Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/ifE9GjJdmvkTQSZGiH64kAzztps.roa
File:                     ifE9GjJdmvkTQSZGiH64kAzztps.roa (raw, json)
Hash identifier:          26B7OlqsRzQ4WIymS9uQeDiRpKM6LmlYXIzENZSshns=
Subject key identifier:   89:F1:3D:1A:32:5D:9A:F9:13:41:26:46:88:7E:B8:90:0C:F3:B6:9B
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       02B1
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/ifE9GjJdmvkTQSZGiH64kAzztps.roa
Signing time:             Tue 30 May 2023 17:17:30 +0000
ROA not before:           Tue 30 May 2023 17:17:30 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.102.156.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 689 (0x2b1)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 30 17:17:30 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=89F13D1A325D9AF913412646887EB8900CF3B69B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bf:25:87:01:8b:5f:86:a0:c7:73:c5:d7:93:77:
                    52:06:5d:ed:6a:c7:04:92:08:ea:87:6b:04:4b:8b:
                    55:3c:47:ef:15:29:66:30:f3:3a:27:1d:44:7e:7e:
                    2b:f1:d7:1b:52:2c:37:0d:18:6a:f7:92:53:48:d6:
                    3e:a2:00:6d:32:16:86:99:1a:cf:85:19:45:63:64:
                    6a:38:0b:2a:69:45:ab:7c:91:85:a9:eb:2c:a7:92:
                    14:6b:5c:2a:e0:c5:72:32:82:6a:fb:ca:b5:8f:e1:
                    b2:09:4c:74:09:72:13:c6:83:c4:83:06:51:04:f9:
                    7c:ec:ed:64:0e:27:82:39:fe:e9:76:f7:25:63:05:
                    35:2d:7a:79:29:d2:32:35:7c:eb:d4:51:f6:e6:37:
                    1d:77:57:00:8b:73:9f:d4:15:f3:13:2e:69:23:b2:
                    ea:0c:d8:ac:34:85:4a:ad:00:43:18:78:d5:f1:b3:
                    db:ec:1e:4b:28:e4:a7:36:cf:d4:60:ea:7e:86:2f:
                    ef:68:40:a8:36:a5:d9:ef:39:19:a6:5a:ca:10:f7:
                    e8:c7:65:cd:a2:ec:5d:ab:ec:6b:72:3e:cb:1d:d3:
                    7d:37:c4:7c:e6:72:8f:4d:86:00:08:d1:cf:28:31:
                    3e:05:a9:cc:ee:fe:ea:2d:bc:6c:81:71:57:7f:4b:
                    af:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                89:F1:3D:1A:32:5D:9A:F9:13:41:26:46:88:7E:B8:90:0C:F3:B6:9B
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/ifE9GjJdmvkTQSZGiH64kAzztps.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.102.156.0/23

    Signature Algorithm: sha256WithRSAEncryption
         d0:bb:e8:d7:71:59:5b:7b:95:7f:4c:79:97:8a:33:64:f0:eb:
         cb:a9:1c:14:d0:84:5b:b1:7a:1c:16:9e:79:e1:9f:2e:a3:f3:
         5c:bb:8c:59:c5:f2:c6:cc:34:6b:d7:27:d7:96:f7:80:07:d3:
         46:66:64:bd:a6:51:84:b5:b3:01:bf:24:c2:9b:bb:7a:84:3f:
         0d:d0:61:b2:e1:2c:50:35:61:fb:fc:c7:f3:50:3d:93:5d:c0:
         7a:6e:b4:f6:cb:e4:5a:07:56:38:65:a6:bb:7c:9c:37:1b:0b:
         e9:88:66:c0:f5:e9:01:a0:44:d5:5e:ab:cc:13:e0:b8:9e:fd:
         22:8f:a1:7c:02:40:98:aa:77:08:64:59:21:da:14:46:3e:71:
         8e:88:fc:20:8e:a0:10:b0:cd:4a:51:13:28:af:67:f8:8b:c8:
         e7:42:06:a1:51:d6:df:b9:99:0b:e1:e9:ab:82:78:3b:af:e2:
         7a:e1:5d:6b:7a:e1:10:9b:4a:16:08:1b:f4:36:78:43:8b:09:
         f2:6c:7d:3c:86:a9:48:c1:f6:eb:bb:a0:2a:0d:53:85:8f:2c:
         f5:43:c9:39:3a:34:03:58:17:30:15:20:7b:54:2d:fc:90:b0:
         b4:9e:ea:f7:e0:fe:2f:52:84:bd:de:ca:c6:4c:56:6c:b3:1f:
         b6:73:eb:6a
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICArEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MzAx
NzE3MzBaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDg5RjEzRDFBMzI1RDlB
RjkxMzQxMjY0Njg4N0VCODkwMENGM0I2OUIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC/JYcBi1+GoMdzxdeTd1IGXe1qxwSSCOqHawRLi1U8R+8VKWYw
8zonHUR+fivx1xtSLDcNGGr3klNI1j6iAG0yFoaZGs+FGUVjZGo4CyppRat8kYWp
6yynkhRrXCrgxXIygmr7yrWP4bIJTHQJchPGg8SDBlEE+Xzs7WQOJ4I5/ul29yVj
BTUtenkp0jI1fOvUUfbmNx13VwCLc5/UFfMTLmkjsuoM2Kw0hUqtAEMYeNXxs9vs
Hkso5Kc2z9Rg6n6GL+9oQKg2pdnvORmmWsoQ9+jHZc2i7F2r7GtyPssd0303xHzm
co9NhgAI0c8oMT4Fqczu/uotvGyBcVd/S6+JAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUifE9GjJdmvkTQSZGiH64kAzztpswHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2lmRTlHakpkbXZrVFFTWkdpSDY0a0F6enRwcy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExZpwwDQYJKoZIhvcNAQELBQADggEBANC76NdxWVt7lX9MeZeKM2Tw68up
HBTQhFuxehwWnnnhny6j81y7jFnF8sbMNGvXJ9eW94AH00ZmZL2mUYS1swG/JMKb
u3qEPw3QYbLhLFA1Yfv8x/NQPZNdwHputPbL5FoHVjhlprt8nDcbC+mIZsD16QGg
RNVeq8wT4Lie/SKPoXwCQJiqdwhkWSHaFEY+cY6I/CCOoBCwzUpREyivZ/iLyOdC
BqFR1t+5mQvh6auCeDuv4nrhXWt64RCbShYIG/Q2eEOLCfJsfTyGqUjB9uu7oCoN
U4WPLPVDyTk6NANYFzAVIHtULfyQsLSe6vfg/i9ShL3eysZMVmyzH7Zz62o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:02 2024 by rpki-client on console-ams.rpki-client.org