Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/vLu93wACTpa4Dvj9eyvWb4o1Cvs.roa
File:                     vLu93wACTpa4Dvj9eyvWb4o1Cvs.roa (raw, json)
Hash identifier:          lHDY54DZfxHdqkTa+Xb+YVuTyqapROHHEaS6kaqZTxw=
Subject key identifier:   BC:BB:BD:DF:00:02:4E:96:B8:0E:F8:FD:7B:2B:D6:6F:8A:35:0A:FB
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       01EF
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/vLu93wACTpa4Dvj9eyvWb4o1Cvs.roa
Signing time:             Tue 30 May 2023 16:29:19 +0000
ROA not before:           Tue 30 May 2023 16:29:19 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        1.76.64.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 495 (0x1ef)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 30 16:29:19 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=BCBBBDDF00024E96B80EF8FD7B2BD66F8A350AFB
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b5:d3:75:d5:06:ea:9d:fd:ea:a7:ba:22:4e:ff:
                    9c:6d:b8:81:c8:eb:77:06:93:26:a8:d9:d8:e7:a8:
                    c1:18:b8:b1:84:22:43:97:1b:e7:ec:22:5d:1a:bc:
                    3e:68:91:a0:82:96:1e:97:db:94:db:97:00:8b:77:
                    bb:c7:aa:69:97:6f:9c:c3:41:72:dd:f4:b2:fe:10:
                    9b:2c:8b:f6:91:ee:7e:62:49:26:aa:e1:3e:69:bd:
                    64:61:f2:a1:6e:af:45:12:6a:12:d0:d0:3a:1d:04:
                    ba:88:5d:1f:e5:37:af:65:e5:b5:ec:68:2a:1e:8a:
                    64:05:a6:05:90:2e:55:45:24:e3:78:a0:ed:b2:ff:
                    cb:54:a4:0f:d8:be:19:80:03:00:79:83:6f:17:9b:
                    01:7d:0e:5d:7c:d7:bb:1a:81:29:16:0d:32:32:07:
                    87:33:db:51:70:4b:e2:a4:b5:28:b4:52:0a:a3:fb:
                    66:57:f6:2b:01:11:1a:49:e0:2c:51:e1:7a:7e:c1:
                    c4:0d:ce:18:64:dd:6e:41:52:59:e1:c7:ef:84:24:
                    cf:09:4e:1f:58:8a:ad:89:6d:86:3f:a6:5c:5f:52:
                    52:43:f7:01:40:89:64:b4:c2:60:4f:0b:31:f4:43:
                    b1:1f:4f:e3:a9:a0:8d:0b:d5:02:62:f8:22:c9:bf:
                    51:51
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BC:BB:BD:DF:00:02:4E:96:B8:0E:F8:FD:7B:2B:D6:6F:8A:35:0A:FB
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/vLu93wACTpa4Dvj9eyvWb4o1Cvs.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  1.76.64.0/21

    Signature Algorithm: sha256WithRSAEncryption
         b8:e0:15:7c:33:7a:fe:3b:58:52:34:8f:1b:86:aa:62:64:53:
         c8:fd:6c:12:42:ac:f9:fc:b7:4a:15:4a:14:3f:ab:50:84:37:
         ef:88:06:cb:03:20:50:d8:e0:96:ec:dc:01:aa:0e:0d:d5:ec:
         e3:e5:6e:e3:ef:d9:c9:5b:fd:14:37:c5:3c:f7:e4:c8:49:76:
         eb:7f:35:3f:64:96:fe:07:dc:8d:de:28:5c:b7:79:fe:7e:3c:
         4c:ec:26:d9:c7:2f:d6:d5:f4:f6:50:01:06:16:f4:34:f6:3f:
         fd:71:2a:04:a0:c1:0e:f2:b6:8d:5a:8b:d4:6d:9c:15:0c:d0:
         09:3f:8f:cc:b0:2e:35:3d:69:43:c6:15:29:96:be:60:39:7f:
         b1:c6:83:9d:65:76:01:7f:a1:07:20:aa:55:27:26:81:b3:64:
         5f:d7:ae:8c:bb:30:b0:47:51:0b:79:d0:f3:62:99:a1:91:47:
         85:b9:8d:3d:df:25:58:76:fe:c1:94:18:76:48:25:e9:a9:2f:
         28:1c:45:51:8d:e2:1b:5b:54:08:2f:2c:60:75:1f:15:87:89:
         be:58:c9:94:eb:2f:c1:9c:97:ea:20:02:e2:94:fb:58:df:0d:
         35:48:ac:5e:b4:5a:f3:4f:5f:04:07:98:cd:65:d6:90:0d:f5:
         91:73:c1:6c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAe8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MzAx
NjI5MTlaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEJDQkJCRERGMDAwMjRF
OTZCODBFRjhGRDdCMkJENjZGOEEzNTBBRkIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC103XVBuqd/eqnuiJO/5xtuIHI63cGkyao2djnqMEYuLGEIkOX
G+fsIl0avD5okaCClh6X25TblwCLd7vHqmmXb5zDQXLd9LL+EJssi/aR7n5iSSaq
4T5pvWRh8qFur0USahLQ0DodBLqIXR/lN69l5bXsaCoeimQFpgWQLlVFJON4oO2y
/8tUpA/YvhmAAwB5g28XmwF9Dl1817sagSkWDTIyB4cz21FwS+KktSi0Ugqj+2ZX
9isBERpJ4CxR4Xp+wcQNzhhk3W5BUlnhx++EJM8JTh9Yiq2JbYY/plxfUlJD9wFA
iWS0wmBPCzH0Q7EfT+OpoI0L1QJi+CLJv1FRAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUvLu93wACTpa4Dvj9eyvWb4o1CvswHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3ZMdTkzd0FDVHBhNER2ajlleXZXYjRvMUN2cy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAMBTEAwDQYJKoZIhvcNAQELBQADggEBALjgFXwzev47WFI0jxuGqmJkU8j9
bBJCrPn8t0oVShQ/q1CEN++IBssDIFDY4Jbs3AGqDg3V7OPlbuPv2clb/RQ3xTz3
5MhJdut/NT9klv4H3I3eKFy3ef5+PEzsJtnHL9bV9PZQAQYW9DT2P/1xKgSgwQ7y
to1ai9RtnBUM0Ak/j8ywLjU9aUPGFSmWvmA5f7HGg51ldgF/oQcgqlUnJoGzZF/X
roy7MLBHUQt50PNimaGRR4W5jT3fJVh2/sGUGHZIJempLygcRVGN4htbVAgvLGB1
HxWHib5YyZTrL8Gcl+ogAuKU+1jfDTVIrF60WvNPXwQHmM1l1pAN9ZFzwWw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:03 2024 by rpki-client on console-ams.rpki-client.org