Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/k3KGUi-rTEA_3z--X5KgIhZTr_0.roa
File:                     k3KGUi-rTEA_3z--X5KgIhZTr_0.roa (raw, json)
Hash identifier:          u8BoOsm5XgPoV71rmxuL7dR4LrzruW+S+jtZyFj8z5M=
Subject key identifier:   93:72:86:52:2F:AB:4C:40:3F:DF:3F:BE:5F:92:A0:22:16:53:AF:FD
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0394
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/k3KGUi-rTEA_3z--X5KgIhZTr_0.roa
Signing time:             Thu 01 Jun 2023 17:57:42 +0000
ROA not before:           Thu 01 Jun 2023 17:57:42 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.106.209.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 916 (0x394)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  1 17:57:42 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=937286522FAB4C403FDF3FBE5F92A0221653AFFD
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b9:4e:8a:26:d0:01:f2:9f:aa:9c:1a:d3:ca:33:
                    c4:1b:1e:c1:d6:f8:d4:45:71:60:89:01:88:e4:42:
                    04:35:45:8c:df:c0:2f:ee:d1:d4:f5:a2:d0:a5:72:
                    92:87:90:09:a2:24:9a:52:27:a5:9d:6e:02:ee:71:
                    9a:f6:76:3a:d8:42:92:62:78:01:20:20:f8:7c:11:
                    29:2a:92:52:97:3e:9f:14:55:28:73:ff:fe:78:85:
                    b5:13:d9:cf:84:03:f3:68:bd:05:ce:d8:92:43:a7:
                    94:d6:4f:05:af:26:48:18:3e:cd:ac:48:10:cb:27:
                    c8:95:b8:3e:e8:e8:7b:9d:15:36:81:e5:aa:ed:61:
                    69:da:24:8f:76:f8:0e:b3:f8:01:00:2d:19:8f:e6:
                    67:a0:fd:cc:c9:23:b4:27:71:f2:58:05:cd:f8:42:
                    65:d9:bc:f7:c9:12:36:2b:15:8c:f8:f4:45:14:47:
                    16:f8:fc:b7:cb:a3:06:60:53:a1:3b:e7:7a:26:64:
                    57:15:3d:5e:e3:da:c0:ee:e7:8f:15:8a:a3:8b:f6:
                    5c:74:24:e6:d3:f2:ac:fb:3b:0f:f2:51:a2:e9:07:
                    b1:97:89:81:19:73:67:53:c8:ff:43:55:44:af:19:
                    20:8f:dd:fd:43:62:2d:52:cb:37:96:07:57:69:68:
                    2f:47
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:72:86:52:2F:AB:4C:40:3F:DF:3F:BE:5F:92:A0:22:16:53:AF:FD
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/k3KGUi-rTEA_3z--X5KgIhZTr_0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.106.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:8a:e3:28:e2:21:24:d9:c0:e1:85:c6:81:98:87:a0:67:89:
         df:7b:84:9d:cf:ba:0e:c4:7d:d5:d2:6b:81:8d:19:93:54:ad:
         6f:03:f6:71:c3:a8:06:0c:ac:0d:36:a6:ed:86:b3:c4:46:9d:
         ec:23:a7:52:59:e9:14:38:3c:d6:f8:8d:92:35:1d:d9:25:13:
         3c:91:3d:a1:99:7d:0d:5c:54:15:52:a8:ba:9e:f8:0f:4d:c8:
         cc:92:45:e9:32:a9:a9:9b:ff:38:b7:e6:36:94:cf:bb:e9:85:
         cf:17:8a:b0:fc:dc:be:12:67:f5:0f:b3:5a:f3:16:df:f2:52:
         3e:68:8c:68:e6:7e:56:08:5e:0f:7b:d3:84:82:1c:d6:56:b6:
         20:42:0c:02:1d:e9:e4:53:6a:ea:ac:64:40:cc:dc:16:8f:7a:
         60:06:29:67:2f:8f:66:68:88:c1:08:64:6d:af:a0:a6:31:c9:
         b2:e0:f2:02:b5:05:55:b5:a9:ad:35:75:4f:de:44:98:60:86:
         50:1a:20:75:63:fc:24:c1:34:e8:19:99:05:59:7a:de:ee:c4:
         a7:c3:51:3f:b8:61:46:07:58:85:4e:0b:76:da:07:92:53:19:
         33:ac:31:39:ae:b3:97:13:4a:7c:f0:f4:af:91:fe:bb:7a:c7:
         91:2a:70:55
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICA5QwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDEx
NzU3NDJaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDkzNzI4NjUyMkZBQjRD
NDAzRkRGM0ZCRTVGOTJBMDIyMTY1M0FGRkQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC5Toom0AHyn6qcGtPKM8QbHsHW+NRFcWCJAYjkQgQ1RYzfwC/u
0dT1otClcpKHkAmiJJpSJ6WdbgLucZr2djrYQpJieAEgIPh8ESkqklKXPp8UVShz
//54hbUT2c+EA/NovQXO2JJDp5TWTwWvJkgYPs2sSBDLJ8iVuD7o6HudFTaB5art
YWnaJI92+A6z+AEALRmP5meg/czJI7QncfJYBc34QmXZvPfJEjYrFYz49EUURxb4
/LfLowZgU6E753omZFcVPV7j2sDu548ViqOL9lx0JObT8qz7Ow/yUaLpB7GXiYEZ
c2dTyP9DVUSvGSCP3f1DYi1SyzeWB1dpaC9HAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUk3KGUi+rTEA/3z++X5KgIhZTr/0wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2szS0dVaS1yVEVBXzN6LS1YNUtnSWhaVHJfMC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxatEwDQYJKoZIhvcNAQELBQADggEBAIuK4yjiISTZwOGFxoGYh6Bnid97
hJ3Pug7EfdXSa4GNGZNUrW8D9nHDqAYMrA02pu2Gs8RGnewjp1JZ6RQ4PNb4jZI1
HdklEzyRPaGZfQ1cVBVSqLqe+A9NyMySRekyqamb/zi35jaUz7vphc8XirD83L4S
Z/UPs1rzFt/yUj5ojGjmflYIXg9704SCHNZWtiBCDAId6eRTauqsZEDM3BaPemAG
KWcvj2ZoiMEIZG2voKYxybLg8gK1BVW1qa01dU/eRJhghlAaIHVj/CTBNOgZmQVZ
et7uxKfDUT+4YUYHWIVOC3baB5JTGTOsMTmus5cTSnzw9K+R/rt6x5EqcFU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:52 2024 by rpki-client on console-fra.rpki-client.org