Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/DlmQeTtX8y6CWDcyzXcchEqV7Rc.roa
File:                     DlmQeTtX8y6CWDcyzXcchEqV7Rc.roa (raw, json)
Hash identifier:          0S3W9B50xxAP6oUngV/Yv3o7tsVJv99qYHFpBMDaXrg=
Subject key identifier:   0E:59:90:79:3B:57:F3:2E:82:58:37:32:CD:77:1C:84:4A:95:ED:17
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       AF
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/DlmQeTtX8y6CWDcyzXcchEqV7Rc.roa
Signing time:             Wed 29 Mar 2023 16:05:52 +0000
ROA not before:           Wed 29 Mar 2023 16:05:52 +0000
ROA not after:            Thu 14 Mar 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.180.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 175 (0xaf)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Mar 29 16:05:52 2023 GMT
            Not After : Mar 14 01:30:02 2024 GMT
        Subject: CN=0E5990793B57F32E82583732CD771C844A95ED17
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ae:68:d2:d4:d0:58:13:41:0b:e9:5c:1b:34:db:
                    49:d0:03:1b:29:f5:13:3a:72:1e:f3:3b:c3:02:c1:
                    92:05:eb:8f:8c:a7:eb:08:a3:8c:b2:e9:28:41:2e:
                    9b:ce:6a:8b:ea:42:69:6e:e5:5b:df:b5:92:6c:d8:
                    ae:5f:14:d4:37:a1:8b:27:11:5c:d4:e6:9a:a9:30:
                    50:15:06:6d:1c:11:15:33:ff:d3:ce:47:78:14:00:
                    3c:1f:d9:a9:41:df:2b:e5:54:6c:ac:a0:ff:4f:dd:
                    6f:29:54:6b:ee:bd:be:e1:3e:45:d1:5e:bf:1d:ef:
                    5e:78:6c:e0:49:fe:3f:46:49:73:fe:a3:d0:26:32:
                    6d:d6:6c:36:f4:41:c4:2f:e9:67:a5:b0:41:71:b0:
                    e3:ce:df:73:00:45:cc:bf:32:20:63:d2:6e:e7:c5:
                    b6:68:6f:9b:8e:4b:e9:bd:e2:43:56:04:8a:dc:b8:
                    64:73:a2:73:3f:d3:5f:69:3c:62:d5:41:96:e2:51:
                    7a:dd:99:2d:38:36:7c:06:70:b1:5b:03:b3:22:7b:
                    23:52:59:50:4d:44:d7:d7:b9:6d:66:a8:59:b1:ee:
                    6f:9a:83:e6:0e:64:01:56:fd:ba:6f:ac:28:1c:62:
                    e6:a8:ce:8e:82:41:b8:83:f0:27:17:08:12:3a:e7:
                    9a:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0E:59:90:79:3B:57:F3:2E:82:58:37:32:CD:77:1C:84:4A:95:ED:17
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/DlmQeTtX8y6CWDcyzXcchEqV7Rc.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.180.0/22

    Signature Algorithm: sha256WithRSAEncryption
         2d:51:24:e7:fb:eb:bc:33:a3:4e:f2:c0:a3:fe:12:5b:c5:7d:
         7c:2e:3d:fb:1b:70:1c:4c:30:fb:9f:d6:85:a6:3d:92:c4:b2:
         e5:16:57:f6:ee:cb:b4:df:da:62:9b:7b:a9:7e:f8:3b:96:1c:
         43:4b:a5:8b:59:a7:d5:ac:89:46:f1:11:8a:1e:c0:04:3c:a0:
         dc:f8:7e:37:a8:7c:fe:5f:87:01:be:d0:b4:f7:60:de:a5:e1:
         82:f7:cc:a2:6a:17:68:09:ee:c2:d1:3d:9c:10:92:54:09:ea:
         90:fd:42:82:5e:bd:74:76:0e:3a:4e:c0:02:fe:35:a2:32:68:
         a6:fa:48:d0:d5:5e:da:bb:33:10:e1:eb:89:ad:c2:1f:cb:7c:
         9c:95:ef:8a:7b:b6:d8:09:94:87:87:a6:dc:49:05:8d:d2:85:
         12:26:0e:57:e9:3c:1d:16:67:7b:fb:10:20:fc:3c:55:a7:02:
         69:02:5c:e9:83:cb:15:fa:10:07:3a:37:1a:49:c3:70:40:59:
         0e:2d:5e:c4:ba:38:ad:c9:12:0a:37:a1:8f:3d:94:35:34:85:
         17:43:f9:03:ff:30:af:0f:63:bf:5c:ca:9c:fb:9c:9c:2d:0f:
         b6:b6:c4:76:22:33:5d:3d:bf:71:10:d5:15:4b:af:33:39:ac:
         58:36:34:f8
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAK8wDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzAzMjkx
NjA1NTJaFw0yNDAzMTQwMTMwMDJaMDMxMTAvBgNVBAMTKDBFNTk5MDc5M0I1N0Yz
MkU4MjU4MzczMkNENzcxQzg0NEE5NUVEMTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCuaNLU0FgTQQvpXBs020nQAxsp9RM6ch7zO8MCwZIF64+Mp+sI
o4yy6ShBLpvOaovqQmlu5VvftZJs2K5fFNQ3oYsnEVzU5pqpMFAVBm0cERUz/9PO
R3gUADwf2alB3yvlVGysoP9P3W8pVGvuvb7hPkXRXr8d7154bOBJ/j9GSXP+o9Am
Mm3WbDb0QcQv6WelsEFxsOPO33MARcy/MiBj0m7nxbZob5uOS+m94kNWBIrcuGRz
onM/019pPGLVQZbiUXrdmS04NnwGcLFbA7MieyNSWVBNRNfXuW1mqFmx7m+ag+YO
ZAFW/bpvrCgcYuaozo6CQbiD8CcXCBI655qdAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUDlmQeTtX8y6CWDcyzXcchEqV7RcwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0RsbVFlVHRYOHk2Q1dEY3l6WGNjaEVxVjdSYy5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxYrQwDQYJKoZIhvcNAQELBQADggEBAC1RJOf767wzo07ywKP+ElvFfXwu
PfsbcBxMMPuf1oWmPZLEsuUWV/buy7Tf2mKbe6l++DuWHENLpYtZp9WsiUbxEYoe
wAQ8oNz4fjeofP5fhwG+0LT3YN6l4YL3zKJqF2gJ7sLRPZwQklQJ6pD9QoJevXR2
DjpOwAL+NaIyaKb6SNDVXtq7MxDh64mtwh/LfJyV74p7ttgJlIeHptxJBY3ShRIm
DlfpPB0WZ3v7ECD8PFWnAmkCXOmDyxX6EAc6NxpJw3BAWQ4tXsS6OK3JEgo3oY89
lDU0hRdD+QP/MK8PY79cypz7nJwtD7a2xHYiM109v3EQ1RVLrzM5rFg2NPg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:01 2024 by rpki-client on console-ams.rpki-client.org