Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/t5-W0z1aOA100S1vg4MYno9dnoU.roa
File:                     t5-W0z1aOA100S1vg4MYno9dnoU.roa (raw, json)
Hash identifier:          WR/FkETVrJJcKYaBn76j9s1DIKYeRjrSR6U4ssjhMOI=
Subject key identifier:   B7:9F:96:D3:3D:5A:38:0D:74:D1:2D:6F:83:83:18:9E:8F:5D:9E:85
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0314
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/t5-W0z1aOA100S1vg4MYno9dnoU.roa
Signing time:             Thu 01 Jun 2023 16:05:32 +0000
ROA not before:           Thu 01 Jun 2023 16:05:32 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.97.88.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 788 (0x314)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  1 16:05:32 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=B79F96D33D5A380D74D12D6F8383189E8F5D9E85
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:53:28:e6:c1:6b:bb:fe:86:e2:98:df:f5:c1:
                    69:48:8a:56:e2:aa:8b:fb:4b:79:5b:16:53:04:c0:
                    82:23:80:b5:f9:ed:00:69:41:4c:ee:4e:0a:85:5f:
                    8f:4d:00:2b:5b:48:2d:dd:47:01:b8:43:77:42:7f:
                    c8:a9:37:f0:a3:7d:62:90:0d:f2:a2:41:80:e3:ce:
                    82:31:dd:34:94:95:35:f7:00:ca:8b:47:2f:f2:a6:
                    a8:97:f9:cc:43:81:71:ed:56:51:a1:1c:57:66:98:
                    fc:4b:7d:d9:cd:92:9a:71:30:be:81:f0:42:49:c6:
                    3f:92:75:09:55:c7:18:f4:7b:9e:95:76:f6:91:c8:
                    80:93:7c:fa:4b:d6:ba:23:91:49:44:f7:3d:46:27:
                    b7:be:eb:e5:9c:6d:3e:63:0c:bb:99:92:72:13:ca:
                    87:98:33:ef:b5:2a:85:8d:7d:e6:55:f0:c9:3c:1a:
                    f3:99:d6:17:da:f0:23:70:e4:da:ac:db:10:28:0b:
                    de:45:4a:b6:dc:48:d8:27:6a:b4:be:12:a3:87:77:
                    e7:06:b4:45:73:7f:7e:dc:54:91:46:d2:6b:00:f5:
                    f9:3d:f4:81:14:c6:1a:2d:08:e8:f3:1b:b5:70:f4:
                    95:89:e4:cc:51:de:aa:a6:ce:46:17:df:83:f4:fa:
                    2c:85
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                B7:9F:96:D3:3D:5A:38:0D:74:D1:2D:6F:83:83:18:9E:8F:5D:9E:85
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/t5-W0z1aOA100S1vg4MYno9dnoU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.97.88.0/22

    Signature Algorithm: sha256WithRSAEncryption
         da:69:9c:6c:22:df:9c:04:e7:23:c2:54:83:34:c6:25:82:50:
         ee:96:c1:94:7a:81:3a:13:99:f2:3c:9b:db:f7:de:57:34:39:
         04:c6:49:fe:70:32:b8:d5:7c:90:8a:0a:bb:ec:27:7f:8d:ce:
         bf:fc:52:45:bf:6e:83:54:10:66:d8:76:89:36:d2:28:6a:62:
         8f:fe:f9:32:29:03:cc:34:0d:3b:ac:d1:1e:64:51:27:dd:f2:
         73:d6:14:9f:5c:bb:91:dc:29:11:ea:a7:fe:5b:3f:e1:75:17:
         c6:4b:96:bb:f2:17:b1:7f:d7:e7:dd:c7:6b:1b:98:8d:d5:9f:
         ce:59:71:1e:4a:31:5e:80:fa:34:c1:3c:4a:db:e7:83:22:4c:
         f5:23:dc:bf:55:69:26:c6:1f:7f:04:1a:2e:ff:52:2a:63:dc:
         6f:df:9d:59:f5:de:92:88:3d:c0:c5:13:00:dc:d7:e4:78:b9:
         b2:78:5f:2d:44:cc:fb:40:30:0e:7e:7c:fd:b1:62:39:24:b8:
         a1:57:17:d4:23:a0:90:1d:c3:87:4c:ef:77:d2:c6:fb:5f:91:
         11:54:03:59:20:c3:f0:7c:62:cf:d2:14:0b:c9:4e:31:bb:c9:
         2f:43:1b:c7:09:79:d9:f8:39:8d:e1:81:63:7a:4a:2b:16:f9:
         1a:75:32:cf
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAxQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDEx
NjA1MzJaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEI3OUY5NkQzM0Q1QTM4
MEQ3NEQxMkQ2RjgzODMxODlFOEY1RDlFODUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC1UyjmwWu7/obimN/1wWlIilbiqov7S3lbFlMEwIIjgLX57QBp
QUzuTgqFX49NACtbSC3dRwG4Q3dCf8ipN/CjfWKQDfKiQYDjzoIx3TSUlTX3AMqL
Ry/ypqiX+cxDgXHtVlGhHFdmmPxLfdnNkppxML6B8EJJxj+SdQlVxxj0e56VdvaR
yICTfPpL1rojkUlE9z1GJ7e+6+WcbT5jDLuZknITyoeYM++1KoWNfeZV8Mk8GvOZ
1hfa8CNw5Nqs2xAoC95FSrbcSNgnarS+EqOHd+cGtEVzf37cVJFG0msA9fk99IEU
xhotCOjzG7Vw9JWJ5MxR3qqmzkYX34P0+iyFAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUt5+W0z1aOA100S1vg4MYno9dnoUwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3Q1LVcwejFhT0ExMDBTMXZnNE1Zbm85ZG5vVS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxYVgwDQYJKoZIhvcNAQELBQADggEBANppnGwi35wE5yPCVIM0xiWCUO6W
wZR6gToTmfI8m9v33lc0OQTGSf5wMrjVfJCKCrvsJ3+Nzr/8UkW/boNUEGbYdok2
0ihqYo/++TIpA8w0DTus0R5kUSfd8nPWFJ9cu5HcKRHqp/5bP+F1F8ZLlrvyF7F/
1+fdx2sbmI3Vn85ZcR5KMV6A+jTBPErb54MiTPUj3L9VaSbGH38EGi7/Uipj3G/f
nVn13pKIPcDFEwDc1+R4ubJ4Xy1EzPtAMA5+fP2xYjkkuKFXF9QjoJAdw4dM73fS
xvtfkRFUA1kgw/B8Ys/SFAvJTjG7yS9DG8cJedn4OY3hgWN6SisW+Rp1Ms8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:03 2024 by rpki-client on console-ams.rpki-client.org