Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/xewNSceJiXebt9jMafP1Be4Od6Q.roa
File:                     xewNSceJiXebt9jMafP1Be4Od6Q.roa (raw, json)
Hash identifier:          /JNgclsAax61evarasLifIBjrwbJjSikGHNlcvaZkEI=
Subject key identifier:   C5:EC:0D:49:C7:89:89:77:9B:B7:D8:CC:69:F3:F5:05:EE:0E:77:A4
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       03D2
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/xewNSceJiXebt9jMafP1Be4Od6Q.roa
Signing time:             Tue 06 Jun 2023 16:03:04 +0000
ROA not before:           Tue 06 Jun 2023 16:03:04 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.104.10.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 978 (0x3d2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  6 16:03:04 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=C5EC0D49C78989779BB7D8CC69F3F505EE0E77A4
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:a8:6f:b3:3d:6c:db:14:be:24:36:a5:20:6a:
                    e1:0a:52:23:12:02:fa:eb:c0:2a:94:1d:8d:e4:dd:
                    36:1e:f6:a0:7d:85:c9:eb:e6:d2:ff:56:b6:4a:47:
                    dc:d7:15:1a:da:62:47:35:e8:d4:29:d2:be:52:0a:
                    ff:50:c0:50:d6:ec:26:f5:75:a1:c2:d8:03:c5:f4:
                    8c:cb:71:2d:2a:a4:03:f9:d5:ad:4f:4a:69:8f:c4:
                    de:9d:71:40:5d:6d:e0:16:82:bc:11:1c:ed:3d:65:
                    a6:70:05:f5:e9:ec:61:01:dc:f6:c3:14:b8:28:b4:
                    ec:99:9b:d9:66:c8:56:8e:d5:3e:00:f9:71:0d:ce:
                    7f:0b:50:87:4b:8b:0b:d7:83:59:6e:e4:fd:c3:64:
                    26:fe:98:9f:cb:3d:a8:f0:0d:b3:88:46:c7:64:a3:
                    cf:78:ba:0a:2b:11:1d:97:9a:14:17:9a:b7:ed:c1:
                    0a:c0:a7:84:c8:c7:8f:44:a7:38:7e:86:d4:e4:89:
                    49:4d:8a:44:91:7d:99:0c:51:e4:31:39:a7:c9:05:
                    7d:07:b2:13:62:70:58:76:85:7f:ab:c9:11:1c:e4:
                    63:3b:17:36:24:bf:50:7c:ed:a8:21:6e:e1:8d:45:
                    e0:68:9d:17:6a:77:24:89:e7:c5:a6:e0:db:90:61:
                    25:57
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C5:EC:0D:49:C7:89:89:77:9B:B7:D8:CC:69:F3:F5:05:EE:0E:77:A4
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/xewNSceJiXebt9jMafP1Be4Od6Q.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.104.10.0/24

    Signature Algorithm: sha256WithRSAEncryption
         7e:bb:a6:39:31:55:6c:5f:b0:d2:7b:50:36:f6:ca:2b:d0:8b:
         5b:c6:55:56:ae:9b:bc:91:0a:f5:2c:d9:6c:b5:85:69:d3:a8:
         0f:da:61:d6:aa:87:59:d6:05:ac:69:ff:55:78:64:03:1b:54:
         f0:77:02:d4:d3:04:38:06:7f:a0:da:e4:36:f1:06:4d:18:4c:
         35:77:19:07:e8:f0:40:8b:7f:eb:39:6f:d9:06:62:75:fb:aa:
         a6:13:c3:5d:97:bb:e3:3a:2e:e7:76:29:6d:bf:9e:fd:e4:1b:
         94:a4:41:90:85:08:b5:ba:96:83:97:b9:9b:da:39:7e:38:d0:
         78:ae:83:c7:5f:51:ba:62:f4:6b:98:5d:ff:e2:ac:65:a6:ec:
         23:3e:f4:32:c3:ff:d9:e8:a4:c7:d6:3f:78:32:e0:01:25:aa:
         59:f2:5e:0c:0f:34:3e:67:f6:f5:a7:4e:f7:74:bf:a6:14:b0:
         39:6e:44:0c:64:5a:c2:05:ab:a6:d5:de:17:1d:c7:13:bc:c3:
         9b:37:28:88:21:23:c6:11:c3:bb:2f:f7:b0:90:18:86:13:c7:
         28:c9:85:0c:b5:c6:55:09:c3:9b:57:28:51:46:33:59:08:31:
         b6:31:58:36:42:bc:68:bc:21:53:90:03:48:7a:dc:77:ce:1d:
         f8:8e:a4:09
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICA9IwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDYx
NjAzMDRaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEM1RUMwRDQ5Qzc4OTg5
Nzc5QkI3RDhDQzY5RjNGNTA1RUUwRTc3QTQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCyqG+zPWzbFL4kNqUgauEKUiMSAvrrwCqUHY3k3TYe9qB9hcnr
5tL/VrZKR9zXFRraYkc16NQp0r5SCv9QwFDW7Cb1daHC2APF9IzLcS0qpAP51a1P
SmmPxN6dcUBdbeAWgrwRHO09ZaZwBfXp7GEB3PbDFLgotOyZm9lmyFaO1T4A+XEN
zn8LUIdLiwvXg1lu5P3DZCb+mJ/LPajwDbOIRsdko894ugorER2XmhQXmrftwQrA
p4TIx49Epzh+htTkiUlNikSRfZkMUeQxOafJBX0HshNicFh2hX+ryREc5GM7FzYk
v1B87aghbuGNReBonRdqdySJ58Wm4NuQYSVXAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUxewNSceJiXebt9jMafP1Be4Od6QwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3hld05TY2VKaVhlYnQ5ak1hZlAxQmU0T2Q2US5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxaAowDQYJKoZIhvcNAQELBQADggEBAH67pjkxVWxfsNJ7UDb2yivQi1vG
VVaum7yRCvUs2Wy1hWnTqA/aYdaqh1nWBaxp/1V4ZAMbVPB3AtTTBDgGf6Da5Dbx
Bk0YTDV3GQfo8ECLf+s5b9kGYnX7qqYTw12Xu+M6Lud2KW2/nv3kG5SkQZCFCLW6
loOXuZvaOX440Hiug8dfUbpi9GuYXf/irGWm7CM+9DLD/9nopMfWP3gy4AElqlny
XgwPND5n9vWnTvd0v6YUsDluRAxkWsIFq6bV3hcdxxO8w5s3KIghI8YRw7sv97CQ
GIYTxyjJhQy1xlUJw5tXKFFGM1kIMbYxWDZCvGi8IVOQA0h63HfOHfiOpAk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:03 2024 by rpki-client on console-ams.rpki-client.org