Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/ki96AoWDI8H1HNUqOhdtDhcV9y4.roa
File:                     ki96AoWDI8H1HNUqOhdtDhcV9y4.roa (raw, json)
Hash identifier:          yTyiHaWeFsI+L0PXrTYz0BiQTnkGJncT0MkDVLjc73U=
Subject key identifier:   92:2F:7A:02:85:83:23:C1:F5:1C:D5:2A:3A:17:6D:0E:17:15:F7:2E
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0224
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/ki96AoWDI8H1HNUqOhdtDhcV9y4.roa
Signing time:             Tue 30 May 2023 16:30:31 +0000
ROA not before:           Tue 30 May 2023 16:30:31 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        220.210.60.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 548 (0x224)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 30 16:30:31 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=922F7A02858323C1F51CD52A3A176D0E1715F72E
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bb:e8:73:b2:e0:31:a3:7a:79:9c:53:db:96:fd:
                    13:89:23:d0:b2:8a:54:6c:14:14:65:2c:7b:1d:d9:
                    9c:40:83:a2:57:78:cc:54:17:b1:d7:d5:36:24:1a:
                    c2:4d:db:b1:0d:ef:eb:4c:10:8c:b7:f5:a9:d4:e7:
                    c8:c8:02:d1:d4:aa:27:49:7e:df:ef:ab:b3:ff:52:
                    53:47:c8:16:ec:d0:b4:3a:e8:ed:11:cc:63:87:d6:
                    37:b5:0f:23:9b:97:bc:53:a6:a1:81:be:27:5d:cb:
                    78:2f:31:a8:d8:80:83:fc:c8:5f:5f:24:87:cc:0f:
                    22:6d:95:9e:a7:ef:93:af:33:60:d2:f9:26:14:0d:
                    a3:18:c4:89:92:be:4f:3b:ef:25:45:57:7a:9c:64:
                    80:a5:20:00:f5:70:f7:d2:5c:4d:ab:ab:9d:a9:7e:
                    95:92:22:b8:cc:3b:51:a8:13:98:85:b8:83:19:0f:
                    9b:b0:3f:04:9e:a9:c3:5b:a9:a3:c1:01:21:95:6c:
                    96:17:96:ab:c2:9a:8d:dd:fc:2e:58:80:a3:a7:37:
                    2a:a4:13:bd:b8:27:59:79:bb:ae:90:a4:90:9f:3f:
                    a1:46:3c:f7:4c:7e:e5:4d:30:e6:06:83:f3:f7:1f:
                    3a:78:c1:3d:bd:45:ec:29:a8:c3:2e:be:35:2a:b2:
                    9b:d3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:2F:7A:02:85:83:23:C1:F5:1C:D5:2A:3A:17:6D:0E:17:15:F7:2E
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/ki96AoWDI8H1HNUqOhdtDhcV9y4.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.210.60.0/22

    Signature Algorithm: sha256WithRSAEncryption
         06:c7:22:d0:4b:60:e5:90:30:4f:59:c0:fb:0f:b9:7e:7d:63:
         44:2e:c3:77:14:3c:18:62:99:9c:1a:d0:e4:81:69:2e:77:43:
         a7:19:25:a0:95:b5:65:97:6e:20:9b:76:0f:40:8c:2f:6b:32:
         60:b3:7a:3c:65:1b:ae:91:03:d0:64:c2:b3:fb:ce:ce:bc:4c:
         c2:76:d0:c1:9d:46:86:51:62:75:1e:91:ab:51:0e:72:cd:20:
         f4:be:56:4a:8c:d9:59:f7:46:c1:31:e1:87:19:6b:f6:f7:e8:
         2b:af:57:73:0e:b2:5c:f1:75:3c:d5:a7:e7:2e:19:83:f4:51:
         4f:f2:84:52:6d:91:fb:25:21:78:dc:71:ba:11:55:cb:db:ac:
         28:3f:70:dd:50:9c:e5:89:b6:b4:d6:fb:de:1f:1e:71:c5:8d:
         64:21:c4:28:34:4a:bb:ab:46:e8:bf:1f:bf:09:71:86:18:27:
         65:54:22:a3:ce:94:5e:b5:59:ef:3a:a9:de:4e:86:99:16:e5:
         66:06:e3:1b:9f:99:34:42:6f:64:8a:dc:f2:61:89:65:60:9e:
         c1:75:9d:9f:cf:ae:62:3b:4f:a7:83:4a:23:0a:5c:8a:4d:b6:
         59:53:f8:be:d1:72:3a:02:c6:3e:45:c0:69:d0:07:e6:e8:35:
         6a:ea:5e:ba
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAiQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MzAx
NjMwMzFaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDkyMkY3QTAyODU4MzIz
QzFGNTFDRDUyQTNBMTc2RDBFMTcxNUY3MkUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC76HOy4DGjenmcU9uW/ROJI9CyilRsFBRlLHsd2ZxAg6JXeMxU
F7HX1TYkGsJN27EN7+tMEIy39anU58jIAtHUqidJft/vq7P/UlNHyBbs0LQ66O0R
zGOH1je1DyObl7xTpqGBviddy3gvMajYgIP8yF9fJIfMDyJtlZ6n75OvM2DS+SYU
DaMYxImSvk877yVFV3qcZIClIAD1cPfSXE2rq52pfpWSIrjMO1GoE5iFuIMZD5uw
PwSeqcNbqaPBASGVbJYXlqvCmo3d/C5YgKOnNyqkE724J1l5u66QpJCfP6FGPPdM
fuVNMOYGg/P3Hzp4wT29RewpqMMuvjUqspvTAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUki96AoWDI8H1HNUqOhdtDhcV9y4wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2tpOTZBb1dESThIMUhOVXFPaGR0RGhjVjl5NC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBALc0jwwDQYJKoZIhvcNAQELBQADggEBAAbHItBLYOWQME9ZwPsPuX59Y0Qu
w3cUPBhimZwa0OSBaS53Q6cZJaCVtWWXbiCbdg9AjC9rMmCzejxlG66RA9BkwrP7
zs68TMJ20MGdRoZRYnUekatRDnLNIPS+VkqM2Vn3RsEx4YcZa/b36CuvV3MOslzx
dTzVp+cuGYP0UU/yhFJtkfslIXjccboRVcvbrCg/cN1QnOWJtrTW+94fHnHFjWQh
xCg0SrurRui/H78JcYYYJ2VUIqPOlF61We86qd5OhpkW5WYG4xufmTRCb2SK3PJh
iWVgnsF1nZ/PrmI7T6eDSiMKXIpNtllT+L7RcjoCxj5FwGnQB+boNWrqXro=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:02 2024 by rpki-client on console-ams.rpki-client.org