Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/IridVb8vrEKs5doFvu4FDYnTpHI.roa
File:                     IridVb8vrEKs5doFvu4FDYnTpHI.roa (raw, json)
Hash identifier:          RMul6RxGbmJPl5+vPdAUXlQz3YS73I/9d4NgmFuzkzg=
Subject key identifier:   22:B8:9D:55:BF:2F:AC:42:AC:E5:DA:05:BE:EE:05:0D:89:D3:A4:72
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       02FC
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/IridVb8vrEKs5doFvu4FDYnTpHI.roa
Signing time:             Thu 01 Jun 2023 16:05:23 +0000
ROA not before:           Thu 01 Jun 2023 16:05:23 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.98.228.0/22 maxlen: 22

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 764 (0x2fc)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  1 16:05:23 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=22B89D55BF2FAC42ACE5DA05BEEE050D89D3A472
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:be:2f:99:32:19:17:b4:19:d5:d0:7e:06:a8:d7:
                    df:de:2e:22:89:c8:40:2e:18:39:03:03:71:ef:33:
                    a3:9b:13:a9:7c:2c:17:f2:a6:fd:f1:72:c1:18:13:
                    c3:e8:44:90:0e:b3:d2:97:2c:49:ed:61:7b:3c:81:
                    c1:82:d4:85:19:1f:7d:62:f7:d9:30:7d:f6:fc:a7:
                    62:b7:7b:0b:97:7e:f0:86:dd:69:e2:4b:84:8e:c8:
                    02:eb:ab:11:ba:24:ea:99:0c:50:51:25:28:cb:83:
                    27:e1:08:a9:5f:e1:4c:67:65:18:66:b2:72:74:06:
                    fd:4c:5d:dd:20:09:86:ef:d0:7a:e7:b4:5b:cc:39:
                    af:74:bd:3c:02:0e:bd:95:c7:f3:b1:75:33:47:7c:
                    e2:e2:ca:cc:10:ea:0c:42:21:96:3e:75:d1:78:fb:
                    30:e9:e8:f6:08:9d:8f:51:76:6b:f6:9c:fe:8b:6e:
                    76:e7:5a:cc:60:3d:61:e9:6f:a7:10:ac:b3:36:50:
                    69:b2:46:87:b1:9c:94:f2:ba:6b:8a:79:5e:d8:a6:
                    b1:72:92:6b:c5:cd:d6:33:8a:88:fb:94:ff:a9:3c:
                    e2:07:c4:14:a7:f7:85:8c:fb:01:66:f5:4c:73:a8:
                    19:5e:54:23:94:8c:b5:28:ad:15:d0:f4:43:6d:85:
                    52:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                22:B8:9D:55:BF:2F:AC:42:AC:E5:DA:05:BE:EE:05:0D:89:D3:A4:72
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/IridVb8vrEKs5doFvu4FDYnTpHI.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.98.228.0/22

    Signature Algorithm: sha256WithRSAEncryption
         c4:88:4a:29:de:24:be:d5:57:9d:99:bb:b4:2e:71:5c:e2:96:
         7f:c9:40:63:8b:29:53:a3:18:05:82:90:87:5a:90:5a:2d:a1:
         51:0b:16:7e:19:d8:01:f7:c3:29:cb:f6:31:1e:66:59:5d:1f:
         1d:76:25:ce:39:76:55:64:22:05:06:93:c4:98:e5:e4:76:29:
         9e:f8:c0:79:82:0d:d7:9c:60:a3:b2:e7:4a:8c:5a:5b:9e:9b:
         2b:60:e3:0d:8e:45:76:9c:91:21:79:03:ea:da:42:27:1a:05:
         0c:9e:05:fe:05:05:87:96:1e:2c:0d:52:da:fd:f6:e8:2f:b5:
         6e:7d:ba:37:0d:37:70:26:8b:f3:75:9c:21:3c:f8:7e:f7:cb:
         79:89:c3:8e:b4:1f:8e:f3:ac:c8:14:2d:e4:ff:2d:3d:0d:e0:
         40:82:dc:0f:d6:05:94:60:6b:e4:f8:21:04:c8:ce:39:a6:df:
         6c:7c:db:7f:ea:77:80:af:21:5c:6f:79:d6:4e:a0:8f:41:35:
         c1:3d:32:93:75:2d:59:b1:8b:b0:a2:45:9b:90:bf:81:56:48:
         76:10:a4:0d:b2:84:64:c7:f7:2e:15:7e:53:38:7a:07:a0:1d:
         9c:08:61:dd:09:b8:72:8f:c5:21:20:fb:dc:26:22:1b:c7:3e:
         f4:01:eb:5f
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICAvwwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDEx
NjA1MjNaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDIyQjg5RDU1QkYyRkFD
NDJBQ0U1REEwNUJFRUUwNTBEODlEM0E0NzIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+L5kyGRe0GdXQfgao19/eLiKJyEAuGDkDA3HvM6ObE6l8LBfy
pv3xcsEYE8PoRJAOs9KXLEntYXs8gcGC1IUZH31i99kwffb8p2K3ewuXfvCG3Wni
S4SOyALrqxG6JOqZDFBRJSjLgyfhCKlf4UxnZRhmsnJ0Bv1MXd0gCYbv0HrntFvM
Oa90vTwCDr2Vx/OxdTNHfOLiyswQ6gxCIZY+ddF4+zDp6PYInY9Rdmv2nP6Lbnbn
WsxgPWHpb6cQrLM2UGmyRoexnJTyumuKeV7YprFykmvFzdYzioj7lP+pPOIHxBSn
94WM+wFm9UxzqBleVCOUjLUorRXQ9ENthVKJAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUIridVb8vrEKs5doFvu4FDYnTpHIwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L0lyaWRWYjh2ckVLczVkb0Z2dTRGRFluVHBISS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAIxYuQwDQYJKoZIhvcNAQELBQADggEBAMSISineJL7VV52Zu7QucVziln/J
QGOLKVOjGAWCkIdakFotoVELFn4Z2AH3wynL9jEeZlldHx12Jc45dlVkIgUGk8SY
5eR2KZ74wHmCDdecYKOy50qMWluemytg4w2ORXackSF5A+raQicaBQyeBf4FBYeW
HiwNUtr99ugvtW59ujcNN3Ami/N1nCE8+H73y3mJw460H47zrMgULeT/LT0N4ECC
3A/WBZRga+T4IQTIzjmm32x823/qd4CvIVxvedZOoI9BNcE9MpN1LVmxi7CiRZuQ
v4FWSHYQpA2yhGTH9y4VflM4egegHZwIYd0JuHKPxSEg+9wmIhvHPvQB618=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:01 2024 by rpki-client on console-ams.rpki-client.org