Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/s29KmbHIA-GbQ3h_Lj02eNeoVO0.roa
File:                     s29KmbHIA-GbQ3h_Lj02eNeoVO0.roa (raw, json)
Hash identifier:          u2rUHaVQSxB+33IXM9LUvRZ2UjnAZItfH1lwmxrdhEo=
Subject key identifier:   B3:6F:4A:99:B1:C8:03:E1:9B:43:78:7F:2E:3D:36:78:D7:A8:54:ED
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0145
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/s29KmbHIA-GbQ3h_Lj02eNeoVO0.roa
Signing time:             Wed 24 May 2023 16:31:13 +0000
ROA not before:           Wed 24 May 2023 16:31:13 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.75.240.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 325 (0x145)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 24 16:31:13 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=B36F4A99B1C803E19B43787F2E3D3678D7A854ED
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:bc:d9:6f:45:76:91:06:03:fb:25:55:8c:46:50:
                    cc:f2:f7:75:45:52:5c:be:59:3d:35:71:50:d3:c9:
                    ec:2c:03:1a:8c:0d:dd:2c:e6:f7:e7:71:32:6d:77:
                    df:ce:b7:f4:cf:58:0b:02:75:1a:a6:24:ab:91:05:
                    db:d9:a6:8b:4a:86:a8:1f:59:44:b8:f7:82:56:e0:
                    1a:a9:71:64:df:a5:0a:0a:98:1c:a6:f6:6d:ea:40:
                    12:7e:bc:ce:71:6c:2e:10:ce:8c:9c:94:14:20:e7:
                    43:8e:c7:d2:4e:34:47:43:38:a0:ff:f0:c8:6d:c2:
                    d6:99:5f:99:45:5b:94:d8:11:19:6f:cf:4e:32:8b:
                    96:77:22:f0:4e:91:53:ec:cc:36:3d:02:82:11:26:
                    00:f5:2d:af:83:96:5c:d6:d0:36:e9:28:88:02:40:
                    75:df:c6:4d:e1:59:5d:79:2d:ab:57:a2:9c:d3:51:
                    b5:b5:f6:4d:c9:30:5b:e1:1f:1a:29:3a:06:4d:e0:
                    39:25:49:32:5e:f1:ac:06:7b:ca:d9:da:49:2b:c9:
                    5c:fa:93:5f:5c:c4:39:88:e0:20:90:59:ff:7d:f5:
                    96:89:fc:ec:ff:62:59:18:5c:cb:51:75:67:36:c1:
                    5b:62:c0:3a:ca:d3:bb:63:b9:78:ba:6e:15:f8:1f:
                    e7:77
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B3:6F:4A:99:B1:C8:03:E1:9B:43:78:7F:2E:3D:36:78:D7:A8:54:ED
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/s29KmbHIA-GbQ3h_Lj02eNeoVO0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.75.240.0/23

    Signature Algorithm: sha256WithRSAEncryption
         3e:6b:c5:fa:0f:d5:31:63:b6:48:4a:16:64:65:93:7b:52:db:
         f8:4c:3c:08:72:3d:f3:d8:ab:0c:00:97:80:03:56:19:3a:51:
         61:82:e8:01:75:c0:ec:4b:51:02:63:eb:f8:bd:21:25:21:3d:
         dd:7b:85:43:e5:1d:24:be:08:ea:cc:d8:10:9f:3d:d9:cc:00:
         08:63:59:e9:d2:a4:07:48:9a:a3:d3:b5:57:86:35:31:f3:47:
         42:26:85:c7:c5:c0:6a:ee:0b:eb:0b:64:09:75:35:2b:b9:af:
         8e:e6:4e:5d:0a:d7:45:f0:b0:ee:76:3b:a4:37:74:34:90:4a:
         e0:c6:32:22:25:ab:56:25:bb:50:1f:5e:2c:88:d6:4f:3c:7b:
         8c:ad:91:b6:68:b6:26:c8:38:0b:69:41:e1:d9:d3:9f:78:8f:
         e2:d4:96:2a:d5:58:b5:91:a7:60:85:a9:98:a2:6e:88:cd:a7:
         e8:40:1a:04:17:e3:8a:19:bb:3f:72:68:03:9e:ce:76:43:29:
         d6:76:7b:49:99:c8:3b:f4:e7:32:1b:1f:c0:5a:2f:f2:5f:65:
         f3:fd:f2:4a:13:13:0e:77:ac:a2:67:96:3d:25:e4:de:d3:a5:
         df:38:ac:16:39:fb:c5:54:6a:48:f8:98:34:ad:0c:ca:0d:18:
         ed:bd:33:d9
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAUUwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MjQx
NjMxMTNaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEIzNkY0QTk5QjFDODAz
RTE5QjQzNzg3RjJFM0QzNjc4RDdBODU0RUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC82W9FdpEGA/slVYxGUMzy93VFUly+WT01cVDTyewsAxqMDd0s
5vfncTJtd9/Ot/TPWAsCdRqmJKuRBdvZpotKhqgfWUS494JW4BqpcWTfpQoKmBym
9m3qQBJ+vM5xbC4QzoyclBQg50OOx9JONEdDOKD/8MhtwtaZX5lFW5TYERlvz04y
i5Z3IvBOkVPszDY9AoIRJgD1La+DllzW0DbpKIgCQHXfxk3hWV15LatXopzTUbW1
9k3JMFvhHxopOgZN4DklSTJe8awGe8rZ2kkryVz6k19cxDmI4CCQWf999ZaJ/Oz/
YlkYXMtRdWc2wVtiwDrK07tjuXi6bhX4H+d3AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUs29KmbHIA+GbQ3h/Lj02eNeoVO0wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3MyOUttYkhJQS1HYlEzaF9MajAyZU5lb1ZPMC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEBS/AwDQYJKoZIhvcNAQELBQADggEBAD5rxfoP1TFjtkhKFmRlk3tS2/hM
PAhyPfPYqwwAl4ADVhk6UWGC6AF1wOxLUQJj6/i9ISUhPd17hUPlHSS+COrM2BCf
PdnMAAhjWenSpAdImqPTtVeGNTHzR0ImhcfFwGruC+sLZAl1NSu5r47mTl0K10Xw
sO52O6Q3dDSQSuDGMiIlq1Ylu1AfXiyI1k88e4ytkbZotibIOAtpQeHZ0594j+LU
lirVWLWRp2CFqZiibojNp+hAGgQX44oZuz9yaAOeznZDKdZ2e0mZyDv05zIbH8Ba
L/JfZfP98koTEw53rKJnlj0l5N7Tpd84rBY5+8VUakj4mDStDMoNGO29M9k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:03 2024 by rpki-client on console-ams.rpki-client.org