Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/8J7K2_eOz0vzzl24zEuHRX8Lt2Y.roa
File:                     8J7K2_eOz0vzzl24zEuHRX8Lt2Y.roa (raw, json)
Hash identifier:          w4ZIQ0iYxINUQf75kTwJnUSm99rjBh/jJanAW+FPU/s=
Subject key identifier:   F0:9E:CA:DB:F7:8E:CF:4B:F3:CE:5D:B8:CC:4B:87:45:7F:0B:B7:66
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       8E
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/8J7K2_eOz0vzzl24zEuHRX8Lt2Y.roa
Signing time:             Wed 29 Mar 2023 16:04:58 +0000
ROA not before:           Wed 29 Mar 2023 16:04:58 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.156.0/23 maxlen: 23

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 142 (0x8e)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 29 16:04:58 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=F09ECADBF78ECF4BF3CE5DB8CC4B87457F0BB766
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:dd:3a:63:37:cf:88:da:23:48:43:f6:20:e0:
                    ec:0c:1c:d2:be:dd:47:4e:67:ab:40:f0:7b:7b:45:
                    de:15:43:d9:c4:7f:20:a9:a6:34:e3:09:7e:7e:07:
                    24:2a:bd:30:a2:c5:77:1d:d4:06:58:fb:75:92:73:
                    be:1a:92:7f:7d:0f:c7:9b:d0:eb:0d:60:98:1f:b9:
                    66:ee:26:a2:94:9c:2b:34:69:6a:60:02:71:06:0a:
                    52:11:16:5d:80:30:c0:88:a1:5a:7b:6b:9a:74:d4:
                    c7:61:99:54:7e:08:77:91:05:12:73:35:ec:e0:85:
                    8e:a4:13:83:74:48:12:17:e6:79:40:df:25:44:7e:
                    92:a2:3e:e7:83:8b:27:d4:b2:f1:f1:c1:d7:ca:59:
                    0c:db:34:b8:4f:17:3e:32:aa:65:d6:35:73:90:16:
                    ae:17:9c:13:74:a6:d0:0e:7f:01:1f:34:fb:5b:4b:
                    ab:88:96:6c:cf:d7:0b:ca:04:0c:c7:2c:f0:5e:38:
                    4d:9c:44:a3:71:a9:bc:7f:14:32:71:1c:70:a8:c9:
                    5f:17:44:7c:64:80:ee:c4:14:6e:96:35:b2:47:85:
                    90:33:b9:59:39:50:cc:bf:bd:02:9c:09:6d:e2:e4:
                    87:65:9c:fc:08:11:42:62:a8:7c:ec:0a:87:fe:d0:
                    89:b1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                F0:9E:CA:DB:F7:8E:CF:4B:F3:CE:5D:B8:CC:4B:87:45:7F:0B:B7:66
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/8J7K2_eOz0vzzl24zEuHRX8Lt2Y.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.156.0/23

    Signature Algorithm: sha256WithRSAEncryption
         7f:0a:56:ae:4c:25:81:b0:41:77:8c:11:84:d1:9d:04:41:de:
         3f:bf:24:f0:4e:58:f4:ee:96:0f:64:15:07:54:97:13:ba:5c:
         80:21:77:7d:28:5e:e5:4e:7e:74:8b:e7:f5:b4:e1:a3:83:35:
         e2:93:0a:9b:46:6a:3f:0b:e5:85:66:27:ca:b5:b8:64:ff:46:
         4c:d1:17:04:81:78:dd:cc:5a:6d:cb:72:59:33:fd:b5:94:d9:
         8a:df:fa:b1:ca:2c:74:41:85:59:59:34:3d:00:91:c2:b0:0f:
         97:d6:bf:91:a8:83:1e:eb:e4:6a:30:1a:38:5b:b6:f0:a7:85:
         8e:53:8b:02:d4:da:0e:f6:44:e8:12:55:d2:e5:ff:84:c0:04:
         7e:2f:a4:b5:a3:fe:cd:51:13:2c:1e:cd:1d:e5:8c:46:51:93:
         d7:d0:a9:46:9e:2c:1e:32:df:7d:3e:29:4d:3e:72:86:6b:f9:
         0e:b3:d5:87:35:c8:0e:d4:13:8e:ce:16:e3:48:5c:2b:e4:6b:
         2e:3a:15:1d:a8:40:33:4f:82:34:6e:6c:52:53:a0:4c:22:98:
         c5:91:ce:3e:12:df:b7:d3:9e:c6:10:6e:d8:8d:4f:85:60:54:
         10:e1:4d:ee:c8:a0:84:2b:5f:5c:53:92:04:28:e5:89:82:18:
         24:f2:c0:92
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAI4wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzAzMjkx
NjA0NThaFw0yNDAzMTQwMTMwMDJaMDMxMTAvBgNVBAMTKEYwOUVDQURCRjc4RUNG
NEJGM0NFNURCOENDNEI4NzQ1N0YwQkI3NjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDN3TpjN8+I2iNIQ/Yg4OwMHNK+3UdOZ6tA8Ht7Rd4VQ9nEfyCp
pjTjCX5+ByQqvTCixXcd1AZY+3WSc74akn99D8eb0OsNYJgfuWbuJqKUnCs0aWpg
AnEGClIRFl2AMMCIoVp7a5p01MdhmVR+CHeRBRJzNezghY6kE4N0SBIX5nlA3yVE
fpKiPueDiyfUsvHxwdfKWQzbNLhPFz4yqmXWNXOQFq4XnBN0ptAOfwEfNPtbS6uI
lmzP1wvKBAzHLPBeOE2cRKNxqbx/FDJxHHCoyV8XRHxkgO7EFG6WNbJHhZAzuVk5
UMy/vQKcCW3i5IdlnPwIEUJiqHzsCof+0ImxAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQU8J7K2/eOz0vzzl24zEuHRX8Lt2YwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5LzhKN0syX2VPejB2enpsMjR6RXVIUlg4THQyWS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAExYpwwDQYJKoZIhvcNAQELBQADggEBAH8KVq5MJYGwQXeMEYTRnQRB3j+/
JPBOWPTulg9kFQdUlxO6XIAhd30oXuVOfnSL5/W04aODNeKTCptGaj8L5YVmJ8q1
uGT/RkzRFwSBeN3MWm3Lclkz/bWU2Yrf+rHKLHRBhVlZND0AkcKwD5fWv5Gogx7r
5GowGjhbtvCnhY5TiwLU2g72ROgSVdLl/4TABH4vpLWj/s1REywezR3ljEZRk9fQ
qUaeLB4y330+KU0+coZr+Q6z1Yc1yA7UE47OFuNIXCvkay46FR2oQDNPgjRubFJT
oEwimMWRzj4S37fTnsYQbtiNT4VgVBDhTe7IoIQrX1xTkgQo5YmCGCTywJI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org