Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/qvX-Jy-6QW1mZYsXV9NpJ2BZnBo.roa
File:                     qvX-Jy-6QW1mZYsXV9NpJ2BZnBo.roa (raw, json)
Hash identifier:          5tcexRuvOnRFK9HRcGlem/3l/SrtA4m67AA5BWiqT1g=
Subject key identifier:   AA:F5:FE:27:2F:BA:41:6D:66:65:8B:17:57:D3:69:27:60:59:9C:1A
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       37
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/qvX-Jy-6QW1mZYsXV9NpJ2BZnBo.roa
Signing time:             Mon 27 Mar 2023 16:02:07 +0000
ROA not before:           Mon 27 Mar 2023 16:02:07 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.73.226.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 55 (0x37)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 27 16:02:07 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=AAF5FE272FBA416D66658B1757D3692760599C1A
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d9:f4:4c:f3:41:27:47:2f:33:49:6c:1a:07:21:
                    bc:90:ae:b0:60:01:96:52:a6:bd:8d:6d:d1:02:9c:
                    a0:6d:cf:e9:32:a2:f8:20:1b:3d:fe:b3:23:08:e4:
                    c3:be:e2:f9:2d:4d:18:09:de:d4:16:62:51:95:26:
                    41:41:15:3d:13:b3:30:c4:fb:ab:d6:78:56:88:0b:
                    e4:3b:7c:81:ad:92:81:56:11:93:1f:89:d5:45:8f:
                    33:6f:32:5d:47:09:61:38:53:e2:a6:33:4d:51:5a:
                    7e:f5:b4:dc:fa:1f:6e:db:3d:20:1a:2a:00:c9:97:
                    84:c9:23:0f:7a:30:e4:e6:97:b9:5c:82:e7:40:42:
                    7d:14:7d:ed:a5:7b:f0:9f:72:e7:cd:17:d5:f6:ad:
                    5a:6b:c6:0f:ee:51:95:68:6a:8b:54:56:ac:cc:bd:
                    71:a4:ef:8f:51:48:ec:6d:9e:9e:06:e2:8c:da:5a:
                    ce:1c:78:cf:ba:f9:43:96:a3:44:1c:26:ba:08:95:
                    3a:18:86:07:27:78:dd:5a:ff:93:ec:e2:3a:12:6a:
                    1a:44:af:52:3c:1d:c3:a4:38:64:2e:52:8b:f3:b5:
                    af:57:fc:2a:5f:b0:89:84:3c:d5:b3:8d:af:1f:49:
                    1f:01:90:1c:72:0f:70:60:1c:f3:95:0c:00:52:3a:
                    93:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AA:F5:FE:27:2F:BA:41:6D:66:65:8B:17:57:D3:69:27:60:59:9C:1A
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/qvX-Jy-6QW1mZYsXV9NpJ2BZnBo.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.73.226.0/24

    Signature Algorithm: sha256WithRSAEncryption
         c2:2a:c3:49:6f:9e:1f:31:66:8a:e3:b0:15:ab:0a:9f:3a:f7:
         6f:6e:24:ac:e3:0d:a2:b8:bc:01:d8:4f:2d:d1:61:20:d9:f2:
         fb:66:80:e7:2c:72:f8:41:ef:49:37:25:4f:ef:81:9c:0b:2f:
         01:9b:ba:f1:0e:bd:31:6c:0e:6a:7c:1f:61:e6:28:0d:c7:6d:
         86:ef:54:96:53:b3:cd:9d:34:31:d6:77:0a:81:8a:a9:95:cd:
         66:0d:b9:6d:c1:28:7a:00:2e:86:8c:a1:3f:9e:ed:1b:a9:06:
         f6:ba:b2:9f:27:a4:dc:b8:3e:b0:93:53:13:9c:92:35:10:50:
         a8:7f:19:0b:5a:16:b7:34:16:63:b8:83:12:97:65:67:ba:d9:
         d6:c8:bc:b1:90:26:98:ab:45:0a:97:66:42:58:d9:d0:d7:be:
         2d:b5:77:0f:dc:67:18:4e:fd:82:22:d4:4b:46:43:91:77:de:
         72:9c:d2:8b:06:78:81:3a:7c:1c:62:e4:a0:d6:1b:32:92:6e:
         e2:2a:da:8c:f3:1f:e0:63:ac:ab:4f:2f:8d:d8:fa:b8:9e:76:
         7b:48:90:62:e7:ea:fc:55:64:25:06:37:62:db:12:50:7b:64:
         2b:e8:36:42:bd:bb:23:97:5c:5b:0f:b4:14:4f:11:23:9f:10:
         b4:28:3b:3f
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTY1
QjBCMjBEREUwN0E0Qzk3OEUyNDA3M0VBMEUxMTE3QjM3NDczMB4XDTIzMDMyNzE2
MDIwN1oXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoQUFGNUZFMjcyRkJBNDE2
RDY2NjU4QjE3NTdEMzY5Mjc2MDU5OUMxQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBANn0TPNBJ0cvM0lsGgchvJCusGABllKmvY1t0QKcoG3P6TKi+CAb
Pf6zIwjkw77i+S1NGAne1BZiUZUmQUEVPROzMMT7q9Z4VogL5Dt8ga2SgVYRkx+J
1UWPM28yXUcJYThT4qYzTVFafvW03Pofbts9IBoqAMmXhMkjD3ow5OaXuVyC50BC
fRR97aV78J9y580X1fatWmvGD+5RlWhqi1RWrMy9caTvj1FI7G2engbijNpazhx4
z7r5Q5ajRBwmugiVOhiGByd43Vr/k+ziOhJqGkSvUjwdw6Q4ZC5Si/O1r1f8Kl+w
iYQ81bONrx9JHwGQHHIPcGAc85UMAFI6kwMCAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBSq9f4nL7pBbWZlixdX02knYFmcGjAfBgNVHSMEGDAWgBRpZbCyDd4HpMl44kBz
6g4RF7N0czAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5L2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJlemRITS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJl
emRITS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvcXZYLUp5LTZRVzFtWllzWFY5TnBKMkJabkJvLnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAAFJ4jANBgkqhkiG9w0BAQsFAAOCAQEAwirDSW+eHzFmiuOwFasKnzr3b24k
rOMNori8AdhPLdFhINny+2aA5yxy+EHvSTclT++BnAsvAZu68Q69MWwOanwfYeYo
Dcdthu9UllOzzZ00MdZ3CoGKqZXNZg25bcEoegAuhoyhP57tG6kG9rqynyek3Lg+
sJNTE5ySNRBQqH8ZC1oWtzQWY7iDEpdlZ7rZ1si8sZAmmKtFCpdmQljZ0Ne+LbV3
D9xnGE79giLUS0ZDkXfecpzSiwZ4gTp8HGLkoNYbMpJu4irajPMf4GOsq08vjdj6
uJ52e0iQYufq/FVkJQY3YtsSUHtkK+g2Qr27I5dcWw+0FE8RI58QtCg7Pw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:02 2024 by rpki-client on console-ams.rpki-client.org