Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/vk8lIKUsuyJoBWGQgCYaYvUQafk.roa
File:                     vk8lIKUsuyJoBWGQgCYaYvUQafk.roa (raw, json)
Hash identifier:          bLlR4PW01lAAysHa0VionyxbRErFgdjOhgKk6DgZ7SI=
Subject key identifier:   BE:4F:25:20:A5:2C:BB:22:68:05:61:90:80:26:1A:62:F5:10:69:F9
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       02CD
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/vk8lIKUsuyJoBWGQgCYaYvUQafk.roa
Signing time:             Tue 30 May 2023 17:18:22 +0000
ROA not before:           Tue 30 May 2023 17:18:22 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        211.14.64.0/21 maxlen: 21

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 717 (0x2cd)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: May 30 17:18:22 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=BE4F2520A52CBB226805619080261A62F51069F9
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:dd:cf:ff:28:ea:54:52:78:50:fc:a0:f2:ac:9a:
                    41:85:1d:6c:07:ea:8b:64:61:11:75:67:fd:93:9b:
                    40:33:42:10:a0:94:b8:e3:ff:19:74:cc:c3:87:6f:
                    aa:2e:c5:6a:b8:37:d3:45:e0:cf:b5:55:cd:59:54:
                    30:14:3e:fd:1e:b7:b6:f4:ef:d1:5c:7b:ad:29:43:
                    89:fb:fb:ed:91:8e:92:54:2e:b1:1b:51:92:81:43:
                    3f:a6:71:0c:5f:69:19:c1:ab:9f:27:6e:62:20:8f:
                    f8:87:b0:42:1e:aa:6e:43:e3:6a:3f:f0:9e:28:8a:
                    46:2d:3b:e1:b3:e8:b4:60:0b:f1:0a:c7:14:0a:2a:
                    f2:df:fb:f1:76:ae:3c:0e:3c:88:ae:00:d2:80:f4:
                    3f:b9:e6:b4:0a:6f:c8:ca:e2:65:5b:6e:49:ad:bc:
                    44:01:20:d8:b9:50:78:04:6b:bb:3c:e4:c9:57:18:
                    d5:d1:1e:27:c2:a1:6b:93:4b:c5:d8:9a:20:f9:28:
                    9b:39:88:f9:de:18:6d:e2:ad:ff:af:fb:3a:cc:db:
                    2d:4a:f8:b5:1c:70:97:44:33:ce:bb:35:7c:d0:78:
                    40:63:89:f9:36:11:be:9e:dd:d2:06:a0:6d:6e:4c:
                    28:a1:63:b6:eb:f3:0d:fc:60:a3:a5:08:38:76:7e:
                    ca:e3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BE:4F:25:20:A5:2C:BB:22:68:05:61:90:80:26:1A:62:F5:10:69:F9
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/vk8lIKUsuyJoBWGQgCYaYvUQafk.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  211.14.64.0/21

    Signature Algorithm: sha256WithRSAEncryption
         7e:19:1d:0f:da:52:85:8d:70:fd:5f:aa:d6:74:a0:e4:bd:b4:
         5b:dd:65:85:fa:25:74:63:55:6d:fb:fd:27:79:b8:8b:12:3a:
         32:a1:46:0d:2c:21:8b:4f:ab:54:78:f0:a3:50:6d:46:ba:e5:
         93:50:d6:7f:9b:3f:58:0f:a9:55:5d:e6:d2:06:7e:90:ea:0d:
         2c:10:45:4e:4f:a0:b0:3b:ea:51:c7:f2:e7:58:ca:ae:9e:37:
         00:d5:cc:91:f5:31:64:97:1e:22:93:5d:c0:3d:f4:17:f5:c0:
         1f:bf:3e:b7:78:77:22:a6:d6:8e:a2:89:88:dc:6f:9b:8e:51:
         85:70:dd:51:bf:ad:ff:57:0a:8e:3d:cb:c8:a3:cf:72:eb:24:
         0f:da:6a:a9:30:21:de:05:54:22:68:bd:1f:b1:ec:bd:c0:ff:
         fc:ee:77:0d:f9:4a:7b:5c:3c:e4:3f:83:78:3f:88:16:b4:e1:
         5d:b3:46:91:9b:8f:7c:a3:7b:b3:70:17:16:bf:91:d3:ec:1d:
         29:35:54:f0:a4:50:af:b0:f9:48:ea:2d:6c:de:7b:a5:d2:51:
         c2:36:c3:ca:05:a2:5f:d6:8d:29:3e:ea:9b:8d:e0:ab:09:a3:
         81:04:47:0c:c8:e8:1d:9a:ba:c3:71:2c:82:c8:c6:4f:ae:3e:
         6f:a3:eb:70
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAs0wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA1MzAx
NzE4MjJaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEJFNEYyNTIwQTUyQ0JC
MjI2ODA1NjE5MDgwMjYxQTYyRjUxMDY5RjkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDdz/8o6lRSeFD8oPKsmkGFHWwH6otkYRF1Z/2Tm0AzQhCglLjj
/xl0zMOHb6ouxWq4N9NF4M+1Vc1ZVDAUPv0et7b079Fce60pQ4n7++2RjpJULrEb
UZKBQz+mcQxfaRnBq58nbmIgj/iHsEIeqm5D42o/8J4oikYtO+Gz6LRgC/EKxxQK
KvLf+/F2rjwOPIiuANKA9D+55rQKb8jK4mVbbkmtvEQBINi5UHgEa7s85MlXGNXR
HifCoWuTS8XYmiD5KJs5iPneGG3irf+v+zrM2y1K+LUccJdEM867NXzQeEBjifk2
Eb6e3dIGoG1uTCihY7br8w38YKOlCDh2fsrjAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUvk8lIKUsuyJoBWGQgCYaYvUQafkwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3ZrOGxJS1VzdXlKb0JXR1FnQ1lhWXZVUWFmay5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAPTDkAwDQYJKoZIhvcNAQELBQADggEBAH4ZHQ/aUoWNcP1fqtZ0oOS9tFvd
ZYX6JXRjVW37/Sd5uIsSOjKhRg0sIYtPq1R48KNQbUa65ZNQ1n+bP1gPqVVd5tIG
fpDqDSwQRU5PoLA76lHH8udYyq6eNwDVzJH1MWSXHiKTXcA99Bf1wB+/Prd4dyKm
1o6iiYjcb5uOUYVw3VG/rf9XCo49y8ijz3LrJA/aaqkwId4FVCJovR+x7L3A//zu
dw35SntcPOQ/g3g/iBa04V2zRpGbj3yje7NwFxa/kdPsHSk1VPCkUK+w+UjqLWze
e6XSUcI2w8oFol/WjSk+6puN4KsJo4EERwzI6B2ausNxLILIxk+uPm+j63A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:03 2024 by rpki-client on console-ams.rpki-client.org