Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/sbCHLZuv2OdAV7kCIP7DwUa0JOM.roa
File:                     sbCHLZuv2OdAV7kCIP7DwUa0JOM.roa (raw, json)
Hash identifier:          1ijBwf/Ip1ayfa5XnKhJXQ1rIvUiiwx7GFBZ8+BJ5N0=
Subject key identifier:   B1:B0:87:2D:9B:AF:D8:E7:40:57:B9:02:20:FE:C3:C1:46:B4:24:E3
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0199
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/sbCHLZuv2OdAV7kCIP7DwUa0JOM.roa
Signing time:             Wed 24 May 2023 16:35:14 +0000
ROA not before:           Wed 24 May 2023 16:35:14 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.79.86.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 409 (0x199)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 24 16:35:14 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=B1B0872D9BAFD8E74057B90220FEC3C146B424E3
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:21:97:80:5c:8f:13:16:6e:32:c7:34:a3:a6:
                    15:94:66:c5:21:f8:40:72:1b:5f:be:b8:eb:0a:95:
                    3a:6d:8b:94:e6:1e:25:ae:ed:6c:1c:fd:fe:e9:c5:
                    bb:81:8e:1a:72:fb:9f:a1:5e:89:b9:a7:0d:8c:70:
                    b7:1a:4b:5a:b2:c4:71:be:57:d5:09:14:df:f9:3a:
                    41:fd:94:df:63:ee:06:b5:ff:d6:f7:67:3b:b1:fc:
                    72:13:66:b3:78:57:a7:94:43:e4:ac:07:fd:0a:e3:
                    74:57:a2:e8:fc:1f:7d:2f:74:77:e8:3c:c3:92:00:
                    b1:93:4b:6c:82:d5:3a:63:ae:44:03:70:5c:2b:96:
                    5f:ef:95:de:7a:2b:b4:58:49:fc:ba:6c:cc:b7:39:
                    78:b3:08:c5:a8:56:87:0b:f4:f3:23:16:22:93:f4:
                    f7:fc:0a:23:d6:36:c4:cf:71:e2:70:67:de:5d:9b:
                    6d:a9:56:36:71:be:d1:eb:c8:86:a2:9d:1e:b5:9c:
                    da:31:27:d8:41:fa:b9:e2:d1:bf:51:e0:82:4b:a4:
                    a0:97:d1:0d:80:74:46:66:7c:2c:65:a8:3a:5b:e1:
                    6b:78:0b:c5:51:4e:02:a3:d1:c8:77:8c:e2:20:c0:
                    43:83:84:97:53:f6:1e:1c:18:3d:10:70:d3:0c:21:
                    b3:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B1:B0:87:2D:9B:AF:D8:E7:40:57:B9:02:20:FE:C3:C1:46:B4:24:E3
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/sbCHLZuv2OdAV7kCIP7DwUa0JOM.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.79.86.0/23

    Signature Algorithm: sha256WithRSAEncryption
         70:c2:c6:c5:36:42:7d:61:b5:cc:a0:a4:ff:29:af:31:d0:11:
         bc:f8:75:85:ec:72:aa:0f:be:a5:98:b4:89:07:b1:99:2f:8f:
         0a:3b:df:08:b0:ef:ca:7d:30:a8:c6:05:5e:de:91:ce:6c:e8:
         99:a2:dd:5c:53:e3:03:7d:81:11:bc:0d:f3:be:5a:e7:d1:98:
         9e:04:c0:d0:87:54:5c:c2:ad:5a:86:e8:2d:a9:78:a5:6b:c1:
         07:29:8c:9d:3d:55:86:ba:1c:92:dc:a7:8c:dc:fd:e6:59:48:
         ac:e7:b0:90:49:93:c8:0f:9b:69:68:fa:47:3c:73:bf:71:b0:
         cb:6c:73:51:fa:80:4f:39:8f:d6:4c:99:b7:7f:66:cc:bd:1c:
         70:5d:81:91:f2:48:39:33:a4:8e:ff:36:b1:e8:48:ed:20:2e:
         32:04:b2:4a:49:cf:a5:a3:c5:12:32:0c:52:8d:4b:fb:dd:83:
         f9:86:62:88:21:97:43:ac:4f:b7:96:36:d7:b7:79:50:65:bb:
         2f:d2:d4:e3:93:68:1d:11:fa:1b:08:55:95:ea:f4:7a:27:15:
         70:66:fb:b2:e4:90:af:e4:e8:26:53:5a:70:7b:9f:63:c2:ab:
         a0:97:29:a1:12:5a:20:e3:d2:77:46:22:75:1e:fe:36:06:3e:
         51:4d:d7:be
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAZkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MjQx
NjM1MTRaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEIxQjA4NzJEOUJBRkQ4
RTc0MDU3QjkwMjIwRkVDM0MxNDZCNDI0RTMwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuIZeAXI8TFm4yxzSjphWUZsUh+EByG1++uOsKlTpti5TmHiWu
7Wwc/f7pxbuBjhpy+5+hXom5pw2McLcaS1qyxHG+V9UJFN/5OkH9lN9j7ga1/9b3
Zzux/HITZrN4V6eUQ+SsB/0K43RXouj8H30vdHfoPMOSALGTS2yC1TpjrkQDcFwr
ll/vld56K7RYSfy6bMy3OXizCMWoVocL9PMjFiKT9Pf8CiPWNsTPceJwZ95dm22p
VjZxvtHryIainR61nNoxJ9hB+rni0b9R4IJLpKCX0Q2AdEZmfCxlqDpb4Wt4C8VR
TgKj0ch3jOIgwEODhJdT9h4cGD0QcNMMIbNfAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUsbCHLZuv2OdAV7kCIP7DwUa0JOMwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3NiQ0hMWnV2Mk9kQVY3a0NJUDdEd1VhMEpPTS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAEBT1YwDQYJKoZIhvcNAQELBQADggEBAHDCxsU2Qn1htcygpP8przHQEbz4
dYXscqoPvqWYtIkHsZkvjwo73wiw78p9MKjGBV7ekc5s6Jmi3VxT4wN9gRG8DfO+
WufRmJ4EwNCHVFzCrVqG6C2peKVrwQcpjJ09VYa6HJLcp4zc/eZZSKznsJBJk8gP
m2lo+kc8c79xsMtsc1H6gE85j9ZMmbd/Zsy9HHBdgZHySDkzpI7/NrHoSO0gLjIE
skpJz6WjxRIyDFKNS/vdg/mGYoghl0OsT7eWNte3eVBluy/S1OOTaB0R+hsIVZXq
9HonFXBm+7LkkK/k6CZTWnB7n2PCq6CXKaESWiDj0ndGInUe/jYGPlFN174=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:03 2024 by rpki-client on console-ams.rpki-client.org