Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/I2ZIoOAXA4P9TO2kMocKMpNNxZE.roa
File:                     I2ZIoOAXA4P9TO2kMocKMpNNxZE.roa (raw, json)
Hash identifier:          BREV1RAsAJN5c2Tl9fCsKjrY9e6BeOuTcc1RbNBacR4=
Subject key identifier:   23:66:48:A0:E0:17:03:83:FD:4C:ED:A4:32:87:0A:32:93:4D:C5:91
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       02F0
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/I2ZIoOAXA4P9TO2kMocKMpNNxZE.roa
Signing time:             Thu 01 Jun 2023 16:04:37 +0000
ROA not before:           Thu 01 Jun 2023 16:04:37 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.6.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 752 (0x2f0)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  1 16:04:37 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=236648A0E0170383FD4CEDA432870A32934DC591
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b3:71:9f:ea:95:63:fd:fc:39:64:44:33:e1:63:
                    13:ce:7e:20:9b:f2:8e:2b:f9:01:81:ac:e4:20:30:
                    42:9f:8c:8b:1c:3f:2a:20:b5:c4:29:a5:b9:ad:89:
                    67:df:0c:35:97:c0:62:01:e1:b0:6b:8c:fb:7c:eb:
                    c8:e8:38:a1:08:fe:bd:49:80:c0:42:46:e5:34:08:
                    c6:7b:b6:e6:b3:e5:05:98:9c:cb:a9:5e:34:a2:02:
                    77:5b:f1:ac:0c:91:2b:eb:63:d9:a9:25:30:7a:85:
                    e7:67:d7:72:f7:9f:ec:b0:6a:cf:9a:11:f0:54:f0:
                    a0:8a:d9:d8:03:b1:ad:ab:25:bc:33:2e:42:f8:9d:
                    7c:04:10:dd:ed:95:e6:a7:22:7e:fd:58:f5:2c:9e:
                    40:e6:17:9f:b5:0c:fc:82:67:f9:92:fc:ab:87:57:
                    47:50:80:6f:c3:60:72:4e:ba:29:f9:d6:6e:a9:5b:
                    0d:b3:f8:dd:98:2b:91:1a:81:1e:20:66:60:42:c1:
                    62:27:de:c0:74:8a:4a:c5:e7:46:c7:2f:cb:48:61:
                    29:c3:75:48:54:59:33:ac:0f:9a:c1:a2:9b:57:09:
                    69:95:9d:b7:43:c2:d0:29:c0:d1:a2:f5:58:21:27:
                    76:cf:9c:4a:02:cf:76:d3:0e:5c:18:f2:11:95:eb:
                    7a:f3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                23:66:48:A0:E0:17:03:83:FD:4C:ED:A4:32:87:0A:32:93:4D:C5:91
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/I2ZIoOAXA4P9TO2kMocKMpNNxZE.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.6.0/24

    Signature Algorithm: sha256WithRSAEncryption
         76:9f:e3:0e:44:06:d0:58:f4:f5:94:27:89:c2:7f:37:7e:3c:
         a8:5b:2d:0e:16:72:a7:a7:08:8f:93:1c:22:52:9a:65:b8:01:
         5a:1a:a7:e1:d0:37:1f:73:79:ff:4f:75:4e:37:f4:eb:0f:ec:
         e8:cb:dc:d4:82:39:95:d4:ab:12:f8:01:d1:8f:8d:9f:af:d4:
         48:6b:50:69:c6:c2:a6:ab:c1:5d:b1:73:17:a9:5f:8b:0b:7f:
         f3:9f:0a:2e:cb:df:45:49:9a:f0:4d:d4:87:1c:1f:14:0b:bc:
         83:fa:48:dd:61:31:9d:ae:12:17:73:c9:c9:09:84:f5:a8:de:
         27:99:61:83:34:98:c9:62:2c:c1:32:36:d4:70:cc:02:63:00:
         d9:29:7a:aa:8b:9d:15:9a:b1:dc:1f:cc:4a:f8:99:c8:bf:86:
         c6:dc:66:e0:c3:38:8e:c4:4d:29:4c:3f:47:91:9b:2b:12:e7:
         7f:80:7d:bc:5c:df:ad:8c:c1:e3:26:ed:b1:51:ac:81:fc:ce:
         94:08:80:db:93:85:0e:91:09:d9:89:40:7a:e4:f3:74:1d:e6:
         47:42:9e:3e:6f:88:b6:ae:bf:f9:a6:f7:97:fd:71:23:29:f1:
         19:e3:6f:a2:53:a2:12:d6:80:dc:e1:bd:a6:4b:26:10:ef:7a:
         8e:02:f1:5c
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAvAwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDEx
NjA0MzdaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDIzNjY0OEEwRTAxNzAz
ODNGRDRDRURBNDMyODcwQTMyOTM0REM1OTEwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCzcZ/qlWP9/DlkRDPhYxPOfiCb8o4r+QGBrOQgMEKfjIscPyog
tcQppbmtiWffDDWXwGIB4bBrjPt868joOKEI/r1JgMBCRuU0CMZ7tuaz5QWYnMup
XjSiAndb8awMkSvrY9mpJTB6hedn13L3n+ywas+aEfBU8KCK2dgDsa2rJbwzLkL4
nXwEEN3tleanIn79WPUsnkDmF5+1DPyCZ/mS/KuHV0dQgG/DYHJOuin51m6pWw2z
+N2YK5EagR4gZmBCwWIn3sB0ikrF50bHL8tIYSnDdUhUWTOsD5rBoptXCWmVnbdD
wtApwNGi9VghJ3bPnEoCz3bTDlwY8hGV63rzAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUI2ZIoOAXA4P9TO2kMocKMpNNxZEwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0kyWklvT0FYQTRQOVRPMmtNb2NLTXBOTnhaRS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxYgYwDQYJKoZIhvcNAQELBQADggEBAHaf4w5EBtBY9PWUJ4nCfzd+PKhb
LQ4WcqenCI+THCJSmmW4AVoap+HQNx9zef9PdU439OsP7OjL3NSCOZXUqxL4AdGP
jZ+v1EhrUGnGwqarwV2xcxepX4sLf/OfCi7L30VJmvBN1IccHxQLvIP6SN1hMZ2u
EhdzyckJhPWo3ieZYYM0mMliLMEyNtRwzAJjANkpeqqLnRWasdwfzEr4mci/hsbc
ZuDDOI7ETSlMP0eRmysS53+Afbxc362MweMm7bFRrIH8zpQIgNuThQ6RCdmJQHrk
83Qd5kdCnj5viLauv/mm95f9cSMp8Rnjb6JTohLWgNzhvaZLJhDveo4C8Vw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:01 2024 by rpki-client on console-ams.rpki-client.org