Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/nzmm4I_X7tsHpJSjGUuHCdkkIfA.roa
File:                     nzmm4I_X7tsHpJSjGUuHCdkkIfA.roa (raw, json)
Hash identifier:          megiNsLZERQRaoJqlM4E7efnBerNqhr7YAZL02nTl1M=
Subject key identifier:   9F:39:A6:E0:8F:D7:EE:DB:07:A4:94:A3:19:4B:87:09:D9:24:21:F0
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       042C
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/nzmm4I_X7tsHpJSjGUuHCdkkIfA.roa
Signing time:             Tue 06 Jun 2023 16:09:09 +0000
ROA not before:           Tue 06 Jun 2023 16:09:09 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.106.212.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1068 (0x42c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  6 16:09:09 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=9F39A6E08FD7EEDB07A494A3194B8709D92421F0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b6:e8:84:b9:6c:82:a4:4f:8f:b5:0d:5d:2e:4f:
                    f0:74:eb:58:a6:7c:94:53:ef:26:58:f9:3a:e4:58:
                    f7:ff:9a:17:2b:99:d2:0b:5d:70:dc:15:a4:e9:33:
                    41:51:c1:c8:4e:86:41:70:db:79:05:54:48:02:3a:
                    81:54:7a:ec:36:97:c9:47:f2:2e:b5:9b:1d:55:c7:
                    24:5c:50:9a:81:3a:a0:02:a8:1d:dc:4f:1d:ab:67:
                    5a:53:4f:b4:3a:0c:98:14:c7:55:ff:82:7e:42:2e:
                    58:c4:b0:24:2b:32:35:0d:1a:e4:46:52:7e:76:46:
                    45:a3:20:8e:26:e7:a6:85:d0:3f:b4:bf:96:8a:2d:
                    c1:8c:c0:ed:bb:3c:b8:33:63:c0:39:cc:4d:77:72:
                    83:2a:cb:45:1c:94:f2:fc:45:bf:97:1f:b6:2b:5d:
                    e0:f5:93:b1:8f:0a:7b:e9:79:c8:cd:78:4f:6a:19:
                    a4:0a:18:31:74:0d:60:90:fe:19:20:7e:cd:3a:32:
                    96:c2:83:e1:fb:1c:00:a3:34:b6:d7:44:28:22:f9:
                    54:38:e7:e5:8a:ef:53:cc:1e:f3:71:cb:81:2d:3d:
                    9c:8d:c7:f2:6e:9a:10:9f:2b:ed:27:3a:dd:9b:f9:
                    60:1d:2f:e9:aa:c3:90:91:0d:a3:d4:a8:bb:0e:fa:
                    bb:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9F:39:A6:E0:8F:D7:EE:DB:07:A4:94:A3:19:4B:87:09:D9:24:21:F0
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/nzmm4I_X7tsHpJSjGUuHCdkkIfA.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.106.212.0/23

    Signature Algorithm: sha256WithRSAEncryption
         42:e7:4d:50:32:86:39:1e:3c:32:55:b5:a8:e8:07:1d:8a:81:
         ab:d4:dd:b1:e0:eb:24:b8:04:50:14:23:d8:b7:0d:39:12:c5:
         c3:a7:be:87:e5:29:ae:fa:6f:35:38:75:bb:41:4d:99:8a:95:
         98:74:32:cc:b9:f4:d2:7a:e0:e2:76:cd:a9:9a:7f:45:92:4c:
         5a:09:d7:87:b9:3c:05:89:1c:80:ae:d0:bf:d4:c2:3e:37:86:
         cc:d2:d9:98:17:16:00:e2:72:0e:4c:b5:72:95:51:40:94:ef:
         0c:fc:db:26:9b:93:c8:b1:e0:84:88:9b:54:f4:ec:e1:89:08:
         ad:11:2c:2d:f3:bd:f1:93:12:70:12:4d:e4:02:0a:57:5b:1b:
         16:c9:87:b1:ac:0c:3b:a4:e0:a8:e4:25:6c:89:49:5b:f5:0f:
         50:5c:e6:4f:c0:40:5e:db:88:ee:f7:23:c7:85:20:b3:2a:1e:
         46:58:6c:53:85:62:74:5f:bf:fe:75:d6:cd:57:6c:ad:f2:dc:
         63:36:34:94:24:01:42:60:11:bf:ee:38:20:f7:82:1a:c5:cd:
         26:32:84:81:ac:dd:f3:ae:d3:80:ee:e7:25:f8:d6:53:fa:07:
         8f:ab:5d:c1:b4:b6:63:ba:2b:c7:49:74:a9:bd:e6:19:cd:aa:
         ac:16:96:92
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICBCwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDYx
NjA5MDlaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDlGMzlBNkUwOEZEN0VF
REIwN0E0OTRBMzE5NEI4NzA5RDkyNDIxRjAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC26IS5bIKkT4+1DV0uT/B061imfJRT7yZY+TrkWPf/mhcrmdIL
XXDcFaTpM0FRwchOhkFw23kFVEgCOoFUeuw2l8lH8i61mx1VxyRcUJqBOqACqB3c
Tx2rZ1pTT7Q6DJgUx1X/gn5CLljEsCQrMjUNGuRGUn52RkWjII4m56aF0D+0v5aK
LcGMwO27PLgzY8A5zE13coMqy0UclPL8Rb+XH7YrXeD1k7GPCnvpecjNeE9qGaQK
GDF0DWCQ/hkgfs06MpbCg+H7HACjNLbXRCgi+VQ45+WK71PMHvNxy4EtPZyNx/Ju
mhCfK+0nOt2b+WAdL+mqw5CRDaPUqLsO+rtfAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUnzmm4I/X7tsHpJSjGUuHCdkkIfAwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L256bW00SV9YN3RzSHBKU2pHVXVIQ2Rra0lmQS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExatQwDQYJKoZIhvcNAQELBQADggEBAELnTVAyhjkePDJVtajoBx2KgavU
3bHg6yS4BFAUI9i3DTkSxcOnvoflKa76bzU4dbtBTZmKlZh0Msy59NJ64OJ2zama
f0WSTFoJ14e5PAWJHICu0L/Uwj43hszS2ZgXFgDicg5MtXKVUUCU7wz82yabk8ix
4ISIm1T07OGJCK0RLC3zvfGTEnASTeQCCldbGxbJh7GsDDuk4KjkJWyJSVv1D1Bc
5k/AQF7biO73I8eFILMqHkZYbFOFYnRfv/511s1XbK3y3GM2NJQkAUJgEb/uOCD3
ghrFzSYyhIGs3fOu04Du5yX41lP6B4+rXcG0tmO6K8dJdKm95hnNqqwWlpI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:52 2024 by rpki-client on console-fra.rpki-client.org