Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/D8HHZOWq5jfa6o-7r_q1ruiDlpc.roa
File:                     D8HHZOWq5jfa6o-7r_q1ruiDlpc.roa (raw, json)
Hash identifier:          eTDhvRI9qhueI/QqJ0KNFS5kC07Z3fT59yHa6AtAGZU=
Subject key identifier:   0F:C1:C7:64:E5:AA:E6:37:DA:EA:8F:BB:AF:FA:B5:AE:E8:83:96:97
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       BF
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/D8HHZOWq5jfa6o-7r_q1ruiDlpc.roa
Signing time:             Wed 29 Mar 2023 16:08:54 +0000
ROA not before:           Wed 29 Mar 2023 16:08:54 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.132.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 191 (0xbf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 29 16:08:54 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=0FC1C764E5AAE637DAEA8FBBAFFAB5AEE8839697
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9f:fd:67:26:69:1b:1a:07:75:32:72:ed:87:7c:
                    b8:07:8a:0d:54:32:ec:9a:e7:86:f3:84:db:3f:32:
                    0d:ca:a2:2e:0e:17:b3:be:1f:76:77:df:5b:8b:33:
                    ec:b9:92:54:54:f6:0d:2a:34:4c:eb:30:22:d7:d5:
                    1d:70:9a:a9:b3:ad:bf:41:07:1b:8f:c8:8a:2d:02:
                    46:93:e2:ca:ec:1b:6a:4a:a2:65:50:c5:c9:8a:45:
                    f0:f5:41:2a:f1:49:3b:be:76:98:f8:ee:d4:17:f0:
                    fa:e4:a5:64:9c:14:6a:83:4a:85:2a:03:86:5d:ff:
                    d6:a3:ed:15:3d:8e:56:00:a0:86:ba:ce:c8:89:bf:
                    16:7c:43:53:f7:24:43:b3:26:a9:ff:ff:08:3d:05:
                    e8:b2:a1:7a:56:d6:ea:e0:3d:2f:1e:36:69:24:dd:
                    1b:d2:b1:6f:92:4e:72:88:bf:cd:b8:9b:bc:0c:ed:
                    0b:cc:fd:02:46:34:17:83:0d:fa:b6:a9:19:92:64:
                    45:c7:7e:4c:a1:c0:8e:5e:d6:e0:5e:ef:2f:83:1d:
                    39:b4:82:79:95:12:44:35:65:f7:07:4d:83:0f:bb:
                    45:76:e7:e5:1e:81:04:00:fc:19:eb:9b:f1:2a:a4:
                    6c:b7:c6:9c:79:00:0a:f4:d6:8c:ad:9d:e6:a9:78:
                    12:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0F:C1:C7:64:E5:AA:E6:37:DA:EA:8F:BB:AF:FA:B5:AE:E8:83:96:97
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/D8HHZOWq5jfa6o-7r_q1ruiDlpc.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.132.0/22

    Signature Algorithm: sha256WithRSAEncryption
         38:1d:8a:00:81:92:c0:57:be:b3:a4:c3:22:6b:55:ec:cb:44:
         61:6a:04:c3:c5:a8:22:c9:4a:2d:a7:19:22:66:b0:44:04:13:
         86:6e:7d:35:43:c7:13:a1:63:74:14:c4:7d:69:96:f6:bb:e8:
         88:cb:5f:d9:d4:8d:e4:2d:09:84:0a:86:ec:f1:22:25:c4:c1:
         3a:06:fb:5b:3a:d2:98:3b:9c:78:57:cf:c5:7f:bb:5b:d8:1d:
         7d:f6:76:1b:d6:0c:77:4e:ba:9c:82:02:40:8b:26:7d:2d:c8:
         7f:b2:03:4f:6f:c7:99:09:27:39:d6:8c:d1:7e:62:97:e7:f9:
         45:19:bc:f7:2d:10:da:94:9f:01:63:87:93:d0:55:27:c5:5a:
         b1:28:95:b4:86:9c:14:54:6b:71:17:91:f0:55:8c:92:dd:b3:
         a6:c3:38:42:8b:df:72:e3:2a:76:5a:cf:29:de:4f:a5:eb:bd:
         62:fa:50:5f:c7:49:64:ba:8c:db:a9:74:5e:a4:d7:1d:65:8e:
         76:22:9a:7d:c8:34:42:5f:f6:31:fc:90:6c:09:15:f5:bd:55:
         50:98:43:0f:9f:8e:46:7a:50:f9:95:70:0e:1e:6f:6f:7a:22:
         c2:2d:5f:f6:1d:80:bd:e0:ad:68:69:3c:df:31:53:35:d2:40:
         37:b2:ca:59
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAL8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzAzMjkx
NjA4NTRaFw0yNDAzMTQwMTMwMDJaMDMxMTAvBgNVBAMTKDBGQzFDNzY0RTVBQUU2
MzdEQUVBOEZCQkFGRkFCNUFFRTg4Mzk2OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCf/WcmaRsaB3Uycu2HfLgHig1UMuya54bzhNs/Mg3Koi4OF7O+
H3Z331uLM+y5klRU9g0qNEzrMCLX1R1wmqmzrb9BBxuPyIotAkaT4srsG2pKomVQ
xcmKRfD1QSrxSTu+dpj47tQX8PrkpWScFGqDSoUqA4Zd/9aj7RU9jlYAoIa6zsiJ
vxZ8Q1P3JEOzJqn//wg9BeiyoXpW1urgPS8eNmkk3RvSsW+STnKIv824m7wM7QvM
/QJGNBeDDfq2qRmSZEXHfkyhwI5e1uBe7y+DHTm0gnmVEkQ1ZfcHTYMPu0V25+Ue
gQQA/Bnrm/EqpGy3xpx5AAr01oytneapeBINAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUD8HHZOWq5jfa6o+7r/q1ruiDlpcwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0Q4SEhaT1dxNWpmYTZvLTdyX3ExcnVpRGxwYy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxYoQwDQYJKoZIhvcNAQELBQADggEBADgdigCBksBXvrOkwyJrVezLRGFq
BMPFqCLJSi2nGSJmsEQEE4ZufTVDxxOhY3QUxH1plva76IjLX9nUjeQtCYQKhuzx
IiXEwToG+1s60pg7nHhXz8V/u1vYHX32dhvWDHdOupyCAkCLJn0tyH+yA09vx5kJ
JznWjNF+Ypfn+UUZvPctENqUnwFjh5PQVSfFWrEolbSGnBRUa3EXkfBVjJLds6bD
OEKL33LjKnZazyneT6XrvWL6UF/HSWS6jNupdF6k1x1ljnYimn3INEJf9jH8kGwJ
FfW9VVCYQw+fjkZ6UPmVcA4eb296IsItX/YdgL3grWhpPN8xUzXSQDeyylk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:40:51 2024 by rpki-client on console-fra.rpki-client.org