Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/yxJ8hy3fpEnbunBVmOFwHC3mAQs.roa
File:                     yxJ8hy3fpEnbunBVmOFwHC3mAQs.roa (raw, json)
Hash identifier:          3MZqY6upJ8J7DResbtlGBEOKiiRA4QVuDBbQTSorfNo=
Subject key identifier:   CB:12:7C:87:2D:DF:A4:49:DB:BA:70:55:98:E1:70:1C:2D:E6:01:0B
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       034D
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/yxJ8hy3fpEnbunBVmOFwHC3mAQs.roa
Signing time:             Thu 01 Jun 2023 17:56:28 +0000
ROA not before:           Thu 01 Jun 2023 17:56:28 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.106.202.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 845 (0x34d)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  1 17:56:28 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=CB127C872DDFA449DBBA705598E1701C2DE6010B
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a9:59:6e:a3:9e:e2:cc:2d:e0:40:99:4d:04:e5:
                    a8:88:f5:f5:2f:2c:70:05:83:33:f8:49:87:cf:8b:
                    0f:3c:f4:f3:4b:55:70:d9:a9:a2:0b:30:77:d8:a0:
                    f5:77:8a:48:de:28:6c:76:ae:00:61:3e:cf:a5:b3:
                    a5:30:d2:d6:7b:1e:eb:ae:29:44:d1:55:78:c5:42:
                    89:c9:8f:98:b6:9e:6a:a3:1f:81:5e:00:00:b2:2e:
                    d6:fb:97:cc:4f:64:4b:0a:57:54:40:8f:b5:d0:d6:
                    40:65:ac:0e:da:98:0a:df:58:e7:f7:46:08:f3:eb:
                    7c:3d:c8:a8:b2:73:09:70:0e:f3:09:d6:46:01:d8:
                    b3:f4:e2:28:01:ca:e0:06:67:dc:1a:94:17:87:a3:
                    c2:ef:a8:e4:5b:5e:7c:93:dd:95:2a:9d:45:88:aa:
                    04:69:8b:ed:9e:84:f9:72:74:fc:33:1e:39:60:25:
                    9b:5c:56:87:9a:4f:57:a0:98:bd:68:15:c5:ba:44:
                    f1:15:8e:c2:68:93:89:36:3d:9f:33:77:3c:96:b8:
                    10:7e:78:9e:a3:7c:df:1a:f1:ad:87:46:37:10:30:
                    77:10:93:fb:46:96:89:9c:a9:32:40:3d:ed:e2:d4:
                    15:df:02:54:78:35:0b:89:a9:ba:1a:4d:69:b4:af:
                    e2:b9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                CB:12:7C:87:2D:DF:A4:49:DB:BA:70:55:98:E1:70:1C:2D:E6:01:0B
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/yxJ8hy3fpEnbunBVmOFwHC3mAQs.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.106.202.0/23

    Signature Algorithm: sha256WithRSAEncryption
         8b:c3:e2:ad:26:90:a6:6a:0b:eb:71:b5:8b:5c:40:7e:1c:3d:
         84:7c:e5:48:ca:cb:f2:a7:90:1f:92:94:d4:75:7c:d0:32:e5:
         d1:eb:14:f8:e2:02:04:21:1d:59:d6:53:16:e1:73:ad:e4:8e:
         fd:8e:41:08:e0:bf:43:01:ef:78:e5:ae:6b:e3:12:c2:db:dc:
         cb:6a:73:24:a5:39:3c:1c:57:41:c7:1e:f2:6c:89:15:7b:c5:
         b6:27:d7:05:94:d8:88:2c:cb:99:c4:a7:2d:ce:37:68:17:70:
         e7:10:ee:b2:5a:16:f3:63:56:27:cc:c6:de:ec:7f:a2:ea:c6:
         3f:50:68:6a:a7:8c:8e:24:b0:01:f7:54:65:01:13:76:31:79:
         16:0b:41:5b:80:de:a6:02:54:9d:22:0e:04:69:fa:23:dd:22:
         33:03:83:7c:69:bd:5d:64:9a:4f:ec:78:6c:3c:8b:f9:c8:61:
         09:a6:12:40:9e:3d:be:b5:48:88:08:95:35:6b:2e:dd:19:14:
         57:fc:c1:ae:ec:86:fb:7e:d3:aa:10:03:43:d1:e7:2d:52:b0:
         a5:5f:cb:1f:64:43:11:08:29:9b:9d:63:9a:58:d0:ce:42:d6:
         08:c6:d0:0d:f8:53:07:78:6e:53:2b:17:3c:b8:0f:3c:68:d4:
         d2:32:f8:31
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICA00wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDEx
NzU2MjhaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKENCMTI3Qzg3MkRERkE0
NDlEQkJBNzA1NTk4RTE3MDFDMkRFNjAxMEIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCpWW6jnuLMLeBAmU0E5aiI9fUvLHAFgzP4SYfPiw889PNLVXDZ
qaILMHfYoPV3ikjeKGx2rgBhPs+ls6Uw0tZ7HuuuKUTRVXjFQonJj5i2nmqjH4Fe
AACyLtb7l8xPZEsKV1RAj7XQ1kBlrA7amArfWOf3Rgjz63w9yKiycwlwDvMJ1kYB
2LP04igByuAGZ9walBeHo8LvqORbXnyT3ZUqnUWIqgRpi+2ehPlydPwzHjlgJZtc
VoeaT1egmL1oFcW6RPEVjsJok4k2PZ8zdzyWuBB+eJ6jfN8a8a2HRjcQMHcQk/tG
lomcqTJAPe3i1BXfAlR4NQuJqboaTWm0r+K5AgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUyxJ8hy3fpEnbunBVmOFwHC3mAQswHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L3l4SjhoeTNmcEVuYnVuQlZtT0Z3SEMzbUFRcy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExasowDQYJKoZIhvcNAQELBQADggEBAIvD4q0mkKZqC+txtYtcQH4cPYR8
5UjKy/KnkB+SlNR1fNAy5dHrFPjiAgQhHVnWUxbhc63kjv2OQQjgv0MB73jlrmvj
EsLb3MtqcySlOTwcV0HHHvJsiRV7xbYn1wWU2Igsy5nEpy3ON2gXcOcQ7rJaFvNj
VifMxt7sf6Lqxj9QaGqnjI4ksAH3VGUBE3YxeRYLQVuA3qYCVJ0iDgRp+iPdIjMD
g3xpvV1kmk/seGw8i/nIYQmmEkCePb61SIgIlTVrLt0ZFFf8wa7shvt+06oQA0PR
5y1SsKVfyx9kQxEIKZudY5pY0M5C1gjG0A34Uwd4blMrFzy4Dzxo1NIy+DE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:52 2024 by rpki-client on console-fra.rpki-client.org