Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/qQLCXXrGTCzm3B4DLta6rTU9fkk.roa
File:                     qQLCXXrGTCzm3B4DLta6rTU9fkk.roa (raw, json)
Hash identifier:          9mHxD2mf/a9e7HbVB6FKXQH4Zo0ki/dEXh/IHlDB8jY=
Subject key identifier:   A9:02:C2:5D:7A:C6:4C:2C:E6:DC:1E:03:2E:D6:BA:AD:35:3D:7E:49
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0205
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/qQLCXXrGTCzm3B4DLta6rTU9fkk.roa
Signing time:             Tue 30 May 2023 16:29:27 +0000
ROA not before:           Tue 30 May 2023 16:29:27 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.79.112.0/20 maxlen: 20

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 517 (0x205)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 30 16:29:27 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=A902C25D7AC64C2CE6DC1E032ED6BAAD353D7E49
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b7:32:43:c8:0d:0f:f4:13:80:de:7f:3c:af:25:
                    a7:88:d2:27:25:6c:36:f9:1e:cb:22:ab:37:de:02:
                    7a:84:ce:b8:ba:a0:ae:ad:a4:de:25:3c:0d:82:e5:
                    fa:61:be:85:14:d5:8e:c3:6f:a4:61:df:74:3e:2f:
                    6a:d9:8b:cc:4f:05:0d:bf:28:b1:09:03:48:ea:f1:
                    a3:ed:3a:ef:6a:3b:bf:3b:8e:a0:76:76:d0:f4:e8:
                    54:42:a4:3f:d5:53:94:f4:fb:a3:a2:03:77:68:07:
                    a0:8b:5f:54:c7:48:dd:ca:9c:3e:1f:8f:26:27:b4:
                    ad:6a:0e:aa:12:df:09:a4:39:7d:90:8b:fd:a8:fb:
                    17:64:b0:b1:a0:31:0c:f3:2a:8a:8d:67:26:03:a1:
                    e8:b1:ec:8a:cd:ce:ce:f7:b6:13:51:9d:f8:1d:f5:
                    85:fe:98:d1:51:b0:76:32:39:bb:4e:5e:16:6d:24:
                    7d:3f:4c:bb:98:5f:42:3d:77:78:ba:57:be:db:e8:
                    f3:32:47:00:95:71:15:25:2e:77:1c:2e:e8:b4:e0:
                    64:32:41:dc:4b:db:be:ed:73:c5:91:46:a4:8d:9f:
                    7d:25:78:66:fd:0d:07:9c:ee:6a:5b:3a:09:11:1a:
                    2b:cd:de:4c:f0:1e:4a:c4:00:2d:7d:c5:6f:97:fd:
                    ca:cd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                A9:02:C2:5D:7A:C6:4C:2C:E6:DC:1E:03:2E:D6:BA:AD:35:3D:7E:49
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/qQLCXXrGTCzm3B4DLta6rTU9fkk.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.79.112.0/20

    Signature Algorithm: sha256WithRSAEncryption
         6f:85:81:84:a4:db:d9:3e:31:79:39:b2:4f:47:0f:f6:61:07:
         cf:3d:33:56:9e:47:e8:96:de:bc:2b:8a:8d:31:82:3f:0a:89:
         4f:44:76:d8:92:de:b3:02:78:24:f2:04:c8:8c:32:7f:d6:26:
         6f:2e:f0:18:db:01:7f:1f:37:f7:e3:3f:2d:1f:1d:12:55:c5:
         98:71:20:8a:54:a4:ae:34:c3:23:96:3b:1b:b9:3f:de:c7:1a:
         89:e7:66:c5:89:c0:9e:54:a5:35:79:03:25:82:ef:e5:83:e9:
         e7:5d:73:5a:1b:64:26:b0:17:f7:b4:08:c4:fb:5b:1c:77:95:
         99:f4:e5:f5:f1:f4:f9:af:36:58:c7:c5:bd:8f:62:b2:53:7d:
         33:96:ad:52:1c:0f:30:d2:a2:44:6a:f6:7f:1c:4a:60:f1:20:
         4e:ac:88:5c:b7:d3:bf:dd:87:f9:85:f2:da:76:97:68:19:b6:
         a3:5d:01:15:e8:af:b8:37:f4:f9:98:fc:b1:3d:1e:01:4b:f5:
         5b:b9:5c:45:65:98:71:f3:bd:95:39:f1:27:83:87:90:13:a5:
         69:ff:13:3d:ca:a3:38:fe:ba:b4:f9:a2:31:28:08:a7:6f:a1:
         b1:c6:52:e5:2f:21:c3:75:df:ed:91:2c:c4:e0:9e:49:9f:3b:
         6a:fe:8b:5c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAgUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MzAx
NjI5MjdaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEE5MDJDMjVEN0FDNjRD
MkNFNkRDMUUwMzJFRDZCQUFEMzUzRDdFNDkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC3MkPIDQ/0E4DefzyvJaeI0iclbDb5HssiqzfeAnqEzri6oK6t
pN4lPA2C5fphvoUU1Y7Db6Rh33Q+L2rZi8xPBQ2/KLEJA0jq8aPtOu9qO787jqB2
dtD06FRCpD/VU5T0+6OiA3doB6CLX1THSN3KnD4fjyYntK1qDqoS3wmkOX2Qi/2o
+xdksLGgMQzzKoqNZyYDoeix7IrNzs73thNRnfgd9YX+mNFRsHYyObtOXhZtJH0/
TLuYX0I9d3i6V77b6PMyRwCVcRUlLnccLui04GQyQdxL277tc8WRRqSNn30leGb9
DQec7mpbOgkRGivN3kzwHkrEAC19xW+X/crNAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUqQLCXXrGTCzm3B4DLta6rTU9fkkwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3FRTENYWHJHVEN6bTNCNERMdGE2clRVOWZray5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAQBT3AwDQYJKoZIhvcNAQELBQADggEBAG+FgYSk29k+MXk5sk9HD/ZhB889
M1aeR+iW3rwrio0xgj8KiU9EdtiS3rMCeCTyBMiMMn/WJm8u8BjbAX8fN/fjPy0f
HRJVxZhxIIpUpK40wyOWOxu5P97HGonnZsWJwJ5UpTV5AyWC7+WD6eddc1obZCaw
F/e0CMT7Wxx3lZn05fXx9PmvNljHxb2PYrJTfTOWrVIcDzDSokRq9n8cSmDxIE6s
iFy307/dh/mF8tp2l2gZtqNdARXor7g39PmY/LE9HgFL9Vu5XEVlmHHzvZU58SeD
h5ATpWn/Ez3Kozj+urT5ojEoCKdvobHGUuUvIcN13+2RLMTgnkmfO2r+i1w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:02 2024 by rpki-client on console-ams.rpki-client.org