Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/rW-gjwU3jDFoydQ6P_AG8l_Tz0g.roa
File:                     rW-gjwU3jDFoydQ6P_AG8l_Tz0g.roa (raw, json)
Hash identifier:          Vc0OOLdNsOH+41x7jSTgNbiDnQOBMQgZhdZoV1Ejjio=
Subject key identifier:   AD:6F:A0:8F:05:37:8C:31:68:C9:D4:3A:3F:F0:06:F2:5F:D3:CF:48
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0242
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/rW-gjwU3jDFoydQ6P_AG8l_Tz0g.roa
Signing time:             Tue 30 May 2023 16:32:24 +0000
ROA not before:           Tue 30 May 2023 16:32:24 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.103.16.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 578 (0x242)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 30 16:32:24 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=AD6FA08F05378C3168C9D43A3FF006F25FD3CF48
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:cf:63:5d:9d:b0:d1:d3:43:03:65:bc:86:8f:
                    48:59:20:d1:b8:73:c5:89:b6:41:f6:79:7d:48:3e:
                    ab:55:b5:94:c4:00:b4:b6:cd:f2:5e:cb:14:c9:e5:
                    de:2d:26:d1:f6:3c:e7:45:fb:f4:82:b0:8f:d2:57:
                    e3:dc:3b:52:0b:b4:57:e1:e9:f6:d9:d3:46:3a:48:
                    2c:16:31:2a:b9:4d:6b:56:4e:e3:69:de:26:92:a3:
                    2c:91:64:ef:30:17:70:03:fd:82:2e:79:6a:d9:06:
                    1d:d0:44:9e:57:70:33:09:dc:e5:99:cb:33:08:28:
                    6d:0e:77:0c:be:7f:75:47:3e:0b:31:ae:a2:bc:b9:
                    a9:d3:d0:d9:6c:a5:9d:f7:3e:75:82:af:1a:11:b0:
                    27:a3:c1:a2:2b:9d:22:4d:4c:87:de:be:41:57:0b:
                    11:5d:6c:1c:9f:1f:b2:f2:d4:0b:8d:63:8a:c7:55:
                    8a:6b:74:f2:d6:34:5b:68:6b:15:46:be:2b:85:54:
                    a1:6a:9c:31:f8:df:78:d4:de:2b:f3:03:81:95:97:
                    89:75:d2:1e:23:3d:40:3e:9d:25:5d:32:45:34:6d:
                    48:91:ee:33:80:c7:f9:76:2e:df:36:66:e2:b3:67:
                    dc:3f:12:60:d5:a2:66:e1:f4:6c:e7:bb:e0:be:e1:
                    24:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                AD:6F:A0:8F:05:37:8C:31:68:C9:D4:3A:3F:F0:06:F2:5F:D3:CF:48
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/rW-gjwU3jDFoydQ6P_AG8l_Tz0g.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.103.16.0/23

    Signature Algorithm: sha256WithRSAEncryption
         33:00:7f:49:9f:3a:06:45:e1:25:e3:5e:49:9c:2b:89:3a:86:
         c4:6f:41:44:16:02:b7:a0:30:c4:85:8f:aa:70:38:5e:da:0e:
         1a:7c:ba:e3:61:54:65:f5:50:6e:dc:fe:14:ba:32:f3:71:24:
         67:d2:73:47:16:ed:46:ef:04:85:a0:cf:ff:61:90:d2:2c:bb:
         7c:1f:1c:cc:65:bd:de:0d:42:87:b9:02:e1:47:d0:59:f3:51:
         52:bc:15:68:0d:ea:d3:eb:63:1d:8f:de:47:c8:a5:f5:e3:3d:
         63:b4:5b:50:14:ac:8c:1d:39:2d:ea:6e:51:a4:69:d1:71:fe:
         3c:bd:bd:cd:97:5b:c7:51:75:02:9a:8a:c0:ba:ce:fb:4e:fa:
         c0:58:bd:f0:af:11:e1:2c:86:b1:37:7f:0c:a5:50:84:3b:55:
         4e:d5:35:74:58:e2:bc:8f:55:91:06:0e:b1:6a:1e:7e:07:45:
         f9:9f:cd:a6:54:a5:08:ea:6a:b2:bb:35:17:ff:31:f5:3a:23:
         3c:f9:cc:0b:60:17:72:9f:52:70:13:7d:f1:1d:5e:73:7d:57:
         f3:3f:82:d3:39:65:87:d9:c4:98:a1:1e:a9:31:59:86:7e:6f:
         6f:b7:4b:3f:33:b5:75:e7:bd:6f:e4:d1:22:cd:ce:91:e2:f8:
         bd:fd:48:02
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAkIwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MzAx
NjMyMjRaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEFENkZBMDhGMDUzNzhD
MzE2OEM5RDQzQTNGRjAwNkYyNUZEM0NGNDgwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzz2NdnbDR00MDZbyGj0hZING4c8WJtkH2eX1IPqtVtZTEALS2
zfJeyxTJ5d4tJtH2POdF+/SCsI/SV+PcO1ILtFfh6fbZ00Y6SCwWMSq5TWtWTuNp
3iaSoyyRZO8wF3AD/YIueWrZBh3QRJ5XcDMJ3OWZyzMIKG0Odwy+f3VHPgsxrqK8
uanT0NlspZ33PnWCrxoRsCejwaIrnSJNTIfevkFXCxFdbByfH7Ly1AuNY4rHVYpr
dPLWNFtoaxVGviuFVKFqnDH433jU3ivzA4GVl4l10h4jPUA+nSVdMkU0bUiR7jOA
x/l2Lt82ZuKzZ9w/EmDVombh9Gznu+C+4SRRAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUrW+gjwU3jDFoydQ6P/AG8l/Tz0gwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3JXLWdqd1UzakRGb3lkUTZQX0FHOGxfVHowZy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExZxAwDQYJKoZIhvcNAQELBQADggEBADMAf0mfOgZF4SXjXkmcK4k6hsRv
QUQWAregMMSFj6pwOF7aDhp8uuNhVGX1UG7c/hS6MvNxJGfSc0cW7UbvBIWgz/9h
kNIsu3wfHMxlvd4NQoe5AuFH0FnzUVK8FWgN6tPrYx2P3kfIpfXjPWO0W1AUrIwd
OS3qblGkadFx/jy9vc2XW8dRdQKaisC6zvtO+sBYvfCvEeEshrE3fwylUIQ7VU7V
NXRY4ryPVZEGDrFqHn4HRfmfzaZUpQjqarK7NRf/MfU6Izz5zAtgF3KfUnATffEd
XnN9V/M/gtM5ZYfZxJihHqkxWYZ+b2+3Sz8ztXXnvW/k0SLNzpHi+L39SAI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:03 2024 by rpki-client on console-ams.rpki-client.org