Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/kyLSgFiRoFp9g-frn0FBxTGjZAk.roa
File:                     kyLSgFiRoFp9g-frn0FBxTGjZAk.roa (raw, json)
Hash identifier:          KCXUlzY3Fi5oWwUOmI/SyZtg5xzhPbzZGXWT6W3Ig+Y=
Subject key identifier:   93:22:D2:80:58:91:A0:5A:7D:83:E7:EB:9F:41:41:C5:31:A3:64:09
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       02FE
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/kyLSgFiRoFp9g-frn0FBxTGjZAk.roa
Signing time:             Thu 01 Jun 2023 16:05:24 +0000
ROA not before:           Thu 01 Jun 2023 16:05:24 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.96.44.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 766 (0x2fe)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  1 16:05:24 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=9322D2805891A05A7D83E7EB9F4141C531A36409
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9d:b4:33:e1:3f:fb:02:f8:a4:67:00:fb:1e:5e:
                    36:3e:f5:16:12:0a:90:79:98:aa:ce:1f:4d:08:91:
                    e0:2d:c6:06:ce:15:4d:8a:e6:f9:cb:f6:56:40:fa:
                    c1:fd:5f:a2:44:d3:3a:fe:ad:13:1f:cd:5a:d9:3f:
                    1f:c5:ce:79:60:58:46:0f:00:78:95:61:e8:63:03:
                    82:79:35:78:b7:87:21:1f:f2:8c:1c:72:20:89:28:
                    19:cc:a6:4a:4d:1a:11:34:69:f4:2e:59:ef:0f:99:
                    12:af:8a:b3:a5:d3:af:58:1d:53:48:10:6d:91:99:
                    1f:a3:87:dd:f3:ce:85:cd:f8:e6:ff:fa:92:b0:4f:
                    ed:bf:50:c1:4c:df:f3:7a:fe:0a:bb:ae:3c:e0:8d:
                    8a:d5:8e:06:87:cf:f5:ff:bc:8f:f1:24:c6:be:20:
                    cc:75:69:2c:01:7c:e4:c6:49:b0:d6:e8:5e:7d:23:
                    3e:87:ff:06:97:02:d9:90:a8:3d:e0:4c:b3:2c:ea:
                    3b:18:76:63:59:83:b7:8e:01:ac:6e:5a:c7:ff:a8:
                    a5:32:cd:5a:2c:ad:7d:42:39:56:8e:45:d8:d0:a8:
                    e7:5c:6c:a6:07:5a:d1:ef:c3:fe:c5:b5:a7:22:01:
                    aa:90:65:9a:39:37:9d:b1:80:7c:b3:45:1f:c7:ba:
                    1d:e1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                93:22:D2:80:58:91:A0:5A:7D:83:E7:EB:9F:41:41:C5:31:A3:64:09
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/kyLSgFiRoFp9g-frn0FBxTGjZAk.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.96.44.0/24

    Signature Algorithm: sha256WithRSAEncryption
         8b:65:31:54:b4:1f:f4:00:a4:71:be:af:ef:0b:1c:e6:e7:55:
         da:d7:db:a8:11:ed:1c:ec:0b:79:49:ce:44:ac:9e:3e:e7:94:
         46:0f:d3:b8:45:a6:9a:25:9b:7c:2a:cf:1c:06:24:4c:43:4b:
         26:17:b4:83:b5:aa:12:5f:c2:f1:33:62:23:63:d0:c9:48:0f:
         52:dc:01:15:82:58:d8:30:c6:60:5b:b8:2e:39:7c:f5:0a:05:
         cd:95:66:ed:1f:ea:d2:6c:0d:8e:47:ae:8a:62:47:93:86:c1:
         f6:fd:f3:d7:66:fc:33:b7:39:79:6f:1e:af:a0:2e:d6:a9:a3:
         df:36:b3:37:84:8b:70:b0:40:23:01:76:d0:49:98:56:94:16:
         5b:cc:7b:d9:89:eb:92:20:14:f7:59:68:b1:86:64:85:96:7f:
         f2:0b:1b:7d:78:df:4e:77:33:97:e8:37:b7:46:1b:46:4b:6c:
         e6:53:b4:fb:d0:52:3f:10:21:b1:ce:10:44:db:38:f8:55:ad:
         18:6d:b2:d6:d9:22:4f:b0:de:25:4a:e2:e9:18:61:4a:46:da:
         a6:ac:e1:b8:4d:3a:ba:1e:94:52:1b:9b:dc:a6:27:e4:ac:db:
         34:a0:82:79:f4:7c:41:62:e3:0d:2f:bb:00:9a:d2:1c:4f:f4:
         15:02:9d:67
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAv4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDEx
NjA1MjRaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDkzMjJEMjgwNTg5MUEw
NUE3RDgzRTdFQjlGNDE0MUM1MzFBMzY0MDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCdtDPhP/sC+KRnAPseXjY+9RYSCpB5mKrOH00IkeAtxgbOFU2K
5vnL9lZA+sH9X6JE0zr+rRMfzVrZPx/FznlgWEYPAHiVYehjA4J5NXi3hyEf8owc
ciCJKBnMpkpNGhE0afQuWe8PmRKvirOl069YHVNIEG2RmR+jh93zzoXN+Ob/+pKw
T+2/UMFM3/N6/gq7rjzgjYrVjgaHz/X/vI/xJMa+IMx1aSwBfOTGSbDW6F59Iz6H
/waXAtmQqD3gTLMs6jsYdmNZg7eOAaxuWsf/qKUyzVosrX1COVaORdjQqOdcbKYH
WtHvw/7FtaciAaqQZZo5N52xgHyzRR/Huh3hAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUkyLSgFiRoFp9g+frn0FBxTGjZAkwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2t5TFNnRmlSb0ZwOWctZnJuMEZCeFRHalpBay5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxYCwwDQYJKoZIhvcNAQELBQADggEBAItlMVS0H/QApHG+r+8LHObnVdrX
26gR7RzsC3lJzkSsnj7nlEYP07hFppolm3wqzxwGJExDSyYXtIO1qhJfwvEzYiNj
0MlID1LcARWCWNgwxmBbuC45fPUKBc2VZu0f6tJsDY5HropiR5OGwfb989dm/DO3
OXlvHq+gLtapo982szeEi3CwQCMBdtBJmFaUFlvMe9mJ65IgFPdZaLGGZIWWf/IL
G3143053M5foN7dGG0ZLbOZTtPvQUj8QIbHOEETbOPhVrRhtstbZIk+w3iVK4ukY
YUpG2qas4bhNOroelFIbm9ymJ+Ss2zSggnn0fEFi4w0vuwCa0hxP9BUCnWc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:02 2024 by rpki-client on console-ams.rpki-client.org