Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/oKOYnw8ldYR1X5Na0D8RF5PIJDo.roa
File:                     oKOYnw8ldYR1X5Na0D8RF5PIJDo.roa (raw, json)
Hash identifier:          ZMLcF4ZpEwexzGGjQwkqm1d+4Rfo8uI2r4uQEUJQ2rg=
Subject key identifier:   A0:A3:98:9F:0F:25:75:84:75:5F:93:5A:D0:3F:11:17:93:C8:24:3A
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0243
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/oKOYnw8ldYR1X5Na0D8RF5PIJDo.roa
Signing time:             Tue 30 May 2023 16:32:25 +0000
ROA not before:           Tue 30 May 2023 16:32:25 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        220.159.28.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 579 (0x243)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 30 16:32:25 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=A0A3989F0F257584755F935AD03F111793C8243A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:58:3c:28:07:55:03:c8:30:13:f7:be:be:c9:
                    47:48:4b:1c:0b:7e:fe:36:64:81:ca:66:2e:d5:a5:
                    db:be:1d:e2:47:6c:01:25:71:97:87:c1:d4:f7:91:
                    37:b7:20:11:a3:0e:6b:48:2b:6b:e2:91:c8:a3:60:
                    e3:cd:50:ba:d7:13:47:37:47:ae:2a:69:58:18:b9:
                    a9:e9:ba:dc:3e:cc:d0:d6:ca:8e:82:2d:fb:60:97:
                    55:43:3e:8b:12:04:75:b5:f6:72:53:0f:01:98:81:
                    3f:00:7b:37:ee:2e:23:09:cb:51:28:00:7f:08:95:
                    8f:87:41:b0:cf:f1:dd:5f:32:63:57:ab:64:c0:7a:
                    0c:2b:6e:8a:1c:31:ee:f0:ab:5b:08:49:06:ba:46:
                    27:7e:08:6b:26:ed:3b:6d:1b:b4:71:50:0e:f9:b7:
                    21:84:2e:27:6b:6b:8b:6b:2e:15:6e:da:77:12:65:
                    95:9d:b3:81:1c:00:5e:a7:ad:ce:65:2b:af:01:e3:
                    ac:db:6b:e8:d9:18:a2:fa:5c:12:b8:63:9a:d6:bd:
                    f4:49:ae:16:bf:ce:a4:90:cb:cf:af:05:97:d8:1e:
                    14:09:c5:e8:35:8c:c0:85:50:ea:23:bd:b3:a9:31:
                    42:a2:16:03:6c:05:6a:52:d4:a0:c7:6d:ce:e8:5d:
                    34:4b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A0:A3:98:9F:0F:25:75:84:75:5F:93:5A:D0:3F:11:17:93:C8:24:3A
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/oKOYnw8ldYR1X5Na0D8RF5PIJDo.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  220.159.28.0/24

    Signature Algorithm: sha256WithRSAEncryption
         64:5a:83:59:ce:ce:2a:cd:ef:9e:b2:a4:0e:4a:ed:f8:c0:63:
         5e:a4:8f:ab:95:70:a3:07:af:d7:b7:ff:84:a6:50:22:f3:4d:
         96:88:63:6a:7e:a5:2d:8c:50:8e:7e:a0:21:93:d5:3b:6d:1c:
         40:da:28:6b:98:db:d4:87:f2:4b:3c:4b:5b:63:81:93:90:50:
         8c:bc:26:1c:7e:03:04:c0:63:54:12:54:3f:16:49:52:b0:16:
         e1:c8:a8:df:8a:17:85:31:ef:51:a9:90:60:c4:cf:bc:11:76:
         de:d5:40:09:6b:7f:fe:ea:11:e7:34:14:96:1a:23:25:8a:8e:
         76:5f:19:df:b7:90:ee:de:a9:21:9c:72:ce:4d:55:d2:63:0a:
         ac:34:b5:72:30:ae:a1:78:1d:fc:2d:de:49:6f:aa:0e:27:9f:
         2c:76:d7:58:8e:c8:78:8e:16:f7:6d:d5:4b:55:b5:0d:ae:f2:
         70:b3:97:bf:be:62:b4:2a:4e:2b:0e:c4:5c:5e:19:a0:f3:20:
         d0:a9:83:c8:ce:15:50:3a:ce:81:08:0b:a2:f6:f4:ae:84:dc:
         77:e9:ec:88:8b:13:1d:c0:fb:08:67:9b:c0:e6:e2:fe:3a:ae:
         e4:04:de:b7:38:a5:1a:45:8d:0e:7b:77:dc:1f:52:07:33:8f:
         bd:00:6b:88
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAkMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MzAx
NjMyMjVaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEEwQTM5ODlGMEYyNTc1
ODQ3NTVGOTM1QUQwM0YxMTE3OTNDODI0M0EwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCXWDwoB1UDyDAT976+yUdISxwLfv42ZIHKZi7Vpdu+HeJHbAEl
cZeHwdT3kTe3IBGjDmtIK2vikcijYOPNULrXE0c3R64qaVgYuanputw+zNDWyo6C
Lftgl1VDPosSBHW19nJTDwGYgT8AezfuLiMJy1EoAH8IlY+HQbDP8d1fMmNXq2TA
egwrboocMe7wq1sISQa6Rid+CGsm7TttG7RxUA75tyGELidra4trLhVu2ncSZZWd
s4EcAF6nrc5lK68B46zba+jZGKL6XBK4Y5rWvfRJrha/zqSQy8+vBZfYHhQJxeg1
jMCFUOojvbOpMUKiFgNsBWpS1KDHbc7oXTRLAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUoKOYnw8ldYR1X5Na0D8RF5PIJDowHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L29LT1ludzhsZFlSMVg1TmEwRDhSRjVQSUpEby5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADcnxwwDQYJKoZIhvcNAQELBQADggEBAGRag1nOzirN756ypA5K7fjAY16k
j6uVcKMHr9e3/4SmUCLzTZaIY2p+pS2MUI5+oCGT1TttHEDaKGuY29SH8ks8S1tj
gZOQUIy8Jhx+AwTAY1QSVD8WSVKwFuHIqN+KF4Ux71GpkGDEz7wRdt7VQAlrf/7q
Eec0FJYaIyWKjnZfGd+3kO7eqSGccs5NVdJjCqw0tXIwrqF4Hfwt3klvqg4nnyx2
11iOyHiOFvdt1UtVtQ2u8nCzl7++YrQqTisOxFxeGaDzINCpg8jOFVA6zoEIC6L2
9K6E3Hfp7IiLEx3A+whnm8Dm4v46ruQE3rc4pRpFjQ57d9wfUgczj70Aa4g=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:52 2024 by rpki-client on console-fra.rpki-client.org