Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/vBHfHG_HhJrDg41lMemnP0VJ_2Y.roa
File:                     vBHfHG_HhJrDg41lMemnP0VJ_2Y.roa (raw, json)
Hash identifier:          a4w60Me7XX7+iOuvnhWIWxER5i4Hpn4MzfDHVKg1JDo=
Subject key identifier:   BC:11:DF:1C:6F:C7:84:9A:C3:83:8D:65:31:E9:A7:3F:45:49:FF:66
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       F0
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/vBHfHG_HhJrDg41lMemnP0VJ_2Y.roa
Signing time:             Wed 24 May 2023 16:03:10 +0000
ROA not before:           Wed 24 May 2023 16:03:10 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.134.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 240 (0xf0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 24 16:03:10 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=BC11DF1C6FC7849AC3838D6531E9A73F4549FF66
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a1:9e:7d:01:83:e4:32:22:b2:51:91:59:fc:a3:
                    e0:30:30:1b:86:41:0e:8b:8d:13:ca:cb:2a:68:18:
                    ec:1d:39:a7:17:c7:fb:02:a2:44:00:3f:76:5e:3a:
                    54:c7:fc:05:02:64:1c:0f:88:8a:93:07:ec:e9:5f:
                    23:7a:e5:24:9b:d7:af:cb:67:55:4c:5a:d3:7f:c6:
                    36:07:ac:07:b7:63:4d:87:1e:2e:af:0c:6b:66:c1:
                    b2:00:31:51:81:15:e9:a3:a4:71:ff:0b:b8:d4:4c:
                    f5:b8:88:21:a9:7f:76:4d:3d:35:1e:22:30:65:80:
                    ee:1f:cb:91:3c:8e:81:17:ca:b9:5a:04:c9:e9:b2:
                    ef:42:45:72:fd:92:86:58:ed:e7:5b:46:ee:51:78:
                    25:97:66:54:4f:04:85:b1:61:09:7c:79:e8:e9:d3:
                    6c:dd:5a:d5:6c:c4:46:78:b2:d5:fa:60:c9:8e:2f:
                    4f:b7:bb:35:b9:9c:b7:75:a6:ad:8e:94:e9:6d:9b:
                    73:dc:0f:d2:db:74:35:51:d8:cc:05:0c:f6:94:83:
                    e1:45:d6:62:64:22:8c:aa:f1:b8:36:35:57:e3:3a:
                    59:12:92:09:e3:d6:13:f3:68:f7:2a:97:f5:50:fb:
                    10:76:36:79:28:8b:27:4c:8f:bc:64:35:48:b6:7b:
                    39:93
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:11:DF:1C:6F:C7:84:9A:C3:83:8D:65:31:E9:A7:3F:45:49:FF:66
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/vBHfHG_HhJrDg41lMemnP0VJ_2Y.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.134.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7d:9e:7c:70:c1:4a:a9:43:ab:50:81:61:fc:00:0b:76:00:81:
         23:f1:6d:7f:6c:a8:a7:28:e9:f1:00:a6:b1:5f:83:03:90:4c:
         aa:32:cc:70:fa:51:cf:6a:80:39:48:e0:2e:af:6c:a2:fe:a3:
         92:05:57:89:f6:23:5a:58:cb:2f:4a:da:15:28:8f:0b:16:6e:
         c9:ab:18:ad:c5:94:02:3c:f8:77:9b:b3:80:54:fe:5b:c3:24:
         21:ee:72:df:78:38:e8:14:e7:b1:b6:00:d9:6e:15:70:d2:54:
         d6:e2:41:2d:c1:0c:f6:b7:d3:bd:78:dc:02:33:f7:3a:3d:48:
         91:26:b1:c0:65:df:37:26:2a:b7:4e:aa:f4:c9:09:22:d8:ab:
         80:b4:c0:90:d4:f7:2b:9e:1a:7b:dd:da:c7:e0:14:d4:01:3a:
         04:8e:17:b0:40:de:46:94:77:60:fd:91:13:af:18:ca:0d:f7:
         37:ba:1a:3c:53:4a:92:6c:db:37:5c:06:6e:83:ef:2d:05:8c:
         08:56:e4:7e:4d:f9:ab:af:fb:26:c8:dc:14:72:2e:59:f6:63:
         d2:2a:80:3a:f4:47:55:b4:dc:f3:66:79:d4:fd:50:1e:8f:10:
         89:7e:a1:26:ef:c3:a6:fc:68:f7:c1:76:ca:70:a2:cb:e9:5f:
         27:0b:bd:67
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAPAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MjQx
NjAzMTBaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEJDMTFERjFDNkZDNzg0
OUFDMzgzOEQ2NTMxRTlBNzNGNDU0OUZGNjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQChnn0Bg+QyIrJRkVn8o+AwMBuGQQ6LjRPKyypoGOwdOacXx/sC
okQAP3ZeOlTH/AUCZBwPiIqTB+zpXyN65SSb16/LZ1VMWtN/xjYHrAe3Y02HHi6v
DGtmwbIAMVGBFemjpHH/C7jUTPW4iCGpf3ZNPTUeIjBlgO4fy5E8joEXyrlaBMnp
su9CRXL9koZY7edbRu5ReCWXZlRPBIWxYQl8eejp02zdWtVsxEZ4stX6YMmOL0+3
uzW5nLd1pq2OlOltm3PcD9LbdDVR2MwFDPaUg+FF1mJkIoyq8bg2NVfjOlkSkgnj
1hPzaPcql/VQ+xB2NnkoiydMj7xkNUi2ezmTAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUvBHfHG/HhJrDg41lMemnP0VJ/2YwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3ZCSGZIR19IaEpyRGc0MWxNZW1uUDBWSl8yWS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExYoYwDQYJKoZIhvcNAQELBQADggEBAH2efHDBSqlDq1CBYfwAC3YAgSPx
bX9sqKco6fEAprFfgwOQTKoyzHD6Uc9qgDlI4C6vbKL+o5IFV4n2I1pYyy9K2hUo
jwsWbsmrGK3FlAI8+Hebs4BU/lvDJCHuct94OOgU57G2ANluFXDSVNbiQS3BDPa3
07143AIz9zo9SJEmscBl3zcmKrdOqvTJCSLYq4C0wJDU9yueGnvd2sfgFNQBOgSO
F7BA3kaUd2D9kROvGMoN9ze6GjxTSpJs2zdcBm6D7y0FjAhW5H5N+auv+ybI3BRy
Lln2Y9IqgDr0R1W03PNmedT9UB6PEIl+oSbvw6b8aPfBdspwosvpXycLvWc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:03 2024 by rpki-client on console-ams.rpki-client.org