Route Origin Authorization

$ rpki-client -vvf rpki-repository.nic.ad.jp/ap/A91A73810000/309/OFMXCJipY6BaM4g2fOA1OQ_-kyU.roa
File:                     OFMXCJipY6BaM4g2fOA1OQ_-kyU.roa (raw, json)
Hash identifier:          fkebiaOQnFdbsNtnP7ZRKiAlVF0r/90pwKdCqg/hdSs=
Subject key identifier:   38:53:17:08:98:A9:63:A0:5A:33:88:36:7C:E0:35:39:0F:FE:93:25
Certificate issuer:       /CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
Certificate serial:       0396
Authority key identifier: 69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73
Authority info access:    rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer
Subject info access:      rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/OFMXCJipY6BaM4g2fOA1OQ_-kyU.roa
Signing time:             Thu 01 Jun 2023 17:59:27 +0000
ROA not before:           Thu 01 Jun 2023 17:59:27 +0000
ROA not after:            Tue 14 May 2024 01:30:02 +0000
asID:                     9605
IP address blocks:        49.104.45.0/24 maxlen: 24

Validation:               Failed, certificate has expired

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 918 (0x396)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6965B0B20DDE07A4C978E24073EA0E1117B37473
        Validity
            Not Before: Jun  1 17:59:27 2023 GMT
            Not After : May 14 01:30:02 2024 GMT
        Subject: CN=3853170898A963A05A3388367CE035390FFE9325
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:a7:da:56:4e:e3:37:22:d6:6b:84:de:0d:be:87:
                    17:b1:9c:9c:5d:41:2c:c7:6a:dd:c4:7a:7f:8e:45:
                    4b:22:35:01:bd:c1:cc:c4:d3:18:2b:a7:c7:80:2d:
                    e0:ed:29:61:ca:df:47:a7:10:b9:f1:b6:b2:60:7e:
                    4d:70:ff:c6:14:99:a0:03:97:e8:08:9d:65:6a:a8:
                    1d:7f:36:c8:8b:0f:f2:60:d1:e8:5b:3d:52:b5:31:
                    1b:78:bc:9e:08:1f:50:15:ad:9f:f2:b7:0a:e9:06:
                    9d:83:c2:99:93:fc:c0:6e:b5:1f:de:a2:64:9a:84:
                    73:b8:2b:b4:47:c2:73:42:46:ee:ff:47:b3:d7:67:
                    77:da:07:a8:6d:a7:69:6a:3f:c6:af:c9:88:f5:35:
                    6b:8c:35:94:30:cd:04:a6:68:a7:23:00:2b:6c:f1:
                    82:ea:83:ce:73:d3:1d:4d:32:41:73:6a:99:ed:5e:
                    06:94:13:e1:a4:d8:4e:a6:99:d3:45:36:90:cb:59:
                    df:03:3a:f6:f6:d3:83:91:a5:82:8f:22:e9:5b:23:
                    e0:56:bf:8c:ed:cc:d7:f8:41:70:68:d1:1a:26:b2:
                    19:ba:87:d0:a1:9a:94:38:e6:2d:23:44:ec:7e:91:
                    fa:7c:3e:56:3e:ab:2a:16:76:61:4c:b8:7f:94:74:
                    49:01
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                38:53:17:08:98:A9:63:A0:5A:33:88:36:7C:E0:35:39:0F:FE:93:25
            X509v3 Authority Key Identifier:
                keyid:69:65:B0:B2:0D:DE:07:A4:C9:78:E2:40:73:EA:0E:11:17:B3:74:73

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/aWWwsg3eB6TJeOJAc-oOERezdHM.crl

            Authority Information Access:
                CA Issuers - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/aWWwsg3eB6TJeOJAc-oOERezdHM.cer

            X509v3 Key Usage: critical
                Digital Signature
            Subject Information Access:
                Signed Object - URI:rsync://rpki-repository.nic.ad.jp/ap/A91A73810000/309/OFMXCJipY6BaM4g2fOA1OQ_-kyU.roa
                RPKI Notify - URI:https://rpki-repository.nic.ad.jp/rrdp/ap/notification.xml

            sbgp-ipAddrBlock: critical
                IPv4:
                  49.104.45.0/24

