Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/koywLjp7RajaBfBASrZuu0KCvPI.roa
File:                     koywLjp7RajaBfBASrZuu0KCvPI.roa (raw, json)
Hash identifier:          sA9tFRcUa9+CQGuwf9mrrt0yc11Vru2I0kAXwfltTpw=
Subject key identifier:   92:8C:B0:2E:3A:7B:45:A8:DA:05:F0:40:4A:B6:6E:BB:42:82:BC:F2
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       037F
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/koywLjp7RajaBfBASrZuu0KCvPI.roa
Signing time:             Thu 01 Jun 2023 17:57:34 +0000
ROA not before:           Thu 01 Jun 2023 17:57:34 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.75.216.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 895 (0x37f)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  1 17:57:34 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=928CB02E3A7B45A8DA05F0404AB66EBB4282BCF2
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:fd:74:c4:4d:e8:80:f8:5d:cc:ea:49:75:b1:
                    a0:54:f6:1e:67:a2:4b:a7:74:05:db:3d:90:40:a9:
                    50:02:f3:fe:28:1a:02:ff:49:90:80:3a:20:14:05:
                    df:69:56:44:b4:c0:da:ac:24:ca:35:90:6f:e8:ef:
                    ea:b5:55:5e:04:1e:bd:7d:e3:33:c7:13:13:75:4b:
                    52:3d:8a:90:69:d9:ac:00:41:8a:e0:7c:ba:b1:08:
                    44:66:8f:9b:c8:6b:1e:8a:c2:f1:8f:af:cc:3b:19:
                    81:59:80:6f:f3:66:59:3e:d2:3d:d5:90:73:25:fe:
                    b0:1a:e5:7e:08:71:37:fa:6e:4f:9d:23:d6:90:3b:
                    fd:73:6c:12:86:54:d0:74:f0:a4:50:4a:7b:7e:a5:
                    f0:43:df:1a:61:66:64:dc:96:4d:dc:4b:3b:29:42:
                    bd:83:35:14:29:97:ef:c0:c3:79:a2:55:ba:dc:6c:
                    85:61:16:8b:1b:4c:9a:72:91:6a:2f:c6:39:e3:8e:
                    09:f0:60:d2:2c:8f:9a:1e:d8:8e:27:83:0f:3b:41:
                    97:c5:e0:1e:8a:43:46:b1:bd:95:0b:b0:04:c8:6a:
                    e8:96:38:ba:65:ea:92:47:00:e7:06:c6:3c:4f:41:
                    cb:ee:f2:e0:07:0d:79:6d:6b:0e:be:4d:fd:23:42:
                    23:23
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                92:8C:B0:2E:3A:7B:45:A8:DA:05:F0:40:4A:B6:6E:BB:42:82:BC:F2
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/koywLjp7RajaBfBASrZuu0KCvPI.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.75.216.0/21

    Signature Algorithm: sha256WithRSAEncryption
         9b:c9:a3:95:81:36:e9:1e:00:7f:86:43:39:f4:ce:2c:38:d2:
         2f:04:9b:1a:7c:45:4b:f9:3e:81:2f:f0:df:71:bb:e0:70:ad:
         f0:39:9c:c6:cd:f4:84:21:e5:70:13:b2:d4:96:1b:4c:38:6f:
         43:22:99:c1:ed:30:0e:29:0d:72:2b:fa:66:95:bc:b3:09:96:
         cb:19:11:31:f2:2c:fc:4a:fc:b7:d8:3f:5d:e1:29:2d:4e:e6:
         2e:af:80:31:a3:ce:42:f1:44:28:a2:d4:a7:28:ad:05:6a:a9:
         cc:77:70:00:44:dd:c1:4b:7b:bc:3b:fa:67:88:e6:f1:9a:dc:
         6d:34:8f:80:c5:5a:33:6e:23:d1:0c:2b:43:9c:93:31:10:30:
         cf:b6:b8:5c:8e:2b:98:10:50:a4:da:1f:77:30:bc:f0:30:43:
         c4:47:d3:4f:21:11:25:76:ac:94:56:21:08:e3:fd:21:1a:f0:
         66:1e:7c:c5:f1:48:8d:27:78:a5:52:9b:97:b1:10:28:30:14:
         55:35:33:89:40:26:bf:81:ac:1d:d7:df:80:ad:0a:c9:ed:d2:
         6a:77:7b:af:8d:c4:95:0d:2d:63:62:89:f2:b3:30:48:f7:5f:
         6d:ad:43:58:06:58:09:f5:d8:73:31:c8:a4:c0:7e:1e:67:c1:
         3e:29:47:37
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICA38wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDEx
NzU3MzRaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDkyOENCMDJFM0E3QjQ1
QThEQTA1RjA0MDRBQjY2RUJCNDI4MkJDRjIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCX/XTETeiA+F3M6kl1saBU9h5nokundAXbPZBAqVAC8/4oGgL/
SZCAOiAUBd9pVkS0wNqsJMo1kG/o7+q1VV4EHr194zPHExN1S1I9ipBp2awAQYrg
fLqxCERmj5vIax6KwvGPr8w7GYFZgG/zZlk+0j3VkHMl/rAa5X4IcTf6bk+dI9aQ
O/1zbBKGVNB08KRQSnt+pfBD3xphZmTclk3cSzspQr2DNRQpl+/Aw3miVbrcbIVh
FosbTJpykWovxjnjjgnwYNIsj5oe2I4ngw87QZfF4B6KQ0axvZULsATIauiWOLpl
6pJHAOcGxjxPQcvu8uAHDXltaw6+Tf0jQiMjAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUkoywLjp7RajaBfBASrZuu0KCvPIwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2tveXdManA3UmFqYUJmQkFTclp1dTBLQ3ZQSS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMBS9gwDQYJKoZIhvcNAQELBQADggEBAJvJo5WBNukeAH+GQzn0ziw40i8E
mxp8RUv5PoEv8N9xu+BwrfA5nMbN9IQh5XATstSWG0w4b0MimcHtMA4pDXIr+maV
vLMJlssZETHyLPxK/LfYP13hKS1O5i6vgDGjzkLxRCii1KcorQVqqcx3cABE3cFL
e7w7+meI5vGa3G00j4DFWjNuI9EMK0OckzEQMM+2uFyOK5gQUKTaH3cwvPAwQ8RH
008hESV2rJRWIQjj/SEa8GYefMXxSI0neKVSm5exECgwFFU1M4lAJr+BrB3X34Ct
Csnt0mp3e6+NxJUNLWNiifKzMEj3X22tQ1gGWAn12HMxyKTAfh5nwT4pRzc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:02 2024 by rpki-client on console-ams.rpki-client.org