Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/0uHeBwKLe3q6aH6ufhd3KCKG_ZA.roa
File:                     0uHeBwKLe3q6aH6ufhd3KCKG_ZA.roa (raw, json)
Hash identifier:          o1iUkhjB/ujuxCEVjIvl8O8aur2sC+Ld5bG2NKJNRCM=
Subject key identifier:   D2:E1:DE:07:02:8B:7B:7A:BA:68:7E:AE:7E:17:77:28:22:86:FD:90
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       031C
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/0uHeBwKLe3q6aH6ufhd3KCKG_ZA.roa
Signing time:             Thu 01 Jun 2023 16:05:34 +0000
ROA not before:           Thu 01 Jun 2023 16:05:34 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.42.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 796 (0x31c)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  1 16:05:34 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=D2E1DE07028B7B7ABA687EAE7E1777282286FD90
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cb:f3:77:4b:47:96:fc:6b:e2:20:88:be:41:92:
                    57:89:30:b2:31:c4:97:a7:30:1a:23:74:b5:27:a2:
                    45:2a:f0:fd:97:05:f4:72:6c:df:62:66:8b:aa:03:
                    a1:3a:ce:cc:b0:3e:c1:66:e2:0d:f1:22:71:a9:3c:
                    0a:fc:e3:1b:87:53:3a:f3:a5:30:16:e9:a4:3d:94:
                    83:fb:87:cf:1f:53:5d:5c:b0:e8:71:6b:f4:38:55:
                    fe:59:32:b2:66:02:45:26:cb:cc:f7:7a:96:32:15:
                    ce:3e:02:12:30:a2:6d:37:fe:95:ee:83:c3:f4:ec:
                    64:84:de:fb:cd:f6:c4:5e:da:a0:87:e8:3f:72:bd:
                    06:7d:e2:5b:f9:de:fb:32:b8:50:ff:13:c5:93:2d:
                    e9:58:b1:89:2c:73:1d:15:ab:d0:55:68:d5:0f:42:
                    f3:ce:e6:c1:2c:03:ba:c5:51:10:d5:63:de:e1:01:
                    78:14:53:cf:24:75:c4:ad:0b:50:1f:0e:d9:ef:67:
                    2a:43:93:42:e6:58:af:8f:39:62:06:8d:da:f9:25:
                    dc:92:4e:7b:36:0d:33:bd:d4:ce:6e:7c:6e:55:ae:
                    7e:ac:87:aa:1b:60:4a:91:da:32:4d:10:a3:85:a7:
                    67:67:a4:a5:19:b9:e1:95:f5:e1:2a:86:6a:f3:d8:
                    fb:73
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:E1:DE:07:02:8B:7B:7A:BA:68:7E:AE:7E:17:77:28:22:86:FD:90
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/0uHeBwKLe3q6aH6ufhd3KCKG_ZA.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.42.0/23

    Signature Algorithm: sha256WithRSAEncryption
         65:66:ac:25:21:cc:53:c9:98:56:a2:09:82:5e:62:2e:0d:a6:
         b1:cd:d1:58:16:ab:33:09:d9:d6:c1:4a:41:23:24:c0:fd:16:
         1b:91:39:55:9c:f6:f2:c4:f8:3d:e3:7b:5f:d7:59:fd:ba:7f:
         d7:f4:1c:1c:d4:0c:a0:27:dd:54:95:dc:cf:16:7d:2e:96:a0:
         44:5d:5e:58:59:b5:88:13:17:45:29:e7:0c:81:cb:67:f9:6a:
         fd:09:e0:6d:27:8c:cd:4d:a7:92:d2:1c:7d:42:4b:5e:6c:a7:
         79:84:24:7b:39:0e:e4:9f:23:ee:17:09:6c:1c:b9:72:ab:8b:
         de:1a:83:ec:8f:2c:bc:75:8d:48:49:db:11:23:f8:c0:4b:c9:
         94:25:e8:09:f5:e3:55:40:9d:d3:88:47:49:b7:a0:c5:d8:85:
         64:a1:38:29:29:c2:84:b2:39:d4:35:de:09:40:b8:8a:c8:a0:
         40:12:f4:34:ae:fa:d0:8d:aa:6d:61:2b:5b:46:7a:d7:d9:68:
         c0:13:2b:48:f2:d1:ea:65:a8:d9:1b:cc:6d:61:0e:67:d0:85:
         c8:a5:95:04:26:a0:43:d4:63:a5:27:8b:de:24:6c:fe:0f:24:
         d9:7c:51:bb:4b:08:91:b8:f1:69:d3:14:26:57:41:05:8a:30:
         a3:b2:44:7c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAxwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDEx
NjA1MzRaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKEQyRTFERTA3MDI4QjdC
N0FCQTY4N0VBRTdFMTc3NzI4MjI4NkZEOTAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDL83dLR5b8a+IgiL5BkleJMLIxxJenMBojdLUnokUq8P2XBfRy
bN9iZouqA6E6zsywPsFm4g3xInGpPAr84xuHUzrzpTAW6aQ9lIP7h88fU11csOhx
a/Q4Vf5ZMrJmAkUmy8z3epYyFc4+AhIwom03/pXug8P07GSE3vvN9sRe2qCH6D9y
vQZ94lv53vsyuFD/E8WTLelYsYkscx0Vq9BVaNUPQvPO5sEsA7rFURDVY97hAXgU
U88kdcStC1AfDtnvZypDk0LmWK+POWIGjdr5JdySTns2DTO91M5ufG5Vrn6sh6ob
YEqR2jJNEKOFp2dnpKUZueGV9eEqhmrz2PtzAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU0uHeBwKLe3q6aH6ufhd3KCKG/ZAwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzB1SGVCd0tMZTNxNmFINnVmaGQzS0NLR19aQS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExYiowDQYJKoZIhvcNAQELBQADggEBAGVmrCUhzFPJmFaiCYJeYi4NprHN
0VgWqzMJ2dbBSkEjJMD9FhuROVWc9vLE+D3je1/XWf26f9f0HBzUDKAn3VSV3M8W
fS6WoERdXlhZtYgTF0Up5wyBy2f5av0J4G0njM1Np5LSHH1CS15sp3mEJHs5DuSf
I+4XCWwcuXKri94ag+yPLLx1jUhJ2xEj+MBLyZQl6An141VAndOIR0m3oMXYhWSh
OCkpwoSyOdQ13glAuIrIoEAS9DSu+tCNqm1hK1tGetfZaMATK0jy0eplqNkbzG1h
DmfQhcillQQmoEPUY6Uni94kbP4PJNl8UbtLCJG48WnTFCZXQQWKMKOyRHw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:00 2024 by rpki-client on console-ams.rpki-client.org