    Signature Algorithm: sha256WithRSAEncryption
         be:bb:b3:90:76:d5:cc:6a:0c:56:1f:97:77:28:d8:06:28:24:
         95:aa:e7:de:41:1c:14:75:97:b0:a4:e2:17:3b:27:85:a0:28:
         76:4d:91:89:e1:c5:a2:62:42:c0:45:b2:60:9c:8e:fd:85:84:
         56:cb:88:5b:c1:32:8f:92:c7:06:2d:73:30:a5:a4:e3:ad:2b:
         3c:2a:41:72:42:38:c7:9d:03:23:70:b1:1a:79:04:df:f2:c8:
         17:9b:f8:30:8f:f1:66:60:bd:55:f7:9f:3a:7f:d2:84:5a:fd:
         9a:90:74:bb:f8:8a:12:a3:b9:fc:5c:57:64:bf:a6:d6:d3:d8:
         e3:3f:34:40:39:50:9f:aa:73:c4:3e:81:a8:be:7d:f3:e6:1f:
         22:92:d9:a6:79:5d:3f:ef:f6:6a:bd:9a:5a:ae:52:51:be:ce:
         3b:f5:db:67:d8:e4:dc:46:ea:ac:27:96:d5:1c:d1:bd:64:48:
         ad:38:f0:96:f2:d3:78:ff:37:c0:d3:ce:96:25:16:da:26:bf:
         b4:50:cc:7b:17:ed:f2:97:30:51:2f:39:27:5d:7a:ef:1c:fd:
         58:67:b5:ac:08:84:ba:9e:1e:13:e0:2b:9d:2d:28:11:02:5d:
         c5:73:23:19:dd:a4:5a:c6:d3:c1:82:d6:4d:3f:53:f8:97:72:
         7f:f3:f8:8b
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgICA5YwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoNjk2
NUIwQjIwRERFMDdBNEM5NzhFMjQwNzNFQTBFMTExN0IzNzQ3MzAeFw0yMzA2MDEx
NzU5MjdaFw0yNDA1MTQwMTMwMDJaMDMxMTAvBgNVBAMTKDM4NTMxNzA4OThBOTYz
QTA1QTMzODgzNjdDRTAzNTM5MEZGRTkzMjUwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCn2lZO4zci1muE3g2+hxexnJxdQSzHat3Een+ORUsiNQG9wczE
0xgrp8eALeDtKWHK30enELnxtrJgfk1w/8YUmaADl+gInWVqqB1/NsiLD/Jg0ehb
PVK1MRt4vJ4IH1AVrZ/ytwrpBp2DwpmT/MButR/eomSahHO4K7RHwnNCRu7/R7PX
Z3faB6htp2lqP8avyYj1NWuMNZQwzQSmaKcjACts8YLqg85z0x1NMkFzapntXgaU
E+Gk2E6mmdNFNpDLWd8DOvb204ORpYKPIulbI+BWv4ztzNf4QXBo0Romshm6h9Ch
mpQ45i0jROx+kfp8PlY+qyoWdmFMuH+UdEkBAgMBAAGjggIkMIICIDAdBgNVHQ4E
FgQUOFMXCJipY6BaM4g2fOA1OQ/+kyUwHwYDVR0jBBgwFoAUaWWwsg3eB6TJeOJA
c+oOERezdHMwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBmBgNVHR8EXzBdMFug
WaBXhlVyc3luYzovL3Jwa2ktcmVwb3NpdG9yeS5uaWMuYWQuanAvYXAvQTkxQTcz
ODEwMDAwLzMwOS9hV1d3c2czZUI2VEplT0pBYy1vT0VSZXpkSE0uY3JsMG0GCCsG
AQUFBwEBBGEwXzBdBggrBgEFBQcwAoZRcnN5bmM6Ly9ycGtpLXJlcG9zaXRvcnku
bmljLmFkLmpwL2FwL0E5MUE3MzgxMDAwMC9hV1d3c2czZUI2VEplT0pBYy1vT0VS
ZXpkSE0uY2VyMA4GA1UdDwEB/wQEAwIHgDCBuwYIKwYBBQUHAQsEga4wgaswYQYI
KwYBBQUHMAuGVXJzeW5jOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9hcC9B
OTFBNzM4MTAwMDAvMzA5L09GTVhDSmlwWTZCYU00ZzJmT0ExT1FfLWt5VS5yb2Ew
RgYIKwYBBQUHMA2GOmh0dHBzOi8vcnBraS1yZXBvc2l0b3J5Lm5pYy5hZC5qcC9y
cmRwL2FwL25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAxaC0wDQYJKoZIhvcNAQELBQADggEBAL67s5B21cxqDFYfl3co2AYoJJWq
595BHBR1l7Ck4hc7J4WgKHZNkYnhxaJiQsBFsmCcjv2FhFbLiFvBMo+SxwYtczCl
pOOtKzwqQXJCOMedAyNwsRp5BN/yyBeb+DCP8WZgvVX3nzp/0oRa/ZqQdLv4ihKj
ufxcV2S/ptbT2OM/NEA5UJ+qc8Q+gai+ffPmHyKS2aZ5XT/v9mq9mlquUlG+zjv1
22fY5NxG6qwnltUc0b1kSK048Jby03j/N8DTzpYlFtomv7RQzHsX7fKXMFEvOSdd
eu8c/VhntawIhLqeHhPgK50tKBECXcVzIxndpFrG08GC1k0/U/iXcn/z+Is=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:01 2024 by rpki-client on console-ams.rpki-client.org