Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/vLq95sdQWv68bAXneml6rf3sGMw.roa
File:                     vLq95sdQWv68bAXneml6rf3sGMw.roa (raw, json)
Hash identifier:          I05clEc/sf0pMcHsbJiBZb9EI68ewKCx8YZm8Y+qZwo=
Subject key identifier:   BC:BA:BD:E6:C7:50:5A:FE:BC:6C:05:E7:7A:69:7A:AD:FD:EC:18:CC
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       48
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/vLq95sdQWv68bAXneml6rf3sGMw.roa
Signing time:             Mon 27 Mar 2023 16:04:23 +0000
ROA not before:           Mon 27 Mar 2023 16:04:23 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.75.2.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 72 (0x48)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 27 16:04:23 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=BCBABDE6C7505AFEBC6C05E77A697AADFDEC18CC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b4:b3:53:6e:07:1e:c1:e3:7a:7a:46:78:5c:14:
                    d7:ae:73:1b:3c:16:0e:c9:f7:26:e8:e5:b9:4c:90:
                    81:e6:4d:4b:48:a5:58:be:72:99:1c:88:9f:96:a6:
                    fb:fd:4b:48:6f:1c:90:6e:7a:0c:44:db:3d:05:1e:
                    51:51:32:99:0c:ab:b0:1a:63:4a:d5:75:93:3e:eb:
                    c8:b7:5b:54:9f:59:ef:3a:17:d6:c3:24:4e:69:cf:
                    b6:7b:fa:c1:7d:a0:8a:16:f8:ef:99:7e:e6:13:3b:
                    79:56:9e:d4:db:9a:91:17:31:75:43:2c:7f:b3:d3:
                    92:50:23:da:99:6d:cf:43:40:12:2c:28:23:af:b8:
                    fa:ba:ca:97:c0:18:41:36:90:30:c3:4d:ae:0f:8c:
                    1c:23:79:88:0d:96:d0:1b:a9:d4:58:6e:1d:77:63:
                    cf:74:7d:38:17:51:a6:c0:dc:77:bf:62:6a:31:ce:
                    29:b4:05:65:96:54:1c:c6:ce:9d:8e:9e:4b:6e:80:
                    cd:01:4b:e7:44:88:6c:ba:b8:a9:00:e0:f0:1f:f5:
                    66:fc:53:8b:99:a7:25:5c:64:00:b4:2f:c4:8c:26:
                    98:70:00:9f:f1:18:bc:d8:36:89:25:29:13:47:84:
                    61:d5:f1:bb:72:1e:8a:72:e7:7c:1e:95:42:f8:27:
                    5d:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:BA:BD:E6:C7:50:5A:FE:BC:6C:05:E7:7A:69:7A:AD:FD:EC:18:CC
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/vLq95sdQWv68bAXneml6rf3sGMw.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.75.2.0/24

    Signature Algorithm: sha256WithRSAEncryption
         58:73:e4:9e:32:45:a4:8a:a1:b9:6f:5d:80:7f:26:23:dc:05:
         73:7f:c1:80:0d:57:6d:be:78:75:b0:dd:f2:b4:37:4d:d0:38:
         98:39:3d:18:9e:49:0d:2a:fe:a5:1e:c4:57:47:d7:32:15:b4:
         bf:f9:06:21:a1:80:e8:4e:12:05:07:cf:4d:32:de:7e:13:32:
         ba:f9:52:0a:c3:81:69:a7:e3:08:a0:d1:df:47:93:97:2e:9c:
