:47:c7:b4:37:ef:95:07:ea:ab:e5:
         ce:ad:5a:25:b2:27:ba:1c:0a:d8:43:25:24:dd:94:bc:f2:b6:
         d5:99:d2:ab:cd:c4:7f:df:94:04:51:2e:3e:83:49:55:98:f6:
         20:02:c0:e8:cd:b9:16:70:74:ff:26:2d:1d:43:a5:c6:cd:7c:
         37:30:fc:db:5b:c6:ff:e2:9e:ea:44:04:87:f2:eb:1a:c1:b0:
         54:f9:96:4a
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAUAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MjQx
NjMxMTFaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDg4MzQ4OUU2MzM0MUE3
N0MzRTIzNEZDOUJDRkE0MzdDNDE5NDRBNjcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpzFGaaHvsEeEalhIflUZmB4vWdCyakhkch4ZykAYIR2e5Fr78
ktOlmBTDautMj7lu2hLXwb5WNSybHqEEN7Dg6/g4R3lMstiey13QTUoEr5KCblF3
7Qzad4RTTiCMde+uOTlv90oDion36BmBhMdEsWhCXjGG75wiC5s7nxNdlGipmg8U
YSxadhHNRIVXTr1ZMo52yRDZkqxnURqsQU9e9XklYtVzMy1/3dGbMg1sG3HmEU2C
W4WWo8gtQCygw/eV4mUInvtivFzkrUpG8fVO0jZ6pk2A9TsOtsL3c8sUYl82bGCE
3gMNQsnArPi0CJUVF743vumgjBHoWKpcNbcBAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUiDSJ5jNBp3w+I0/JvPpDfEGUSmcwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2lEU0o1ak5CcDN3LUkwX0p2UHBEZkVHVVNtYy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMxaXgwDQYJKoZIhvcNAQELBQADggEBAIf7+SEnMpOBEVd4dPb+mpp/ZjbP
2i0+I+7iBt/ycM0iaMLzE4JHXjdusocx24FR2+BvcZXcUE7zivsV6D2oDs8SS3MA
Wzy1w32WTAeVXo+/MECecCm/NvLBU22mzzWV2y7yWyAn6inhW2XdaaDjJEgF3YIU
74jv23lboVNG5nhbJ6GWDCqT+3LDv+dI8nwGFZAXkz/3nZ+Bbmtsmn1WyCEg3mOO
FIGhYNwSR8e0N++VB+qr5c6tWiWyJ7ocCthDJSTdlLzyttWZ0qvNxH/flARRLj6D
SVWY9iACwOjNuRZwdP8mLR1DpcbNfDcw/Ntbxv/inupEBIfy6xrBsFT5lko=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:52 2024 by rpki-client on console-fra.rpki-client.org