Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/qy94drI4z0SBdbNofNoLimq1MbE.roa
File:                     qy94drI4z0SBdbNofNoLimq1MbE.roa (raw, json)
Hash identifier:          KxIBeHIrW3xbpy0JBD5lw+w4EY4MF9gTgt2lmd4JmGA=
Subject key identifier:   AB:2F:78:76:B2:38:CF:44:81:75:B3:68:7C:DA:0B:8A:6A:B5:31:B1
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       036E
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/qy94drI4z0SBdbNofNoLimq1MbE.roa
Signing time:             Thu 01 Jun 2023 17:57:29 +0000
ROA not before:           Thu 01 Jun 2023 17:57:29 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.104.240.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 878 (0x36e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  1 17:57:29 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=AB2F7876B238CF448175B3687CDA0B8A6AB531B1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:da:3f:c6:50:42:6a:30:e0:74:d2:c3:72:ae:ee:
                    10:92:cd:c3:45:0b:79:1d:9d:bf:5e:ac:45:8f:f8:
                    4b:f4:a5:ec:88:22:b6:c8:97:60:24:64:e4:23:46:
                    e9:3c:23:b5:4f:18:16:a7:cf:a6:85:9a:fe:68:9c:
                    d8:8a:87:b1:5c:35:07:6d:26:1a:72:aa:07:3e:a8:
                    58:b3:db:25:82:16:38:49:1c:dc:4d:49:6b:b1:36:
                    4b:38:da:38:4d:86:51:7b:24:60:e7:4d:3b:02:32:
                    d8:16:7e:8c:4d:74:0c:9d:0a:d4:c3:32:89:d1:9a:
                    8c:1a:91:e7:bf:64:d9:33:e6:11:d0:cd:f9:2f:91:
                    27:10:79:eb:16:89:18:0d:47:ca:23:f9:65:29:ba:
                    0b:e1:b7:ab:43:72:66:18:44:41:49:64:e9:e6:b7:
                    6d:42:2e:9a:f5:9d:29:93:d4:80:39:3b:59:5c:94:
                    66:04:fa:86:5a:a8:42:b5:73:0f:3d:5f:b0:ec:64:
                    30:41:cc:b4:eb:9e:04:14:34:3b:2b:cb:00:42:a9:
                    51:ee:30:39:44:e1:76:1a:e2:56:8f:a7:90:5a:ed:
                    18:cf:81:0f:9f:35:ef:df:f4:a8:13:09:71:73:29:
                    cf:37:0c:c1:30:eb:2e:f3:c5:0b:b2:da:c2:6e:7c:
                    1c:63
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AB:2F:78:76:B2:38:CF:44:81:75:B3:68:7C:DA:0B:8A:6A:B5:31:B1
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/qy94drI4z0SBdbNofNoLimq1MbE.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.104.240.0/21

    Signature Algorithm: sha256WithRSAEncryption
         87:a0:4f:b1:dd:58:f4:96:37:b8:8e:61:b0:ed:d1:b8:ae:c5:
         9a:6a:4b:49:66:ef:e4:fa:8c:da:a8:23:22:43:af:e4:a0:7b:
         5b:fb:e1:91:8d:7f:63:bc:da:ca:f0:f8:a5:da:d3:b4:d5:df:
         3c:9b:9b:ff:41:3b:30:1d:6b:a7:1b:f8:01:e5:6d:19:7b:97:
         85:99:c1:f7:70:81:ee:77:95:09:0d:49:14:5b:eb:51:1f:d7:
         8d:51:70:89:08:c5:ac:5c:c4:a2:c3:15:95:ad:21:e3:37:57:
         72:34:9f:ff:9c:2c:c1:56:86:20:40:8e:9f:11:fb:d3:cf:75:
         cd:75:3e:8c:bf:ff:8f:72:c4:e2:d8:62:6a:19:bc:6c:d0:a0:
         fe:6b:20:ef:32:9b:f0:9e:3e:66:bb:b3:3a:82:04:66:06:23:
         ca:88:0c:76:1b:be:e0:0f:32:ad:69:bf:0b:01:cc:22:85:fe:
         3d:a4:3b:e5:cf:74:60:b0:6e:ff:5e:09:3c:d4:fe:68:75:c7:
         17:e2:e5:f6:cb:cb:57:9b:ce:8a:64:f0:10:d5:26:f2:75:ee:
         6e:fb:9b:e4:01:e8:87:0f:68:f9:cf:35:61:1a:4c:50:6d:5e:
         64:f9:cb:fc:63:8e:75:41:c9:83:e0:bc:6a:55:63:43:3c:b2:
         3e:eb:2a:19
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICA24wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDEx
NzU3MjlaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEFCMkY3ODc2QjIzOENG
NDQ4MTc1QjM2ODdDREEwQjhBNkFCNTMxQjEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDaP8ZQQmow4HTSw3Ku7hCSzcNFC3kdnb9erEWP+Ev0peyIIrbI
l2AkZOQjRuk8I7VPGBanz6aFmv5onNiKh7FcNQdtJhpyqgc+qFiz2yWCFjhJHNxN
SWuxNks42jhNhlF7JGDnTTsCMtgWfoxNdAydCtTDMonRmowakee/ZNkz5hHQzfkv
kScQeesWiRgNR8oj+WUpugvht6tDcmYYREFJZOnmt21CLpr1nSmT1IA5O1lclGYE
+oZaqEK1cw89X7DsZDBBzLTrngQUNDsrywBCqVHuMDlE4XYa4laPp5Ba7RjPgQ+f
Ne/f9KgTCXFzKc83DMEw6y7zxQuy2sJufBxjAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUqy94drI4z0SBdbNofNoLimq1MbEwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3F5OTRkckk0ejBTQmRiTm9mTm9MaW1xMU1iRS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMxaPAwDQYJKoZIhvcNAQELBQADggEBAIegT7HdWPSWN7iOYbDt0biuxZpq
S0lm7+T6jNqoIyJDr+Sge1v74ZGNf2O82srw+KXa07TV3zybm/9BOzAda6cb+AHl
bRl7l4WZwfdwge53lQkNSRRb61Ef141RcIkIxaxcxKLDFZWtIeM3V3I0n/+cLMFW
hiBAjp8R+9PPdc11Poy//49yxOLYYmoZvGzQoP5rIO8ym/CePma7szqCBGYGI8qI
DHYbvuAPMq1pvwsBzCKF/j2kO+XPdGCwbv9eCTzU/mh1xxfi5fbLy1ebzopk8BDV
JvJ17m77m+QB6IcPaPnPNWEaTFBtXmT5y/xjjnVByYPgvGpVY0M8sj7rKhk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:02 2024 by rpki-client on console-ams.rpki-client.org