Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/xpJKd5rhvwfMXP9asVY5d4aMnF0.roa
File:                     xpJKd5rhvwfMXP9asVY5d4aMnF0.roa (raw, json)
Hash identifier:          wlE+Xi3W37KzXuX0gH/IZxp9sMdXDyCJ+qTNKpClfcc=
Subject key identifier:   C6:92:4A:77:9A:E1:BF:07:CC:5C:FF:5A:B1:56:39:77:86:8C:9C:5D
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       031B
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/xpJKd5rhvwfMXP9asVY5d4aMnF0.roa
Signing time:             Thu 01 Jun 2023 16:05:34 +0000
ROA not before:           Thu 01 Jun 2023 16:05:34 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.102.0.0/17 maxlen: 17

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 795 (0x31b)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  1 16:05:34 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=C6924A779AE1BF07CC5CFF5AB1563977868C9C5D
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c8:17:8a:7f:e7:f5:b9:34:5a:97:bf:ec:4a:e0:
                    58:c4:cb:ac:25:0a:3e:86:72:53:02:b3:bd:85:02:
                    06:e6:e3:7d:42:29:ab:d1:fe:78:42:88:3e:70:21:
                    9f:98:c8:76:02:1f:26:1d:fa:8c:af:7e:8a:d3:76:
                    53:04:a5:0e:14:e1:d1:aa:94:66:cd:18:e6:5f:0d:
                    a5:46:87:0b:b9:0a:37:35:26:25:29:84:20:50:05:
                    93:68:17:09:82:a8:1f:11:03:46:30:dd:f6:3e:75:
                    e2:b3:5b:b1:e6:81:c2:54:6b:af:ae:8c:dc:1c:fb:
                    19:93:e7:92:62:33:29:71:bb:10:38:f5:3f:f8:80:
                    44:45:a5:d0:4d:46:02:ac:aa:87:d1:84:57:16:29:
                    e6:a4:24:9b:d8:f6:51:bd:2a:48:71:d6:59:51:74:
                    70:92:04:fd:59:82:5d:21:ad:48:14:2a:28:bc:5c:
                    0f:31:8f:50:79:49:53:06:84:64:ce:00:b2:13:35:
                    61:3b:2f:2d:17:d4:7a:0a:c7:e9:50:d7:6b:43:84:
                    f9:f5:99:fd:6d:24:eb:68:dc:a6:b7:d6:9f:59:52:
                    73:43:cd:f4:a5:d7:14:48:8c:c7:6e:2a:bd:18:ca:
                    ea:1d:84:73:4f:08:1b:b0:6d:b2:f2:ce:bb:ca:70:
                    18:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                C6:92:4A:77:9A:E1:BF:07:CC:5C:FF:5A:B1:56:39:77:86:8C:9C:5D
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/xpJKd5rhvwfMXP9asVY5d4aMnF0.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.102.0.0/17

    Signature Algorithm: sha256WithRSAEncryption
         c8:bc:a5:6a:c0:93:5b:17:7c:48:5e:f9:14:fe:ac:3d:da:73:
         e0:5e:84:29:22:c1:81:88:fc:57:41:85:ab:75:92:19:0a:58:
         48:f5:d2:ec:cc:e0:b7:86:b0:7c:f2:e3:db:0d:27:04:77:0b:
         84:b3:94:83:ce:ef:f8:a4:fd:55:1e:fc:9c:6d:9d:37:fc:ff:
         dc:9a:e2:e6:70:32:f7:d0:25:06:fc:a1:7d:f0:b0:bf:01:37:
         ab:b4:4b:1b:05:67:b9:c3:90:4d:88:ad:3d:ce:81:d5:e1:17:
         a3:e3:40:57:ce:0e:ec:d2:20:86:c3:14:24:14:c5:f8:9f:e4:
         27:85:f1:70:c1:0f:00:44:38:de:05:1e:39:c8:7d:78:84:52:
         38:ef:ce:35:06:54:a3:bb:72:9d:87:1c:74:2a:0e:bc:25:ed:
         83:5c:71:e7:0b:8f:44:01:01:41:ec:51:df:b5:62:0b:06:5f:
         ea:7e:20:51:ff:80:1f:6e:22:fd:0b:51:68:84:fa:4c:1b:c3:
         92:a3:69:2e:75:a8:a2:2c:ca:d1:f0:8d:f7:a2:c8:c7:a4:33:
         b6:c0:c5:10:85:35:b0:f2:b0:0b:55:c1:a3:a4:4b:1d:58:d7:
         72:4c:be:9c:2e:63:25:64:e2:50:09:f7:23:c6:e1:6d:06:35:
         30:44:da:e4
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAxswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDEx
NjA1MzRaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEM2OTI0QTc3OUFFMUJG
MDdDQzVDRkY1QUIxNTYzOTc3ODY4QzlDNUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDIF4p/5/W5NFqXv+xK4FjEy6wlCj6GclMCs72FAgbm431CKavR
/nhCiD5wIZ+YyHYCHyYd+oyvforTdlMEpQ4U4dGqlGbNGOZfDaVGhwu5Cjc1JiUp
hCBQBZNoFwmCqB8RA0Yw3fY+deKzW7HmgcJUa6+ujNwc+xmT55JiMylxuxA49T/4
gERFpdBNRgKsqofRhFcWKeakJJvY9lG9Kkhx1llRdHCSBP1Zgl0hrUgUKii8XA8x
j1B5SVMGhGTOALITNWE7Ly0X1HoKx+lQ12tDhPn1mf1tJOto3Ka31p9ZUnNDzfSl
1xRIjMduKr0YyuodhHNPCBuwbbLyzrvKcBj9AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUxpJKd5rhvwfMXP9asVY5d4aMnF0wHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3hwSktkNXJodndmTVhQOWFzVlk1ZDRhTW5GMC5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAcxZgAwDQYJKoZIhvcNAQELBQADggEBAMi8pWrAk1sXfEhe+RT+rD3ac+Be
hCkiwYGI/FdBhat1khkKWEj10uzM4LeGsHzy49sNJwR3C4SzlIPO7/ik/VUe/Jxt
nTf8/9ya4uZwMvfQJQb8oX3wsL8BN6u0SxsFZ7nDkE2IrT3OgdXhF6PjQFfODuzS
IIbDFCQUxfif5CeF8XDBDwBEON4FHjnIfXiEUjjvzjUGVKO7cp2HHHQqDrwl7YNc
cecLj0QBAUHsUd+1YgsGX+p+IFH/gB9uIv0LUWiE+kwbw5KjaS51qKIsytHwjfei
yMekM7bAxRCFNbDysAtVwaOkSx1Y13JMvpwuYyVk4lAJ9yPG4W0GNTBE2uQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:52 2024 by rpki-client on console-fra.rpki-client.org