Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/lXquGARDy5zALT-BDRPhMKBUA4g.roa
File:                     lXquGARDy5zALT-BDRPhMKBUA4g.roa (raw, json)
Hash identifier:          jQuoPLZU2aSV+gnP2qXBYhRkFuyk/Orsj7M7jBBAit4=
Subject key identifier:   95:7A:AE:18:04:43:CB:9C:C0:2D:3F:81:0D:13:E1:30:A0:54:03:88
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       041A
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/lXquGARDy5zALT-BDRPhMKBUA4g.roa
Signing time:             Tue 06 Jun 2023 16:05:59 +0000
ROA not before:           Tue 06 Jun 2023 16:05:59 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.106.209.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1050 (0x41a)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  6 16:05:59 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=957AAE180443CB9CC02D3F810D13E130A0540388
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:cb:0d:5a:1e:89:c5:91:fc:fd:66:f1:bd:c2:
                    9c:0f:d6:ce:2e:37:7c:3e:a2:29:0f:d7:a4:c9:92:
                    0c:4a:c0:ed:c7:2e:19:72:0a:95:a0:4c:6b:c0:e4:
                    b1:9b:4e:d9:14:5e:e3:d4:8f:85:59:59:4d:2b:e6:
                    99:c9:1d:91:1d:c3:ea:7b:2b:3e:dc:5f:41:ce:e7:
                    79:6b:dd:5c:12:b0:89:04:2a:4e:1a:4a:e7:7e:56:
                    d2:f8:52:04:cc:d8:d3:ce:29:2c:87:f4:86:39:72:
                    71:10:4e:91:38:0f:16:c4:fa:6b:a5:f0:81:ab:22:
                    bd:55:2c:f0:e8:22:f2:7e:9a:c5:af:c8:30:a3:d2:
                    a8:6d:81:6f:ac:03:2d:06:81:8c:67:3c:9c:9a:aa:
                    54:f1:34:15:ed:6c:73:1d:90:aa:19:fe:34:79:44:
                    45:c2:87:d4:3e:2c:e4:bb:ad:cd:ea:bd:89:3b:a5:
                    e1:46:47:c7:df:db:1b:21:62:98:13:42:56:3b:87:
                    54:d4:87:87:59:1a:5e:17:25:b7:66:64:14:eb:0d:
                    51:ba:52:bb:b6:ec:8b:16:59:bf:57:2b:90:f3:6c:
                    43:7a:43:9f:22:cd:04:14:d9:d3:56:8d:eb:37:33:
                    6f:9d:a4:e3:eb:a6:10:90:cf:43:06:ba:9e:d0:57:
                    09:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                95:7A:AE:18:04:43:CB:9C:C0:2D:3F:81:0D:13:E1:30:A0:54:03:88
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/lXquGARDy5zALT-BDRPhMKBUA4g.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.106.209.0/24

    Signature Algorithm: sha256WithRSAEncryption
         3e:a1:83:65:8f:cd:58:3f:6a:72:1d:a9:f7:2a:7d:b0:71:a7:
         53:73:37:d7:b1:a9:8a:a1:01:54:07:d9:a7:8a:f3:54:4a:cd:
         6b:f6:75:cd:8b:bb:36:62:0b:75:d6:44:3f:f8:01:e5:b5:0a:
         28:aa:c2:de:10:99:18:b2:3d:58:1a:99:67:c2:8d:13:7c:61:
         51:b3:f3:ae:86:e5:f1:f3:7c:45:1d:c2:46:67:b0:c7:dc:d7:
         71:a6:f5:50:01:d6:87:e7:ad:64:43:2a:16:5a:d5:51:81:df:
         b0:fb:a2:bc:b0:e1:bc:ab:7d:0d:50:2d:a7:14:33:c3:d1:ed:
         d8:49:5c:a3:c7:e2:90:b6:3f:7b:76:2f:12:d9:c2:a3:16:06:
         ba:23:3f:cd:d1:3d:83:4e:8e:51:ba:ca:fd:3c:2a:70:59:1a:
         b5:b8:b6:41:bd:08:b8:4e:35:12:9b:f0:a7:aa:a1:17:96:58:
         53:81:0b:a6:60:a5:8e:63:ff:dd:7b:92:e9:ec:ef:6f:25:72:
         15:0a:59:ba:e2:b3:99:27:4a:ff:1e:7c:1d:14:3f:db:7a:3c:
         7c:7a:3e:35:d8:ba:3d:ed:b9:aa:7f:3f:60:a0:e9:b3:24:bc:
         2b:76:a7:ef:1c:9a:3a:df:b1:c6:7b:9d:30:c1:b6:a6:c6:b4:
         4d:05:fc:01
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBBowDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDYx
NjA1NTlaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDk1N0FBRTE4MDQ0M0NC
OUNDMDJEM0Y4MTBEMTNFMTMwQTA1NDAzODgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMyw1aHonFkfz9ZvG9wpwP1s4uN3w+oikP16TJkgxKwO3HLhly
CpWgTGvA5LGbTtkUXuPUj4VZWU0r5pnJHZEdw+p7Kz7cX0HO53lr3VwSsIkEKk4a
Sud+VtL4UgTM2NPOKSyH9IY5cnEQTpE4DxbE+mul8IGrIr1VLPDoIvJ+msWvyDCj
0qhtgW+sAy0GgYxnPJyaqlTxNBXtbHMdkKoZ/jR5REXCh9Q+LOS7rc3qvYk7peFG
R8ff2xshYpgTQlY7h1TUh4dZGl4XJbdmZBTrDVG6Uru27IsWWb9XK5DzbEN6Q58i
zQQU2dNWjes3M2+dpOPrphCQz0MGup7QVwmJAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUlXquGARDy5zALT+BDRPhMKBUA4gwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L2xYcXVHQVJEeTV6QUxULUJEUlBoTUtCVUE0Zy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxatEwDQYJKoZIhvcNAQELBQADggEBAD6hg2WPzVg/anIdqfcqfbBxp1Nz
N9exqYqhAVQH2aeK81RKzWv2dc2LuzZiC3XWRD/4AeW1Ciiqwt4QmRiyPVgamWfC
jRN8YVGz866G5fHzfEUdwkZnsMfc13Gm9VAB1ofnrWRDKhZa1VGB37D7oryw4byr
fQ1QLacUM8PR7dhJXKPH4pC2P3t2LxLZwqMWBrojP83RPYNOjlG6yv08KnBZGrW4
tkG9CLhONRKb8KeqoReWWFOBC6ZgpY5j/917kuns728lchUKWbris5knSv8efB0U
P9t6PHx6PjXYuj3tuap/P2Cg6bMkvCt2p+8cmjrfscZ7nTDBtqbGtE0F/AE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:52 2024 by rpki-client on console-fra.rpki-client.org