         4c:31:3f:c4:80:9b:78:b4:e3:0c:bf:80:ab:68:10:10:0f:4e:
         a2:71:da:14:33:3b:6c:09:30:0a:89:94:f9:9d:d5:89:d5:20:
         c0:0b:64:9b:2c:53:05:35:78:13:64:6b:d9:93:ae:07:c8:df:
         0a:3b:3b:11:be:1f:72:ad:7f:71:52:a9:d5:e3:60:be:c2:a5:
         b3:ee:65:c0:60:e2:65:17:e8:55:85:ba:29:2c:54:9a:df:a3:
         0a:c2:ff:e2:8d:d9:f3:f9:8d:0e:d7:42:d4:ce:0f:d7:69:6a:
         fb:67:16:6b:2e:13:8b:78:c6:58:f7:0d:27:3d:e2:55:d5:ae:
         4e:19:4f:50:b3:95:8b:2e:77:eb:7d:43:f9:fc:3b:9b:a3:a3:
         bb:00:42:b9:be:83:a6:70:17:31:75:82:43:e8:fe:10:6e:c7:
         d3:1d:0a:58
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIBSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2OTY1
QjBCMjBEREUwN0E0Qzk3OEUyNDA3M0VBMEUxMTE3QjM3NDczMB4XDTIzMDMyNzE2
MDQyM1oXDTI0MDMxNDAxMzAwMlowMzExMC8GA1UEAxMoQkNCQUJERTZDNzUwNUFG
RUJDNkMwNUU3N0E2OTdBQURGREVDMThDQzCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBALSzU24HHsHjenpGeFwU165zGzwWDsn3JujluUyQgeZNS0ilWL5y
mRyIn5am+/1LSG8ckG56DETbPQUeUVEymQyrsBpjStV1kz7ryLdbVJ9Z7zoX1sMk
TmnPtnv6wX2gihb475l+5hM7eVae1NuakRcxdUMsf7PTklAj2pltz0NAEiwoI6+4
+rrKl8AYQTaQMMNNrg+MHCN5iA2W0Bup1FhuHXdjz3R9OBdRpsDcd79iajHOKbQF
ZZZUHMbOnY6eS26AzQFL50SIbLq4qQDg8B/1ZvxTi5mnJVxkALQvxIwmmHAAn/EY
vNg2iSUpE0eEYdXxu3IeinLnfB6VQvgnXc8CAwEAAaOCAiQwggIgMB0GA1UdDgQW
BBS8ur3mx1Ba/rxsBed6aXqt/ewYzDAfBgNVHSMEGDAWgBRpZbCyDd4HpMl44kBz
6g4RF7N0czAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGYGA1UdHwRfMF0wW6BZ
oFeGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9BOTFBNzM4
MTAwMDAvMzA5L2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJlemRITS5jcmwwbQYIKwYB
BQUHAQEEYTBfMF0GCCsGAQUFBzAChlFyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5u
aWMuYWQuanAvYXAvQTkxQTczODEwMDAwL2FXV3dzZzNlQjZUSmVPSkFjLW9PRVJl
emRITS5jZXIwDgYDVR0PAQH/BAQDAgeAMIG7BggrBgEFBQcBCwSBrjCBqzBhBggr
BgEFBQcwC4ZVcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL2FwL0E5
MUE3MzgxMDAwMC8zMDkvdkxxOTVzZFFXdjY4YkFYbmVtbDZyZjNzR013LnJvYTBG
BggrBgEFBQcwDYY6aHR0cHM6Ly9ycGtpLXJlcG9zaXRvcnkubmljLmFkLmpwL3Jy
ZHAvYXAvbm90aWZpY2F0aW9uLnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAAFLAjANBgkqhkiG9w0BAQsFAAOCAQEAWHPknjJFpIqhuW9dgH8mI9wFc3/B
gA1Xbb54dbDd8rQ3TdA4mDk9GJ5JDSr+pR7EV0fXMhW0v/kGIaGA6E4SBQfPTTLe
fhMyuvlSCsOBaafjCKDR30eTly6cTDE/xICbeLTjDL+Aq2gQEA9OonHaFDM7bAkw
ComU+Z3VidUgwAtkmyxTBTV4E2Rr2ZOuB8jfCjs7Eb4fcq1/cVKp1eNgvsKls+5l
wGDiZRfoVYW6KSxUmt+jCsL/4o3Z8/mNDtdC1M4P12lq+2cWay4Ti3jGWPcNJz3i
VdWuThlPULOViy53631D+fw7m6OjuwBCub6DpnAXMXWCQ+j+EG7H0x0KWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:52 2024 by rpki-client on console-fra.rpki-client.org