Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/uwdZ35tnpUapZkPydwVFPkuuxQI.roa
File:                     uwdZ35tnpUapZkPydwVFPkuuxQI.roa (raw, json)
Hash identifier:          C1U4vVlh+m4lmW6ce2FG+LLeMC/tenLsPNvzXfX4LXk=
Subject key identifier:   BB:07:59:DF:9B:67:A5:46:A9:66:43:F2:77:05:45:3E:4B:AE:C5:02
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0338
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/uwdZ35tnpUapZkPydwVFPkuuxQI.roa
Signing time:             Thu 01 Jun 2023 16:07:34 +0000
ROA not before:           Thu 01 Jun 2023 16:07:34 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.96.19.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 824 (0x338)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  1 16:07:34 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=BB0759DF9B67A546A96643F27705453E4BAEC502
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cc:41:a6:f7:d9:2e:04:c6:35:5a:f0:60:b8:9f:
                    48:f8:bf:2c:a4:08:16:5c:fa:de:55:3c:a4:c0:06:
                    35:1b:38:ec:2e:92:8f:1c:f7:c0:66:95:e1:c7:88:
                    72:79:cb:56:fa:ee:04:78:8d:31:28:ea:a4:d2:03:
                    d1:66:99:03:c7:fc:e4:34:87:b8:81:d6:4c:cb:18:
                    70:35:70:e8:65:de:c8:1c:f5:04:ab:e3:45:4a:11:
                    c1:db:39:7e:8a:6b:c0:ee:bd:8f:66:00:29:38:ac:
                    bd:47:cc:b6:89:dd:a4:bd:3c:ab:d9:d4:fc:b2:69:
                    9f:ae:d9:0d:22:78:b5:1b:af:9a:83:c6:b4:d2:dc:
                    a5:00:ed:ec:b8:41:d6:d2:2a:8c:9f:2a:82:72:06:
                    11:66:aa:e3:fa:26:a9:e7:5c:97:f5:79:06:56:70:
                    52:c6:d5:a5:7c:35:02:dc:31:8d:58:17:74:f2:ad:
                    d4:e4:7b:11:3f:1f:60:1d:40:96:2f:b4:4c:64:17:
                    72:b0:f4:97:05:71:7b:32:f6:80:9c:d8:2b:59:82:
                    29:dd:cb:b0:ec:d6:c3:f4:3f:b4:1c:b3:18:7b:3d:
                    bd:e2:d0:eb:c9:c2:57:cc:30:86:c9:70:8f:46:19:
                    fd:33:2c:c7:2c:bc:b2:f9:af:0e:40:5c:5e:39:4d:
                    45:e9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BB:07:59:DF:9B:67:A5:46:A9:66:43:F2:77:05:45:3E:4B:AE:C5:02
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/uwdZ35tnpUapZkPydwVFPkuuxQI.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.96.19.0/24

    Signature Algorithm: sha256WithRSAEncryption
         4a:6f:a4:e8:b8:fb:ca:4c:e4:12:f2:7b:bd:e5:38:e5:fc:17:
         48:f0:d8:ab:1a:10:78:e0:46:ca:5d:3a:a0:4d:f5:77:d6:8d:
         50:b9:ef:12:1a:17:5c:f8:fb:fb:41:82:67:83:6b:bf:40:6c:
         98:6f:ac:8a:1a:b5:8a:a2:f0:4e:d7:0f:3f:05:67:f7:cb:e8:
         e4:e7:47:83:1b:3c:1b:a2:14:c0:ba:87:bf:6e:58:d8:d6:90:
         f9:cf:e6:ee:70:e5:21:5b:51:fa:e5:74:b3:42:aa:f5:a0:05:
         c7:d3:fe:cb:88:40:f3:fe:c6:7b:c6:af:2b:37:92:3d:a1:2c:
         a2:2b:f7:ad:63:b5:1d:f3:29:51:80:bf:d5:a9:a5:ee:4d:43:
         17:0d:28:4d:81:66:98:e6:1d:76:11:b5:44:17:9c:c4:c5:a9:
         ff:b2:e9:8a:f0:fb:f3:9f:0b:b6:27:91:e9:13:e8:87:db:40:
         88:ec:05:81:64:e5:5c:c8:d5:f2:6f:ba:29:2c:df:05:13:ab:
         af:6c:09:3d:1e:5f:33:23:a4:1b:90:64:03:86:b4:9f:93:33:
         e0:da:72:ec:4f:31:84:f6:69:05:ea:c9:d9:61:93:8d:84:af:
         0a:67:61:26:47:0d:72:86:58:a5:00:aa:26:15:ca:ad:71:2e:
         c6:25:f5:50
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAzgwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDEx
NjA3MzRaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEJCMDc1OURGOUI2N0E1
NDZBOTY2NDNGMjc3MDU0NTNFNEJBRUM1MDIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDMQab32S4ExjVa8GC4n0j4vyykCBZc+t5VPKTABjUbOOwuko8c
98BmleHHiHJ5y1b67gR4jTEo6qTSA9FmmQPH/OQ0h7iB1kzLGHA1cOhl3sgc9QSr
40VKEcHbOX6Ka8DuvY9mACk4rL1HzLaJ3aS9PKvZ1PyyaZ+u2Q0ieLUbr5qDxrTS
3KUA7ey4QdbSKoyfKoJyBhFmquP6JqnnXJf1eQZWcFLG1aV8NQLcMY1YF3TyrdTk
exE/H2AdQJYvtExkF3Kw9JcFcXsy9oCc2CtZgindy7Ds1sP0P7Qcsxh7Pb3i0OvJ
wlfMMIbJcI9GGf0zLMcsvLL5rw5AXF45TUXpAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUuwdZ35tnpUapZkPydwVFPkuuxQIwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3V3ZFozNXRucFVhcFprUHlkd1ZGUGt1dXhRSS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxYBMwDQYJKoZIhvcNAQELBQADggEBAEpvpOi4+8pM5BLye73lOOX8F0jw
2KsaEHjgRspdOqBN9XfWjVC57xIaF1z4+/tBgmeDa79AbJhvrIoatYqi8E7XDz8F
Z/fL6OTnR4MbPBuiFMC6h79uWNjWkPnP5u5w5SFbUfrldLNCqvWgBcfT/suIQPP+
xnvGrys3kj2hLKIr961jtR3zKVGAv9Wppe5NQxcNKE2BZpjmHXYRtUQXnMTFqf+y
6Yrw+/OfC7YnkekT6IfbQIjsBYFk5VzI1fJvuiks3wUTq69sCT0eXzMjpBuQZAOG
tJ+TM+DacuxPMYT2aQXqydlhk42ErwpnYSZHDXKGWKUAqiYVyq1xLsYl9VA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:52 2024 by rpki-client on console-fra.rpki-client.org